Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
821
Views
0
Helpful
2
Replies

Issue Adding Sourcefire Module to Defence Centre - ASA 5512-X

Go to solution
petenixon
Level 3
Level 3

‎05-12-2015 05:08 AM - edited ‎03-10-2019 06:22 AM

Hi guys,

I'm currently having problems adding an SFR module to defence centre, the error received is not very descriptive (please check connectivity).

I have deployed SFR in my network as follows:

ASA 5512-X HA Active/Standby

interface GigabitEthernet0/1.31
 vlan 31
 nameif inside-core
 security-level 100
 ip address 10.31.250.10 255.255.0.0

interface Management0/0
 management-only
 nameif management
 security-level 100
 ip address 192.168.224.1 255.255.255.224

same-security-traffic permit inter-interface
same-security-traffic permit intra-interface

Global ACL allowing ip any to any

Layer 3 switch connected to both the management and inside interfaces:

int vlan 900
ip address 192.168.224.3 255.255.255.240

int vlan 31
ip address 10.31.250.20 255.255.0.0

Sourcefire module has been configured to use the layer 3 interface as its default gateway and I can ping from the SFR module to its gateway and the sourcefire server.

Sourcefire server is running 5.3.1 and the module is running 5.3.1-155.

Module has had the manager configured using IP and registration key, which matches on the server. The server also has the correct number of licenses installed.

I would really appreciate any assistance on this as I really can't see where the problem might be, the last thing I need to try is to disable failover...

 

Thanks all.

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Pavel Trinos
Level 1
Level 1

‎05-12-2015 11:44 AM

SSH into the sensor and run commands:

show managers     (make sure that host IP is proper and registration is Pending)

show network    (you have a SM mismatch, make sure you match it)

 

 

Verify that you routing is symmetric, I've had issues with that too.

Try to add sensor by IP (is you are using FQDN)

 

View solution in original post

0 Helpful
2 Replies 2

Go to solution
Pavel Trinos
Level 1
Level 1

‎05-12-2015 11:44 AM

SSH into the sensor and run commands:

show managers     (make sure that host IP is proper and registration is Pending)

show network    (you have a SM mismatch, make sure you match it)

 

 

Verify that you routing is symmetric, I've had issues with that too.

Try to add sensor by IP (is you are using FQDN)

 

0 Helpful

Go to solution
petenixon
Level 3
Level 3
In response to Pavel Trinos

‎05-12-2015 02:43 PM

Thanks Pavel, that's exactly what I found. Assymetric routing issue was causing the problem.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card