Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
I wanted to see if anyone has any suggestions or has come across issues with redirecting multicast traffic through the firepower module. I followed the standard process to redirecting traffic to the module by creating an acl then a class map and then...
Hello, I am having issues troubleshooting why the Cisco FirePower 2140 is dropping almost all Multicast frames. The way we have this set up is we have a device that is generating the Multicast Traffic and we have a Firepower 2140 that is configured w...
Hello, I am working on an ASA 5555x with a firepower module. I am struggling to determine if my configurtation is working in regards to traffic making it to the module and back out to the ASA. What i am attempting to achieve here is all traffic comin...
We are doing some testing with firewalls and are trying to connect a Firepower 2140 to an FMC server. I ran into a versioning issue where the FMC is requiring the firepower to have a version above 6.4.0. The current device i have is on version 6.3.0....
I have an ASA 5555 running version 9.8 and ASDM 7.8(2). I am looking to see if anyone can point me to any firewall features on the ASA that resemble IDS functionality. Because I have zones enabled on the firewall, thread detection is disabled. Other ...
ASA is in router mode. the following are the configs for redirecting class-map mcast
match any
policy-map global_policy
class mcast
sfr fail-close
service-policy global_policy global
I am thinking that perhaps the processing of the Multicast traffic is being done differently than standard TCP traffic. Perhaps on one of the dataplanes and that plane is unable to process that much traffic. Does anyone know where Multicast traffic i...
I tried adding a pre-filter rule for the multicast traffic and applying that pre-filter rule to the Access Control Policy. This for what ever reason causes the Ports on the FirePower to shut down and while it allowed a bit more traffic its still loos...
We have the items described in the document above configured. Multicast Routing is enabled, the Join Group is created for the 4 interfaces that we use. I have an ACL that is permitting those interfaces/zones to talk to the 239.0.1.2 IP. Some of the f...
This worked perfectly. I was able to tweak the firepower access controll rules and starting out with clear counters helped a lot and things are properly incrementing packet wise. Thank You
