Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
New Member

Upgrade to 5.1(5)-E1

Anybody tried to upgrade to 5.1(5)-E1 yet. A real treat. Please let me know your experience.

1 ACCEPTED SOLUTION

Accepted Solutions
Silver

Re: Upgrade to 5.1(5)-E1

We pushed this update through the Ciscoworks VMS IDS MC console. We never apply updates directly via the sensor GUI or CLI.

12 REPLIES
Silver

Re: Upgrade to 5.1(5)-E1

No difference seen so far from 5.1(5) for stability (good or bad) however VMS was annoying (as usual) and we had to re-import about 25 sensors. This was because E1 applied to the sensors but VMS refused to update its DB and believed they were on plain 5.1(5). Note that on busy & slower sensors, E1 can take 10-15 minutes to apply.

New Member

Re: Upgrade to 5.1(5)-E1

Thank you for your response. Would you mind telling me if you performed the E1 upgrade through the CLI or GUI? We are failing through the GUI and have a TAC opened. Thanks

Silver

Re: Upgrade to 5.1(5)-E1

We pushed this update through the Ciscoworks VMS IDS MC console. We never apply updates directly via the sensor GUI or CLI.

New Member

Re: Upgrade to 5.1(5)-E1

Thanks again. We did the same and got the failure. TAC thinks we have hit a known bug. We'll see. Thanks for your info.

Silver

Re: Upgrade to 5.1(5)-E1

If you have a bug ID, please post it so I can see if we were hitting the same thing. Thanks!

New Member

Re: Upgrade to 5.1(5)-E1

Howdy,

I applied it last week (Monday?) via the CLI. No problem at all. I always use the CLI for sig and service pak updates and never have a problem with it.

Hope this helps.

Silver

Re: Upgrade to 5.1(5)-E1

The CLI is fine for one or two sensors but when you need to apply an update to 120+ sensors it is just not an option. The problem we were running into however is that the VMS DB was getting out of step with the sensor version causing heartache (since if there is a version mismatch, VMS will refuse to work further with the sensor). Having to take an extra couple of hours to go back and 'fix' 30+ sensors is lame.

New Member

Re: Upgrade to 5.1(5)-E1

Yes it is lame. I only have 2 to deal with. Has any one tried the newest version of CSM with the 5.1 E1 pak? Maybe this will overcome the limits of VMS...

New Member

Re: Upgrade to 5.1(5)-E1

With the VMS problems, did you already confirm that your VMS server is running the correct service pack? It needs service pack 2 for the IPS MC 2.2. I remember reading somewhere about VMS having issues if it didn't have the right service pack. We are running service pack 2-8 and I'm not experiencing any issues. Just another thing to check on, if you haven't already.

Silver

Re: Upgrade to 5.1(5)-E1

Yes, we've had SP2 for IDS MC 2.2 on for a couple of months now and it only helped a few of our issues. Lately we've been getting pushback on fixes for VMS and received the CSM upgrade song & dance. Cisco hasn't provided any information on a migration utility from VMS->CSM despite much prompting so we're in no hurry to go to CSM yet.

Silver

Re: Upgrade to 5.1(5)-E1

Anybody facing an issue of not being able to add the IPS sensor when updated to E1. I am unable to do it from my VMS as it always tell me that VMS is not able to recognize the version.

Thanx for any help offered.

-Hoogen

Silver

Re: Upgrade to 5.1(5)-E1

Make sure you have the latest version of VMS, there as a known bug in an earlier version of VMS where VMS would not recognize the AV version statement in the sensor version line. We have a TAC case open right now due to VMS and the sensor reporting different things after we pushed E1 then s283, VMS reported 5.1(4)E1s283, while the sensors reported 5.1(5)E1s283. So make sure there are no version conflicts between the sensor and VMS as VMS balks with any minor changes. Hope this helps!

153
Views
5
Helpful
12
Replies
作成コンテンツを作成するには してください