Thanks for the info. I need the 5.0(5p1) patch, otherwise the sensors hang when installing signatures. I assume that the patch will be available someday in 5.1.1x. Will I still not be able to install 5.1.1x, or do you think that they will fix the version problem also? Maybe you can give development a hint. Thanks.

In looking though the patch notes it looks like CSCsb84996 is the bug you are referring to. That bug in 5.0 has a corresponding bug that was found and fixed during 5.1 testing and development prior to when 5.1 was released: CSCsb90776

The fix for 5.1 was added in before 5.1 released, and was then the fix was backported into the 5.0 version as part of the 5.0(5p1) patch.

So if you can get your sensor to 5.1(1) you should be good to go (no additional update should be needed since the fix is already in 5.1(1)).

NOTE: 5.1(1a) and 5.1(1) are pretty much the same thing. 5.1(1a) just has one additional bug fix to carry the event action rules configuration forward from version 5.0 to 5.1.

So how to get your sensor to 5.1(1).

The 5.0(5p1) Patch fixes should roll up into an official 5.0(6) Service pack.

The 5.1(1a) upgrade package should recognize the 5.0(6) as an official release version (the install script recognizes Service Packs but not Patches).

So an upgrade to 5.1(1a) from 5.0(6) should work fine. So you could wait until the 5.0(6) Service Pack is released.

[NOTE: If during 5.0(6) testing they found issues with upgrading to 5.1 they would also release a 5.1(1b) at the same time to address the upgrade issues, and possibly even a 5.1(2) Service Packs to keep the 5.1 version up to date with any latest fixes.]

If you don't want to wait for the 6.0(6) Service Pack ( I have no idea when it will release), then try the following:

1) Save off your current configuration on to your desktop into a text file.

2) Execute the "recover application-partition" command to get back to either 5.0(1) or 5.0(2) depending on what your recovery partition was set to.

3) Run setup just to check that the basic network settings are still in place (leave the virtual sensor configuration at the defaults).

4) Now go ahead and upgrade straight to 5.1(1).

5) Now on 5.1 apply the latest Signature Update. The 5.1(1) has the fix already so the Signature Update shoudl apply fine.

5) Now that 5.1(1) and the latest sig are installed, you can try applying your saved off 5.0 configuration.

Everything from your 5.0 saved off configuration should be able to be applied directly on to 5.1.

You may just have to be carefull with your cutting and pasting. Some of the commands may come back with prompts that you will need to respond to (like the Apply Changes prompt on the exit of each service configuration section, or prompts for double typing of passwords) so I would suggest pasting in the configuration in small chunks so you can spot these additional prompts that show up and answer them appropriately.

6) And last you would need to re-create any additional user accounts that were on the sensor.

The difference between the above steps and the ones previously are that the sig update doesn't get installed until After 5.1 is installed.

And because your config may have tunings for some later sigs you would also not apply your configs until after the sig update is installed so applying your config is the last step in the process.