Hello. I've got one 4210 sensor (V188.8.131.52), one 4230 sensor (V3.0(1)S4 Modified), and one CSPM (V2.3.0 Build 2335). I've configured the CSPM such that I am receiving and communicating via V2.5.0 with the 4210 sensor, but I'm unable to communicate from the CSPM to the 4230 sensor. I don't have the option on the CSPM to select V3.0(1)S4 for communication with the 4230. Can someone please advise me the correct steps to take to get all on the latest and greatest? Is order significant? What's the minimum I need to do to begin communicating properly with the 4230?
Simply upgrade CSPM with the new signature files for v3.0(1)S4. They are available from Cisco.com under the IDS Appliance Software center. Download the ZIP - extract and run the update sensor files from the tool menu. Don't select a specific sensor just click next and follow the update procedure. This will allow you to select V3.0(1)S4 from the pull down menu for the 4230 Sensor.
Keep in mind that the CSPM signature update files are not the same as the signature update files for the Sensor (.bin vs .zip/exe)
This will update CSPM to match the 4230 sensor signature file.
The best option is still to upgrade CSPM to the latest version (v2.3.3i) first, then configure it to see the correct sensor version from the beginning. This is a much cleaner approach than mixing versions between CSPM and the sensor.
The user HAS to have at least version 2.3.2i of CSPM to communicate with a version 3.0(1)S4 sensor. If the S level is higher than S4 then the same S level signature update also HAS to be applied to the CSPM machine.
So when upgrading your sensors, you also have to upgrade your CSPM.
DocumentationCode download linksGoalRequirementLimitationsSupported ISR
and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity
options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in
HA DocumentationCode download linksGoalRequirementLimitationsSupported
ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationCo...
Question I am currently unable to specify "crypto keyring" command when
configuring VPN connection on my cisco 2901 router. The following
licenses have been activated on my router :