Symptom
On Firepower Threat Defense High-Availability (HA) setup, the secondary device in the HA pair may go into disabled state due to an app-sync failure after upgrading to version 6.4.0.9.
Conditions
Upgrading a Firepower Threat Defense High Availability pair to version 6.4.0.9.
Workaround
(1)Trigger a new Deployment to the HA-pair using FMC-GUI
-This deployment will be done only on active node(as other node is in failed state)
-Once the deployment succeeds, goto next step
(2)On the failed node suspend HA using "configure high-availability suspend"
> configure high-availability suspend
Please ensure that no deployment operation is in progress before suspending high-availability.
Please enter 'YES' to continue if there is no deployment operation in progress and 'NO' if you wish to abort: YES
Successfully suspended high-availability.
(3)On the same node, resume HA using "configure high-availability resume"
> configure high-availability resume
Successfully resumed high-availablity.
(4)HA should be re-established now.
> show failover | include host
This host: Primary - Standby Ready
Other host: Secondary - Active
Further Problem Description
