Hi,

I have an FTD 1120 managed by FMC,topology; I have 4 internet feeds going into the firewall (migrating down to 2) with multiple VRF's

Problem: i created a new VRF and added a leaked route to one of the internet feeds however I get the below error, 

Lina messages
FMC >> clear configuration session
FMC >> no strong-encryption-disable
FMC >> ssl dh-group group14
FMC >> dp-tcp-proxy
FMC >> policy-map global_policy
FMC >> class class-default
FMC >> class inspection_default
FMC >> exit
FMC >> crypto isakmp nat-traversal
FMC >> tunnel-group 51.141.124.133 ipsec-attributes
FMC >> ikev2 route accept any
FMC >> exit
FMC >> vpn-addr-assign local
FMC >> access-group CSM_FW_ACL_ global
FMC >> vrf BT-POC
FMC >> vrf BT-POC
FMC >> description CJ test
FMC >> address-family ipv4
FMC >> exit-address-family
FMC >> address-family ipv6
FMC >> exit-address-family
FMC >> exit
FMC >> interface Ethernet1/3.808
FMC >> vrf forwarding BT-POC
FMC >> vlan 808
FMC >> nameif BT-Egress-POC-LAN
Inet02 -Pri >> info : INFO: Security level for "BT-Egress-POC-LAN" set to 0 by default.

FMC >> no shutdown
FMC >> exit
FMC >> mtu BT-Egress-POC-LAN 1500
FMC >> time-range timezone tzname 0 00
FMC >> time-range summer-time tzname date Mar 27 2022 01:00 Oct 30 2022 02:00 60
FMC >> route vrf BT-POC Civic-Internet-BT 0.0.0.0 0.0.0.0 1
Inet02 -Pri >> error : ERROR: Cannot add route entry, conflict with existing routes
Config Error -- route vrf BT-POC Civic-Internet-BT 0.0.0.0 0.0.0.0 1

If i SSH into the firewall and issue the show route vrf BT-POC, the default route show the interface im expecting (but only if i increase the metric) 

I dont understand why in a clean VRF when i add one of the interfaces the deployment fails thinking it already has a route, it doenst