Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2145
Views
0
Helpful
34
Replies

Need help with a couple of issues concerning an AIP-SSM

cdetirado
Level 1
Level 1

‎06-28-2010 07:33 AM - edited ‎03-10-2019 05:02 AM

1. How can I see what software versoin the sensor is running.

2. How can I manually update the sensors image.

3. How can I see through the cli when the signatures were last updated.

4. How can I unblock traffic that is being blocked by the Sensor.

Labels:
0 Helpful
34 Replies 34

cdetirado
Level 1
Level 1
In response to Scott Fringer

‎06-29-2010 10:36 AM

When I do the upgrade of the sensor software, is there any other files that i need to upgrade in the process ?

Since my customer has an AIP-SSM-20 is this the only piece of software that I need to upgrade IPS-SSM_20-K9-sys-1.1-a-6.2-2-E4.img and can I run the auto-updates after I upgrade the sensor.

0 Helpful

Scott Fringer
Cisco Employee
Cisco Employee
In response to cdetirado

‎06-29-2010 10:40 AM

The file you have listed is used for re-imaging the device to factory

defaults (.img).

You will want to use an upgrade package (.pkg). This will maintain

existing configuration details. To move to release 6.2(2)E4 you would

want the file:

IPS-K9-6.2-2-E4.pkg

Scott

0 Helpful

cdetirado
Level 1
Level 1
In response to Scott Fringer

‎06-29-2010 10:43 AM

is this the files that I need in order to do the upgrade

IPS-K9-6.2-2-E4.pkg

IPS-engine-E4-req-6.2-2.pkg

When I do the upgrade what is the procedure to do so.

0 Helpful

Scott Fringer
Cisco Employee
Cisco Employee
In response to cdetirado

‎06-29-2010 10:49 AM

You will only need to use the file:

IPS-K9-6.2-2-E4.pkg

The process to upgrade the sensor via the IDM GUI is outlined here:

http://www.cisco.com/en/US/docs/security/ips/6.0/configuration/guide/idm/dmAdmin.html#wp1030217

This process will reboot the AIP-SSM-20 to complete.

Scott

0 Helpful

cdetirado
Level 1
Level 1
In response to Scott Fringer

‎06-29-2010 10:53 AM

And to do the sensor upgrade from the command line.

0 Helpful

Scott Fringer
Cisco Employee
Cisco Employee
In response to cdetirado

‎06-29-2010 11:05 AM

The CLI option requires you have a supported server available to host

the upgrade package; whereas the IDM GUI can perform the upgrade

directly from your workstation.

The CLI process is outlined here:

http://www.cisco.com/en/US/docs/security/ips/6.0/configuration/guide/cli/cliImage.html#wp1243115

Scott

0 Helpful

cdetirado
Level 1
Level 1
In response to Scott Fringer

‎06-30-2010 09:02 AM

Does auto upgrade mean I still need to download the files and upload the updates ?

0 Helpful

Scott Fringer
Cisco Employee
Cisco Employee
In response to cdetirado

‎06-30-2010 09:12 AM

Auto-updates will only update signatures (S496 to S497, etc) and the

analysis engine (E3 to E4, etc); these updates do not require a reboot

of the sensor. Auto updates will not update version (7.0(2) to 7.0(3),

etc) as these updates require a reboot of the sensor.

Scott

0 Helpful

cdetirado
Level 1
Level 1
In response to Scott Fringer

‎06-30-2010 09:16 AM

Do you have any sample configuration on how to configure the AIP-SSM-20 to get those signature updates from Cisco automatically.

0 Helpful

Scott Fringer
Cisco Employee
Cisco Employee
In response to cdetirado

‎06-30-2010 09:21 AM

You should simply need to enable the feature in the IDM GUI:

Configuration>Sensor Management>Auto/Cisco.com Update

Check the box "Enable Signature and Engine Updates from Cisco.com"

Provide valid CCO credentials and select a schedule for checking the

updates. The default URL is the correct URL and syntax.

The AIP-SSM's management IP address will need HTTP and HTTPS access to

the Internet.

Scott

0 Helpful

cdetirado
Level 1
Level 1
In response to Scott Fringer

‎06-30-2010 09:57 AM

I have two ASA5520 with AIP-SSM-20 in high availability mode:

What commands would I issue, in order to do the sensor upgrade to both AIP-SSM-20

0 Helpful

Scott Fringer
Cisco Employee
Cisco Employee
In response to cdetirado

‎06-30-2010 10:22 AM

You will need to upgrade each AIP-SSM independently, there is no

communication between the two AIP-SSMs.

Scott

0 Helpful

cdetirado
Level 1
Level 1

‎07-12-2010 06:20 AM

When I upgraded the sensor to version 6.2(2) everything went well but I realized that I needed to get to version 7.2(2).

I downloaded the software for version 7.2(2) and it made a comment that i need to update the signature engine before I could upgrade to 7.2(2). So I downloaded the engine and the error that I got was

Warning: Executing this command will apply a signature engine update to

the application partition. The system may be rebooted to complete the

upgrade.

Continue with upgrade? []: yes

Error: execUpgradeSoftware : The current signature level is  S480.  The

current

So what is the proper upgrade path to go from 6.2(2) to 7.2(2) and what am I missing that it wont let me upgrade to 7.2(2). Please let me know if you need for me to perform any additional commands that may assist in getting this issue resolved.

0 Helpful

Scott Fringer
Cisco Employee
Cisco Employee
In response to cdetirado

‎07-12-2010 06:26 AM

Carlos;

There is not a 7.2(2) release for Cisco IPS sensors. There is

currently 6.2(2)E4 and 7.0(3)E4. If you are wanting to upgrade to

7.0(3)E4 from 6.2(2)E4 you should only need to download the upgrade

package with the filename: IPS-K9-7.0-3-E4.pkg

Scott

0 Helpful

cdetirado
Level 1
Level 1

‎07-12-2010 06:31 AM

Sorry its version 7.02

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card