04-05-2023 04:08 PM
Our FMC cannot connect to FTD to deploy changes.
We just managed this device from the previous MSP.
our FMC IP is 10.254.1.254(expired smart license)
The configured FTD IP in FMC is 162.218.233.82
but the management of FTD is configured as 172.16.0.254
also when i do "show managers on FTD"
it shows no managers configured.
let me know how to resolve this.
04-05-2023 04:57 PM
If the FTD is behind NAT - you MSP may have configured with NAT PublicIP as below .
configure manager add <public nat ip of fmc> <registration key> <natid>"
FMC IP is 10.254.1.254(expired smart license) - you need to fix the License also.
162.218.233.82 - is this your Public IP ? is this changed? if so you need to un register FTD from FMC and FTD and re-register with new Public IP
04-05-2023 05:19 PM
FTD is facing a Service provider because it has a public IP of 162.218.233.82 and its GW is .81, i believe it was natted to use .85 but i cant see it on the config of FTD locally but i see it in object management in FMC but i also cannot see the NAT config.
when i do show managers on FTD it show " no managers configured" but when i check the FMC the FTD is configured there.
i also do not know the reg key used here since the FMC doesnt have it while the FTD has no managers configured.
VPN seems up because the vpn status shows "ready"
so right now i cannot push a security policy on FTD from FMC.
04-06-2023 10:32 PM
what is the output :
> show mananger
- i also try de-register from FMC and FTD and re-register with new Key
example guide :
https://www.balajibandi.com/?p=310
04-06-2023 11:18 PM
here is the output of show managers in FTD.
> show managers
No managers configured.
also if i removed the FTD from FMC it will wipe out the config right?
the thing is the FMC is located on another site having ipsec connection with this FTD.
###################################################
also i noticed that the FMC VM smart licese is out of compliance
The FTD base license are in compliance when i checked.
hope this helps.
04-06-2023 11:36 PM
also if i removed the FTD from FMC it will wipe out the config right? <-- no this will not wipe the config
FMC VM smart license is out of compliance <-- you mentioned before, you need to fix this issue also (make sure FMC connects the smart License portal for Licenses)
04-07-2023 12:49 AM
since its showing no managers right now on FTD when i do show managers.
can i do " configure manager local" on the FTD to manage it locally?
will it wipe any config?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide