T15 upgrade to 12.5.5 with WSM 12.6.2 dvcp template failure to apply configuration

Here´s another one.

WSM server 12.6.2
T15 12.5.5 as a fully managed device

Applying a template gives a configuration error on the T15 device:
2020-08-25 21:31:23 dvcpcd Error line 8432:Element 'icmp-type': [facet 'enumeration'] The value '128' is not an element of the set {'0', '3', '4', '5', '8', '11', '12', '13', '14', '15', '16', '17', '18', '255'}. Debug
2020-08-25 21:31:24 dvcpcd **Error: Invalid configuration from server - Error line 8432:Element 'icmp-type': [facet 'enumeration'] The value '128' is not an element of the set {'0', '3', '4', '5', '8', '11', '12', '13', '14', '15', '16', '17', '18', '255'}. Debug
2020-08-25 21:31:24 dvcpcd **Error: Unable to save configuration updates from server Debug



  • Options

    Maybe ICMPv6 - Type 128 - Echo Request ?

  • Options
    edited August 2020

    @RVilhelmsen - Did you fix this? I am seeing it happen to a few of our T30's as well. Not sure if it's related or not but once a day I need to reboot one of the T30's in order for the branch to regain bovpn access

  • Options

    I have opened a case. So far i have only upgraded a single T15 until i know there is fix, but it has been running without issues for days.

    Maybe this release should have been labeled beta.

  • Options

    @RVilhelmsen When did you open the case? We had our M470 cluster upgraded as well and it caused a bunch of issues. We opened a case on that but not the T30s as of yet as the vpn connections are more important to clear up then rebooting one firebox once a day.

    Let me know please if you get anymore info on this. If my issue persists as well, i will open a case and post any findings

  • Options
    I opened my case friday. I Will post when i know more.
  • Options


    This is potentially related to a known issue, so please try the following steps:

    Change the device to Basic Managed Mode.
    Wait for the device to get the update to switch to Basic Managed Mode, and then switch back to Fully Managed Mode.

    This process causes the Management Server to pull a valid configuration and valid Ping policy template for the Fireware version that runs on the device.

    And it solves the issue.

  • Options

    Thanks for the update @RVilhelmsen

    I have done this with the main device having issues as well as another to see if it helps me. Hopefully it resolved your issue earlier today.

Sign In to comment.