Cisco FTD: Unable to update Default Domain in Group Policy

After deploying Remote Access VPN settings I’ve updated the default domain field under the Group Policy (GP) but got a deployment error.

Lina messages
ErrorCode: CFG-IN-PROGRESS Severity: error Description: com.cisco.ngfw.messages.DescriptionType@8b7c834
FMC >> clear configuration session OBJECT

I was able to update the domain with some random name but not the one I needed. I was also using AD for user authentication with LDAP mapping. Default domain and LDAP domain were the same and it appears it was creating some sort of conflict.

I’ve ended up creating a duplicate GP with proper default domain settings and was able to push it to FTD. Next, I’ve edited LDAP map under AAA settings to reference the new GP and this time change succeeded.

 

1 comments On Cisco FTD: Unable to update Default Domain in Group Policy

Leave a reply:

Your email address will not be published.

Site Footer

Sliding Sidebar