Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2402
Views
0
Helpful
4
Replies

CSM (Cisco Security Manager) 4.10 error discovering ASA with service-policy

Go to solution
lbenigni
Level 1
Level 1

‎04-20-2016 06:21 AM - edited ‎02-21-2020 05:47 AM

Hello,

I have a problem regarding CSM 4.10 and ASA. When I try to discover an ASA from CSM I receive two Internal errors:

Policy Discovery Failed: com.cisco.nm.vms.discovery.DiscoveryException: Internal Error

Exception importing policy group: id = 7992934205670, type = PG.FIREWALL.InspectRule, name = .fw-namePG.FIREWALL.InspectRule.

If I remove the line "service-policy global_policy global", everything works fine.

I tested ASA 5505 (7.2.5) and ASA 5512X (9.1.6.11).

Any suggestions?

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
alpaezca
Cisco Employee
Cisco Employee
In response to lbenigni

‎05-13-2016 03:00 AM

Hello,

You can try with the following solution, please do a Backup of the CSM Database prior to apply it, just in case

1. Stop the daemon manager.

2. Reset the password for the "vms" database.

To do this, open a command prompt in CSCOpx/bin directory and issue the following command "perl dbpasswd.pl dsn=vms npwd=admin" 

** This will reset the DB password to "admin".

3. Connect to the DB using the dbisqlc program. 

4. Execute the following query.

5. Commit the changes:

Type "commit" in dbisqlc and press "execute".

6. Close the dbisqlc tool and restart the daemon manager.

Let me know how everything goes, and In case the issue persist, then open a case with TAC

View solution in original post

0 Helpful
4 Replies 4

Go to solution
alpaezca
Cisco Employee
Cisco Employee

‎04-29-2016 04:00 PM

Hello,

When did you start running into this issue? is a new installation or did you upgrade CSM Database from 4.8 or 4.9 to 4.10?

Please check the following bug CSCuz33931

0 Helpful

Go to solution
lbenigni
Level 1
Level 1
In response to alpaezca

‎05-05-2016 01:03 AM

Hello Alejandra,

it's an upgrade from 4.2.1 and I followed the entire upgrade path.

I looked at the bug you mentioned and I tried to do the upgrade to version 4.11, but I found another bug (CSCuz41194) and the first problem continues.

Is it possible to have a definitive solution?

Thank you

0 Helpful

Go to solution
alpaezca
Cisco Employee
Cisco Employee
In response to lbenigni

‎05-13-2016 03:00 AM

Hello,

You can try with the following solution, please do a Backup of the CSM Database prior to apply it, just in case

1. Stop the daemon manager.

2. Reset the password for the "vms" database.

To do this, open a command prompt in CSCOpx/bin directory and issue the following command "perl dbpasswd.pl dsn=vms npwd=admin" 

** This will reset the DB password to "admin".

3. Connect to the DB using the dbisqlc program. 

4. Execute the following query.

5. Commit the changes:

Type "commit" in dbisqlc and press "execute".

6. Close the dbisqlc tool and restart the daemon manager.

Let me know how everything goes, and In case the issue persist, then open a case with TAC

0 Helpful

Go to solution
lbenigni
Level 1
Level 1
In response to alpaezca

‎05-13-2016 03:00 AM

Hello,

the solution you mentioned worked perfectly!
I have attached a file with the steps.
Many thanks

Leonardo

Preview file
12349 KB
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card