Re: FMC - URL Filtering download failure

pnavratil · ‎01-28-2020

Customer produce FMC v.6.4.0.7.

There are 2 devices connected -

first - HA bundle of 2 FPR2130 (FTD) - License: Base, Threat, AC Plus

second - ASA5515 (FTD image) - License Base

The FMC reported error

URL Filtering Monitor - URL Filtering Download Failure

As there is no URL license used - I checked several other discussion and tried to turn on and off the URL Filtering license (on both deviceses)

The alarm had gone, but after few days the alarm is back again.

Can somebody advice how to solve this? (Some other way then turn off the alarm in Health Policy)

Regards

Pavel

curdubanbogdan · ‎01-28-2020

Does your ftd has access to the internet? Can you try and ping google for example? It can be a DNS problem, a NAT problem, or a network configuration problem for your ftd.

pnavratil · ‎01-30-2020

Hi - the error is reported on device Firepower Management Center so I expect the initiator is FMC itself - or is it made by FTD devices?

On FMC - there is no problem with downloading updates and so on - so it does not seem as problem with connection or DNS.

For sure I tested ping form FTDs too - no problem with accessing the internet and with DNS translations.

Regards

balaji.bandi · ‎01-28-2020

Worth try the cisco update server from command level ( Telenet ciscosite port ) make sure you are going right interface out and see any blockers ?

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

pnavratil · ‎01-31-2020

I just check this - no problem with it:

----------

root@fpmc1:/Volume/home/admin# telnet support.sourcefire.com 80
Trying 50.16.210.129...
Connected to support.sourcefire.com.
Escape character is '^]'.

---------

Regards

Pavel

balaji.bandi · ‎02-01-2020

check any space issue or else open the TAC case for support.

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

m1xed0s · ‎04-20-2020

Wonder if you have this solved? Have similiar issue on FMC 6.4.0.1.

CameronJohns- · ‎06-09-2020

@m1xed0s If you or anybody is still having issues with this error, the solution that worked for me is as follows:

Login to the FMC CLI and go into "expert" mode:

>expert

administrator@FMC: ~$

Issue the "sudo su" command and re-enter administrator password

Once you're root, back up and then modify /etc/sf/bca.cfg

Use vim to modify

Change the BcapPort variable from 80 to 2316

Original -> BcapPort=80

Updated -> BcapPort=2316

Save the file

Once you modify the file, issue the following commands:

pmtool restartbyid SFDataCorrelator

pmtool restartbyid CloudAgent

m1xed0s · ‎06-09-2020

Thanks!

My issue turned out to be a URL rule (more specific blocking uncategorized URL) in the ACP blocks the communication with feed URL... So it was a chicken-egg issue after FMC lost communication with the Feed...

pzkqx6000 · ‎01-26-2022

that worked for me. Thanks!