Loading...
Loading...
Upon attempting to restore a unified backup file to a Secure Firewall Management Center (FMC), the following error may appear in the task notification area of the GUI for the restore task (replace [backup archive] with the file name for the backup file)... --- Restore (On Demand) Restore File: [backup archive] Unable to restore files --- The "Disk Usage" health module on the FMC indicates that the root partition of the filesystem (mounted at /) is at 100 percent usage with no space available. For example, for a virtual FMC... --- / using 100%: 3.6G (0 Avail) of 3.6G ---
The FMCs are in high availability, running major software version 7.4 or later. The combined conditions for the only way to generate a unified FMC backup (which one can use to restore either FMC of the FMC HA pair) were present running the FMC backup profile: * The FMC backup profile is for a configuration-only backup (with neither events nor Threat Intelligence Director selected). * The FMC backup profile was run from the active FMC. Each FMC has a remote storage device configured for use with backups (in the FMC GUI: System > Configuration > Remote Storage Device) -- and the running of the backup profile makes use of this remote storage. This should not be confused with the "Copy when complete" (version 7.4) or "Configure External Storage" (version 7.6 or later) option within the backup profile itself. When attempting to restore the unified FMC backup, the FMC on which the backup was generated has been selected for restoration. For example, if the primary FMC was active at the time the unified FMC backup was generated, this condition would involve attempting to restore the primary FMC from the unified FMC backup. The amount of disk space available in the root partition of the file system (mounted at /) is less than 45 percent of the size of the unified FMC backup file. For example, if the unified FMC backup file were 4.8 GB in size, the root partition may run out of space while restoring the backup if it had less than about 2.16 GB of space available before starting the restore process.
Ask Cisco TAC for a procedure that will allow for successful restoration of the existing backup to the target FMC. Please note that this will require re-imaging (or, in the case of virtual/cloud, re-deploying) the FMC before attempting the restore process again for the highest assurance of reliability for the target FMC.
After an attempt to restore from a unified FMC backup fails due to this defect, expect to not be able to initiate a new GUI or CLI session at all. Further recovery would require re-imaging/re-deploying the FMC. This problem is more likely to happen on virtual FMCs (or FMCs running on public cloud platforms that support FMC HA) than on hardware FMCs. This problem does not affect attempts to restore from the unified FMC backup the FMC of the HA pair that was standby at the time the unified FMC backup was generated. It also does not affect the restoration of any FMC backups that were taken to the FMC's local storage.
Cisco Integration
Learn more about where this data comes from
Bug Scrub Advisor
Streamline upgrades with automated vendor bug scrubs
BugZero Enterprise
Wish you caught this bug sooner? Get proactive today.