Re: Firepower Outside Port Drop Bug

dewey89 · ‎01-08-2020

I'm posting this to find out if anyone else has experienced this problem and to notify others of a possible bug that can shut your Firepower connection down.

This is the third time now that the Outside port of our Firepower Suite has disconnected from our service provider. Each time this has happened I've been running packet captures using the vFMC gui.

I think the action that I'm doing when the port disconnects is that I clear or delete the capture without pausing or stopping the capture first.

SETUP

Two FP2110 Firepower devices configured in an HA pair.

One virtual FMC appliance hosted on a vCenter 6.7 cluster with UCS hardware.

Running a capture shouldn't cause the outer port to disconnect. The fix has been to disable and re-enable the port.

Several people have told me I should just use the command line to run captures, but that's another story.

I've opened a ticket with Cisco, but in the mean time I wanted to find out how wide spread this might be. This has happened to us using 6.2.0.3 code and now 6.3.0.3. We've been told to upgrade to 6.4.0.4 to see if that will fix it.

Please share any experience you may have seen and I'll let you know when it gets fixed.

nspasov · ‎01-09-2020

This does sound like a potential defect. Version 6.4.0.4 is the current recommended release, so it is definitely a good idea to upgrade to it. However, you have taken the correct path here by opening a TAC case. Please let us know what TAC comes back with.

Thank you for rating helpful posts!

dewey89 · ‎04-01-2020

Our upgrade from 6.3.0.3 to 6.4.0.7 was successful and resolved the issues we were seeing.