Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1362
Views
0
Helpful
6
Replies

Questions about registering FTD to CDO FMC.

SIMMN
Spotlight
Spotlight

‎01-23-2023 06:57 AM - edited ‎01-23-2023 09:23 AM

UPDATE: I finally got it registered after deleting the pending manager in FTD and did a reboot of FTD as well...The only conclusion I got is I might have entered reg key incorrectly...

============

It is first time I am trying to register a FTD to CDO cdFMC. The cdFMC URL assigned to me is something like:

 

 

test-name-demo.app.us.cdo.cisco.com

 

 

I used the CDO generated CLI to attempt to register a new FTD (vFTD, v7.2.1 (Build 40)) but it does not look like the FTD would try to connect at all. When I try to ping the cdFMC URL, I got "ERROR: % Invalid Hostname". So the questions become:

1. Is there any restriction on FMC URL format?

2. Is there a way to change the assigned URL to cdFMC?

0 Helpful
6 Replies 6

Marvin Rhoads
Hall of Fame
Hall of Fame

‎01-23-2023 07:39 AM

Your cdFMC URL is properly formed. Have you checked your DNS configuration and reachability to the Internet for your FTD management interface?

0 Helpful

SIMMN
Spotlight
Spotlight
In response to Marvin Rhoads

‎01-23-2023 07:42 AM

If I went into expert mode in the FTD, I can ping to resolve the URL properly. But not under CLISH with ping...

0 Helpful

Marvin Rhoads
Hall of Fame
Hall of Fame
In response to SIMMN

‎01-23-2023 07:55 AM - edited ‎01-23-2023 08:14 AM

In clish, did you try "ping system test-name-demo.app.us.cdo.cisco.com"?

"Ping system" forces the traffic to use the management interface. Check something that is reachable via ping like www.cisco.com.

I checked my FTD that I have registered successfully to a cdFMC instance and note that Cisco doesn't permit ping to the dcFMC address.

0 Helpful

SIMMN
Spotlight
Spotlight
In response to Marvin Rhoads

‎01-23-2023 08:44 AM

The ping system under CLISH does give me the DNS resolution...So the issue is not about URL or DNS...I do have other firewalls registered with SecureX so I doubt it is a communication issue with Cisco cloud...

If I run sftunnel-status, I got "no peers to check"...

0 Helpful

Marvin Rhoads
Hall of Fame
Hall of Fame
In response to SIMMN

‎01-23-2023 09:26 AM

You have to use the host name Cisco provides you for cdFMC. It cannot be changed or customized. In my instance (running FTDv 7.2.0), the registration worked just fine using the CDO-generated host name.

0 Helpful

SIMMN
Spotlight
Spotlight
In response to Marvin Rhoads

‎01-23-2023 09:27 AM

Thanks. It is likely a human issue on my side...I deleted the pending FMC on FTD and manually re-add it. Now it is working...

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card