Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

IDSM-2 Upgrade

Hi,

I am upgrading IDSM-2 image from v5 to v6 (IPS-K9-6.0-4a-E1.pkg) after this upgrade do we need to go for the Upgradation of Recovery Partition ?

Thank you,

Dinesh

1 ACCEPTED SOLUTION

Accepted Solutions

Re: IDSM-2 Upgrade

The recovery partition will be automatically upgraded to IPS-K9-6.0-4a-E1. The maintenance partition will not be I think. This is an output from an IPS upgraded earlier:

Application Partition:

Cisco Intrusion Prevention System, Version 6.0(4a)E1

......

......

Maintenance Partition Version 2.1(2)

Recovery Partition Version 1.1 - 6.0(4a)E1

Regards

Farrukh

21 REPLIES

Re: IDSM-2 Upgrade

The recovery partition will be automatically upgraded to IPS-K9-6.0-4a-E1. The maintenance partition will not be I think. This is an output from an IPS upgraded earlier:

Application Partition:

Cisco Intrusion Prevention System, Version 6.0(4a)E1

......

......

Maintenance Partition Version 2.1(2)

Recovery Partition Version 1.1 - 6.0(4a)E1

Regards

Farrukh

New Member

Re: IDSM-2 Upgrade

Hi Farrukh,

Thank you for prompt reply.

Dinesh

New Member

Re: IDSM-2 Upgrade

Hi Farrukh,

what about Hardware bypass, do we need any additional harware (4 Gb bypasscard) or my IDSM-2 does have it by default.

Actually, I am planning for the VLAN pair Inline mode configuration and I am worried about the dataflow during signature or patch update.

Regards

Dinesh

Re: IDSM-2 Upgrade

The IDSM-2 has no hardware interfaces. It is internally connected to the switch backplane. I've done signature updates before on this platform without any issues. It will lets packets pass through (by default) when the signature engine is down.

Regards

Farrukh

New Member

Re: IDSM-2 Upgrade

Hi Farrukh,

My upgradation is copleted sucfuly. and it is working on SPAN with 6509.

but i am not able to create more than one SPAN session on my 6500 switch, is there any limitation, and what about if i want to create more than one SPAN session on 6500 switch.

Dinesh

Re: IDSM-2 Upgrade

Have a look at this link:

http://www.cisco.com/warp/public/473/41.html#topic6

Regards

Farrukh

New Member

Re: IDSM-2 Upgrade

Hi farrukh,

I am trying for Licence from cisco.com, If i clik on UPDATE Liceance from cisco.com tab, one pop up is comming on and massage is ** Sending serial number to cisco*** but nothing is happening for an hours also.

Re: IDSM-2 Upgrade

Try to manual process through the CLI then.

Regards

Farrukh

New Member

Re: IDSM-2 Upgrade

Hi Farrukh,

I dont have IPS service contract to download the licen file and this one is not updated before upgradation.

It could be a problem ?

Without IPS service contr it will not allow us to go for Licencing ?

In my invoice only these two line iteam it thr. WS-SVC-IDSM2-BUN-K9 and SC-SVC-IDSM-5.1-K9, do you think that it should be with IPS service contract like line iteam ---PAK-- ---

Please help me, I am new to this device.

Regards.

Dinesh

New Member

Re: IDSM-2 Upgrade

Hi

Please i need help...I have WS-SVC-IDS2-BUN-K9 ...I need to cover it with service contract that permit us to upgrade and get license...Please advice level of service we need .

thanks in advance

Omar

New Member

Re: IDSM-2 Upgrade

Hi Omar,

as i know we can upgrade the IDSM with latest one without any license.. but i am not sure about, hot to get the licens without service contract.

I think farruk can guide us on this, but it seems that he is not available since long time....

Re: IDSM-2 Upgrade

Hi Dinesh

Sorry I'm on vacation right now :)

You will get a license file once you purchase a 'Cisco Services for IPS' contract for the IDSM-2 blade. Then you have to load that license on your sensor. Software upgrades work without a valid license. Signature updated don't work. They install and then re-install themselves after detecting that no license is present.

Regards

Farrukh

New Member

Re: IDSM-2 Upgrade

Hi Farrukh,

I am done with the configuration and i kept in Inline VLAN pair VLAN 16 & 166, i created on L2 vlan and 166, and assinged the same to the Virtual interface,

But i am not able to see any logs or blocking, If i keep this vlan 16 on SPAN i do have lot of logs and traffic on sensore interface.

any a Suggestion .....

Re: IDSM-2 Upgrade

New Member

Re: IDSM-2 Upgrade

Hi,

Every thing is same as shown in document, but i am not able to see any logs, If i keep same vlan on SPAN logs are there.

Any trouble shooting steps or tools are there ?

Re: IDSM-2 Upgrade

If you Inline VLAN Pair is not functional, then no traffic will pass through anyway. You can try to ping between any two devices in the 'bridged' VLANS.

Regards

Farrukh

New Member

Re: IDSM-2 Upgrade

My configuration is like this,

firewall vlan-group 2 10,100

Vlan 10 Inside & Vlan 100 is outsie interface of the FW Context,

I created on L2 Vlan 101

and added this VLAN (10 and 101) in VLAN PAIR config and this interface giga 0/8.1 (Subinterface). same interface is config for Virtual Sensor 0.

I dont have problem with traffic but not able to see any logs.

New Member

Re: IDSM-2 Upgrade

Hi

Re: IDSM-2 Upgrade

In which mode is the sensor operating?

Auto/Bypass etc.

Regards

Farrukh

New Member

Re: IDSM-2 Upgrade

It is in Auto (Bypass inspection when analysis engine is stopped.)

Is this will create a problem ? or do we need to change it to ON & OFF.

Re: IDSM-2 Upgrade

Nah Auto is fine. Can you post the configs? (show config)

Regards

Farrukh

311
Views
4
Helpful
21
Replies
CreatePlease to create content