The latest version of IPS MC, v2.2 does not seem to store the last event position when restarting the CW processes. The result is that CW retreives the complete list of events on all the sensors event-store, no matter of the alarms have already been retreive before the restart of CW processes.
Has anyone else had the same problems with IPS MC 2.2? (It worked fine before upgrading to IPS MC 2.2).
Can anyone from Cisco tell where Receiver.exe is supposed to store the last event position?
I am having a similar issue. In fact I have a TAC case opened up on it. Your post is referenced in my case. I am having strange issue since I updated to 2.2. After you restart CW and launch SECMON event viewer I see all the events since I upgraded to 2.2, some dated days ago. I know that we resolved these errors. Another issue Im having and my main issue is that I cannot update sesnors with new sigs. I get an "exception error" in the progress viewer. It also shows on the main page at the bottom under "Latest signature version 5.x" it says no updates. However I know that sig 210 is there because I can configure sig 5693/1. When I try to deploy sig 211 it fails. If you look in the directory on the VMS server all the sig update .zip files are there??. Not sure whats going on here, TAC is sending it to the dev team.
I will keep you posted as to our progress. I seem to have traded one set of issues for another going from 2.1 to 2.2.
I have some info on this issue. I worked with TAC and as a result a bug was filed. Bug ID is CSCsd00428. The TAC engineer sent me a new reciever.exe file to replace the old one. However, I have downgraded to 2.1 because of another issue.
DocumentationCode download linksGoalRequirementLimitationsSupported ISR
and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity
options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in
HA DocumentationCode download linksGoalRequirementLimitationsSupported
ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationCo...
Question I am currently unable to specify "crypto keyring" command when
configuring VPN connection on my cisco 2901 router. The following
licenses have been activated on my router :