Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Community Member

IPS Manager Express | Signature Updates

Hello,

I have an IPS manager express managing 2 IPS devices. Automatic Signature updates is not working! I did sniff the traffic for 2 consecutive days; the IME is not even trying to download! Manual signature updates through FTP is working perfectly. Did anyone face this issue before?

Many Thanks,

Georges

7 REPLIES
Community Member

Re: IPS Manager Express | Signature Updates

Automatic updates do not work with Windows FTP servers configured with DOS-style paths. Make sure the server configuration has the UNIX-style path option enabled rather than DOS-style paths.

http://www.cisco.com/en/US/docs/security/ips/6.1/configuration/guide/ime/ime_sensor_management.html#wp2016040

Community Member

Re: IPS Manager Express | Signature Updates

FTP is working. Automatic updates throught cisco.com directly are not working!

Cisco Employee

Re: IPS Manager Express | Signature Updates

In your original post you said that you sniffed the traffic.

What traffic were you attempting to sniff?

IME itself will not attempt to auto download updates from Cisco.com.

Instead IME is able to configure the sensor, so the sensor will connect to cisco.com for auto download of updates.

So you will need to sniff the connection between the sensor and cisco.com.

You can also check the status of "show events host". It shoudl give you the status of the last automatic download attempt.

Are your sensors able to connect out of your network to cisco.com withOUT the use of a proxy? Proxy connections are not currently supported.

You will want to ensure your firewall and router configurations allow the sensor to reach the internet and connect to cisco.com.

Community Member

Re: IPS Manager Express | Signature Updates

That's it perfect!

I sniffed the traffic on the IPS; it checks the signatures through ssl and downloads them through http !

Thank you

Community Member

IPS Manager Express | Signature Updates

Has the proxy connection for automatic signature updates been supported yet?

Bronze

IPS Manager Express | Signature Updates

An enhancement request is already open to track this: CSCsv89560

Regards,

Sawan Gupta

Thanks & Regards, Sawan Gupta
Community Member

IPS Manager Express | Signature Updates

Any progress on the issue "CSCsv89560"?

1511
Views
0
Helpful
7
Replies
CreatePlease to create content