Firepower 8120 - No host recorded

dharma_pr · ‎09-27-2017

I'm deploying IPS firepower 8120, the topology in internet segment: core switch -- mikrotik -- IPS Firepower -- WAN Optimizer -- Firewall -- Internet.

Why in network map/host cannot discover host/ip address that throught the IPS? while in connection event all traffic can viewed and function of intrusion and AMP can work properly, such us block malware. need help about this case

thanks

Marvin Rhoads · ‎09-27-2017

Have you created a network discovery policy and defined your HOME_NET and EXTERNAL_NET objects?

dharma_pr · ‎10-02-2017

Hi Marvin,

I already created network discovery policy, but still no one host discovered. Then after I create topology, in network map/host have recorded. which is still confusing, why I have made the 0.0.0.0/0 rule still can not be recorded

Marvin Rhoads · ‎10-03-2017

Can you share a screen shot of your access control policy to confirm that it is set to log connections and also a screenshot of your network discovery policy?

Also please check to ensure that your FMC host limit has not been exceeded. (System > Licenses > Classic Licenses)

dharma_pr · ‎10-05-2017

Hi Marvin,

for log connection I set "end of connection"and the host limit still avaiable. This case already solved after i created the topology-> add network. Thank you for your attention