Using CLI to Resolve Device Registration in Management Center High Availability

If automatic device registration fails on the standby management center, but appears to be registered to the active management center, complete the following steps:

Warning

If you do an RMA of secondary management center or add a secondary management center, the managed devices are unregistered, and their configuration can get deleted as a result.

Procedure

Step 1

Delete the device from the active management center. See Delete (Unregister) a Device from the management center in Cisco Secure Firewall Management Center Device Configuration Guide.

Step 2

Complete the following steps to trigger automatic registration of the device on the standby management center:

  1. Log in to the CLI for the affected device.

  2. Run the CLI command: configure manager delete .

    This command disables and removes the current management center.

  3. Run the CLI command: configure manager add .

    This command configures the device to initiate a connection to a management center.

    Tip

    Configure remote management on the device, only for the active management center. When you establish high availability, the devices are automatically registered to the standby management center.

  4. Log in to the active management center and register the device.

Step 3

If the standby management center is behind NAT, complete the following steps to edit the hostname of the standby management center:

  1. Access the threat defense shell and use the show managers command to get the standby management center entry identifier value.

  2. In the threat defense shell, edit the standby management center hostname to the public IP address. Execute the configure manager edit <standby_uuid> hostname <standby_ip> command using the entry identifier value and the host IP address.