Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
486
Views
2
Helpful
4
Replies

Questions about network discovery in FTD 7.4.2.2 (build 28) and FMC7.6

Ditter
Level 4
Level 4

‎03-09-2025 04:08 AM

Hi to all,

i have activated network discovery policy for some vlans that are in the inside network off the FTD.

However when i add these vlans as part of the discovery process i get an FTD warning that you can see in the attached png.

It is like that you can not have routable IPv4s and/or IPv6 as part of the discovery process and only for RFC1918 you do not get warnings.

Why is this warning?  

In addition when i add all these vlans as part of the discovery process and then go to Analysis--> Network Map it shows a fake number of hosts 10K hosts (there are not so many hosts) , and in addition it shows for every class C subnet that there are 255 , 256 hosts which is not true.  Please refer to the second png to see what i mean.

Any ideas how i can improve Network Discovery for my existing hosts?  And get real results?  

Thanks

Ditter.

Preview file
10 KB
Preview file
11 KB
0 Helpful
4 Replies 4

Marvin Rhoads
Hall of Fame
Hall of Fame

‎03-11-2025 06:31 AM

Are you adding the actual subnets or a supernet? My network map appears correct when discovering the actual subnets inside my firewall (directly attached or otherwise).

Ditter
Level 4
Level 4
In response to Marvin Rhoads

‎03-11-2025 07:00 AM

Hi Marvin!

No i am adding them as different subnets (that is objects that i have created) .  I haven't tried to add them as a supernet.

Strange to get this warning , it is as it not advisable to hav real subnets in your inside zones and only RFC1918 are "acceptable".

 

 

0 Helpful

Marvin Rhoads
Hall of Fame
Hall of Fame
In response to Ditter

‎03-12-2025 08:54 AM

I agree the warning language could be improved. I added a test public /24 in my FMC discovery policy and did not see any hosts added in the network map. Is it possible that you have an NMAP scan configured?

Ditter
Level 4
Level 4
In response to Marvin Rhoads

‎03-13-2025 07:36 AM

Hi Marvin,

so what i discovered about the "existence" of non existent discovered hosts:

The so called "discovered" hosts were not real  because i noticed that the MAC address was not belonging to a specific host but it was the mac address of the upstream GW of the FTD. I really do not know the reason about it.

So i decided to start with a new discovery after purging all discovery events.  Now i seem to get the correct results. 

Thanks again Marvin,

Ditter

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card