IPS Manager Express | Signature Updates

Unanswered Question
Mar 26th, 2009
User Badges:

Hello,


I have an IPS manager express managing 2 IPS devices. Automatic Signature updates is not working! I did sniff the traffic for 2 consecutive days; the IME is not even trying to download! Manual signature updates through FTP is working perfectly. Did anyone face this issue before?


Many Thanks,


Georges

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
georges.merhej Wed, 04/01/2009 - 13:02
User Badges:

FTP is working. Automatic updates throught cisco.com directly are not working!

marcabal Wed, 04/01/2009 - 13:17
User Badges:
  • Cisco Employee,

In your original post you said that you sniffed the traffic.

What traffic were you attempting to sniff?

IME itself will not attempt to auto download updates from Cisco.com.

Instead IME is able to configure the sensor, so the sensor will connect to cisco.com for auto download of updates.


So you will need to sniff the connection between the sensor and cisco.com.


You can also check the status of "show events host". It shoudl give you the status of the last automatic download attempt.


Are your sensors able to connect out of your network to cisco.com withOUT the use of a proxy? Proxy connections are not currently supported.

You will want to ensure your firewall and router configurations allow the sensor to reach the internet and connect to cisco.com.



georges.merhej Wed, 04/01/2009 - 14:13
User Badges:

That's it perfect!


I sniffed the traffic on the IPS; it checks the signatures through ssl and downloads them through http !


Thank you

vciric Mon, 03/26/2012 - 02:47
User Badges:

Has the proxy connection for automatic signature updates been supported yet?

sawgupta Mon, 03/26/2012 - 09:00
User Badges:
  • Bronze, 100 points or more

An enhancement request is already open to track this: CSCsv89560



Regards,

Sawan Gupta

Actions

This Discussion