ā01-28-2020 01:55 AM
Customer produce FMC v.6.4.0.7.
There are 2 devices connected -
first - HA bundle of 2 FPR2130 (FTD) - License: Base, Threat, AC Plus
second - ASA5515 (FTD image) - License Base
The FMC reported error
URL Filtering Monitor - URL Filtering Download Failure
As there is no URL license used - I checked several other discussion and tried to turn on and off the URL Filtering license (on both deviceses)
The alarm had gone, but after few days the alarm is back again.
Can somebody advice how to solve this? (Some other way then turn off the alarm in Health Policy)
Regards
Pavel
ā01-28-2020 03:28 AM
Does your ftd has access to the internet? Can you try and ping google for example? It can be a DNS problem, a NAT problem, or a network configuration problem for your ftd.
ā01-30-2020 11:53 AM
Hi - the error is reported on device Firepower Management Center so I expect the initiator is FMC itself - or is it made by FTD devices?
On FMC - there is no problem with downloading updates and so on - so it does not seem as problem with connection or DNS.
For sure I tested ping form FTDs too - no problem with accessing the internet and with DNS translations.
Regards
ā01-28-2020 05:43 AM
Worth try the cisco update server from command level ( Telenet ciscosite port ) make sure you are going right interface out and see any blockers ?
ā01-31-2020 02:03 AM
I just check this - no problem with it:
----------
root@fpmc1:/Volume/home/admin# telnet support.sourcefire.com 80
Trying 50.16.210.129...
Connected to support.sourcefire.com.
Escape character is '^]'.
---------
Regards
Pavel
ā02-01-2020 04:41 AM
check any space issue or else open the TAC case for support.
ā04-20-2020 12:21 PM
Wonder if you have this solved? Have similiar issue on FMC 6.4.0.1.
ā06-09-2020 10:59 AM
@m1xed0s If you or anybody is still having issues with this error, the solution that worked for me is as follows:
Login to the FMC CLI and go into "expert" mode:
>expert
administrator@FMC: ~$
Issue the "sudo su" command and re-enter administrator password
Once you're root, back up and then modify /etc/sf/bca.cfg
Use vim to modify
Change the BcapPort variable from 80 to 2316
Original -> BcapPort=80
Updated -> BcapPort=2316
Save the file
Once you modify the file, issue the following commands:
pmtool restartbyid SFDataCorrelator
pmtool restartbyid CloudAgent
ā06-09-2020 11:47 AM
Thanks!
My issue turned out to be a URL rule (more specific blocking uncategorized URL) in the ACP blocks the communication with feed URL... So it was a chicken-egg issue after FMC lost communication with the Feed...
ā01-26-2022 12:15 AM
that worked for me. Thanks!
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: