Hello everyone, Maybe this is a strange question: I have a firepower 7115 with inline pair in and out between two non Cisco firewalls which are running carp interfaces. I have checked the connection events on the FMC but can’t see the multicast carp traffic(heartbeat). When I make a capture on the firepower I can see the traffic passing through the box as expected. (Source IP Interface of master -> DestIp 224.0.018) Can someone explain why this traffic isn’t logged by the firepower ?
Thank you for your message and your questions on my initial question. I was able, through some trial and error + reading, to understand why I could not see the muticast traffic. The logging was activated for that particular traffic. However, on my slightly older Firepower 7115, it only logs at the start or end of a connection but not the constant stream. So it is not possible to see the traffic after initialization or before termination of the connection.