Cisco Cisco Firepower Management Center 2000 Notas de publicación

Firepower System Release Notes

Known Issues

 



The link to the Cisco Smart Software Manager from the Firepower Management Center Smart Licensing user 
interface page (

) directs to an updated link, which also redirects. As a workaround, 

if the redirect does not occur quickly enough, connect to 

. (CSCuw96552)



In some cases, deploy fails on a device running Version 5.4.0 that is registered to a Firepower Management 
Center running Version 6.0 if you deploy an access control policy that references a file policy configured for 
malware protection. (CSCuw97809)



In some cases, if you enable sensitive data detection in the Advanced Settings on the Intrusion Policy page 
(

), then switch to another domain before saving, the system does not reload 

the Intrusion Policy page in the destination domain when it should. As a workaround, save or manually reload 
the Intrusion Policy page. (CSCuw97864)



In some cases, if the time configured on a device running Version 6.0 is set ahead of the time configured on 
a Firepower Management Center, registering the managed device to the Firepower Management Center 
causes connectivity issues and the system may not be able to restore connectivity. As a workaround, execute 
the 

/etc/rc.d/init.d/pm restart

 CLI command. If you continue to experience connectivity issues, contact 

Support. (CSCuw97948)



The 

system shutdown

 CLI command causes ASA Firepower modules (ASA 5506-X, ASA 5506H-X, ASA 

5506W-X, ASA 5508-X, ASA 5516-X) running Firepower Threat Defense to restart instead of shut down. 
(CSCuw98231)



In some cases, if your user interface initiates a restore, the session will be disconnected and you must log in 
again to see the status of restore operation. (CSCuw98296)



Version 6.0 does not support the Safari web browser on systems running the MAC OS. Use Firefox, Chrome, 
or Internet Explorer. (CSCuw98876)



In some cases, if the system hosting a virtual device experiences a high amount of traffic, deploying to the 
virtual device may cause temporary network issues. (CSCux00380)



In some cases, intrusion events do not display the correct source IP address or the correct destination IP 
address. As a workaround, view the Connection Events page (

) to view the correct 

source and destination IP addresses of an intrusion event. (CSCux00385)



In some cases pinholes are not created for Real-time Transport Protocol (RTP) connections established by 
calls using the Session Initiation Protocol (SIP), which prevents the VOIP channel creation for the SIP call. 
(CSCux03758, CSCux09765)



Although an application detector is available for the Skinny (SCCP) protocol, pinholes are not created for RTP 
connections established by SCCP packets. (CSCux05468)



If you enable the 

 health monitor on the Health Policy page (

) for a Firepower 

Threat Defense device, the device generates transient erroneous 100% CPU load alarms during deployment. 
(CSCux07384)



In some cases, if you create a Firepower Threat Defense device in transparent mode and register the device 
to a Firepower Management Center, then assign an IP address to an interface being used as the device's 
diagnostic interface, the Firepower Management Center does not successfully deploy the assigned IP address 
to the Firepower Threat Defense device. Cisco recommends restarting the Firepower Threat Defense device 
for the changes to take effect. (CSCux07416)



In some cases, if you only edit the logical device's management interface of a Firepower 9300 device and 
deploy, the system does not warn you that the device must reboot to deploy changes when it should. 
(CSCux07831)



In some cases, when deploying policies to a large number of devices, policy deployment times out and fails 
when Snort fails to restart. (CSCux07861)