The issue may just be how the firebox and management server communicate in fully managed mode.

The management server holds the policy manager config locally when fully managed.

If you connect to a firebox directly, and then open Policy Manager, the cert list is what was pulled from the Firebox when policy manager is opened. Policy manager will query the firebox and pull the active certs and populate that list.

With fully managed, the policy manager does not actively pull information from the Firebox, it's all stored on the management server.


how to fix
-------------
>> To get the policy manager to update. We need to flip the device from fully managed mode to basic. Then back to fully managed.
>> When going from basic managed mode to fully managed mode, the policy manager on the management server will pull from the firebox to update the config and pull an updated list.
>> If we do that, we see it updated.

computer2know :: thank you for your visit :: have a nice day :: © 2024