Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
5386
Views
0
Helpful
5
Replies

FPR 4100 Snort Memory high Utilization

Go to solution
behrouz6408021
Level 1
Level 1

‎05-10-2021 09:21 AM

Hello

I have two Cisco FPR 4110 with FTD version 6.7

My problem is Memory used by snort even when there is no many traffic on firepower .

my configuration in the firepower are IPS with recommendation enabled  and SSL Policy for traffic incoming from outside to my Server Zone and ACL Policy about 200

 

thank you for help me

 

2 people had this problem
Preview file
13 KB
Preview file
52 KB
Preview file
74 KB
Preview file
64 KB
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Milos_Jovanovic
VIP Alumni
VIP Alumni

‎09-24-2021 02:04 AM

HI @behrouz6408021,

I would start with upgrading all of the components to more recent versions (patching to 6.7.0.2, VDB and SRU, and don't forget to check FXOS and Firmware).

If that doesn't help, I wold proceed with TAC case. There is an info in the release notes that bug CSCvt34894 is fixed in 6.7.0 (which looks like behvior you are facing), but we already saw that certain bugs are getting back with newer releases.

BR,

Milos

View solution in original post

0 Helpful
5 Replies 5

Go to solution
info@songohan.ch
Level 1
Level 1

‎09-23-2021 06:07 AM

Is there a Solution, i also have the same Hardware with the same  Release 6.7.

It startet after a Reboot from FTD and FMC.

0 Helpful

Go to solution
Milos_Jovanovic
VIP Alumni
VIP Alumni

‎09-24-2021 02:04 AM

HI @behrouz6408021,

I would start with upgrading all of the components to more recent versions (patching to 6.7.0.2, VDB and SRU, and don't forget to check FXOS and Firmware).

If that doesn't help, I wold proceed with TAC case. There is an info in the release notes that bug CSCvt34894 is fixed in 6.7.0 (which looks like behvior you are facing), but we already saw that certain bugs are getting back with newer releases.

BR,

Milos

0 Helpful

Go to solution
Herald Sison
Level 3
Level 3
In response to Milos_Jovanovic

‎10-20-2022 07:20 PM

hi Sir, i have this bug even i am using 7.0.4-55 version of my FTD via FMC

0 Helpful

Go to solution
ConSupport
Level 1
Level 1
In response to Herald Sison

‎02-05-2023 11:39 PM

Did you got the solution?

0 Helpful

Go to solution
Herald Sison
Level 3
Level 3
In response to ConSupport

‎02-06-2023 08:17 AM

Hi Sir, i just upgraded my snort version 2 to version 3 and the high memory utilization is now normalize but other bugs came out particularly the Access Control Policy in URL blocking categories (phishing, malicious sites and malwares) once i enabled these categoriea all sites will be blocked. So far right now i have upgraded my FTD version to 7.0.5 and almost 5 days now i have not yet experienced any problem in terms of url blocking. Fingers crossed!

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card