getPeersByRole: unable to connect to db at /usr/local/sf/lib/perl/5.10.1/SF/PeerManager/Peers.pm lin...

kostasthedelegate · ‎07-05-2020

Hello,

I stumbled upon this error when trying to add FMC as manager to the SFR

getPeersByRole: unable to connect to db at /usr/local/sf/lib/perl/5.10.1/SF/PeerManager/Peers.pm line 18

The situation is as follows:

I upgraded the ASA.

Then I started to upgrade the FMC. It is in KVM. It had problems so we build a new one and I restored the backup.

After that, the sfr showed no managers and when I try to add it says the above error.

I tried telnet to the SFR from the FMC but it did not work.

When I restarted the ASA the same telnet worked once then it was refused again.

Any ideas?

Thanks and regards,

Konstantinos

Sheraz.Salim · ‎07-05-2020

check this link might be help for you

https://community.cisco.com/t5/network-security/link-firepower-with-firesight/td-p/2805182

please do not forget to rate.

Marius Gunnerud · ‎07-05-2020

What version was the backup from? and what version is the newly built SFR? It could be a corrupt database when restoring the backup. If this is the case you will either need to build a new SFR and configure it from scratch or get TAC involved and have them fix the database.

--
Please remember to select a correct answer and rate helpful posts

kostasthedelegate · ‎07-05-2020

Hi,

The backup was from FMC 6.1 and it was restored to a newly built 6.1

Marius Gunnerud · ‎07-06-2020

are you able to ping from SFR to FMC?

On both FMC and SFR do the following (escalate to expert mode in SFR):

Escalate privilages to root and check netstat -tan | grep 8305

Also check pmtool status | grep sftunnel and check if the sftunnel is up and running

on SFR issue show network to verify the port being used is 8305

Are you able to SSH from FMC to SFR using port 8305?

--
Please remember to select a correct answer and rate helpful posts