Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Community Member

IDS 4.0 - getting timeouts when trying to update to IDS-K9-sp-4.0-2.S42.rpm

I've tried FTP, HTTP, via telnet, via IDS Device Manager. The process times out.

6 REPLIES
Cisco Employee

Re: IDS 4.0 - getting timeouts when trying to update to IDS-K9-s

Hi Stephen,

Can you make sure that the FTP server is one of the supported ones?

Supported FTP Servers

The following FTP servers are supported for service pack and signature updates:

Sambar FTP Server Version 5.0 (win32).

Web-mail Microsoft FTP Service Version 5.0 (win32).

Serv-U FTP-Server v2.5h for WinSock (win32).

Solaris 2.8.

HP-UX (HP-UX qdir-5 B.10.20 A 9000/715).

Windows 2000 (Microsoft ftp server version 5.0).

Windows NT 4.0 (Microsoft ftp server version 3.0).

Thanks,

yatin

Community Member

Re: IDS 4.0 - getting timeouts when trying to update to IDS-K9-s

I've tried both Windows NT 4.0 SP6A & Windows 2000 SP3. Could this be a time out issue on the IDS ?

Cisco Employee

Re: IDS 4.0 - getting timeouts when trying to update to IDS-K9-s

Hi Stephen,

Few things to check before the workaround attempt below;

1. Is the FTP server set up for some kind of custom string? e.g. Welcome to the FTP server...blah,blah..blah"? If so, please remove it and try upgrade again.

2. If you are making an anonymous ftp login, try to have an account setup for ftp and use it for the upgrade process.

The ftp timeout value for the 4.0 sensor is currently hardcoded to 5 minutes. There is a ddts (CSCdz64623) to make this configurable, but it has not been implemented yet.

Workaround in the mean time:

The workaround is to put the file on the sensor using the service account,

and then upgrade by scping to the service account on the sensor itself:

Steps:

1) Create a service account

2) Login with the service account

3) Ftp the file to the home directory of the service account on the sensor

4) Exit service account

5) Login with the cisco account

6) Execute "ssh host-key " under "configure terminal" mode.

7) Type "yes" to accept the key

8) Execute "upgrade

scp://@/" under "configure terminal" mode.

Thanks,

yatin

Community Member

Re: IDS 4.0 - getting timeouts when trying to update to IDS-K9-s

When logged in with the Cisco account, I created a service account using an ID called smartin. Logged in with the smartin account, FTP'd to a WIndows 2000 server, logged in with the Cisco account, executed the "ssh host-key

Error: download file does not exist: /usr/cids/idsRoot/var/updates/IDS-K9-sp-4.0

-2.S42.rpm.pkg

Path Issue ???

Cisco Employee

Re: IDS 4.0 - getting timeouts when trying to update to IDS-K9-s

Hi Stephen,

It seems so. When you log into the sensor as the service account, do a pwd command and that should be the home directory e.g. /home/service

Put the file into this location as mentioned in step 3 on the earlier post.

Hope this helps,

thanks,

yatin

Community Member

Re: IDS 4.0 - getting timeouts when trying to update to IDS-K9-s

I solved the problem by creating a dir on the IDS called "update", FTP'd the SP to the update dir & ran the upgrade command.

Thanks for your help !

108
Views
5
Helpful
6
Replies
CreatePlease to create content