Buy or Renew
Buy or Renew
NEW! Stay up-to-date on Cisco Secure Access: Software Release Notes and Announcements
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1527
Views
10
Helpful
4
Replies

FMC tags valid URLs into Spam, Exploits or Malicious Sites

Go to solution
kish02
Level 1
Level 1

‎09-14-2022 10:32 PM

Hi,

Outbound traffic to the internet on our network are being blocked. FMC tags valid URLs into Spam or Malicious Sites or Exploits.

Im using FMC 7.0.1 (build 84) and FTD Version 7.0.1. Any idea? Thanks.

Sample logs

fmc logs.jpg

1 person had this problem
Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Jose-Net
Level 1
Level 1

‎09-16-2022 03:44 AM

Seems a problem with Snortv3 as per bug https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa85492

Ive reverted to Snortv2 and seems to have fixed the problem.

View solution in original post

4 Replies 4

Go to solution
marce1000
VIP
VIP

‎09-15-2022 03:36 AM

 

 - Check the URL filtering  policies : https://www.cisco.com/c/en/us/td/docs/security/firepower/630/configuration/guide/fpmc-config-guide-v63/url_filtering.html

 M.



-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
    When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '
0 Helpful

Go to solution
brewnet84
Level 1
Level 1

‎09-15-2022 07:50 PM

brewnet84_0-1663296407487.png

I am seeing the same thing running FTD 7.0.4 (build 55) and FMC of same version. I did a pending deployment and despite no changes actual deployed the categories flipped back and traffic started passing. I had been running these versions without issue for almost a week. The exact time I experienced this is 9/14 2pm - 7pm CST.

After

brewnet84_1-1663296608627.png

 

0 Helpful

Go to solution
Jose-Net
Level 1
Level 1

‎09-16-2022 03:44 AM

Seems a problem with Snortv3 as per bug https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa85492

Ive reverted to Snortv2 and seems to have fixed the problem.

Go to solution
Herald Sison
Level 3
Level 3
In response to Jose-Net

‎12-15-2022 03:35 AM

Hi Sir, In my situation i can revert to Snort 2 but i will also face the same problem with High Memory Utilization-Snort, that is the main reason why i upgraded to Snort 3. I have reached to TAC already and they suggested to upgrade to FMC and FTD 7.0.5. 

https://www.cisco.com/c/en/us/td/docs/security/firepower/70/relnotes/firepower-release-notes-700/bugs.html

Have you tried or experienced the 7.0.5? or anyone here experienced it? need some feedback on this version.

Thanks

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card