Can not see incoming connection events in FMC - Page 2

zmutlu · ‎06-09-2023

Hello,

I` am using FMC 7.0.5, connected Firepower 1120.

Test PC connected to Inside port of Firepower IPS, Outside port watching to the Internet, policy (logging configured) and routing configured. I can connect from the Internet to Test PC which is inside network, but I can not see any incoming connections In Analysis-Connections-Events and when I' am trying to ping 8.8.8.8 From Test PC which is inside this information is available in Connection Events and Intrusion Events menu.

Could you please navigate me, what do I have to check to see incoming events?

Thank you.

zmutlu · ‎06-09-2023

I`ve checked the link you`ve sent, added categories as shown there, deployed configuration to FTD. After created traffic to Test PC and from it, still no any records in Security Intelligence Events.

Marius Gunnerud · ‎06-09-2023

We have had several instances where this issue has presented itself. We fixed this by upgrading the FMC and subsequently FTD to a newer version (I would suggest the starred version listed in the downloads page on cisco.com)

--
Please remember to select a correct answer and rate helpful posts

ermiasnegash · ‎11-21-2023

we have fmc at 7.2.5 and ftd at 7.0.4 version. Do we need upgrade we face similar issue here

Marvin Rhoads · ‎11-22-2023

There's no issue managing FTD 7.0.4 with FMC 7.2.5 - they are quite compatible.Sometimes upgrades fix broken processes and cuase the issue to resolve "magically". However, this problem (assuming you have a registered device with ACP events properly set to log to FMC) usually is a result of some sort of database or process error. As such, it is best to troubleshoot it with the assistance of Cisco TAC.

zmutlu · ‎06-09-2023

@Rob Ingram I did that you propose to confirm traffic is routed through the FTD, yes, I can see traffic between on FTD.

Logging is on.