cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1499
Views
2
Helpful
7
Replies

FTD is showing offline on FMC

Bledian
Level 1
Level 1

Hi community,

FTD Versions: 7.0.1/7.0.5/7.2.4

FMC version: 7.3.1

I have 31 FTDs managed by the FMC, suddenly 29 out of them are showing offline now, only 2 are online. From FMC System->Health Monitor at the Time Sync section I can see that FTDs are disconnected. I think this might be a time sync problem,  but 2 days ago everything was working fine.

 
Time Synchronization Status
x.x.x.x is disconnected
x.x.x.x is disconnected
x.x.x.x is disconnected
x.x.x.x is disconnected
x.x.x.x is disconnected
x.x.x.x is disconnected
x.x.x.x is disconnected
x.x.x.xis disconnected
x.x.x.x is disconnected
x.x.x.x is disconnected
x.x.x.x is disconnected

From show ntp on FTD i see that FTDs are using local time and not syncing from FMC.

> show ntp
NTP Server : 127.127.1.1
Status : Being Used
Offset : +0.000 (milliseconds)
Last Update : 33 (seconds)

Use of uninitialized value $uuid_passed in split at /usr/local/sf/lib/perl/5.24.4/SF/PeerManager/PeerInfo.pm line 421.
NTP Server : Managing DC
Status : Unknown
Offset : +0.000 (milliseconds)
Last Update : - (seconds)

How to force FTD to sync with FMC time again? From searches i did everywhere it says to use Platform Setting, but the problem is that I cannot deploy the configuration since the FTDs are offline from FMC.

Best regards,

BR

7 Replies 7

hunnymonster
Level 1
Level 1

Pretty sure that you need to do this manually from the CLI on each FTD - 

 

If remote site reports loss of time sync, login to firewall CLI at remote site. Enter expert mode, enter su mode & set date/time:

> expert
admin@REMOTE-FW01:~$ sudo su -
Password:
root@REMOTE-FW01:~# date
Mon Jan 5 22:15:14 UTC 2015
root@REMOTE-FW01:~# date --set="Mon Dec 5 22:15:14 UTC 2022"

 

It only has to be within a minute of the date/time on the FMC. NTP will smooth out the wrinkle.

Have changed the time on FTD being the same time and date as FMC but didn't work.

@Bledian check the logs to see why communication is failing sudo tail -f /ngfw/var/logs/messages

Run capture-traffic and filter on tcp/8305 to determine if there is communication from the FTD to the FMC and do the same again filtering on ntp.

In platform settings if using platform settings, did you select Management Center to synch the clock to under Time Synchronization?

An option you might consider is to edit the NTP settings in /etc/ntp.conf to point to an NTP server in your network with the correct time (remember to make not of the current configuration in that file).  Then once you have connection with the FMC again, set the ntp.conf configuration back to the original values.

--
Please remember to select a correct answer and rate helpful posts

They are back online and, idk why they went offline and why are they back online after 5-6 days. lol

Turns out that actually its not an ntp problem, I switched traffic of all spokes through another HUB, and they are back online.

But, the problem remains with the other HUB.

Interesting, Then it would seem that the other HUB is faulty.

--
Please remember to select a correct answer and rate helpful posts
Review Cisco Networking for a $25 gift card