cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
827
Views
5
Helpful
4
Replies

issue with deploying polices on firepower

richard.jackson
Level 1
Level 1

Hi - I have a 5508 in my home lab with a firepower SFR - I recently upgraded it to version  7.0.4 - (had to do a re-image but thats another story ) however after adding the VDB (build 361) and latest Geo file. I am unable to deply any polices.

In the task manager I get Failed to validate configuration files as the reason.

I do see a bug  with a similar issue point to the snort engine - but unable to resolve.  I have tried a full reboot and all services appear to be up.

Any ideas are welcome..

 

1 Accepted Solution

Accepted Solutions

What versions of ASA and ASDM are you running? 9.16(x) with 7.16(X) would be recommended since ASA > 9.16 is not supported with Firepower service modules.

View solution in original post

4 Replies 4

How are you managing the SFR?  If using FMC check the following:

Possibly an SRU mismatch?  If you go to Updates > Rule Updates > Rule Update Log  do you see any errors here?

Also, might be a good idea to check the Deployment History also.

--
Please remember to select a correct answer and rate helpful posts

Hi Marius,

 

I am using ASDM to manage the SFR

 

in the rule update the following:-

Snort Rule Update 2023 01 18 001 vrt
Completed install of Snort Rule Update 2023-01-18-001-vrt

 

lsp rel 20210503 2107
Incomplete
lsp-rel-20210503-2107 Policies Could not update LSP policies.

 

Snort Rule Update 2021 05 03 001 vrt
Completed install of Snort Rule Update 2021-05-03-001-vrt

I going to have a look as to why that failed

What versions of ASA and ASDM are you running? 9.16(x) with 7.16(X) would be recommended since ASA > 9.16 is not supported with Firepower service modules.

richard.jackson
Level 1
Level 1

Hi Marvin,  many thanks it was a version issue - I had change to version 6.6.7 to resolve the issue

Review Cisco Networking for a $25 gift card