Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
New Member

problems with 5.1 upgrade on 4235 and 4240

Hello,

We recently upgraded our 4235 and 4240 up to 5.1. Both sensors were previously runing 4.1 code. Now, the sensors will stop sending alarms after a random amount of time - one sensor shows the analysis engine not running, the other does - however both don't send alarms again until rebooted. I am going to downgrade to the 5.0 code in the hope that this will resolve the issue - any other suggestions for resolving this w/o downgrading?

2 REPLIES
Cisco Employee

Re: problems with 5.1 upgrade on 4235 and 4240

Sounds like you might be hitting bug CSCsc92316 or CSCsd00933 (see http://www.cisco.com/cgi-bin/Support/Bugtool/onebug.pl?bugid=CSCsc92316&Submit=Search). Unfortunately there's no fix for this as yet but we're working on it. If this is really affecting you then your best bet at the moment would be to stick with 5.0 for the time being. Make sure you run the latest Service Pack in 5.0 also.

New Member

Re: problems with 5.1 upgrade on 4235 and 4240

Thanks, as a workaround I have been able to login the service account and issue the following -

/etc/init.d/cids stop

/etc/init.d/cids start

Upon doing this the events start to flow again, however, this requires constant monitoring on my part. Is there anyway to automate this? It didn't appear that cron was running on the sensor. Thanks for your help!

-Patrick

125
Views
0
Helpful
2
Replies
CreatePlease to create content