cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

8193
Views
20
Helpful
12
Replies
harshalp
Beginner

getting FAILED 200_pre/006_check_snort.sh error while upgrading FTD image on ESX server from 6.1.0 to 6.2.0

Hello ,

I have been trying to upgrade virtual FTD from 6.1.0 to 6.2.0 image. but getting following error 

[170202 12:46:39] FAILED 200_pre/006_check_snort.sh
**********************************************************
[170202 12:46] Starting script: 200_pre/006_check_snort.sh
Entering 200_pre/006_check_snort.sh...
Snort build is too old. Please apply AC Policy from DC before attempting upgrade.

as per above error said I have again applied  AC Policy to sensor but error could not get resolved ...

so I have tried another way to deregister the sensor from FMC which run on 6.2.0 -353 version and register again and start the update again ..but this process also not helped much and getting same above error.  

It would be great if someone help me to resolve the above error .

 

12 REPLIES 12
Marvin Rhoads
Hall of Fame Guru

Try downloading and installing the latest SRU (Snort Rules Update) on your FMC first. After you do that, redeploy the Access Control (AC) policy to your device.

Procedure:
Step 1 Choose System > Updates.
Step 2 Click the Rule Updates tab.
Step 3 If you want to move all user-defined rules that you have created or imported to the deleted folder, click Delete All Local Rules in the toolbar, then click OK.
Step 4 Choose Download new Rule Update from the Support Site.
Step 5 If you want to automatically re-deploy the changed configuration to managed devices after the update completes, check the Reapply all policies after the rule update import completes check box.
Step 6 Click Import.


The system installs the rule update and displays the Rule Update Log detailed view.

Caution Contact Support if you receive an error message while installing the rule update.

Hi Marvin,

Thanks for the response!

I installed latest SRU and even VDB on FTD devices but still upgradation get failed. Still getting same error.

[170202 12:46] Starting script: 200_pre/006_check_snort.sh
Entering 200_pre/006_check_snort.sh...
Snort build is too old. Please apply AC Policy from DC before attempting upgrade.

Were you ever able to resolve your issue?  I'm running into the same exact error.

Thanks,

Greg

Also getting the same error even though the latest rules are already installed and applied.

"Snort version is too old. Please apply AC Policy from FMC before attempting upgrade."

 

I'm attempting to update from 6.2.0.2 to 6.2.2-81

Is your FMC set to update Snort rules from the support site? (System > Updates > Rule Updates).

 

What does your FMC show as the current rule (Dashboard > Summary Dashboard > Status)? The current set as of today should be 2017-09-25-001-vrt

Sure, the Snort rules are set to update daily.

Last update succeeded at 2017-09-28 23:05:13.

 

My FMC shows "2017-09-27-002-vrt " as the current rule update.

 

 

When your recurring job updates the rules on FMC have you also checked the box to "Deploy updated policies to targeted devices after rule update completes"?

 

FMC Rule update setting.PNG

 

You can also drill down on the sensor cli itself to check the installed Snort rules version.

This worked for me!  Upgrading to version 6.4.0 on a new device.

Thanks!

srue
Rising star

I'm getting the same error on my 8350 appliance 

FAILED  200_pre/006_check_snort.sh

I'm trying to upgrade to 6.2.0-362.  

I gues you've already figured this one out, but in case you didn't, you need to re-deploy the policies to the sensor after the SMC upgrade, and then it all should go well with the sensor upgrade.

Thanks - that was exactly my issue!

Thats correct. after the FMC upgrade need to deploy policies on the FTDs before starting the FTD upgrades.

Thanks Pamela

Content for Community-Ad