Customer produce FMC v.18.104.22.168.
There are 2 devices connected -
first - HA bundle of 2 FPR2130 (FTD) - License: Base, Threat, AC Plus
second - ASA5515 (FTD image) - License Base
The FMC reported error
URL Filtering Monitor - URL Filtering Download Failure
As there is no URL license used - I checked several other discussion and tried to turn on and off the URL Filtering license (on both deviceses)
The alarm had gone, but after few days the alarm is back again.
Can somebody advice how to solve this? (Some other way then turn off the alarm in Health Policy)
Does your ftd has access to the internet? Can you try and ping google for example? It can be a DNS problem, a NAT problem, or a network configuration problem for your ftd.
Hi - the error is reported on device Firepower Management Center so I expect the initiator is FMC itself - or is it made by FTD devices?
On FMC - there is no problem with downloading updates and so on - so it does not seem as problem with connection or DNS.
For sure I tested ping form FTDs too - no problem with accessing the internet and with DNS translations.
Worth try the cisco update server from command level ( Telenet ciscosite port ) make sure you are going right interface out and see any blockers ?
I just check this - no problem with it:
root@fpmc1:/Volume/home/admin# telnet support.sourcefire.com 80
Connected to support.sourcefire.com.
Escape character is '^]'.
@m1xed0s If you or anybody is still having issues with this error, the solution that worked for me is as follows:
Login to the FMC CLI and go into "expert" mode:
Issue the "sudo su" command and re-enter administrator password
Once you're root, back up and then modify /etc/sf/bca.cfg
Use vim to modify
Change the BcapPort variable from 80 to 2316
Original -> BcapPort=80
Updated -> BcapPort=2316
Save the file
Once you modify the file, issue the following commands:
pmtool restartbyid SFDataCorrelator
pmtool restartbyid CloudAgent
My issue turned out to be a URL rule (more specific blocking uncategorized URL) in the ACP blocks the communication with feed URL... So it was a chicken-egg issue after FMC lost communication with the Feed...