Buy or Renew
Buy or Renew
Notice: The file download function is disabled. We apologize for the inconvenience.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
497
Views
2
Helpful
0
Replies

FMC Upgrade to > 7.4 || 7.6

Babagbemiga Olla
Level 1
Level 1

‎11-03-2025 09:48 AM

 

 

Hi Community,


Before upgrading FMC to version 7.4 or later, please verify whether you have an FTD or eStreamer service connected to the FMC in the subnets 172.18.0.0/24 or 172.18.1.0/24. This is important because, after the upgrade, two additional interfaces—"docker0" and "br-*" —will be created as part of the new Dynamic Attributes Connector feature. These interfaces introduce routes that can disrupt sftunnel connections to or from the FMC in these subnets. If you experience service disconnections to or from the FMC after the upgrade, this may be the cause.

For HA deployments, if one device stops sending data after the upgrade, this is another indicator. To confirm, run the following command in expert mode on the FMC:
netstat -na | grep 169.254.1.3

If you do not see the active FTD connected but see an established connection on 169.254.1.3, this is definitely the issue.

Quick Fix
Add a specific route to resolve the issue:
ip route add <host/subnet> via <gateway> dev eth0


Permanent Fix
Refer to the Cisco documentation to change the Docker subnet:
https://www.cisco.com/c/en/us/td/docs/security/secure-firewall/management-center/device-config/740/management-center-device-config-74/m_dynamic-attributes-connector.html

1 person had this problem
0 Replies 0
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card