Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Community Member

CSA client update errors


I am performing a software update on all of our CSA server agents from v6.0.0.220 to v6.0.1.106.  I finished about 450 servers but there are 140 remaining, and there are errors coming into the local Debug logs on the hosts.   I want to know if anyone knows if there is a time restriction to the "Scheduled Software Updates" that are done through the CSAMC?   It seems strange that all of a sudden the reaming few are getting errors. But it may be because the update has been scheduled for a few months.

I also checked to see that they vary from Win2K and Win2K03 and some are in protectmode but some are still in auditmode. Also, there are no events logged so there are no rules present that are actually blocking the update.   Here is some of the log and I was monitoring during the scheduled software update times and found that the hosts are trying to connect and download for about a1 minute but then there is the curlerr=7 (Connect failed) message.

Nov 20 2009 08:34:55.781 -0800: %CSA-6-SOFTWARE_UPDATE_DOWNLOADING: %[Component=Csamanager][PID=512]: Downloading software update kit csamc60/software_kits/CSAAgent-windows-PatchV6.0.1.106-13d1956e0ba1871f733b9650f01f21876dccd666.exe (size=23310336)
Nov 20 2009 08:35:18.718 -0800: %CSA-4-AGENT_ICC_GET_FAIL: %[Component=Csamanager][PID=512]: Failed transaction, url=, curlerr=7 (Connect failed).
Nov 20 2009 08:35:54.171 -0800: %CSA-4-AGENT_ICC_GET_FAIL: %[Component=Csamanager][PID=512]: Failed transaction, url=, curlerr=7 (Connect failed).
Nov 20 2009 08:35:54.171 -0800: %CSA-6-TRACE: %[Component=Csamanager][PID=512]: Failed to get rules program (get_rule_program_from_hash)

Any assistance would be greatly appreciated.

Thank you


Everyone's tags (3)

Re: CSA client update errors

Software updates can contain scheduled update time windows.  The default is 00:00 to 23:59.

If the MC is unreachable when the update is scheduled or when the host tries it will get those messages.

It will also generate this message if the hosts cannot connect to the MC on port 80.  That port is required for software updates.


CreatePlease to create content