Cisco Cisco Firepower Management Center 2000 Notas de publicación
Firepower System Release Notes
For Assistance
43
Rarely, during booting of the Firepower 9300, it may fail to initialize and become operational. When this
happens the device will automatically reboot. No interaction is required, the device will become operational
after the successful boot attempt. (CSCux07881)
happens the device will automatically reboot. No interaction is required, the device will become operational
after the successful boot attempt. (CSCux07881)
In some cases, if you deploy a clustered Firepower Threat Defense device and attempt to move the device
from one subdomain to another subdomain, moving the device fails and the system generates an
from one subdomain to another subdomain, moving the device fails and the system generates an
Updating
Domain management changes failed
error message. (CSCux08012)
In some cases on Firepower 9300, if one of the nodes fails a health check during a deployment, the node is
separated from the configured cluster and deployment to the cluster fails. Such a situation is recoverable on
its own and when the node re-joins the cluster, retry deployment. (CSCux08115)
separated from the configured cluster and deployment to the cluster fails. Such a situation is recoverable on
its own and when the node re-joins the cluster, retry deployment. (CSCux08115)
In the Firepower 9300 Chassis Manager, you may not be able to edit the interface in the last row on the
Interfaces screen. In addition, you may not be able to manually select some interfaces during logical device
provisioning from the Chassis Manager. As a workaround, decrease the font size of your web browser.
(CSCux08577)
Interfaces screen. In addition, you may not be able to manually select some interfaces during logical device
provisioning from the Chassis Manager. As a workaround, decrease the font size of your web browser.
(CSCux08577)
In some cases, if you create a cluster of Firepower 9300 devices on a Firepower Management Centerand
configure interface IP addresses and a translated address pool through the Firepower Management Center
user interface, the IP Pool configuration does not deploy to the device if you deploy immediately after
configuring. As a workaround, edit the Interface and IP Pool again and redeploy. (CSCux09023)
configure interface IP addresses and a translated address pool through the Firepower Management Center
user interface, the IP Pool configuration does not deploy to the device if you deploy immediately after
configuring. As a workaround, edit the Interface and IP Pool again and redeploy. (CSCux09023)
If you deploy a NAT policy which resides in a subdomain to a Firepower 7000 Series or 8000 Series device
and move the device to new domain, deploy fails. As a workaround, create a new NAT policy in a new domain
and target the correct device, then redeploy. (CSCux10651)
and move the device to new domain, deploy fails. As a workaround, create a new NAT policy in a new domain
and target the correct device, then redeploy. (CSCux10651)
In some cases, if you create a VPN deployment on a registered device and move the device from one domain
to another domain, then deploy, deploy fails and the system generates a
to another domain, then deploy, deploy fails and the system generates a
Pre-deploy Global Configuration
Generation. Cannot find policy information
error message. As a workaround, remove the VPN configuration
prior to moving the device to another domain. An alternative workaround is to unregister and then register the
device to the Firepower Management Center, then create a VPN deployment and deploy. (CSCux10820)
device to the Firepower Management Center, then create a VPN deployment and deploy. (CSCux10820)
Use of a certificate with an RSASSA-PSS signature algorithm on a Firepower Management Centerr is not
supported in Version 6.0. If you update a Firepower Management Center using such a certificate to Version
6.0 or add such a certificate in Version 6.0, the system does not allow you to log into the Management Center
web interface and generates an
supported in Version 6.0. If you update a Firepower Management Center using such a certificate to Version
6.0 or add such a certificate in Version 6.0, the system does not allow you to log into the Management Center
web interface and generates an
Unable to authorize access. If you continue to have difficulty accessing
this device, please contact the system administrator
error. As a workaround, prior to update, generate
and install an SSL certificate with either a
sha1WithRSAEncryption
or
sha256WithRSAEncryption
algorithm and
restart the Firepower Management Center, or use the default Firepower Management Center certificate and
restart the appliance. If you are unable to access the user interface on your Firepower Management Center,
contact Support. (CSCux30610)
restart the appliance. If you are unable to access the user interface on your Firepower Management Center,
contact Support. (CSCux30610)
If the certificate used by your Firepower Management Center was generated using a public server key larger
than 2048 bits, you will not be able to log into the Firepower Management Center web interface after updating
to Version 6.0. As a workaround, replace certificates that were created with larger public keys by generating
a server certificate request and then applying a certificate generated using that request to the Firepower
Management Center. You can do the server certificate request and the certificate upload through the local
configuration settings on the Firepower Management Center (
than 2048 bits, you will not be able to log into the Firepower Management Center web interface after updating
to Version 6.0. As a workaround, replace certificates that were created with larger public keys by generating
a server certificate request and then applying a certificate generated using that request to the Firepower
Management Center. You can do the server certificate request and the certificate upload through the local
configuration settings on the Firepower Management Center (
System > Local > Configuration > HTTPS Certificate
). If
you generate a certificate without using a CSR from the Firepower Management Center, use a public key of
2048 bits or less. If you generate a certificate that contains more than 2048 bits and lose access to the
Management Center web interface, contact Support. (CSCux35430)
2048 bits or less. If you generate a certificate that contains more than 2048 bits and lose access to the
Management Center web interface, contact Support. (CSCux35430)
For Assistance
Thank you for choosing the Firepower System.