Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
New Member

IPS v5 in Cisco 1841 drives cpu to 100 percent

I tried today to upgrade my 1841 Adv Security from 12.4.6T7 using sdf v4 files to the newer v5 12.4.11T3. All went well with the initial config, three basic signatures activated. I used the v296 pkg file for the latest signatures.

When I tried to copy the pkg to the idconf, the router goes to 100 percent utilization and stays there til I reboot it. None of the additional signature engines activate, no matter how long I wait for it to compile them.

Any hints on why this is happenning? This is my first go at the new v5 format files.

Thanks, Jeff

1 REPLY
New Member

Re: IPS v5 in Cisco 1841 drives cpu to 100 percent

Hi Jeff,

This is due to a bug being investigated. Please load 12.4.11T2 image, delete all the xml files

created on the flash (root or ipsconfig location

if configured), and follow the procedure outlined at http://www.cisco.com/en/US/products/ps6634/products_white_paper0900aecd805c4ea8.shtml

If your router has 256MB memory, in step 4.4, you may replace the command

"category ios_ips basic" with the command

"category ios_ips advanced".

If you change actions of signatures or unretire any other category, due to another bug, reloading will take about 8-10 minutes with high CPU but router prompt should come back after that.

Since I don't follow this forum, pls send your

subsequent messages on this issue to kemal@cisco.com and CC alyeung@cisco.com

Kemal

216
Views
0
Helpful
1
Replies
CreatePlease to create content