cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

386
Views
5
Helpful
6
Replies
Highlighted
Beginner

Botnet filter not updating

Hello,

We just renewed our botnet filter license, but when trying to update the dynamic filter database, we recieve an error. Any ideas?

novi-asa/pri/act# debug dynamic-filter updater-client
novi-asa/pri/act# terminal monitor
novi-asa/pri/act# dynamic-filter database fetch
Dynamic Filter: Updater client fetching data
Dynamic Filter: update starting
DBG:01:4067307711:7fff335f5d28:0000: Creating fiber 0x7fff562323a0 [ipe_request_fiber], stack(16384) = 0x7fff4d9db470..0x7fff4d9df468 (fc=2), sys 0x7fff1e9327c0 (FIBERS/fibers.c:fiber_create:544)
DBG:02:4067307753:7fff562323a0:0000: Jumpstarting ipe_request_fiber 0x7fff562323a0, sys 0x7fff335f5ca0 (FIBERS/fibers-jumpstart.c:_fiber_jumpstart:36)
Dynamic Filter: Created lua machine, launching lua script
DBG:03:4067310117:7fff562323a0:0000: Connecting to 00000000:1 (SAL/netsal.c:netsal_client_sock_connect:323)
DBG:04:4067310143:7fff562323a0:0000: otherPifNum 4, nexthop4 13ef34d (SAL/netsal.c:netsal_client_sock_connect:374)
DBG:05:4067310151:7fff562323a0:0000: about to call netsal__safe_encapsulate for (sal-np/ssl/CONNECT/4/208.90.58.5/443/M/0/NOTUNGW) (SAL/netsal.c:netsal_client_sock_connect:446)
DBG:06:4067310402:7fff562323a0:0000: connection timeout set for 10 seconds (SAL/netsal.c:netsal_client_sock_connect:473)
ERROR: Dynamic Filter: update failed
novi-asa/pri/act# DBG:07:4067884158:7fff562323a0:0000: Channel NP p=0x7fff1eb3ae00 0/0 more buffered (SAL/channel-np.c:_sal_np_close:951)
Dynamic Filter: Successfully finished lua script
DBG:08:4067884967:7fff562323a0:0000: Fiber 0x7fff562323a0 finished leaving 3 more (FIBERS/fibers-jumpstart.c:_fiber_jumpstart:64)
DBG:09:4067884974:7fff562323a0:0000: Exiting fiber 0x7fff562323a0 (FIBERS/fibers.c:fiber__kill:1287)
DBG:10:4067884980:7fff562323a0:0000: Fiber 0x7fff562323a0 terminated, 2 more (FIBERS/fibers.c:fiber__kill:1358)
Dynamic Filter: Failed to connect to updater server

Dynamic Filter updater client is enabled
Updater server URL is https://update-manifests.ironport.com
Application name: threatcast, version: 1.0
Encrypted UDI: 0bb93985f42d941e50dc8f022350d1a811d4ca1c1a07a2d63596fb599d2dd00ccf8e2d847f16ec1c6ff6cbb384a91b28
Last update attempted at 12:36:04 CEDT May 20 2016,
with result: Failed to connect to updater server
Next update is in 00:24:44
No database file
6 REPLIES 6
Highlighted
Beginner
Beginner

Same here :(

Same here :(

<snip>

Dynamic Filter: Updater client fetching data
Dynamic Filter: update starting
DBG:01:228214043:ce0f9394:0000: Creating fiber 0xd06913c0 [ipe_request_fiber], stack(16384) = 0xd06ba2e0..0xd06be2dc (fc=2), sys 0xc81e2c2c (FIBERS/fibers.c:fiber_create:544)
DBG:02:228214180:d06913c0:0000: Jumpstarting ipe_request_fiber 0xd06913c0, sys 0xce0f9348 (FIBERS/fibers-jumpstart.c:_fiber_jumpstart:36)
Dynamic Filter: Created lua machine, launching lua script
DBG:03:228227693:d06913c0:0000: Connecting to 00000000:87710416 (SAL/netsal.c:netsal_client_sock_connect:323)
DBG:04:228227785:d06913c0:0000: otherPifNum 3, nexthop4 17c5953 (SAL/netsal.c:netsal_client_sock_connect:374)
DBG:05:228227866:d06913c0:0000: about to call netsal__safe_encapsulate for (sal-np/ssl/CONNECT/3/208.90.58.5/443/M/0/NOTUNGW) (SAL/netsal.c:netsal_client_sock_connect:446)
DBG:06:228228490:d06913c0:0000: connection timeout set for 10 seconds (SAL/netsal.c:netsal_client_sock_connect:473)
ERROR: Dynamic Filter: update failed
vpn# DBG:07:228823965:d06913c0:0000: Channel NP p=0xc84210e0 0/0 more buffered (SAL/channel-np.c:_sal_np_close:951)
Dynamic Filter: Successfully finished lua script
DBG:08:228826192:d06913c0:0000: Fiber 0xd06913c0 finished leaving 3 more (FIBERS/fibers-jumpstart.c:_fiber_jumpstart:64)
DBG:09:228826259:d06913c0:0000: Exiting fiber 0xd06913c0 (FIBERS/fibers.c:fiber__kill:1287)
DBG:10:228826313:d06913c0:0000: Fiber 0xd06913c0 terminated, 2 more (FIBERS/fibers.c:fiber__kill:1358)
Dynamic Filter: Failed to connect to updater server

<snip>

Highlighted

i have the same problem

i have the same problem

please help

Highlighted
Beginner

They probably put everyone on

They probably put everyone on AMP and Sourcefire. I am rather concerned they wont let me open a case on my firewall cause I have no contract which is irrelevant since the problem is a licensed service and on a device I plan to replace soon.

Highlighted
Beginner

DBG:05:1764615488:cde9e880

DBG:05:1764615488:cde9e880:0000: about to call netsal__safe_encapsulate for (sal-np/ssl/CONNECT/3/208.90.58.5/443/M/0/NOTUNGW) (SAL/netsal.c:netsal_client_sock_connect:446)
DBG:06:1764616009:cde9e880:0000: connection timeout set for 10 seconds (SAL/netsal.c:netsal_client_sock_connect:473)
ERROR: Dynamic Filter: update failed

I think they have a server down

Highlighted
Beginner

The  " ssl encryption aes128

The  " ssl encryption aes128-sha1 aes256-sha1 3des-sha " command worked for me.

Highlighted
Beginner
Beginner

Hi jhonaceti :)

Hi jhonaceti :)

indeed that helped! Infact, i had all 3 + 2 DH algorithms and it didnt work... Even with different the stronger algorithms moved down the list...

Cheers and thanks.