Well, I am currently enjoying my Saturday dealing with some Firepower bugs. Our firewalls have been pretty reliable for the most part until today. We hit a bug in VDB database version 331 that causes the SNORT process to crash on the firewalls. The real bummer about this is that when snort crashes, the firewalls stop passing traffic. This bug took out both firewalls in an HA pair simultaneously and took the site down. Not super great. Luckily we have an old trusty ASA in our other site so traffic failed over as expected. TAC is now having me update FMC to 6.4.0.8 immediately and then we are rolling back the VDB version to 330. So, if you run into Firepower issues today, maybe this post will help you :)
No comments:
Post a Comment