cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
24457
Views
29
Helpful
59
Replies

Talos Connectivity Problem

Ditter
Level 4
Level 4

Hi to all ,

i am getting many messages as the following:

Severity: critical
Module: Talos Communication
Description: 3 modules failed:

  • * URLDB- Failed to retrieve beaker inventory
  • * LSP- Failed to retrieve beaker inventory

My subscription is active (it expires in 2026).  

Any ideas about why is this happening?   Is it a problem that has to do with Talos?

Please note that this is the first time i get this message. 

The only change i did some days ago was to change the "Cached URLs Expire" which was set to never and i changed it to "week" but i do not think that my issue has something to do with it.

Any ideas,

Thanks, 

Ditter.

59 Replies 59

Apologies i upgrade FMC to 6.2 recommended

We started getting the Talos LSP health alert this morning. Restarting the talosAgent and beaker3 services seems to have fixed it.

Thanks!

We havent had the problem for a while. Running 7.7 was ok. After uograding to 7.7.10 and 7.7.10.1 the problem is back. Dont understand why at all!
Please rate as helpful, if that would be the case. Thanx

Getting "Cisco Support Diagnostics Configuration failure" on the FTD's connected to FMC's after restarting, any tips ?

Please rate as helpful, if that would be the case. Thanx

Hi Jon,

We had those errors here too, but dont seem related to talos connectivity problem. We've recently test log sending to SCC and we had some options checked on Integrations / Cisco security cloud to "send events to cloud" but the Cisco Security Cloud was disabled. We unchecked the options to send logs and errors disappeared. 

Did a disconnect - reconnect to cloud and everything back to normal.

Please rate as helpful, if that would be the case. Thanx

So, is this related and/or limited to 7.7.0-91? I see there is now a disclaimer "If you are already running 7.7.0-89. Do not upgrade/install the newly posted image (7.7.0-91). Reach out to Cisco TAC for a workaround." at the software download section.

@HQuest that is unrelated and due to a separate issue related to NAT in site-site VPNs.

Ditter
Level 4
Level 4

@BACANEL @Marvin Rhoads Thanks both,  i restarted only the two processes mentioned by Bacanel.  I did not restart (fireamp & CloudAgent but the warnings messages stopped by restarting the first two processes (talosagent and beaker3):

Thanks,

Ditter

 

 

 

 

 

JF Anctil
Level 1
Level 1

FYI : 

JFAnctil_0-1743778050610.png

VDB 406 is not released yet but it worked with this GeoDB database update.

Update : The script is running only on the active FMC. My secondary FMC has the new GeoDB update but has not run the script to renew the certificate.

Update2 : Same for VDB Update. The script is not running on secondary FMC so the certificate is still not renewed.

Loebmann
Level 1
Level 1

Hello everyone,

 I have installed the GeoDB and VDB 406 and restarted the vFMC, but the error message remains the same. Does anyone else have this?

 Thanks

Ditter
Level 4
Level 4

Still the same error with me although it seemed to have stopped. I have already upgraded to VDB 406 but i still get :

Health Monitor Alert from fmc
Time: Sat Apr 12 11:05:31 UTC 2025 UTC
Severity: critical
Module: Talos Communication
Description: 1 modules failed:

 

  • * LSP- Failed to retrieve beaker inventory

I haven't rebooted the FMC. Doo in need to reboot it ?

Thanks,

Ditter

 

 - @Ditter             FYI : https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwo63951

    M.



-- Let everything happen to you  
       Beauty and terror
      Just keep going    
       No feeling is final
Reiner Maria Rilke (1899)

Ditter
Level 4
Level 4

@Mark Elsen Thanks , had already followed this bug instruction both the temp step as well as the more persistent one.

But the messages about talos communication were still coming, magically they stopped today at 4:22 am (CET) 

To be frank i do not know if they will start again.

Thanks,

Ditter

I'm not sure if this is related, but I suspect it is.

I've got a HA pair of on-box managed vFTD's running 7.7.0 and they cannot update the SRU.  Clicking the Updates, Intrusion Rule, Update From Cloud button initiates the download, but it almost immediately fails with the error "Snort 3 cloud update failed: No response from the update server or connection timeout. Please try again."

The /ngfs/var/log/sf/talos_agen.log file has lots of these 

TalosAgent:WARN: main.go:main.main.func4:237 2025/04/24 17:19:04 periodic catalog download failed: <nil>. attempt: 5
TalosAgent:INFO: enrich.go:talosagent.cisco.com/pkg/enrich.QueryTaxonomyCatalogsMetadata:250 2025/04/24 17:19:09 QueryTaxonomyCatalogsMetadata() started.
TalosAgent:INFO: enrich.go:talosagent.cisco.com/pkg/enrich.QueryTaxonomyCatalogsMetadata:265 2025/04/24 17:19:09 QueryTaxonomyCatalogsMetadata request:
{
  "app_info": {
    "device_id": "0050569F0B17",
    "product_family": "secure_firewall",
    "product_id": "75A",
    "product_version": "7.7.0"
  }
}
TalosAgent:INFO: enrich.go:talosagent.cisco.com/pkg/enrich.QueryTaxonomyCatalogsMetadata:273 2025/04/24 17:19:09 QueryTaxonomyCatalogsMetadata() failed.
TalosAgent:ERROR: main.go:main.main.func4:252 2025/04/24 17:19:09 periodic catalog download: failed to query taxonomy catalog metadata: rpc error: code = Internal desc = Internal error occurred: Request failure: connection error: received fatal alert: CertificateExpired

Manually uploading the latest SRU .tar file doesn't initiate the install.

I'm not sure how to resolve.

Review Cisco Networking for a $25 gift card