Hello Marvin!

Both screenshots are from ASDM. Yes, I have correctly installed the Control license.

Ah OK - I had forgotten how similar some of the screens are when you strip away some of the ASDM frame.

It should be configurable in that case.

Since the editing window says your system policy is out of date, have you tried deploying whatever is pending first and then editing?

We are not the machines, Marvin, so absolutely no problem with that.

About your question: yes, I have tried to deploy changes.

Actually, there are no changes to be deployed as per my memory and, much interesting and important, as per FirePower. In spite of the green checkboxes (see the screenshot), I do pressed the "Deploy" button. Nothing unusual happend then: the deploy task was created and successfully finished. Nothing unusual in the syslog messages. After that I still can't change the default system policy. Also I have tried to manually fill the default policy fields, name and description, with the default values. After pressing "Save Policy and Exit" button I have got the "Duplicate policy name" error. I tried to save the policy with a custom name, still no luck. I rebooted the Firepower box, rebooted ASA - nothing changed. 

OK, it certainly appears you are doing everything correctly.

It is looking more and more like a bug in the system behavior. There isn't anything about that in the published release notes, but that isn't always conclusive.

Yeah...Anyway, I really appreciate for your support! I understand, that in such a situation opening a TAC case, instead of asking at public forum, is would be preferred and maybe the only one right step.

We're happy to help here, though it's a strictly volunteer setup.

Lots of times common (or even uncommon) problems are things that those of who work with this sort of thing regularly have seen many times before.

All right, thanks ) By the way, I'm not the only person who have faced with the similar problem. Anyway, I will try to fix the problem by myself with a help of Internet. I still have some time before to start the reimaging.

Have a nice evening!

I have the same issue after upgrading from 6.2.0.2 to 6.2.2-81. it persists through 6.2.2.2 ASA5555-X

Managing via ASDM, similar symptoms excluding the 'duplicate policy' message.

For me it appears to have reset the System Policy and lost SNMP settings. NTP and Access List are still working but show up blank in the Policy. Attempting to save the entries results in the 'Error Invalid Object type'

I have case opened with TAC.

URL Filtering lookups to the cloud also broke in the upgrade, but I'll detail that in a separate post once I get some answers.

Regards

Thanks for your input! It would be great if you will post an answer or a solution given by the TAC.

A couple of days ago I tried to fix the problem with manipulating withing MySQL database. Still no success. Finally, I decided to reinstall the module. I did install 6.2.2-81, then updated it to 6.2.2.2-109 and error is gone. So, in my opinion it seems to be that the error is tied to upgrade process, not to 6.2.2 as it is. Anyway, it's very interesting what TAC did/will say to John.

TAC did respond to say that the current 'solution' was to re-image the SFR.

He has sent the TS file and backup to engineering to see if they can provide a method to fix it without having to re-image.

As of Friday the current response was they have filed a defect for System Policy issue and escalated to engineering.

sharlino - following the re-image were you able to restore a backup or did you have to re-create your Firepower configuration from scratch over?

Thanks,

John

Hello John! Unfortunately I have a backup for 6.2.2.1, which is not qualified for 6.2.2.2. So, my only way is to recreate all the policies.

Hi, i have a same issue, Did the TAC answer something about a solution without re-imaging?