cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.

2600
Views
0
Helpful
11
Replies
FRANK SCHADE
Beginner

ACS upgrade from 5.3.0.40.7 to 5.4.0.46 fails

message on ACS server:

LI-LP-ACS01/DC-admin# application upgrade ACS_5.4.0.46.tar.gz FTP

Do you want to save the current configuration ? (yes/no) [yes] ?

Generating configuration...

Saved the running configuration to startup successfully

% Manifest file not found in the bundle

LI-LP-ACS01/DC-admin#

 

But it can be found in the tar file also be opened:

<?xml version="1.0" encoding="UTF-8"?>

<!--**************************************************-->

<!-- Copyright (c) 2009, 2010, 2011, 2012 Cisco Systems, Inc.-->

<!-- All rights reserved.-->

<!--**************************************************-->

<!-- The following tags are added from updatecars file after CARS upgrade for CSCty40511.-->

<!-- security,udpport,tcpport,ipv6udpport,ipv6tcpport,postBackup,preRestore.-->

<application><name>acs</name><objectid>1.3.6.1.2.1.47.1.1.1.1.13.1</objectid><description>Cisco Secure Access Control System 5.4</description><pkgtype>CARS</pkgtype><installtype>initial</installtype><remoteauth>no</remoteauth><packages><rpm>acs-5.4.0.46-B.221.i386.rpm</rpm><rpm>acsview-5.4.0.46-B.221.i386.rpm</rpm></packages>

<!-- version number used for upgrade -->

<versionnum>5.4.0.46.0</versionnum>

<!-- script that prints ACS version -->

<version>/opt/CSCOacs/bin/version.sh</version>

<!-- script that backs up ACS -->

<backup>/opt/CSCOacs/bin/fullbackup.sh</backup>

<!-- script that restores ACS -->

<restore>/opt/CSCOacs/bin/restore.sh</restore>

<!-- script that backups the logs -->

<logcommand>/opt/CSCOacs/bin/backuplogs.sh</logcommand>

<!-- script that resets acs db -->

<resetconfig>/opt/CSCOacs/mgmt/cli/bin/reset-config.sh</resetconfig><memory>200</memory><disk>50</disk><reboot>Yes</reboot><license><required>No</required><trial>No</trial><location/></license><dependencies><rpm>CARSysApi</rpm></dependencies>

<!-- where is the init script -->

<init>/opt/CSCOacs/bin/acs-for-cars-cli</init>

<!-- directory of logs -->

<logs>/opt/CSCOacs/logs</logs>

<!-- script to handle system config changes -->

<cfgnotify>/opt/CSCOacs/mgmt/cli/bin/config-notify.sh</cfgnotify>

<!-- CSCsv54840 text to be added to /etc/syslog.conf for adclient debug -->

<applogcfgentries>/opt/CSCOacs/config/syslog-config.txt</applogcfgentries></application>

11 REPLIES 11
mauzamor
Beginner

Hi Frank,

I have seen a couple of scenarios that could cause something like this, the most common are:

-Upgrade file is corrupted, check the MD5 checksum of your downloaded file with the Cisco information:

MD5 Checksum:    2c47fcb0cd7f88ca1db1b782f64ebd45

-Virtual machine running less than 500 GB, there is already a bug opened for this situation:

"CSCty84760 upgrade: Manifest file not fonnd issue with 60GB VMWare"

Also try with a different FTP application just to check the behavior, let me know if you are hitting any of the above items.

Hi Mauricio

thanks for the  prompt hint; md5 sum is ok and other ftp server shows the same behaviour.
But we use less than 500GB

Currently the software bug toolkit shows:
"We apologize, but the information contained within bug ID CSCty84760 is currently under review for publishing on Bug Toolkit.".
Will check later to see whether it's worth to wait for a fix instead of wasting half Terra of disc space...

regards
Frank

Frank,

Checking the bug toolkit page seems like the information is just for Cisco employees so you won't be able to see it, basically says that for VM with less HD than 500 GB the upgrade will not work.

The workaround Frank is to get a configuration backup of your current ACS settings, reimage the unit with the 5.4 ISO and then restore the configuration.

We only recommend to upgrade if you really need a fix in the  new code, if the server works fine now then it's not necessary the upgrade. If you need something else just let me know.

Rate if it helps!

Hi Mauricio

the upgrade was recommended that a backup can be done cause vm-tools should be integrated there.

Will see how  we want to proceed

regards
Frank

I'm in the same boat; however I'm having a problem doing the restore after a re-image with 5.4; the restore fails with "Backup file does not match installed application"

The command I'm running is "restore backupfile.tar.gpg repoository SFTP_SERVER"

Keep me posted Frank.

Which command did you use to collect the backup file? There are multiple backup files in the ACS 5.x.

In exec mode I ran "backup TEST1 repository SFTP_SERVER"

Hey all... having similar issues going from 5.1.0.44 patch 4 -> 5.4.0.46.

Do we need to take an interim upgrade path?

Thanks,

Rob.

You cannot upgrade directly from 5.1 to 5.2. You would need first to upgrade to 5.2 and then subsequently to ACS 5.4

Additional comment while I am here; if upgrading from ACS 5.3 you should install patch 7 before the upgrade

Thanks jrabinow - I can confirm that I've just completed an upgrade by jumping from 5.1p4 -> 5.2p11 -> 5.4.  We have much more testing to do, but initial tests are good.

Cheers,

Rob.

I also went for the re-imaging and didn't experience an issue with backup and restore (from acs only)

Create
Recognize Your Peers
Content for Community-Ad

ISE Webinars


Miss a previous ISE webinar?
Never miss one again!

CiscoISE on YouTube