09-15-2023 02:33 AM
Hi All,
I need to remove our Umbrella DNS policy from the Inspection part of a Acces Control Policy.
Setting the Umbrella policy to "None", the deployment fails.
I'm only able to apply a different policy, but not remove it entirely.
FMC >> vpn-addr-assign local
FMC >> policy-map type inspect dns preset_dns_map
FMC >> parameters
FMC >> no umbrella device-id 010a05988689d935
dk-dc-transit-ftd-dc01 >> [error] :
no umbrella device-id 010a05988689d935
^
ERROR: % Invalid input detected at '^' marker.
Config Error -- no umbrella device-id 010a05988689d9
Cheers
09-15-2023 03:10 AM
Hmm strange. What version FMC are you using?
You could try to create a new Umbrella DNS policy, select it and deploy, and then once that is completed, try selecting None again.
09-15-2023 03:32 AM
09-16-2023 05:53 AM
UPDATE:
We spend some more time troubleshooting this issue, and discovered that everytime a new Domain bypass is created on the Umbrella Policy, an additional line "domain local bypass" is added to the "Global Umbrella" CMD. These no validation on this in the FMC GUI, and the value in the GUI cannot be "BLANK". We added "none" to the bypass list, and "none" was listed as a domain to be bypassed.
With Flexconfig we managed to remove the bypass config from the LINA code. We also tried to remove "umbrella device-id 010a05988689d9352" with Flexconfig but it failed. We did notice additional whitespace in the commandlet in the configuration.
10-04-2023 12:32 PM
I am having the exact same issues - cdFMC is on version 7.4, while the 2110 is on 7.3.1. Unable to resolve via Flexconfig and cdFMC.
03-25-2024 06:23 AM
I'm running FMC and FTD 1150 at 7.2.5.1 and I am experiencing the same issue.
03-26-2024 03:02 AM
We had the issue resolved via a TAC case, unfortunately!
08-02-2024 11:31 AM
I ran into the same issue when attempting to removing the Umbrella connector feature while troubleshooting DNS issues that some Anyconnect users were experiencing. Just curious what was the underlying issue that led you to try and remove it.
08-02-2024 12:04 PM
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide