Cisco IPS 7.1 Installation Guide Page 323

  • Download
  • Add to my manuals
  • Print
  • Page
    / 422
  • Table of contents
  • TROUBLESHOOTING
  • BOOKMARKS
  • Rated. / 5. Based on customer reviews
Page view 322
E-53
Cisco Intrusion Prevention System Appliance Hardware Installation Guide for IPS 7.1
OL-24002-01
Appendix E Troubleshooting
Troubleshooting the Appliance
Or you can use the system image file to reimage the sensor directly to the version you want. You can
reimage a sensor and avoid the error because the reimage process does not check to see if the Analysis
Engine is running.
Caution Reimaging using the system image file restores all configuration defaults.
For More Information
For more information on running the setup command, see Appendix B, “Initializing the Sensor.
For more information on reimaging your sensor, see Chapter D, “Upgrading, Downgrading, and
Installing System Images.
Which Updates to Apply and Their Prerequisites
You must have the correct service pack and minor and major version of the software. If you are having
trouble with applying new software, make sure that you are applying the proper updates with the proper
prerequisites:
Signature updates require the minimum version and engine version listed in the filename.
Engine updates require the major or minor version in the engine update filename. Service packs
require the correct minor version.
Minor versions require the correct major version.
Major versions require the previous major version.
For More Information
To understand how to interpret the IPS software filenames, see IPS Software Versioning, page C-3.
Issues With Automatic Update
Caution In IPS 7.1(5)E4 and later the default value of the Cisco server IP address has been changed from
198.133.219.25 to 72.163.4.161 in the Auto Update URL configuration. If you have automatic update
configured on your sensor, you may need to update firewall rules to allow the sensor to connect to this
new IP address.
The following list provides suggestions for troubleshooting automatic updates:
Run TCPDUMP:
Create a service account. Su to root and run TCPDUMP on the command and control interface
to capture packets between the sensor and the FTP server.
Use the upgrade command to manually upgrade the sensor.
Look at the TCPDUMP output for errors coming back from the FTP server.
Make sure the sensor is in the correct directory. The directory must be specified correctly. This has
caused issues with Windows FTP servers. Sometimes an extra “/” or even two “/” are needed in front
of the directory name. To verify this, use the same FTP commands you see in the TCPDUMP output
through your own FTP connection.
You must use the Windows FTP server setup option to emulate UNIX file structure and not MS-DOS
file structure.
Page view 322
1 ... 322 323 324 ... 422

Comments to this Manuals

No comments