IPS new auto update feature

Unanswered Question
May 13th, 2008
User Badges:

hi,

the new 6.1 IPS ios has a new feature which is the auto update directly from cisco, but it seems its not working, i have entered my correct username and password , but the site already put by default for auto update seems to be not working.

anyone tried it ?


Thank you

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
marcabal Tue, 05/13/2008 - 23:53
User Badges:
  • Cisco Employee,

Did you also configure the time at which the updates should take place?

Do a "show events" on the CLI from a minute before the scheduled time for the update, and look to see if any status messages or errors were generated.


It is possible that a firewall or something on your network may be blocking the sensor's connection to cisco.com.


josephium Wed, 05/14/2008 - 04:48
User Badges:

Hi, thank you for your response.


but no , its not a firewall issue, and nothing happens, no event is generated also, the site https://192.133.219.25 ... if put in IE is giving "we are unable to precess your request at this time.


any thoughts ?

jamesand Wed, 05/14/2008 - 09:53
User Badges:
  • Cisco Employee,

What platform type is this IPS sensor?

What does the Auto Update Statistics show from the "show stat host" command?

josephium Wed, 05/14/2008 - 22:29
User Badges:

thank you for your reply,


the IPS is an AIP-SSM 20 , installed on an ASA 5540, now i did the show stat hosts and regarding the Auto update it show the following:


Auto Update Statistics

lastDirectoryReadAttempt = N/A

lastDownloadAttempt = N/A

lastInstallAttempt = N/A

nextAttempt = N/A


allthough i have configured it to do auto update every day at a specific hour.


any thoughts ?


thanks

jamesand Thu, 05/15/2008 - 06:33
User Badges:
  • Cisco Employee,

That shows that auto updates have not been running and are not scheduled to run. Please send me the auto config. You can run:


# conf t

# ser host

# auto

# show settings

Please post the fix here as I am also having the same problem. However, my stats seem to suggest it's trying:


Auto Update Statistics

lastDirectoryReadAttempt = 11:30:03 EDST Thu May 15 2008

= Read directory: [email protected]@198.133.219.243//cisco/ciscosecure/ips/6.x/sigup/')">http://[email protected]@198.133.219.243//cisco/ciscosecure/ips/6.x/sigup/

= Success

lastDownloadAttempt = 11:30:03 EDST Thu May 15 2008

= Download: http:[email protected]@[email protected]-E1.pkg

= Error: URI does not contain a valid ip address

lastInstallAttempt = N/A

nextAttempt = 12:30:00 EDST Thu May 15 2008

Auxilliary Processors Installed


marcabal Thu, 05/15/2008 - 08:07
User Badges:
  • Cisco Employee,

My guess is that the "@" in your username is likely causing the sensor to be confused.


My guess is that the sensor is interpretting jhilope as the username and cswq.com as the ip address instead of "[email protected]" as the username and 198.133.219.243 as the ip address.


Does someone else in your company have a cisco.com username without the "@" character in it that you could try?


NOTE: This is just my guess at what may be happening. Trying another persons userid could help to determine if that is the problem or not.


If another userid works fine, then go ahead and contact the TAC and have them write up a bug that the sensor is not working with a cisco userid containing the "@" character.


If another userid still continues to have the same issue, then the "@" character in the username may not be the issue, and additional debugging would be needed.


If you can't get another userid, then try contacting the TAC for additional debugging help.



The issue you are seeing appears to be a different issue than the original opener of this thread. Their issue is that the auto update is not event attempted. You issue is that the directory can be read, a sigupdate found that can be downloaded, but the actual download fails.






josephium Thu, 05/15/2008 - 22:25
User Badges:

plz check below my auto update settings:

secondary(config-hos-aut)# show settings

auto-upgrade

-----------------------------------------------

cisco-server

-----------------------------------------------

enabled

-----------------------------------------------

schedule-option

-----------------------------------------------

calendar-schedule

-----------------------------------------------

times-of-day (min: 1, max: 24, current: 1)

-----------------------------------------------

time: 15:40:00

-----------------------------------------------

-----------------------------------------------

days-of-week (min: 1, max: 7, current: 5)

-----------------------------------------------

day: monday

-----------------------------------------------

day: tuesday

-----------------------------------------------

day: wednesday

-----------------------------------------------

day: thursday

-----------------------------------------------

day: friday

-----------------------------------------------

-----------------------------------------------

-----------------------------------------------

-----------------------------------------------

user-name: i removed it

password:

cisco-url: https://198.133.219.25//cgi-bin/front.x/ida/locator/locator.pl default: https://198.133.219.25//cgi-bin/front.x/ida/locator/locator.pl

-----------------------------------------------

-----------------------------------------------

user-server

-----------------------------------------------

disabled


now if this thing is fixed , i will have the other problem mentioned above and that is my username (which i removed) contains an @ in it.


Thank you

jamesand Fri, 05/16/2008 - 12:09
User Badges:
  • Cisco Employee,

I have not been able to reproduce. I entered your exact config into CLI and show stat host gives me the correct nextAttempt:


nextAttempt = 15:40:00 UTC Mon May 19 2008


Please remove the auto config, reenter your config, and send back the sho st host:


# conf t

# ser host

# auto

# cisco-server disable

# ex

# ex


NOTE: you should use the default cisco-url


Actions

This Discussion