Cisco Bug: CSCvs49104 - Network Discovery Policy rules are ignored if it uses network groups
Oct 04, 2020
- Sourcefire Defense Center
Known Affected Releases
6.4.0 184.108.40.206 6.5.0 6.6.0
Symptom: Network Discovery Policy rules are ignored if Object-Group is selected under Networks Conditions: Issue affects all listed Firepower versions and with a Network Discovery Policy configured with network object-group(s). For instance: > Network Discovery policy configured with following Object-group under networks option: Object-Group: Inside-Nets Child Object 1: Inside-net-1: A.B.100.0/24 Child Object 2: Inside-net-2: A.B.101.0/24 With above configuration no single host entry was displayed under "Analysis > Network Map", "Analysis > Hosts". Similarly, "Discovery Statistics" and "Discovery Performance" under Overview was displaying no counters or events. If the Network discovery policy is changed, and have the object-group "Inside-Nets" removed, and then the "Inside-net-1" network object added, FMC will start to display Network Discovery information, counts and performance events, for such subnet.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases