Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1365
Views
0
Helpful
4
Replies

Smart licensing error

Singh007
Level 1
Level 1

‎06-21-2023 05:36 AM

i am getting error while registering the device FPR1140 running code 9.14(ASA) as : 

REGISTERING - REGISTRATION IN PROGRESS
Export-Controlled Functionality: NOT ALLOWED
Initial Registration: FAILED on Jun 21 2023 10:29:49 UTC
Failure reason: Communication message send error
Next Registration Attempt: Jun 21 2023 10:47:57 UTC

 

I then check and found that DNS entry is correct:

dns domain-lookup outside
dns server-group DefaultDNS
name-server 4.2.2.2
name-server 8.8.8.8
domain-name ngk

i can do ping for any outside ip , but hostname resolution is not happening i.e i can ping 8.8.8.8 but cannot ping google.com

TAC said they will not assist me as this has to done from my end
Any advice that i need to do

 

1 person had this problem
0 Helpful
4 Replies 4

Marvin Rhoads
Hall of Fame
Hall of Fame

‎06-21-2023 12:08 PM

To check registration you should be using "ping system" from the cli since that forces the traffic out the management interface. the DNS servers setup for management are different than what's used for data interfaces. Check that setup with "show network".

I also note that you show "Export-Controlled Functionality: NOT ALLOWED". normally you need to specify in the Smart License token generation to allow this. It is a check box to be checked when generating the token.

0 Helpful

fhermion
Level 1
Level 1

‎03-18-2024 02:06 AM

Hey Singh007,

Could you please let me know how you manage this ?

Thanks

 

0 Helpful

Marius Gunnerud
VIP
VIP

‎03-18-2024 12:34 PM

to do URL lookups you need to do sudo in expert mode.

how is the management interface exposed to the internet?  Is it directly connected with a public IP or does it loop through the FTD data interface?  if it goes through the FTD data interface have you permitted traffic from the management interface to tools.cisco.com on https port?

--
Please remember to select a correct answer and rate helpful posts
0 Helpful

AHack210
Cisco Employee
Cisco Employee

‎03-19-2024 06:41 AM

Personally, I configure both the outside and management for DNS

dns domain-lookup outside
dns domain-lookup management
Perseus# ping state.hi.us
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 132.160.216.127, timeout is 2 seconds:
Perseus# capture cap1 interface management real-time match udp any any eq 53

Warning: using this option with a slow console connection may
         result in an excessive amount of non-displayed packets
         due to performance limitations.

Use ctrl-c to terminate real-time capture


   1: 13:39:43.028746       172.30.4.114.17743 > 208.67.222.222.53:  udp 29
   2: 13:39:43.137627       208.67.222.222.53 > 172.30.4.114.17743:  udp 45

 

 

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card