Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1726
Views
0
Helpful
2
Replies

Issue selecting Tunnel Source

Go to solution
BmfL
Level 1
Level 1

‎11-23-2021 05:19 AM

Hello,

 

I have updated FMC and FTD to version 7.0.1 (build 84) and since then I have noticed that when creating a tunnel VTI the tunnel source does not provide all available interfaces. For example, in one of the cases I want to select outside interface but only shows inside interface. Other case there are two outside interfaces but only shows one. I was reading documentation but did not find something referring this particular issue. Need to mention that i tried to delete and create new tunnel. Interfaces where previous created and are up and running.

 

Anyone else faced this problem? Is it because I am trying to use outside interface which works as mgmt as well?

 

Here is the issue, not able to select proper interfaceHere is the issue, not able to select proper interface

Devices, Add VPN, Firepower threat defense Device, edit VTI...

 

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
BmfL
Level 1
Level 1
In response to BmfL

‎11-25-2021 01:11 AM

UPDATE

After testing everything pointed out to a bug. That said I have reported directly to Cisco where we could confirm my suspicious. So folks, as of today 25/11/2021 a bit careful updating your FMC version to 7.0.x since it was confirmed by Cisco that it is a bug and there is no workaround as of today.

 

"When the FTD is register with management-data-interface on FMC 7.0 and we try to configure VTI , we don't see "FMC access " data interface as an option for tunnel source.

 

On FMC 6.7.0.x we do see option for data-interfaces configured as "FMC access- Enable management on this interface for the Firepower Management Center " when we try to create a VTI tunnel source.

 

When we upgrade FMC from 6.7.0.x to 7.0 we can see the VTI with FMC access port as tunnel source but cannot create a new one on FMC 7.0."

  

View solution in original post

0 Helpful
2 Replies 2

Go to solution
BmfL
Level 1
Level 1

‎11-23-2021 06:08 AM - edited ‎11-24-2021 08:47 AM

Another similar case, when open tunnel source on existing deployment, 3 interfaces it shows initially, however, if a click inside then the outside interface disappear... it literally go out of the menu not possible at all to find it again, yes I did scroll up/down, etc.... Other cases, clicking on tunnel source it does not even show the desired interfaces.... It seems like we have a bug here. 

 

example1_1.PNGexample1.PNG

0 Helpful

Go to solution
BmfL
Level 1
Level 1
In response to BmfL

‎11-25-2021 01:11 AM

UPDATE

After testing everything pointed out to a bug. That said I have reported directly to Cisco where we could confirm my suspicious. So folks, as of today 25/11/2021 a bit careful updating your FMC version to 7.0.x since it was confirmed by Cisco that it is a bug and there is no workaround as of today.

 

"When the FTD is register with management-data-interface on FMC 7.0 and we try to configure VTI , we don't see "FMC access " data interface as an option for tunnel source.

 

On FMC 6.7.0.x we do see option for data-interfaces configured as "FMC access- Enable management on this interface for the Firepower Management Center " when we try to create a VTI tunnel source.

 

When we upgrade FMC from 6.7.0.x to 7.0 we can see the VTI with FMC access port as tunnel source but cannot create a new one on FMC 7.0."

  

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card