Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
New Member

IronPort S100v update fails

We just got our web filter back online and its been offline since jan/feb time. I have the Update Servers list using the "Cisco Ironport Update servers" option checked under "Update Setting for Security Services". I then go to Web Reputation and Malware to update the Web Reputation Engine and etc and it all fails to fetch the manifest. I've even tried inputting the server manually ( port 443) and still fails. Any suggestions?

Everyone's tags (1)
New Member

I can also telnet to update

I can also telnet to port 443. but fail to fetch manifest on every update.


Hi,For the virtual WSA, you


For the virtual WSA, you would need to configure the update server:, but this needs to be configured from the CLI using the updateconfig command

Here are the steps:


Choose the operation you want to perform:
- SETUP - Edit update configuration.
[]> dynamichost

Enter new manifest hostname:port

Choose the operation you want to perform:
- SETUP - Edit update configuration.
[]> <Enter>

vWSA> commit

Changes committed: Mon Nov 11 11:20:01 2013 GMT

vWSA> updatenow

- IF the updates still do not work, make sure you have a valid license installed and it is active.

Do Rate if Helpful




New Member

ok i just tried going through

ok i just tried going through those steps and it seems that it was already configured for that manifest hostname. The license is current and active. we just got it from Cisco a few weeks ago.


Hi, In that case please try



In that case please try the following steps:


- Make sure have connections allowed to that server. telnet to " 443" and make sure the connection is allowed.

- Sometimes even when you see license installed, it is not installed correctly and that's why the updates do not work. If possible try to replace the license key and then check the updates.




New Member

telnet was successful.

telnet was successful. everything seems fine. feature keys are active but ill double check on the license key. 



Cisco Employee

Cisco Licensing had an issue

Cisco Licensing had an issue recently.  Go ahead and go to the SSH and run the command 'show license'.  I can't recall off the top of my head, but if your VLN # is 8 digits, you may have been affected.

The root cause is that when the appliance connects to update-manifests, it will identify itself using the VLN #.  The update manifests server should have a record of it.  If it does not, the connection ends.  There was a spreadsheet I saw of all affected customers.  You may be amongst one of them.  Doesn't hurt to check.

I recommend opening a TAC case on this to confirm.  The solution would be to get another license XML file.

New Member

ok I believe that may be the

ok I believe that may be the issue. After running showlicense command my VLN# is VLNWSAxxxxxxxx. so 8 digits trailing behind "VLNWSA". Ill open a case. 

Thanks all for your help. 

CreatePlease login to create content