09-27-2017 01:37 AM - edited 02-21-2020 06:22 AM
I'm deploying IPS firepower 8120, the topology in internet segment: core switch -- mikrotik -- IPS Firepower -- WAN Optimizer -- Firewall -- Internet.
Why in network map/host cannot discover host/ip address that throught the IPS? while in connection event all traffic can viewed and function of intrusion and AMP can work properly, such us block malware. need help about this case
thanks
09-27-2017 04:46 AM
Have you created a network discovery policy and defined your HOME_NET and EXTERNAL_NET objects?
10-02-2017 07:30 PM
Hi Marvin,
I already created network discovery policy, but still no one host discovered. Then after I create topology, in network map/host have recorded. which is still confusing, why I have made the 0.0.0.0/0 rule still can not be recorded
10-03-2017 01:22 AM
Can you share a screen shot of your access control policy to confirm that it is set to log connections and also a screenshot of your network discovery policy?
Also please check to ensure that your FMC host limit has not been exceeded. (System > Licenses > Classic Licenses)
10-05-2017 04:24 AM - edited 10-05-2017 04:25 AM
Hi Marvin,
for log connection I set "end of connection"and the host limit still avaiable. This case already solved after i created the topology-> add network. Thank you for your attention
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide