Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Some Questions


We have the following version of the NR:

The version of the signature update currently installed is:

postofficed v2.2.1.1 (release) 00/10/03-13:29

loggerd v2.2.1 (release) 99/07/19-20:15

configd v2.2.1 (release) 99/07/19-20:10

smid v2.2.1.1 (release) 01/03/21-14:53

eventd v2.2.1 (release) 99/07/19-20:17

sapd v2.2.1.1 (release) 00/03/31-17:56

fileXfer v2.2.1 (release) 99/07/19-20:22

I wanted to install the new Senserversion (Cisco IDS 3.0(2)S9 ) so i need to upgrade theDIRECTOR to 2.2.3. When i want to install the new directors software the follow message appeared:

Installing ......

You are attempting to install the Posoffice update.

It must be installed on existing version 2.2.1

Your system has version []

Unable to update.

whats wrong and what can i do??? Please help bc our Sensors are now running on 3.0!!!

questions 2:

Our Netrranger are connected to 2 6000 Switch in Native IOS (FULLIOS) is ist there possible to make a TCP Reset? Because normale you have to confiure the span port "inpkts enable" but how does it work with "session monitor..." ??


greeting from austria, vienna


Cisco Employee

Re: Some Questions

In regards to question 1 - Does the entire 2.2.3 install fail or just the Postoffice update portion. If you already have the version of the PO and everything installs correctly, you can safely ignore the PO update error message. The PO is already at the latest rev.

If the PO update failure is aborting the 2.2.3 install then try commenting out the following line in the 2.2.3 install script - '$FSNAME/idd-po-sol-sparc- install | tee -a $logFile'. You don't need to install it since you are already at the appropriate rev level.

Cisco Employee

Re: Some Questions

As for the switch issue. You are correct that Cat IOS does not have the inpkts enable feature, and more importantly does not have the learning disable feature for the span/monitor port. I am not sure if Cat IOS does allow the Reset packets in from the monitor port. And if it does, then it is likely that the packets coming in will cause problemsd with the CAM tables, because we currently spoof both the source and destination mac addresses of the packets and these mac addresses would then wind up being mapped to the span/monitor port instead of the actual ports.

We are looking into addressing the mac address issue in a future release of the IDS appliance, but whether or not the switch allows packets in from a monitor port would have to be tested, or confirmed by someone more familiar with Cat IOS.