cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
4729
Views
55
Helpful
4
Replies

Is unregistered FTD still functional?

h.dam
Level 1
Level 1

Hello all,

We have a FTD A/P pair registered after purchase. They are working well until last month. They have lost the licenses without reason and became unregistered.

This is the first time I met after more than ten years pratices on Cisco devices.

I'd like to know the following if you guys can help me:

1/ What are the potential causes to make them lost?

2/ If the FTD are unregistered, can they continue to work as before, eg. to permit/deny traffic flow according to the policy? (I noticed that I cannot apply changes)

Thank you very much.

2 Accepted Solutions

Accepted Solutions

Marvin Rhoads
Hall of Fame
Hall of Fame

You may be affected by this field notice:

https://www.cisco.com/c/en/us/support/docs/field-notices/721/fn72103.html

As you noticed, policy changes are not allowed without any license. Existing Access Control Policies will continue to work.

View solution in original post

I've found that even if you have 7.0.1 you may still need to "remove the certificate file at /etc/sf/gch/call_home_ca and restart the Smart Licensing Agent (sla) process to resume communications with Cisco Smart Software Manager (CSSM)".

Please refer to the field notice that I linked earlier for the step-by-step instructions.

View solution in original post

4 Replies 4

Marvin Rhoads
Hall of Fame
Hall of Fame

You may be affected by this field notice:

https://www.cisco.com/c/en/us/support/docs/field-notices/721/fn72103.html

As you noticed, policy changes are not allowed without any license. Existing Access Control Policies will continue to work.

Hello Marvin,

Thank you very much for the document.

My FTDs are v7.0.1.But I didn't find this version in the document.

As I understood, there are two solutions. 1/ software upgrade 2/ import the IdenTrust Commercial CA certificate

In my case, which solution do I need to do?

 

Regards

I've found that even if you have 7.0.1 you may still need to "remove the certificate file at /etc/sf/gch/call_home_ca and restart the Smart Licensing Agent (sla) process to resume communications with Cisco Smart Software Manager (CSSM)".

Please refer to the field notice that I linked earlier for the step-by-step instructions.

OK

Thank you very much.

 

Regards

 

Review Cisco Networking for a $25 gift card