04-17-2024 01:11 AM
Hello everybody,
our customer is using the FMCv rel. 7.2.5.1 and many FTDs.
After de-register/re-register the FMC in the Smart Software Manger
because another error message four devices (7.0.1 & 7.0.5) four
devices show the error:
Threat Data Updates on Devices
Apr 17, 2024 9:46 AM
Cisco Support Diagnostics Configuration - failure. Cisco Cloud Configuration - Unable to reach Cisco Cloud from the device. Please check the network connection. see less
Data Update Status
Data Type Status
Cisco Support Diagnostics Configuration failure
SI DNS Lists and Feeds Success
Threat Configuration Success
SI Network Lists and Feeds Success
AMP Dynamic Analysis Success
URL Category and Reputation Success
SI SHA Lists (from TID) Success
SI URL Lists and Feeds Success
Local Malware Analysis Signatures Success
Cisco Cloud Configuration Unable to reach Cisco Cloud from the device. Please check the network connection.
URL Category and Reputation Metadata Success
URL Category and Reputation Success
I went to the CLI of an effected device and can ping tools.cisco.com
from the management and data interface:
> ping system tools.cisco.com
PING tools.cisco.com (173.37.145.8) 56(84) bytes of data.
64 bytes from tools2.cisco.com (173.37.145.8): icmp_seq=1 ttl=238 time=111 ms
64 bytes from tools2.cisco.com (173.37.145.8): icmp_seq=2 ttl=238 time=129 ms
64 bytes from tools2.cisco.com (173.37.145.8): icmp_seq=3 ttl=238 time=112 ms
64 bytes from tools2.cisco.com (173.37.145.8): icmp_seq=4 ttl=238 time=111 ms
64 bytes from tools2.cisco.com (173.37.145.8): icmp_seq=5 ttl=238 time=113 ms
64 bytes from tools2.cisco.com (173.37.145.8): icmp_seq=6 ttl=238 time=111 ms
^C
--- tools.cisco.com ping statistics ---
6 packets transmitted, 6 received, 0% packet loss, time 8ms
rtt min/avg/max/mdev = 111.407/114.636/128.736/6.330 ms
> ping tools.cisco.com
Please use 'CTRL+C' to cancel/abort...
Sending 5, 100-byte ICMP Echos to 72.163.4.38, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 110/110/110 ms
The DNS servers coming from the platform settings are ok in my eyes:
> show network
===============[ System Information ]===============
Hostname : FTD-BOL-01
Domains : pfaudler.com
DNS Servers : 208.67.222.222
208.67.220.220
2620:119:35::35
DNS from router : enabled
Management port : 8305
IPv4 Default route
Gateway : 10.50.50.1
Netmask : 0.0.0.0
==================[ management0 ]===================
State : Enabled
Link : Up
Channels : Management & Events
Mode : Non-Autonegotiation
MDI/MDIX : Auto/MDIX
MTU : 1500
MAC Address : CC:ED:4D:74:2B:80
----------------------[ IPv4 ]----------------------
Configuration : Manual
Address : 10.50.50.3
Netmask : 255.255.255.248
Gateway : 10.50.50.1
----------------------[ IPv6 ]----------------------
Configuration : Disabled
===============[ Proxy Information ]================
State : Disabled
Authentication : Disabled
Other devices with the same DNS-Servers do not show this error message.
What can I still do to get rid of this error message?
Thanks a lot for every hint!
Bye
R.
04-17-2024 02:19 AM
- Does the device have full https reachability to tools.cisco.com too ?
M.
04-18-2024 07:17 AM
Hi marce1000,
thanks for this!
Can I test the https reachability to tools.cisco.com from the firewall's CLI ?
Thanks a lot!
Bye
R.
04-18-2024 07:25 AM
- Depends what shell features are available on the FTD , on more standard linux you have for instance wget and nmap ,
M.
04-18-2024 07:47 AM
@swscco001 you can use curl to check https connectivity to cisco cloud services.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide