Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
558
Views
0
Helpful
5
Replies

Problem with Firepower FTD and Smart License registration

Go to solution
skrzyszkowski
Level 1
Level 1

‎09-29-2025 07:38 AM - edited ‎09-29-2025 08:30 AM

Hello All,

I have problem with Firepower 1010 FTD ver. 7.6.2.1-3 and Smart License registration.
The device is managed locally by FDM.
I generated a token on my Smart Account and copied it to FTD Smart License Registration.
When I try to register the device I get an error: "Invalid response form licensing cloud"
Internet connection to tools.cisco.com and smartreceiver.cisco.com, DNS and NTP are correct.
What could be causing this problem?
Please help me.

 

Preview file
58 KB
Preview file
23 KB
Preview file
42 KB
Preview file
158 KB
Preview file
31 KB
0 Helpful
2 Accepted Solutions

Accepted Solutions

Go to solution
balaji.bandi
Hall of Fame
Hall of Fame
In response to skrzyszkowski

‎09-30-2025 08:01 AM

i am sure FTD 1010 have expert mode, go to expert mode and test 

# telnet tools.cisco.com 443
# curl -vvk https://tools.cisco.com

also check the logs /var/logs/

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

View solution in original post

0 Helpful

Go to solution
skrzyszkowski
Level 1
Level 1

‎09-30-2025 11:47 PM

After connecting the interface management0 the device was successfully registered.
The diagram on the main FTD dashboard showing that the Smart License server is accessed via interface outside is incorrect and misleading.
Case closed.
Thank you for your help.

View solution in original post

0 Helpful
5 Replies 5

Go to solution
balaji.bandi
Hall of Fame
Hall of Fame

‎09-29-2025 09:00 AM

Since you are usinng outgoing interface to connect smart License and you mentioned reachable, then you need to run 

show tech-support license  (check what is wrong).

generally its straight forward :

https://www.youtube.com/watch?v=2Cive4_GN1M

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

Go to solution
skrzyszkowski
Level 1
Level 1

‎09-30-2025 05:37 AM

Yes, it's straightforward.
I do everything like in this video, but it doesn't work.

There is no command show tech-support license.
There is command show tech-support but it does not have any license information.

Cisco Firepower Extensible Operating System (FX-OS) v2.16.0 (build 4006)
Cisco Firepower 1010 Threat Defense v7.6.2.1 (build 3)

> show tech-support
<cr>

 

0 Helpful

Go to solution
balaji.bandi
Hall of Fame
Hall of Fame
In response to skrzyszkowski

‎09-30-2025 08:01 AM

i am sure FTD 1010 have expert mode, go to expert mode and test 

# telnet tools.cisco.com 443
# curl -vvk https://tools.cisco.com

also check the logs /var/logs/

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

Go to solution
skrzyszkowski
Level 1
Level 1

‎09-30-2025 10:31 AM - edited ‎09-30-2025 10:39 AM

On FTD CLI tools.cisco.com is reachable via outside interface:

> ping tools.cisco.com
Please use 'CTRL+C' to cancel/abort...
Sending 5, 100-byte ICMP Echos to 72.163.4.38, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 150/150/150 ms

> show route

Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, V - VPN
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, + - replicated route
SI - Static InterVRF, BI - BGP InterVRF
Gateway of last resort is 192.168.18.1 to network 0.0.0.0

S* 0.0.0.0 0.0.0.0 [1/0] via 192.168.18.1, outside
C 192.168.18.0 255.255.255.0 is directly connected, outside
L 192.168.18.52 255.255.255.255 is directly connected, outside
C 192.168.118.0 255.255.255.0 is directly connected, inside
L 192.168.118.1 255.255.255.255 is directly connected, inside

The diagram on the main FTD dashboard shows that access to the Smart License server is via interface outside  (see attached screenshot).


On Expert Mode tools.cisco.com is not reachable via interface management0 becouse interface management0 is down:

> expert
admin@firepower:~$ telnet tools.cisco.com 443
telnet: could not resolve tools.cisco.com/443: Temporary failure in name resolution

admin@firepower:~$ ping tools.cisco.com
ping: tools.cisco.com: Name or service not known


admin@firepower:~$ route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
default 192.168.218.1 0.0.0.0 UG 0 0 0 management0
127.0.2.0 0.0.0.0 255.255.255.0 U 0 0 0 tap0
127.128.254.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
127.129.1.0 0.0.0.0 255.255.255.0 U 0 0 0 ccs0
169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 tun1
169.254.1.0 0.0.0.0 255.255.255.248 U 0 0 0 tap_nlp
192.168.218.0 0.0.0.0 255.255.255.0 U 0 0 0 management0
203.0.113.128 0.0.0.0 255.255.255.248 U 0 0 0 tap_M0

Preview file
59 KB
0 Helpful

Go to solution
skrzyszkowski
Level 1
Level 1

‎09-30-2025 11:47 PM

After connecting the interface management0 the device was successfully registered.
The diagram on the main FTD dashboard showing that the Smart License server is accessed via interface outside is incorrect and misleading.
Case closed.
Thank you for your help.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card