the configure network management-data-interface command, and then you use the rollback command,
those settings will not be preserved; they will roll back to the last-deployed FMC settings.
• UCAPL/CC mode cannot be rolled back.
• Out-of-band SCEP certificate data that was updated during the previous deployment cannot be rolled
back.
• During the rollback, connections will drop because the current configuration will be cleared.
Before you begin
Model Support—FTD
Procedure
Step 1 At the FTD CLI, roll back to the previous configuration.
configure policy rollback
After the rollback, the FTD notifies the FMC that the rollback was completed successfully. In FMC, the
deployment screen will show a banner stating that the configuration was rolled back.
If the rollback failed, refer to https://www.cisco.com/c/en/us/support/docs/security/firepower-ngfw-virtual/
215258-troubleshooting-firepower-threat-defense.html for common deployment problems. In some cases, the
rollback can fail after FMC management access is restored; in this case, you can resolve the FMC configuration
issues, and redeploy from FMC.
Example:
> configure policy rollback
The last deployment to this FTD was on June 1, 2020 and its status was Successful.
Do you want to continue [Y/N]?
Y
Rolling back complete configuration on the FTD. This will take time.
.....................
Policy rollback was successful on the FTD.
Configuration has been reverted back to transaction id:
Following is the rollback summary:
...................
....................
>
Step 2 Check that the management connection was reestablished.
In FMC, check the management connection status on the Devices > Device Management > Device >
Management > FMC Access Details > Connection Status page.
At the FTD CLI, enter the sftunnel-status-brief command to view the management connection status.
If it takes more than 10 minutes to reestablish the connection, you should troubleshoot the connection. See
Troubleshoot Management Connectivity on a Data Interface, on page 151.
Cisco Firepower 1010 Getting Started Guide
157
Firepower Threat Defense Deployment with a Remote FMC
Roll Back the Configuration if the FMC Loses Connectivity
To Next Page
Loading...
Need help?
General