I am getting a large amounts of IP Fragment alerts from one ip address. I have identified this as a false positive and want to filter these events. I have gone into the filter tab on the IDSM and filtered alter 1003 Ip Fragmentation from the source ip that is generating all the alters. I save and update and push the new config to the idsm without any problems, but I keep getting the alters. I also set the alert to LOW and it is still registering as high. Am I missing something? Thanks in advance.
OK, I figured it out. I have my CSPM set in a client/server configuration. I upgraded the CSPM on the server to CSPM-2.3.3i-S25 and did the signature update wizard on the server. However, I did not perform this on my client. When I pushed configs from my client I had to select ***S13 because I had not updated the signatures on my client. This also did not allow me to add filters or do any maintenance for that matter on any of my blades.
After installing CSPM-2.3.3i-S25 on my client and running signature wizard I was able to set filters with no issues. Thanks for your responses.
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in HA
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationCo...
I am currently unable to specify "crypto keyring" command when configuring VPN connection on my cisco 2901 router.
The following licenses have been activated on my router :