11-16-2020 01:20 AM
Hi everybody.
I have to firepower 2140 HA on FMC, but one of them reset to factory default.
right now I want to add a manager on the factory default device, but I forgot the registration key how can I get the registration key.
I find reg_key hash text in /etc/sf/sftunnel.conf on FMC.
can decry it and get the key?
Which kind of encryption does it use?
can anyone help me!!!!!!
11-16-2020 02:12 AM
Is this a standalone installation or HA?
There really is no way to recover the registration key. You will need to remove the FMC from the FTD and FMC as a manager and then re-add it with a new key. This will remove all configuration on the FTD except for the management configuration. Then redeploy the configuration from the FMC.
11-16-2020 02:29 AM
Even if you had remembered the key, you cant re-establish the sf tunnel between FMC and FTD as you mentioned FTD is now factory default.
As mentioned by Marius, you need to re-register the device.
First break FTD HA in FMC. (take necessary screenshots of HA config from FMC, like secondary IPs etc.)
Delete the one which got to factory default from FMC
Add it back to FMC, with new reg key.
Make the existing device with config as primary and add it back to HA.
Regards,
Chuck
Please rate helpful posts !!
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide