cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2401
Views
10
Helpful
6
Replies

FTD 1010 upgrade issue

Filip.Olsen
Level 1
Level 1

Hi all

Trying to do an upgrade (FTD on box ) from 6.4.0.10 to 6.7  - the 1010 is starting upgrade and log me off -  and is down for about 30 min and then comes back on with 6.4.0.10 image and no errors

 

Ive tried with 6.5 and 6.6 as well , same outcome.

 

Can anyone point me to the install log file , cant seem to find it / where to look ( /var/log/sf )

 

Thanks.

2 Accepted Solutions

Accepted Solutions

Hi,

During the upgrade, you can check the status by browsing https://
***fmc-ip***/upgrade-status/view.cgi

You should see any errors in that console.

>From CLI, here you go.

https://community.cisco.com/t5/network-security/fmc-doesn-t-show-me-task-status/td-p/3175530

**** please remember to rate useful posts

View solution in original post

This seems to be very internal to FTD image (seems that you are having
problems in importing data into DB tables).

I suggest reimage the unit and restore a successful backup. This will be
the fastest option rather than trying this (if it can be resolved). I think
TAC will suggest the same thing.


***** please remember to rate useful posts

View solution in original post

6 Replies 6

Hi,

During the upgrade, you can check the status by browsing https://
***fmc-ip***/upgrade-status/view.cgi

You should see any errors in that console.

>From CLI, here you go.

https://community.cisco.com/t5/network-security/fmc-doesn-t-show-me-task-status/td-p/3175530

**** please remember to rate useful posts

Thanks Mohammad - i did not know that

 

Anyways - ive found the logs and found this :

 

Fatal error: FTD onbox data import failed, exit code: 255. Error running script 800_post/100_ftd_onbox_data_import.sh

 

and this in the 800_post

 

2020-11-22 11:00:45 main: INFO SnortDbOperations:59 - Successfully created policies table
2020-11-22 11:00:45 main: INFO SnortDbOperations:59 - Successfully created objects table
2020-11-22 11:00:45 main: INFO SnortDbOperations:59 - Successfully created raw_data table
2020-11-22 11:00:45 main: INFO SnortDbOperations:59 - Successfully created revisions table
2020-11-22 11:00:45 main: INFO SnortDbOperations:59 - Successfully created policy_object_info table
2020-11-22 11:00:45 main: INFO SnortDbOperations:59 - Successfully created policy_object_map table
2020-11-22 11:00:45 main: INFO SnortDbOperations:59 - Successfully created ips_rule table
2020-11-22 11:00:45 main: INFO SnortDbOperations:59 - Successfully created ssl_rule table
2020-11-22 11:00:45 main: INFO SnortDbOperations:59 - Successfully created interface_uuid_zone_uuid_map table
2020-11-22 11:00:45 main: INFO SqliteToNeo4jImporter:170 - Closing Sqlite DB-reader...
2020-11-22 11:00:45 main: INFO FileUtil:85 - Overwriting tar file: exporter_6.7.0.dat.sqlite
2020-11-22 11:00:45 main: INFO FileUtil:90 - Done overwriting file.
2020-11-22 11:00:45 main: ERROR NGFWDBImporter:171 - FTD Onbox Import failed:
java.lang.NullPointerException
at com.cisco.ngfw.onbox.importer.upgrader.cache.URLCategoryMigrationCache.generateBeakerUrlCategoryMatchersFromBrightCloud(URLCategoryMigrationCache.java:139) ~[importer.jar:?]
at com.cisco.ngfw.onbox.importer.upgrader.AccessRuleHandler.transformObject(AccessRuleHandler.java:274) ~[importer.jar:?]
at com.cisco.ngfw.onbox.importer.upgrader.AccessRuleHandler$$FastClassBySpringCGLIB$$a530bfaa.invoke(<generated>) ~[importer.jar:?]
at org.springframework.cglib.proxy.MethodProxy.invoke(MethodProxy.java:218) ~[spring-core-5.1.0.RELEASE.jar:5.1.0.RELEASE]
at org.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.invokeJoinpoint(CglibAopProxy.java:746) ~[spring-aop-5.0.9.RELEASE.jar:5.0.9.RELEASE]
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:163) ~[spring-aop-5.0.9.RELEASE.jar:5.0.9.RELEASE]
at org.springframework.aop.support.DelegatingIntroductionInterceptor.doProceed(DelegatingIntroductionInterceptor.java:136) ~[spring-aop-5.0.9.RELEASE.jar:5.0.9.RELEASE]
at org.springframework.aop.support.DelegatingIntroductionInterceptor.invoke(DelegatingIntroductionInterceptor.java:124) ~[spring-aop-5.0.9.RELEASE.jar:5.0.9.RELEASE]
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:185) ~[spring-aop-5.0.9.RELEASE.jar:5.0.9.RELEASE]
at org.springframework.aop.framework.CglibAopProxy$DynamicAdvisedInterceptor.intercept(CglibAopProxy.java:688) ~[spring-aop-5.0.9.RELEASE.jar:5.0.9.RELEASE]
at com.cisco.ngfw.onbox.importer.upgrader.AccessRuleHandler$$EnhancerBySpringCGLIB$$88f515f1.transformObject(<generated>) ~[importer.jar:?]
at com.cisco.ngfw.onbox.importer.services.UpgradeSqliteToNeo4jImporter.importFromIdEntityRowWithHandler(UpgradeSqliteToNeo4jImporter.java:354) ~[importer.jar:?]
at com.cisco.ngfw.onbox.importer.services.UpgradeSqliteToNeo4jImporter.importFromIdEntityRow(UpgradeSqliteToNeo4jImporter.java:306) ~[importer.jar:?]
at com.cisco.ngfw.onbox.importer.services.UpgradeSqliteToNeo4jImporter.importFromEntityRow(UpgradeSqliteToNeo4jImporter.java:270) ~[importer.jar:?]
at com.cisco.ngfw.onbox.backend.services.configdb.SqliteToNeo4jImporter$2.processEntityRow(SqliteToNeo4jImporter.java:293) ~[config-db.jar:?]
at com.cisco.ngfw.onbox.backend.services.configdb.SqliteDbHandlerBase$EntityRowHandlerBase.processRow(SqliteDbHandlerBase.java:427) ~[config-db.jar:?]
at com.cisco.ngfw.onbox.backend.services.configdb.SqliteDbHandlerBase.readAllEntitiesWithFilterCondition(SqliteDbHandlerBase.java:227) ~[config-db.jar:?]
at com.cisco.ngfw.onbox.backend.services.configdb.SqliteDbReader.getAllEntitiesInDependencyOrder(SqliteDbReader.java:36) ~[config-db.jar:?]
at com.cisco.ngfw.onbox.backend.services.configdb.SqliteToNeo4jImporter.doImportFromSqlite(SqliteToNeo4jImporter.java:207) ~[config-db.jar:?]
at com.cisco.ngfw.onbox.backend.services.configdb.SqliteToNeo4jImporter.importFromSqlite(SqliteToNeo4jImporter.java:163) ~[config-db.jar:?]
at com.cisco.ngfw.onbox.importer.services.UpgradeSqliteImportService.importConfigFromSqlite(UpgradeSqliteImportService.java:146) ~[importer.jar:?]
at com.cisco.ngfw.onbox.importer.services.UpgradeSqliteImportService.importConfig(UpgradeSqliteImportService.java:119) ~[importer.jar:?]
at com.cisco.ngfw.onbox.importer.NGFWDBImporter.importConfigSqlite(NGFWDBImporter.java:214) ~[importer.jar:?]
at com.cisco.ngfw.onbox.importer.NGFWDBImporter.main(NGFWDBImporter.java:163) [importer.jar:?]
2020-11-22 11:00:45 main: INFO NGFWDBImporter:174 - Shutting-down

 

Filip.Olsen
Level 1
Level 1

Hi Mohammed , thanks i didnt know that

But ive found this in the logs ;

 

Fatal error: FTD onbox data import failed, exit code: 255. Error running script 800_post/100_ftd_onbox_data_import.sh

2020-11-22 11:00:45 main: ERROR SqliteToNeo4jImporter:213 - Error importing entities from Sqlite
java.lang.NullPointerException
at com.cisco.ngfw.onbox.importer.upgrader.cache.URLCategoryMigrationCache.generateBeakerUrlCategoryMatchersFromBrightCloud(URLCategoryMigrationCache.java:139) ~[importer.jar:?]
at com.cisco.ngfw.onbox.importer.upgrader.AccessRuleHandler.transformObject(AccessRuleHandler.java:274) ~[importer.jar:?]
at com.cisco.ngfw.onbox.importer.upgrader.AccessRuleHandler$$FastClassBySpringCGLIB$$a530bfaa.invoke(<generated>) ~[importer.jar:?]
at org.springframework.cglib.proxy.MethodProxy.invoke(MethodProxy.java:218) ~[spring-core-5.1.0.RELEASE.jar:5.1.0.RELEASE]
at org.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.invokeJoinpoint(CglibAopProxy.java:746) ~[spring-aop-5.0.9.RELEASE.jar:5.0.9.RELEASE]
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:163) ~[spring-aop-5.0.9.RELEASE.jar:5.0.9.RELEASE]
at org.springframework.aop.support.DelegatingIntroductionInterceptor.doProceed(DelegatingIntroductionInterceptor.java:136) ~[spring-aop-5.0.9.RELEASE.jar:5.0.9.RELEASE]
at org.springframework.aop.support.DelegatingIntroductionInterceptor.invoke(DelegatingIntroductionInterceptor.java:124) ~[spring-aop-5.0.9.RELEASE.jar:5.0.9.RELEASE]
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:185) ~[spring-aop-5.0.9.RELEASE.jar:5.0.9.RELEASE]
at org.springframework.aop.framework.CglibAopProxy$DynamicAdvisedInterceptor.intercept(CglibAopProxy.java:688) ~[spring-aop-5.0.9.RELEASE.jar:5.0.9.RELEASE]
at com.cisco.ngfw.onbox.importer.upgrader.AccessRuleHandler$$EnhancerBySpringCGLIB$$88f515f1.transformObject(<generated>) ~[importer.jar:?]
at com.cisco.ngfw.onbox.importer.services.UpgradeSqliteToNeo4jImporter.importFromIdEntityRowWithHandler(UpgradeSqliteToNeo4jImporter.java:354) ~[importer.jar:?]
at com.cisco.ngfw.onbox.importer.services.UpgradeSqliteToNeo4jImporter.importFromIdEntityRow(UpgradeSqliteToNeo4jImporter.java:306) ~[importer.jar:?]
at com.cisco.ngfw.onbox.importer.services.UpgradeSqliteToNeo4jImporter.importFromEntityRow(UpgradeSqliteToNeo4jImporter.java:270) ~[importer.jar:?]
at com.cisco.ngfw.onbox.backend.services.configdb.SqliteToNeo4jImporter$2.processEntityRow(SqliteToNeo4jImporter.java:293) ~[config-db.jar:?]
at com.cisco.ngfw.onbox.backend.services.configdb.SqliteDbHandlerBase$EntityRowHandlerBase.processRow(SqliteDbHandlerBase.java:427) ~[config-db.jar:?]
at com.cisco.ngfw.onbox.backend.services.configdb.SqliteDbHandlerBase.readAllEntitiesWithFilterCondition(SqliteDbHandlerBase.java:227) ~[config-db.jar:?]
at com.cisco.ngfw.onbox.backend.services.configdb.SqliteDbReader.getAllEntitiesInDependencyOrder(SqliteDbReader.java:36) ~[config-db.jar:?]
at com.cisco.ngfw.onbox.backend.services.configdb.SqliteToNeo4jImporter.doImportFromSqlite(SqliteToNeo4jImporter.java:207) [config-db.jar:?]
at com.cisco.ngfw.onbox.backend.services.configdb.SqliteToNeo4jImporter.importFromSqlite(SqliteToNeo4jImporter.java:163) [config-db.jar:?]
at com.cisco.ngfw.onbox.importer.services.UpgradeSqliteImportService.importConfigFromSqlite(UpgradeSqliteImportService.java:146) [importer.jar:?]
at com.cisco.ngfw.onbox.importer.services.UpgradeSqliteImportService.importConfig(UpgradeSqliteImportService.java:119) [importer.jar:?]
at com.cisco.ngfw.onbox.importer.NGFWDBImporter.importConfigSqlite(NGFWDBImporter.java:214) [importer.jar:?]
at com.cisco.ngfw.onbox.importer.NGFWDBImporter.main(NGFWDBImporter.java:163) [importer.jar:?]
2020-11-22 11:00:45 main: INFO SnortDbOperations:59 - Successfully created policies table
2020-11-22 11:00:45 main: INFO SnortDbOperations:59 - Successfully created objects table
2020-11-22 11:00:45 main: INFO SnortDbOperations:59 - Successfully created raw_data table
2020-11-22 11:00:45 main: INFO SnortDbOperations:59 - Successfully created revisions table
2020-11-22 11:00:45 main: INFO SnortDbOperations:59 - Successfully created policy_object_info table
2020-11-22 11:00:45 main: INFO SnortDbOperations:59 - Successfully created policy_object_map table
2020-11-22 11:00:45 main: INFO SnortDbOperations:59 - Successfully created ips_rule table
2020-11-22 11:00:45 main: INFO SnortDbOperations:59 - Successfully created ssl_rule table
2020-11-22 11:00:45 main: INFO SnortDbOperations:59 - Successfully created interface_uuid_zone_uuid_map table
2020-11-22 11:00:45 main: INFO SqliteToNeo4jImporter:170 - Closing Sqlite DB-reader...
2020-11-22 11:00:45 main: INFO FileUtil:85 - Overwriting tar file: exporter_6.7.0.dat.sqlite
2020-11-22 11:00:45 main: INFO FileUtil:90 - Done overwriting file.
2020-11-22 11:00:45 main: ERROR NGFWDBImporter:171 - FTD Onbox Import failed:
java.lang.NullPointerException
at com.cisco.ngfw.onbox.importer.upgrader.cache.URLCategoryMigrationCache.generateBeakerUrlCategoryMatchersFromBrightCloud(URLCategoryMigrationCache.java:139) ~[importer.jar:?]
at com.cisco.ngfw.onbox.importer.upgrader.AccessRuleHandler.transformObject(AccessRuleHandler.java:274) ~[importer.jar:?]
at com.cisco.ngfw.onbox.importer.upgrader.AccessRuleHandler$$FastClassBySpringCGLIB$$a530bfaa.invoke(<generated>) ~[importer.jar:?]
at org.springframework.cglib.proxy.MethodProxy.invoke(MethodProxy.java:218) ~[spring-core-5.1.0.RELEASE.jar:5.1.0.RELEASE]
at org.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.invokeJoinpoint(CglibAopProxy.java:746) ~[spring-aop-5.0.9.RELEASE.jar:5.0.9.RELEASE]
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:163) ~[spring-aop-5.0.9.RELEASE.jar:5.0.9.RELEASE]
at org.springframework.aop.support.DelegatingIntroductionInterceptor.doProceed(DelegatingIntroductionInterceptor.java:136) ~[spring-aop-5.0.9.RELEASE.jar:5.0.9.RELEASE]
at org.springframework.aop.support.DelegatingIntroductionInterceptor.invoke(DelegatingIntroductionInterceptor.java:124) ~[spring-aop-5.0.9.RELEASE.jar:5.0.9.RELEASE]
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:185) ~[spring-aop-5.0.9.RELEASE.jar:5.0.9.RELEASE]
at org.springframework.aop.framework.CglibAopProxy$DynamicAdvisedInterceptor.intercept(CglibAopProxy.java:688) ~[spring-aop-5.0.9.RELEASE.jar:5.0.9.RELEASE]
at com.cisco.ngfw.onbox.importer.upgrader.AccessRuleHandler$$EnhancerBySpringCGLIB$$88f515f1.transformObject(<generated>) ~[importer.jar:?]
at com.cisco.ngfw.onbox.importer.services.UpgradeSqliteToNeo4jImporter.importFromIdEntityRowWithHandler(UpgradeSqliteToNeo4jImporter.java:354) ~[importer.jar:?]
at com.cisco.ngfw.onbox.importer.services.UpgradeSqliteToNeo4jImporter.importFromIdEntityRow(UpgradeSqliteToNeo4jImporter.java:306) ~[importer.jar:?]
at com.cisco.ngfw.onbox.importer.services.UpgradeSqliteToNeo4jImporter.importFromEntityRow(UpgradeSqliteToNeo4jImporter.java:270) ~[importer.jar:?]
at com.cisco.ngfw.onbox.backend.services.configdb.SqliteToNeo4jImporter$2.processEntityRow(SqliteToNeo4jImporter.java:293) ~[config-db.jar:?]
at com.cisco.ngfw.onbox.backend.services.configdb.SqliteDbHandlerBase$EntityRowHandlerBase.processRow(SqliteDbHandlerBase.java:427) ~[config-db.jar:?]
at com.cisco.ngfw.onbox.backend.services.configdb.SqliteDbHandlerBase.readAllEntitiesWithFilterCondition(SqliteDbHandlerBase.java:227) ~[config-db.jar:?]
at com.cisco.ngfw.onbox.backend.services.configdb.SqliteDbReader.getAllEntitiesInDependencyOrder(SqliteDbReader.java:36) ~[config-db.jar:?]
at com.cisco.ngfw.onbox.backend.services.configdb.SqliteToNeo4jImporter.doImportFromSqlite(SqliteToNeo4jImporter.java:207) ~[config-db.jar:?]
at com.cisco.ngfw.onbox.backend.services.configdb.SqliteToNeo4jImporter.importFromSqlite(SqliteToNeo4jImporter.java:163) ~[config-db.jar:?]
at com.cisco.ngfw.onbox.importer.services.UpgradeSqliteImportService.importConfigFromSqlite(UpgradeSqliteImportService.java:146) ~[importer.jar:?]
at com.cisco.ngfw.onbox.importer.services.UpgradeSqliteImportService.importConfig(UpgradeSqliteImportService.java:119) ~[importer.jar:?]
at com.cisco.ngfw.onbox.importer.NGFWDBImporter.importConfigSqlite(NGFWDBImporter.java:214) ~[importer.jar:?]
at com.cisco.ngfw.onbox.importer.NGFWDBImporter.main(NGFWDBImporter.java:163) [importer.jar:?]
2020-11-22 11:00:45 main: INFO NGFWDBImporter:174 - Shutting-down

 

This seems to be very internal to FTD image (seems that you are having
problems in importing data into DB tables).

I suggest reimage the unit and restore a successful backup. This will be
the fastest option rather than trying this (if it can be resolved). I think
TAC will suggest the same thing.


***** please remember to rate useful posts

maybe i will run into the same issue again if i reimage it to 6.4 and go to 6.4.0.10 and load a backup...  there isnt much config in it , so maybe i'll image it from start 6.7 and reconfigure.. 

 

Im getting really tired of these bugs from cisco.. have had 5505X and 5508X earlier with upgrade issues..

 

thanks.

I agree that ASAs based on FTD were horrible. But the new hardware has been
very stable. I tried FTD1140/20 and it was very good.

With regards to images, anything before 6.5 wasn't causing issues for me
(except 6.2.3). But from 6.5 onwards it's been very stable.

**** please remember to rate useful posts
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: