Cisco Firepower 1100 Started Manual page 152

Hide thumbs Also See for Firepower 1100:

Getting started manual (178 pages)

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

Table Of Contents

177

page of 177

/ 177
Contents
Table of Contents
Bookmarks

Table of Contents

Roll Back the Configuration if the FMC Loses Connectivity

last-deployed configuration so you can restore management connectivity. You can then adjust the configuration

settings in FMC so that the network connectivity is maintained, and re-deploy. You can use the rollback

feature even if you do not lose connectivity; it is not limited to this troubleshooting situation.

See the following guidelines:

• Only the previous deployment is available locally on the FTD; you cannot roll back to any earlier

deployments.

• Rollback is not supported for High Availability or Clustering deployments.

• The rollback only affects configurations that you can set in FMC. For example, the rollback does not

affect any local configuration related to the dedicated Management interface, which you can only configure

at the FTD CLI. Note that if you changed data interface settings after the last FMC deployment using

the configure network management-data-interface command, and then you use the rollback command,

those settings will not be preserved; they will roll back to the last-deployed FMC settings.

• UCAPL/CC mode cannot be rolled back.

• Out-of-band SCEP certificate data that was updated during the previous deployment cannot be rolled

back.

• During the rollback, connections will drop because the current configuration will be cleared.

Before you begin

Model Support—FTD

Procedure

Step 1

At the FTD CLI, roll back to the previous configuration.

configure policy rollback

After the rollback, the FTD notifies the FMC that the rollback was completed successfully. In FMC, the

deployment screen will show a banner stating that the configuration was rolled back.

If the rollback failed, refer to

215258-troubleshooting-firepower-threat-defense.html

rollback can fail after FMC management access is restored; in this case, you can resolve the FMC configuration

issues, and redeploy from FMC.

Example:

> configure policy rollback

The last deployment to this FTD was on June 1, 2020 and its status was Successful.

Do you want to continue [Y/N]?

Rolling back complete configuration on the FTD. This will take time.

.....................

Policy rollback was successful on the FTD.

Configuration has been reverted back to transaction id:

Following is the rollback summary:

...................

Cisco Firepower 1100 Getting Started Guide

150

https://www.cisco.com/c/en/us/support/docs/security/firepower-ngfw-virtual/

for common deployment problems. In some cases, the

Firepower Threat Defense Deployment with a Remote FMC

Table of Contents

Show Quick Links

Quick Links:
(Optional) Change Management Network Settings at...

Hide quick links:

Table of Contents

Cisco Firepower 1100 Started Manual page 152

Hide quick links:

Related Manuals for Cisco Firepower 1100

Related Products for Cisco Firepower 1100

Table of Contents