Hello everybody,
our customer has 1 cluster of two Firepower 1120 running rel. 7.4.2.1
managed by the FMCv running rel. 7.4.2.1 too.
The Health Monitor shows the error message:
Cisco Cloud Configuration - Unable to reach Cisco Cloud from the device. Please check the network connection..
for both devices.
The firewalls can resolve FQDNs in th Internet:
admin@firepower:~$ nslookup api-sse.cisco.com
Server: 192.168.100.25
Address: 192.168.100.25#53
Non-authoritative answer:
api-sse.cisco.com canonical name = api-sse.cisco.com.akadns.net.
Name: api-sse.cisco.com.akadns.net
Address: 54.166.161.63
Name: api-sse.cisco.com.akadns.net
Address: 3.82.76.181
Name: api-sse.cisco.com.akadns.net
Address: 2600:1f18:56c:200a:48c5:ffc1:9e69:b18a
Name: api-sse.cisco.com.akadns.net
Address: 2600:1f18:56c:200b:d1e:17aa:513b:e947
It can ping IP addresses in the Internet:
> ping 8.8.8.8
Please use 'CTRL+C' to cancel/abort...
Sending 5, 100-byte ICMP Echos to 8.8.8.8, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/10 ms
But when I try to ping FQDNs in the Internet the ping responds with "U" (unreachable):
> ping intelligence.sourcefire.com
Please use 'CTRL+C' to cancel/abort...
Sending 5, 100-byte ICMP Echos to 2620:28:c000:0:aba:ca:daba:58, timeout is 2 seconds:
UUUUU
Success rate is 0 percent (0/5)
> ping www.google.com
Please use 'CTRL+C' to cancel/abort...
Sending 5, 100-byte ICMP Echos to 2a00:1450:4016:80c::2004, timeout is 2 seconds:
UUUUU
Success rate is 0 percent (0/5)
What is going wrong here?
Every hint is welcome.
Thanks a lot!
Bye
Rene