08-13-2023 03:17 AM
Hi community,
FTD Versions: 7.0.1/7.0.5/7.2.4
FMC version: 7.3.1
I have 31 FTDs managed by the FMC, suddenly 29 out of them are showing offline now, only 2 are online. From FMC System->Health Monitor at the Time Sync section I can see that FTDs are disconnected. I think this might be a time sync problem, but 2 days ago everything was working fine.
> show ntp
NTP Server : 127.127.1.1
Status : Being Used
Offset : +0.000 (milliseconds)
Last Update : 33 (seconds)
Use of uninitialized value $uuid_passed in split at /usr/local/sf/lib/perl/5.24.4/SF/PeerManager/PeerInfo.pm line 421.
NTP Server : Managing DC
Status : Unknown
Offset : +0.000 (milliseconds)
Last Update : - (seconds)
How to force FTD to sync with FMC time again? From searches i did everywhere it says to use Platform Setting, but the problem is that I cannot deploy the configuration since the FTDs are offline from FMC.
Best regards,
BR
08-14-2023 12:59 AM
Pretty sure that you need to do this manually from the CLI on each FTD -
If remote site reports loss of time sync, login to firewall CLI at remote site. Enter expert mode, enter su mode & set date/time:
> expert
admin@REMOTE-FW01:~$ sudo su -
Password:
root@REMOTE-FW01:~# date
Mon Jan 5 22:15:14 UTC 2015
root@REMOTE-FW01:~# date --set="Mon Dec 5 22:15:14 UTC 2022"
It only has to be within a minute of the date/time on the FMC. NTP will smooth out the wrinkle.
08-14-2023 05:08 AM
Have changed the time on FTD being the same time and date as FMC but didn't work.
08-14-2023 05:49 AM - edited 08-14-2023 05:58 AM
@Bledian check the logs to see why communication is failing sudo tail -f /ngfw/var/logs/messages
Run capture-traffic and filter on tcp/8305 to determine if there is communication from the FTD to the FMC and do the same again filtering on ntp.
08-14-2023 08:17 AM
In platform settings if using platform settings, did you select Management Center to synch the clock to under Time Synchronization?
An option you might consider is to edit the NTP settings in /etc/ntp.conf to point to an NTP server in your network with the correct time (remember to make not of the current configuration in that file). Then once you have connection with the FMC again, set the ntp.conf configuration back to the original values.
08-14-2023 12:34 PM
They are back online and, idk why they went offline and why are they back online after 5-6 days. lol
08-15-2023 02:03 PM
Turns out that actually its not an ntp problem, I switched traffic of all spokes through another HUB, and they are back online.
But, the problem remains with the other HUB.
08-16-2023 01:30 AM
Interesting, Then it would seem that the other HUB is faulty.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide