Symptom

On a virtual or physical device managed by the Firepower Device Manager (FDM), if a user updates the SRU package -manually or automatically-- (SRU version: - Sourcefire_Rule_Update-2018-07-23-001 or newer), subsequent deployments will fail.

Conditions

When a user tries to perform SRU update with latest SRU version or if it is being updated as part of scheduled updates, deployment fails.

Workaround

Workaround: Login to the FTD console and access the expert mode then: # Get admin privileges sudo su cd /var/sf/SRU #Show the available SRU package. You will see 2 packages ls -lrt # Remove the latest SRU package from the directory. Filename shown below is an example rm Sourcefire_Rule_Update-2018-07-23-001-vrt.sh # Make sure only one package remains in the directory and it's older than 2018-07-23-001 ls -lrt #Execute the following command:- echo "-f" > /ngfw/var/cisco/ngfwWebUi/clisyncer/sru/sru Note: - 1. This will trigger a force install of the last good SRU version and also trigger an automatic deployment. To confirm that a task is scheduled please check the Task list in the UI for successful deployment (there could be some delays). 2. To avoid getting back into the same failed state, please do not use the 2018-07-23 update and move directly to SRU 2018-07-30 or later release

Further Problem Description