FMC Deploy Error Traffic will Never Match this Rule

Aref Alsouqi April 14, 2020 0 Comments

In this post I will show you how to fix the FMC deploy error traffic will never match this rule shown below. As the error states, that would happen when you try to deploy changes that are referring to an empty security zone. In this case, the error is complaining about the missing assignment of the interface to the outside security zone I used on the access control policy rule.

Here is the FMC error:

Here is the fix:

Go to Objects > Object Management > Interface and edit the interested security zone

Select the interested FTD appliance from the Available Interfaces list and select the interested interface, and click Add

Finally click on Save to save the changes and deploy again. This time the deployment should be successful.

This wraps up this post about the FMC traffic will never match this rule error.

Thank you for reading!

Posted in Blog, Firepower, FMC, FTD, Security

Tagged Cisco, Firepower, FMC, FTD

About the Author: Aref Alsouqi

I work as a security technical architect with exposure to different environments and different technologies. I love exploring the new technologies and going the extra mile to understand how they work behind the scenes. My main BAU focus areas are Cisco ISE, Firepower and AnyConnect.

View all post by Aref Alsouqi

FMC Deploy Error Traffic will Never Match this Rule

Go to Objects > Object Management > Interface and edit the interested security zone

Select the interested FTD appliance from the Available Interfaces list and select the interested interface, and click Add

Finally click on Save to save the changes and deploy again. This time the deployment should be successful.

About the Author: Aref Alsouqi

Related Posts

FTD Geolocation

ASA ‘The ID certificate associated with trust-point contains an Extended Key Usage (EKU) extension but without the Server Authentication purpose which is required for SSL use.’

AnyConnect Management Tunnel Disconnected (connect failed)