Tuesday, July 3, 2018

Cisco FTD Remote Access VPN Certificate Issue

Hi!

I finally went and picked up a FMC for our FTD device. When I try to configure the RA-VPN I get this error when I try to deploy "need to enroll the Trust Point for this device."

I open the Devices->Certificates menu and add my self-signed certificate there and get this error

"Error: Unable to communicate to the device. Please check connectivity to the device from Firepower Management Center and retry the operation"

I can ping FTD->FMC No connectivity issues but if I reverse the ping FMC->FTD I do get around 60% packet loss for some reason.

The setup looks like this:

Internet----|FTD|----|SWITCH|----|FMC|

They both are in same subnet and I can ping both devices from a client PC on the same subnet without any packet loss. Even from the FMC to other devices. It's only FMC->FTD that causes packet loss.

I'm using FTD version 6.2.3.1 and Cisco Firepower Management Center for KVM v6.2.3. If I google that error message I find this https://quickview.cloudapps.cisco.com/quickview/bug/CSCvh68618

Any solutions for this? or wont I be able to use RA-VPN until this bugged is fixed?

I'm about to lose my mind with Cisco's Firewalls.



No comments:

Post a Comment