Cisco Cisco Firepower Management Center 2000 發佈版本通知
Firepower System Release Notes
Known Issues
34
If you create an SSL rule and add an Uncategorized URL condition on the Category tab, the rule matches
against any URL rather than only matching uncategorized URLs. (CSCux94309)
against any URL rather than only matching uncategorized URLs. (CSCux94309)
In some cases, if you edit and deploy an access control rule with logging enabled, then edit the same access
control rule, the system incorrectly displays logging as disabled within the rule. View the Logging tab of the
access control editor to review the correct logging configuration. (CSCux94318, CSCuy13079)
control rule, the system incorrectly displays logging as disabled within the rule. View the Logging tab of the
access control editor to review the correct logging configuration. (CSCux94318, CSCuy13079)
The following system-provided network objects are not included in the drop-down list on the Object
Management page (Objects > Object Management):
Management page (Objects > Object Management):
any
,
any-ipv4
, and
any-ipv6
. (CSCux94621)
Although the configuration options for Firepower Management Center high availability appear in the
Integration page of the user interface, high availability is not supported for Firepower Management Centers in
this release. Do not attempt to place Firepower Management Centers into high availability. (CSCuy96369)
Integration page of the user interface, high availability is not supported for Firepower Management Centers in
this release. Do not attempt to place Firepower Management Centers into high availability. (CSCuy96369)
If you add a routed IPv6 IP in the Devices tab of the Device Management page (Devices > Device
Management) of an ASA with Firepower Threat Defense and enable an IPv6 Prefix without checking the
Enable Router Advertisement option, then save and deploy, deployment fails and the system generates a
Management) of an ASA with Firepower Threat Defense and enable an IPv6 Prefix without checking the
Enable Router Advertisement option, then save and deploy, deployment fails and the system generates a
Deployment failed due to configuration error. If problem persists after retrying, contact Cisco TAC.
error. As a workaround, check the Enable Router Advertisement option and redeploy. (CSCux98850)
In some cases, if you deploy an access control rule with the default action set to either Interactive Block or
Interactive Block with Reset to a registered ASA Firepower running Threat Defense in a high availability pair
and then manually switch the active peer in the high availability pair, the interactive block page does not
proceed after you click Continue. Click Continue a second time to bypass the interactive block page.
(CSCux99397)
Interactive Block with Reset to a registered ASA Firepower running Threat Defense in a high availability pair
and then manually switch the active peer in the high availability pair, the interactive block page does not
proceed after you click Continue. Click Continue a second time to bypass the interactive block page.
(CSCux99397)
Viewing files containing the .JPEG extension in Version 6.0.1 generates a
HTTP 403 Forbidden error
page.
You can correctly download and view files containing the .jpg extension. (CSCux99481)
In some cases, if you view the Identity Services Engine (ISE) section of the Identity Sources tab in the
Integration page (System > Integration), then upload a Firepower Management Center server certificate with
the corresponding key and name the certificate, the save button does not operate. As a workaround, exit the
Firepower Management Center certificate window and click the add ( + ) icon, then save. (CSCux99516)
Integration page (System > Integration), then upload a Firepower Management Center server certificate with
the corresponding key and name the certificate, the save button does not operate. As a workaround, exit the
Firepower Management Center certificate window and click the add ( + ) icon, then save. (CSCux99516)
In some cases, if you deploy a file policy with All types in selected Categories selected as the file type and
enable the local analysis module, the file composition report of a detected file incorrectly displays the MD5
value as
enable the local analysis module, the file composition report of a detected file incorrectly displays the MD5
value as
00000000000000000000000000000000
. (CSCuy01702)
In some cases, if you attempt to simultaneously register two devices and deploy policy configurations on a
Firepower Management Center, the system may generate a
Firepower Management Center, the system may generate a
Pre-deploy Global Configuration Generation.
_storePerms: Unable to store perms
error in the Tasks tab of the Message Center. As a workaround, redeploy
policies. (CSCuy02038)
If you create an SSL policy containing one SSL rule with the action set to a Decrypt-Known Key and a second
SSL rule with the action set to Decrypt-Resign a on a system running Version 6.0.1, the system incorrectly
generates an erroneous
SSL rule with the action set to Decrypt-Resign a on a system running Version 6.0.1, the system incorrectly
generates an erroneous
Warning: this rule is preempted by rule <second rule listed>
warning.
(CSCuy03840)
If you view a global domain access control rule of an access control policy in a subdomain and add or edit an
access control rule in any other policy, the system incorrectly disables the logging options in the Logging tab
of the rule editor window. As a workaround, refresh the page. (CSCuy03909)
access control rule in any other policy, the system incorrectly disables the logging options in the Logging tab
of the rule editor window. As a workaround, refresh the page. (CSCuy03909)
If you create an access control policy on a system running Version 6.0. or earlier and update the system to
Version 6.0.1, then edit the access control policy, the system does not save the modifications. (CSCuy04151)
Version 6.0.1, then edit the access control policy, the system does not save the modifications. (CSCuy04151)
In some cases, if you edit security zones of a Cisco ASA with FirePOWER Services and attempt to deploy
configuration from the Device Management page (Devices > Device Management), the deploy window does
not display any registered devices to deploy to when it should. As a workaround, redeploy the platform
settings policy before deploying configuration from the Device Management page. (CSCuy05635)
configuration from the Device Management page (Devices > Device Management), the deploy window does
not display any registered devices to deploy to when it should. As a workaround, redeploy the platform
settings policy before deploying configuration from the Device Management page. (CSCuy05635)