Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
Bookmark
|
Subscribe
|
3243
Views
0
Helpful
1
Replies

Unable to deploy Policies from Primary unit(FMC)

bibek_deo
Level 1
Level 1

‎02-03-2021 07:25 AM - edited ‎02-03-2021 08:49 AM

HI,

 

I have Firepower (FTD) in HA managed through a standalone  FMC, There is  a peculiar issue, Whenever my Primary unit is active and I deploy , I get the error " Deployment failed due to communication Error", So I have to switch over to secondary unit to deploy and get the successful deployment.

I don't have any issue while doing deployment when Secondary unit is active , What could be the issue, 

 

Thanks 

 

Bibek 

0 Helpful
1 Reply 1

Oliver Kaiser
Level 7
Level 7

‎02-03-2021 01:47 PM

Could be a variety of possible issues. First of all I'd verify connection between your primary firewall and FMC. If possible I'd recommend a reboot of the primary, but in case you do not want to reload you can go ahead and use pmtool to restart sftunnel (communication channel between FMC and FTD) and/or ngfwManager (process that handles deployment on FTD side).

 

From FTD CLI

> pmtool restartbyid sftunnel

> pmtool restartbyid ngfwManager

 

In case the issue still occurs you can use pigtail on FMC and FTD to gather more information on the error and upload it here so I can take a look. You can use the following command from FTD SFCLI and FMC root shell

> pigtail deploy

 

Hope that helps

0 Helpful
Review Cisco Networking for a $25 gift card
Top