Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
807
Views
0
Helpful
4
Replies

Running Configuration from FTD showing old and obsolete firewall rules

systems100
Level 1
Level 1

‎09-29-2021 01:57 AM

Dear All,

 

Kindly assist,

 

Am generated running config from cisco FTD cli, but then it displayed old and obsolete firewall rules and not the rules currently on it which i deployed via Cisco FMC.

Is there anyway to generate the current running config from Cisco FMC or via another mode on the Cisco FTD?

I will appreciate a prompt response.

0 Helpful
4 Replies 4

balaji.bandi
Hall of Fame
Hall of Fame

‎09-29-2021 02:55 AM

From FMC, Devices, select the device,  From General click Get device config as mentioned below.

 

 

image.png

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

systems100
Level 1
Level 1
In response to balaji.bandi

‎09-29-2021 03:35 AM

Hi Balaji,

 

Many thanks.

 

However clicking on the Get device config, am not still able to get the device configuration itself, rather it is trying to get the configuration from another device to the device.

 

What else do you suggest i do?

0 Helpful

balaji.bandi
Hall of Fame
Hall of Fame
In response to systems100

‎09-29-2021 04:24 AM

Did your FMC manage many FTD devices ? make sure you select the correct device to get config.

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

Oliver Kaiser
Level 7
Level 7

‎09-29-2021 10:47 AM

Just to clarify - You edited your accesspolicy, pushed the changes via deployment to your firewall, but when you directly connect to your firewall via SSH after the deployment is done you do not see the correct configuration on there?

 

Can you verify that

 

a. Your accesspolicy is assigned to the firewall in question 

b. Your deployment was successful (and that the deployment transcript includes the changes to your accesspolicy

c. State of configuration via SSH using > show access-control-config (you may use /<your-firewall-rule> to search the output

 

If your deployment was successful and you see the changes in the transcript but not on the device itself I'd suggest opening a TAC Case. Using https://bst.cloudapps.cisco.com/bugsearch or https://www.cisco.com/c/en/us/support/security/defense-center/products-release-notes-list.html you may also search for open/fixed caveats that might match your problem

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card