I've tried both Windows NT 4.0 SP6A & Windows 2000 SP3. Could this be a time out issue on the IDS ?

Hi Stephen,

Few things to check before the workaround attempt below;

1. Is the FTP server set up for some kind of custom string? e.g. Welcome to the FTP server...blah,blah..blah"? If so, please remove it and try upgrade again.

2. If you are making an anonymous ftp login, try to have an account setup for ftp and use it for the upgrade process.

The ftp timeout value for the 4.0 sensor is currently hardcoded to 5 minutes. There is a ddts (CSCdz64623) to make this configurable, but it has not been implemented yet.

Workaround in the mean time:

The workaround is to put the file on the sensor using the service account,

and then upgrade by scping to the service account on the sensor itself:

Steps:

1) Create a service account

2) Login with the service account

3) Ftp the file to the home directory of the service account on the sensor

4) Exit service account

5) Login with the cisco account

6) Execute "ssh host-key " under "configure terminal" mode.

7) Type "yes" to accept the key

8) Execute "upgrade

scp://@/" under "configure terminal" mode.

Thanks,

yatin

When logged in with the Cisco account, I created a service account using an ID called smartin. Logged in with the smartin account, FTP'd to a WIndows 2000 server, logged in with the Cisco account, executed the "ssh host-key

Error: download file does not exist: /usr/cids/idsRoot/var/updates/IDS-K9-sp-4.0

-2.S42.rpm.pkg

Path Issue ???

Hi Stephen,

It seems so. When you log into the sensor as the service account, do a pwd command and that should be the home directory e.g. /home/service

Put the file into this location as mentioned in step 3 on the earlier post.

Hope this helps,

thanks,

yatin

I solved the problem by creating a dir on the IDS called "update", FTP'd the SP to the update dir & ran the upgrade command.

Thanks for your help !