Up until the 490 signatures, my IPS module auto-updated from cisco.com. It stopped doing that after manually updating the engine and the signature files. Nothing I do will get it to auto-update. Has anyone else seen this behavior?
I just discovered what I think may be the issue. My current license on the IPS says it doesn't expire until 7/1/11 for this serial number. However, if I try to update the license from cisco.com, I get an error that says, "Failed to update license on sensor. errExpiredLicense-The new license expire date is older than the current license expire date."
Even though I can login to cisco.com and manually download the most current signature updates, I'm wondering if for some reason, it thinks my license is expired when the module tries to automatically update?
Hmm. As long as the expiration date for the license in the "show version" is showing a date in the future it should not cause an issue retrieving the signature updates. The error from cisco.com in retrieving a new license should also not be causing any issue. It's just indicating that there's a license on the sensor that has as much or more time left on it as the one being offered by cisco.com.
Can you check the URL in the auto update field and copy-paste it here? It's likely that you'll need to open a TAC case to troubleshoot this further as it will be dififcult without collecting a "show tech" (which you do *not* want to post to these forums).
I should have mentioned that in my last reply. Your URL was what I WAS using until it just stopped. The www.cisco.com was what I plugged in to try to get it to work. I will try your URL again and then open a TAC call if that's not successful.
I swear to god that the URL with the IP address is what it was set to when it stopped working. At any rate, setting it back to the IP address instead of the DNS name has now corrected the problem. WTF?
DocumentationCode download linksGoalRequirementLimitationsSupported ISR
and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity
options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in
HA DocumentationCode download linksGoalRequirementLimitationsSupported
ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationCo...
Question I am currently unable to specify "crypto keyring" command when
configuring VPN connection on my cisco 2901 router. The following
licenses have been activated on my router :