Solved: Re: Identity Realm Fails to Resolve Hostname

ATCUSN · ‎05-24-2021

When creating an Identity Realm via FDM the test passes when using the DC’s IP address, the test fails when using the DC’s FQDM.

I received the following error:

Cannot connect to realm. Messages returned:

(For identity policies) The connection test failed.

(For RA VPN authentication) Unable to resolve the hostname dc1.xxxxxxxx.com to an IP Address.

I can ping the DC by hostname via the FDM CLI

ATCUSN · ‎06-02-2021

Added the domain controller’s DNS address to the Management Interface DNS Group.

Nowhere in the configuration guide is this mentioned.

nspasov · ‎05-24-2021

This is hard to identify without knowing more about your environment and looking at some logs. Have you tried reaching out to TAC?

Thank you rating helpful posts!

ATCUSN · ‎05-24-2021

I submitted a TAC case on the 21st but they have been slow to respond.

This is a simple network, Windows Server 2019 AD, DNS and DHCP, connected to the Firepower via a switch.

Clients can resolve the DC's FQDN.

I am required to use certificates so I have to use the DC's FQDN.

ATCUSN · ‎06-02-2021

Added the domain controller’s DNS address to the Management Interface DNS Group.

Nowhere in the configuration guide is this mentioned.