Skip to main content

 

 

Cisco Defense Orchestrator

Resolve Configuration Conflicts

Resolve "Not Synced" Status

Use the following procedure to resolve a device with a "Not Synced" Configuration Status:

  1. Open the Devices & Service page. Note the name and IP address of the device that is Not Synced.
  2. Select the device reported as Not Synced.
  3. In the Not synced panel to the right, select either of the following:
  • Preview and Deploy... -If you want to push the configuration change from CDO to the device, Preview and deploy the changes you made now, or wait and deploy multiple changes at once. 
  • Discard Changes -If you do not want to push the configuration change from CDO to the device, or you want to "undo" the configuration changes you started making on CDO. This option overwrites the configuration stored in CDO with the running configuration stored on the device.  

Resolve "Conflict Detected" Status

CDO allows you to enable or disable conflict detection on each live device. If conflict detection is enabled and there was a change made to the device's configuration without using CDO, the device's configuration status will show Conflict Detected

To resolve a "Conflict Detected" status, follow this procedure:

  1. Select Devices & Services from the navigation bar.
  2. Select the device reporting the conflict and click Review Conflict in the details pane on the right. 
  3. In the Device Sync page, compare the two configurations by reviewing the highlighted differences. 
  • The panel labeled "Last Known Device Configuration" is the device configuration stored on CDO.
  • The panel labeled "Found on Device" is the configuration stored in the running configuration on the ASA.  
  1. Resolve the conflict by selecting one of the following:
  • Accept Device changes: This will overwrite the configuration and any pending changes stored on CDO with the device's running configuration.
        Note: As CDO does not support deploying changes to the Cisco IOS devices outside of the command line interface, your only choice for a Cisco IOS device will be to select Accept Without Review when resolving the conflict. 
  • Reject Device Changes: This will overwrite the configuration stored on the device with the configuration stored on CDO. 

Note: All configuration changes, rejected or accepted, are recorded in the change log. 

Related Topics