Hi Marvin,

We have total of around 1000 users.

Say around 100 VPN users.

So how does Defence center maintain count hosts limit?

Lets say if all users connected at same time then we have total 1100 users with different IP addresses.

Regards

MAhesh

we had a similar issue last week and it was triggered but excesive amount of internal hosts trying to reach a Domain controller that we had removed the route to, so it was taking the default route out to the internet. we had to blackhole that traffic and set the variables to prevent it from happening. 

Hi Marvin,

Does Defence Center treats host IP address of user PC and  users  as different things.

If we add IP address that is host and user say smith thats what DC count to check the host limit?

Regards

MAhesh

Many thanks Marvin i got it now.

Regards

Mahesh

Hi Marvin,

We are getting the below error.

module firesight host limit :you have 0 out of 50000 firesight host licenses remaining.

In our network total number of inside users are 100 and 100 VPN users but the alert showing all 50000 host licenses completed.

Exactly what does mean....

Will it effect any performance issue if all host licenses are completed.

Kindly help.

Thanks and regards,

Ashok

[@s.ashokkumar]  

Have you licensed your FireSIGHT Management Center? I assume you are running Version 5.4 or earlier. That errror will appear if you haven't installed the management center license.

Hi Marvin,

We are using 6.0 FMC version and when we enter the management license key, it was showing the error that "firesight licenses no longer required for firepower management center version 6.0 and later"

Kindly find the attached document.

Thanks and regards,

Ashok

That's correct. FMC 6.0 is the start of transition to Smart Licenses. Part of that is no longer requiring application of a classic style license to the management center.

You still should not be seeing 0 remaining though. I suspect this is a cosmetic non-impactful bug. I'd recommend you open a TAC case to confirm.

My 6.0.1 server shows the correct number but it started out as a 5.x server with classic license type and was upgraded several times over the years.

Hi,

i have ASA5545 with firepower, some days the shown following message"Critical Modules:1,Normal Modules:20,Disabled Modules:9
Module FireSIGHT Host License Limit: You have 0 out of 50000 FireSIGHT host licenses remaining"

what is this?

it's not monitored new traffic?

How can we solve this issue?

please suggest..... 

thanks in advanced......

Have you set the HOME_NET and EXTERNAL_NET variables so that host discovery knows not to treat every Internet host as something to be discovered and counted?

If not, please refer here for instructions:

http://www.cisco.com/c/en/us/td/docs/security/firepower/601/configuration/guide/fpmc-config-guide-v601/Reusable_Objects.html#ID-2243-000004e1

Hi Marvin,

Hope you are good

We put variable set according to your provided document. But get Critical Error: Module FireSIGHT Host License Limit again.

please help about this issue.......

Thanks in advanced......

If you have defined the variable set correctly it is possible you have not defined the internal networks in the Network Discovery policy.

Goto : Policies > Network Discovery and define the internal networks you would like discover. It defaults to 'any' so I would create a network group object with all the networks you would like to include and assign it to the networks discovery policy.

To speed up the process of clearing out the external networks goto the Advanced tab and temporarily reduce the 'Network Discovery Data Storage Settings' to a lower value (maybe 5 minutes) then after that time has passed you should have the host count back within the license limit so then extend it again back to what it was previously (10800 minutes default of a week.)