05-12-2016 08:34 PM - edited 03-12-2019 06:00 AM
Hi all,
After i set the traffic through the module and added the firepower device to the defense center . In analysis > context explorer , it shows me that no data.Can i see the traffic in the defense center?
Thank you
Solved! Go to Solution.
05-15-2016 09:32 PM
hi ankojha,
After i have removed those service policy .
The traffic looks the same.
05-15-2016 09:33 PM
05-16-2016 07:08 PM
hi !
is my traffic normal now?
01-24-2018 07:21 AM - edited 01-24-2018 07:25 AM
Hello,
I have the same problem.
I cant see if traffic is really being inspected and permitted.
I attach some outputs.
Traffic redirected to firepower module:
access-list sfr_redirect remark Firepower flow
access-list sfr_redirect extended permit ip 10.2.0.0 255.255.0.0 any
access-list sfr_redirect extended permit ip any 10.2.0.0 255.255.0.0
class-map sfr
match access-list sfr_redirect
policy-map global_policy
class sfr
sfr fail-open
I believe traffic is correctly redirected:
FW-ASA-RED-2# show conn
65 in use, 72 most used
UDP RED_1 225.3.50.1:7003 RED_TRANS_1 10.2.21.10:49298, idle 0:00:01, bytes 6605325, flags X
UDP RED_1 225.3.50.1:7003 RED_TRANS_1 10.2.21.41:52818, idle 0:00:02, bytes 6599658, flags X
UDP RED_1 225.3.50.1:7003 RED_TRANS_1 10.2.21.32:43335, idle 0:00:00, bytes 6910327, flags X
UDP RED_1 225.3.50.1:7003 RED_TRANS_1 10.2.21.31:37568, idle 0:00:00, bytes 6921793, flags X
UDP RED_1 225.31.0.1:7003 RED_TRANS_1 10.2.21.31:1999, idle 0:00:01, bytes 258128, flags X
UDP RED_1 225.31.0.1:7003 RED_TRANS_1 10.2.21.10:44191, idle 0:00:00, bytes 2648370, flags X
UDP RED_1 225.31.0.1:7003 RED_TRANS_1 10.2.21.32:1999, idle 0:00:01, bytes 258492, flags X
UDP RED_1 225.31.0.1:7003 RED_TRANS_1 10.2.21.60:7003, idle 0:00:00, bytes 2650434, flags X
UDP RED_1 225.31.0.1:7003 RED_TRANS_1 10.2.21.41:7003, idle 0:00:00, bytes 2650176, flags X
PIM RED_1 172.16.2.14 RED_TRANS_1 192.168.10.2, idle 0:00:00, bytes 3472539, flags
FW-ASA-RED-2# show service-policy sfr
Global policy:
Service-policy: global_policy
Class-map: sfr
SFR: card status Up, mode fail-open
packet input 22420, packet output 22420, drop 0, reset-drop 0
FW-ASA-RED-2#
And is correctly associated to firesight:
FW-ASA-RED-2# show module sfr details
Getting details from the Service Module, please wait...
Card Type: FirePOWER Services Software Module
Model: ASA5545
Hardware version: N/A
Serial Number: FCH2118799S
Firmware version: N/A
Software version: 6.2.2-81
MAC Address Range: 70df.2f32.bfda to 70df.2f32.bfda
App. name: ASA FirePOWER
App. Status: Up
App. Status Desc: Normal Operation
App. version: 6.2.2-81
Data Plane Status: Up
Console session: Ready
Status: Up
DC addr: 10.2.51.40
Mgmt IP addr: 10.2.51.31
Mgmt Network mask: 255.255.255.0
Mgmt Gateway: 10.2.51.1
Mgmt web ports: 443
Mgmt TLS enabled: true
FW-ASA-RED-2#
Firesight doesn't show any statistics:
Logging is enabled on ACL:
And here is my policy:
Don't know which is the problem and I don't know what to change to make it works.
Please help.
01-24-2018 08:46 AM
Have you applied the Protect + Control license to the device?
Is it correct to assume that Analysis > Connection Events also shows nothing?
01-24-2018 08:53 AM
Yes Marvin,
I have two ASAs (1 on routed mode and the other like transparent) on the firesight but can't see anything.
I have both firewalls licensed with Protection and Control.
Any help would be appreciated.
02-08-2018 12:49 AM
Hello,
Any ideas?
I still couldn't fix this
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide