Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

RVS 4000 Email responses that need addressing

I have been bounced around between Cisco and Linksys for months….

I have two simple questions… One I know the answer on… the second, I haven’t a clue…

I have corresponded with 12-15 people at Linksys, and Cisco…


Their last answer is I should contact you….  So… Here goes…. The 16th person I’m requesting this information from….. (I can’t believe that Linksys/Cisco can’t answer these simple questions!)

Seeing that I've been checking for new firmware and IPS downloads from the Cisco site for months now, and not seeing any new downloads......

And Seeing that I'm getting nagging emails that my IPS Signature is too old, Please Update it!!!!

And Seeing that I'm still getting emails that I don't understand from the RVS 4000: -IPSEC EVENT: KLIPS device ipsec0 shut down

and I can't seem to understand How or Why it is happening, and have read manual cover to cover, and all the FAQ's, and can't upgrade it because there is no current software......

I sent the following email to cs-support-us@cisco.com :

Hello. Have an RVS4000 Router, being used as a Gateway...

I have emails enabled, so that I'll be informed whenever there is greater than a set level of threats.... However...
If I check the logs, there are no threats... Yet....

I keep getting the following emails:
Your Signature Version is beyond 143 days. Please Update it!

I've also been getting the following emails:
-IPSEC EVENT: KLIPS device ipsec0 shut down

I'm using V1.40 IPS signature, and V1.2.11 firmware....

Yet I keep getting these emails...

I can't update the IPS Signature Version if you don't provide it!!! And you aren't!

Secondly, WHAT THE HECK DOES: "-IPSEC EVENT: KLIPS device ipsec0 shut down" MEAN????

May I suggest that the next version of firmware have options to disable the IPS "Nags" if you are not planning on writing any more code?

And, What the Heck does: "-IPSEC EVENT: KLIPS device ipsec0 shut down" mean?

Sincerely

Jan Janowski

42 REPLIES
Community Member

Re: RVS 4000 Email responses that need addressing

And in case you don't believe that I haven't tried for a long while to get an answer to this.....

Please visit this link:  http://www.dslreports.com/forum/r22733060-RVS-4000-Support-email-to-Cisco

This is only the last half of the communications I've had with Cicso/Linksys on this..

The last information I received was to log in here, and another user would respond to my questions with suggestions....

So, here I am.... With the same two questions I've had for months, after being ignored multiple times by both Linksys and Cisco... Yeah, my attitude stinks right now.... do you fault me for that? 

Re: RVS 4000 Email responses that need addressing

Hello,

I can address the one question.

We  do have new signature file for RVS4000, it’s under testing , we should be able  to post as soon as it is approved.

The other issue I am not aware of and have not seen, but you can call the Small Business Support COmmunity on 1-866-606-1866 and open a case.

Steve D

SE

Field Channel Sales team

Community Member

Re: RVS 4000 Email responses that need addressing

Thank you, Steve.... Obviously, I knew it would take something like this to fix the "Please Update IPS" emails...

Maybe on next firmware you can make this message an option... ??

Other than these two emails, system is working fine.

More information:

RVS4000 Being used as Gateway, not Router. with Wan being 10.x.x.x and Lan being 192.x.x.x Router is BEFSX41

No VPN

Blocking all but skype

Mix of Gigabit and 100Mb connections

No IP, Mac, or time blocks.

Emails set to send email after 3 threats.  Both Incoming and Outgoing logs are empty.  I've checked logs prior to and after

this email,  and always found them  empty.

at another forum, I posted asking what -IPSEC EVENT: KLIPS device ipsec0 shut down  ---means

and someone found reference to this being a 'VPN related command' for Linux kernel 2.4

Again, I don't know Linux, nor am I using VPN in either RVS4000 or BEFSX41 (both  are locked off).

Community Member

Re: RVS 4000 Email responses that need addressing

Email just received from RVS4000:

Aug 14 23:02:31 - IPSEC EVENT: KLIPS device ipsec0 shut down.

At that time, no computers were on. We were in bed...

I've received these emails with, and without computers being on.

Re: RVS 4000 Email responses that need addressing

Jan,

While we are waiting for a new IPS sign. file, can you try reinstalling the existing signature file? It will be the same version you already have.   This is a test to see if the message will stop (it may).

Steve

Community Member

Re: RVS 4000 Email responses that need addressing

Will reloading V1.40 IPS fix this email?

Aug 17 21:03:16 - IPSEC EVENT: KLIPS device ipsec0 shut down.

or are you thinking it  will reset the timer on the:

Your Signature Version is beyond 186 days. Please Update it!  Email?

Re: RVS 4000 Email responses that need addressing

Hi Jan,

Thanks for the feedback.  I also checked with the Product Engineering and test team and they told me that message you see is a message from the underlying Kernel that the VPN session was restarted.    This could be due to any interruption of service on the WAN. 

Steve

Community Member

Re: RVS 4000 Email responses that need addressing

Thanks very much....  So this service starts even when VPN is not used?

Re: RVS 4000 Email responses that need addressing

Yes, it does.

Steve

Community Member

Re: RVS 4000 Email responses that need addressing

I've let a few days go by since the last answer..... To see if anyone would post answers to my origional questions.... and now it begs to be asked again...

My first post contained questions still un-answered....

Why is there not a software switch to turn off nag emails about IPS signature date?

Why is cryptic email messages being sent at all, seeing that I've told the system NOT to email me until there is 3 or more simultaneous threats?

Seeing that both incoming and outgoing logs are EMPTY, Why am I getting emails at all?

Why is it that it took MONTHS and MONTHS of Emailing Linksys, Cisco, and now Cisco Small Business the above question, and instead of answering the questions, everybody seems content with just suggesting I contact someone else?

Yes, I could reload existing IPS file, and that may shut up the emails....But:  WHY SHOULD I HAVE TO DO THIS?

I'm  still patiently awaiting an updated IPS file..... WHEN will it be released?

And Finally, When will new Firmware be released for the RVS4000 that will contain software swtiches to turn off "Nag" emails?

Community Member

Re: RVS 4000 Email responses that need addressing

It's been a month since I've been told that a new IPS file for the RVS4000 was "immanent"

Is it "Immanent"  YET?????

Community Member

Re: RVS 4000 Email responses that need addressing

Yes common Cisco/Linksys this is starting to be a joke, when will the IPS update file be released?

I have been patiently watching this thread the website IPS file section for an update for some time and it's now beyond frustrating :(

This product is supposed to be for small business and my client is starting to question why I recommended this product.

If you can't provide a regular signature file then at least offer a service for this or don't bother selling the product with a IPS feature/function.

Can you advise if this file is going to be released on a regular basis so I can inform my client and put his mind to rest?

Thanks.

Re: RVS 4000 Email responses that need addressing

hi Kpawson,

If you customers are really concerned or serious  about security,   one service that was introduced to allow you as a VAR to make some more money off the RVS4000 was the resale of the protectlink functionality.  This is something that you can manage for your customers. Check out the URL below and the  functionality of using protectlink within the RVS4000.

http://www.cisco.com/en/US/prod/collateral/vpndevc/ps5739/ps5723/ps9952/ps9953/data_sheet_c78-502732.html

Hope you find this interesting.

regards Dave

Community Member

Re: RVS 4000 Email responses that need addressing

Actually, it sounds like you are passing the buck to someone else...

Please note, it took MONTHS to get a simple answer from anyone, and the answer I received wasn't an answer at all, but a side-step of the entire issue.

One of the side-steps was a promise of a new IPS file...  Where is it?

Second answer didn't tell me how to get the emails to stop, or idicate how I could mask them... just explained that a service that I don't even USE, (VPN)

was causing it!


Come on!   How about some support!

Community Member

Re: RVS 4000 Email responses that need addressing

I see that V1.3.0.5 Firmware has been Posted!!!

I'm printing out information on it, and looking at my notes, and printouts from prior (1.2.11) settings.... so that I can do a smooth upgrade, when the time comes...

I've not found any information indicating that V1.40 IPS file should be used with the new V1.3.0.5 firmware..... 

Would someone please confirm this, or suggest to wait for updated IPS file?

Thanks!

Community Member

Re: RVS 4000 Email responses that need addressing

Nice Job Cisco and it works great... now just the IPS file and it's happy times again :)

My client is not interested in the Trend Additional subscription at this stage, he has not been happy with the lack of attention to the basic unit and is still considering using another product. He will need to spend more on another product, however it may equal out if he has to pay for the Trend component.

Thanks

Community Member

Re: RVS 4000 Email responses that need addressing

Gentlemen,

Here is a link to the IPS signature and firmware.

http://tools.cisco.com/support/downloads/go/Model.x?mdfid=282414013&mdfLevel=Model&treeName=Routers&modelName=Cisco%20RVS4000%204-port%20Gigabit%20Security%20Router%20-%20VPN&treeMdfId=268437899

They are independent of each other, meaning just because you update one does not mean you must update the other. There is not currently a way to turn off the notification emails that are sent when your IPS signature is too old. The trend subscription is designed to help you filter (by web address) the locations your users can go, and it can also filter your email. The administration guide for the product (88 pages/7MB in size) explains each of these features and how to activate them.

As you can see when you download the IPS signature, it was released back in February of this year. I understand how difficult it can sometimes be to navigate the Cisco site as there are multiple ways to find the same information. I hope this helps.

Bill

Community Member

Re: RVS 4000 Email responses that need addressing

The IPS signature is the same one, not new..... V1.40

I'm all set to upgrade to the new V1.3.0.5     Until I heard on DSLReports that V1.3.0.5 is not compatable with Firefox V3.5

I need Firefox for my beta work...

Can you please confirm or deny that this firmware works with Firefox V3.5, Please?

Community Member

Re: RVS 4000 Email responses that need addressing

When you hear that it is not compatible with Firefox, what that really means is when you open the web interface of the router you should use internet explorer. The web pages display differently in browsers other than IE. I have even heard bug reports about the url filtering only working when the users are using IE. Meaning when the users open Firefox they can get to web sites they were not able to get to in IE.

Generally, we recommend using IE for configuring your router. Firefox will work with our devices but they were built to be compatible with the masses and it has only been the past year or two that Firefox and other browsers have made a run on windows machines. Actually it was only recently that Microsoft even acknowledged that Linux was actually a competitor of theirs.

When performing your upgrade, I recommend exporting the current configuration. Then perform the upgrade to the firmware. Once the firmware has upgraded successfully, reset the unit back to factory defaults (via the button on the unit/ hold for 30 seconds) and then MANUALLY reconfigure the unit. I have experienced issues importing old configs when moving to a new firmware. Sometimes with firmware upgrades they change the location (file tree) of some items which causes problems importing an old config.

Bill

Community Member

Re: RVS 4000 Email responses that need addressing

Thanks for the post and info Bill, however I think Jan and I already know the IPS signature file is downloaded from another link and not with the firmware.

What we are saying is that it's not very acceptable to have an IPS signature with a date of Feb 2009 and it's now Sep 2009 and in addition to this the unit itself is complaining about the lack of updates.

It would be good if Cisco could release these on a regular basis and even better if the unit itself could download and apply the signature like most other firewall/IPS devices on the market.

Jan I actually used FF 3.5 just before to manage the device with no problems.

Thanks

Community Member

Re: RVS 4000 Email responses that need addressing

I can definitley appreciate the idea of automatic updates! I also don't see why this has not been something we have tried to take adavantage of (maybe a hardware limitation?). I do know that any time a company designs software it has to go through a legal process and be approved to be released. Often times that is the hold up on our firmware and such (quick vpn client, IPS signatures, etc..). It is good to hear that you were able to successfully use FF 3.5, I will pass this on to the rest of my team.

Bill

Community Member

Re: RVS 4000 Email responses that need addressing

If it's just Config that FF isn't working with, I can certainly live with that... Usually I configure the router off-line,replacing it with a BEFSX41 set for same settings... and once configured offline, swap it back into the location where it will be used.... 

I understand configuring manually, as I ran into issues with the SX41 not remembering exported settings after upgrade... So that has always been my operation here.

In the convoluted bunch of emails that went on for 3-4 months prior to me finding this location....  One of the emails indicated a month or more ago that a New IPS for the RVS4000 was in final test, and would be released "Real Soon Now"....  That same person was un-aware of new firmware being evident....

Is a New IPS signature file forthcoming, and Should we wait for it prior to the V1.3.0.5 upgrade?

Silver

Re: RVS 4000 Email responses that need addressing

I would go ahead and back up your configs and do the upgrade, then factory reset the router and reload the firmware and signature files.

Community Member

Re: RVS 4000 Email responses that need addressing

Good Afternoon,

The IPS update was released last week to the following link.  They also posted the newest firmware at the same time.  I have had this firmware and signature installed since the day of release with no problems.

I hope this fixes any issues or questions for you

http://tools.cisco.com/support/downloads/go/Model.x?mdfid=282414013&mdfLevel=Model&treeName=Routers&modelName=Cisco%20RVS4000%204-port%20Gigabit%20Security%20Router%20-%20VPN&treeMdfId=268437899

Have a great day

Community Member

Re: RVS 4000 Email responses that need addressing

The link you posted still shows V1.40 as the IPS file.... Does someone see something else?

Community Member

Re: RVS 4000 Email responses that need addressing

1.4 is the newest IPS for the RVS4000, it went from 1.3 to 1.4

Are you having problems with ver 1.4.  If so what is your case # at the SBSC so I can escalate the issue if needed

Community Member

Re: RVS 4000 Email responses that need addressing

David

In your post before you are saying that the IPS update was released last week with the firmware, however the version on the website that I see is Version 1.4 dated 3rd February 2009 as listed below.

ciscoipsfile.JPG

I don't understand, is it that the file was updated but not posted to the site or has the release date text not been updated?

Thanks

Keith

Community Member

Re: RVS 4000 Email responses that need addressing

I was going to post the same thing... A month ago, during one if the emails that led me here, I was informed that a new IPS was in "Final Test"..

Is there an impending new IPS?

Community Member

Re: RVS 4000 Email responses that need addressing

I will have to contact the PE for the RVS4000, we currently do not have any pending IPS update that I have been told about.

I will post when I get the feedback from the engineering group

Have a great day :)

11363
Views
0
Helpful
42
Replies
CreatePlease to create content