ā11-08-2022 11:29 PM
Hi Guys, i have this issues "Smart License usage is out of compliance." ... what is the solution of this error
Thanks !
Solved! Go to Solution.
ā11-09-2022 03:40 AM
Try this please:
1) Go into the FMC CLI into expert mode
2) Type "sudo su -" and type in the password
3) Issue the command "rm /etc/sf/gch/call_home_ca"
4) Issue the command "pmtool restartbyid sla"
5) Issue the command "pmtool restartbyid CloudAgent"
6) Wait a couple of minutes and check the registration again.
ā11-09-2022 12:08 AM - edited ā11-09-2022 12:09 AM
Looks like it was registered a long time in 2020 ( what happens when you click re-authorise )
First, i would log in to the portal and check the License and any alerts related to the License.
Second, if all that is good, I will troubleshoot - is the FMC able to reach the smart license Server ? (follow below guide)
ā03-09-2023 05:07 AM
Are you saying log into Smart license portal?
ā03-09-2023 05:14 AM
@CiscoBrownBelt give us some context to your question or start a new thread.
ā11-09-2022 01:25 AM
Yes i logged to the portail and i see this in the portal :
ā11-09-2022 03:28 AM - edited ā11-09-2022 03:28 AM
check the details it will give you more information - check your oder or purchase ?
ā11-09-2022 03:40 AM
Try this please:
1) Go into the FMC CLI into expert mode
2) Type "sudo su -" and type in the password
3) Issue the command "rm /etc/sf/gch/call_home_ca"
4) Issue the command "pmtool restartbyid sla"
5) Issue the command "pmtool restartbyid CloudAgent"
6) Wait a couple of minutes and check the registration again.
ā12-11-2023 07:39 PM
I have exact same issue for an FMC but my version is 7.0.2. Have you seen similar issue for 7.0.2 FMC ?
ā12-12-2023 02:14 AM
Did you try the above suggested steps and they didn't work?
ā12-13-2023 12:05 PM
I did not try this as version is more than 6.5 since was thinking version wise it not affect. Do you think is a worth try , I still have the Expired Root CA in the Trusted CA store of FMC.
ā11-09-2022 04:15 AM
If you are running an older release, you need to update it to allow FMC to accept the newer certificates that Cisco has been using for some time now.
https://www.cisco.com/c/en/us/support/docs/field-notices/723/fn72332.html
ā11-10-2022 12:03 AM
@Marvin RhoadsI'm using 6.5.0 in FMC, manage two FTD(6.3.0) ...
@Aref Alsouqi are will be some impact in the production with thoses command
Thanks !
ā11-10-2022 01:13 AM
No impact AFAIK. The issue would be related to a change from Cisco side of a trusted certificate. The steps I provided should fix the issue, however, if that doesn't help please follow the instructions of the "Firepower - Manual Certificate Update" in the link @Marvin Rhoads provided. Please remember to issue the command "pmtool restartbyid CloudAgent" which is not documented on that link I think. If you don't issue this additional command you would need to wait for the FMC to trigger the synch again which I don't know how long it would take.
ā11-10-2022 12:07 AM
is it a problem of licence expired or just an update of FMC & FTD
ā11-10-2022 05:39 AM
It's (usually) not a problem of license being expired but rather the FMC not trusting the updated certificates being used by Cisco.
If you are running 6.5.0 managing 6.3.0 devices I strongly recommend you evaluate your operations as the version are quite out of date and subject to a lot of bugs and lacking features included in the more current releases.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide