Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1919
Views
0
Helpful
5
Replies

global-correlation does not update.

Go to solution
Erik.Verkerk_2
Level 1
Level 1

‎03-15-2011 07:20 AM - edited ‎03-10-2019 05:18 AM

Hi all,

I have a problem to update the global-correlation. I do get updates for the signatures in the IPS but see output below regarding the global-correlation;

==========================================

show statistics global-correlation
Network Participation:
   Counters:
      Total Connection Attempts = 0
      Total Connection Failures = 0
      Connection Failures Since Last Success = 0
   Connection History:
Updates:
   Status Of Last Update Attempt = Failed
   Time Since Last Successful Update = never
   Counters:
      Update Failures Since Last Success = 8
      Total Update Attempts = 8
      Total Update Failures = 8
   Update Interval In Seconds = 300
   Update Server = update-manifests.ironport.com
   Update Server Address = 204.15.82.17
   Current Versions:
      config = 0
      drop = 0
      ip = 0
      rule = 0
Warnings:

===========================================

Hardware used:

asa-ssm-10 (version 7.0(4)E4)

ASA-5520(version 8.4(1))

I see all traffic passing the firewall and ISP-routers.

I hope someone can help me with this issue or some pointers.

Thanks in advance,

Erik Verkerk.

Labels:
0 Helpful
2 Accepted Solutions

Accepted Solutions

Go to solution
Jennifer Halim
Cisco Employee
Cisco Employee

‎03-15-2011 06:17 PM

Do you have global correlation license?

You can check if you do under the License pane. Without a global correlation license, you won't be able to update it.

View solution in original post

0 Helpful

Go to solution
Jennifer Halim
Cisco Employee
Cisco Employee
In response to Erik.Verkerk_2

‎03-16-2011 04:00 AM

Apology, you are absolutely correct, there is no extra license required for global correlation.

From the output that you have provided, it seems that there has never been any success in updating it.

Can you please advise if the management interface of the AIP module is connected to the network, and it has access to the Internet? Also, do you have web proxy that might be blocking the connection from the AIP module management interface IP Address?

View solution in original post

0 Helpful
5 Replies 5

Go to solution
Jennifer Halim
Cisco Employee
Cisco Employee

‎03-15-2011 06:17 PM

Do you have global correlation license?

You can check if you do under the License pane. Without a global correlation license, you won't be able to update it.

0 Helpful

Go to solution
Erik.Verkerk_2
Level 1
Level 1
In response to Jennifer Halim

‎03-16-2011 02:24 AM

Hi Jennifer,

thanks for your reply and effort.

I attached a picture (snap-shot) of the license which is currently running in the ASA-SSM-10.

What I see is License Status: signatureUpdateKey

I also found an url on Cisco website;

http://www.cisco.com/en/US/services/ps2827/ps6076/services_announce_ips_global_correlation_price.pdf

Perhaps I do not understand but I thought global correlation was included from version 7.0

When I do need an (extra) license for global correlation it is clear why it is not working at the moment.

Hope you can help me here.

Thanks in advance,

Erik Verkerk.

Preview file
6 KB
0 Helpful

Go to solution
Jennifer Halim
Cisco Employee
Cisco Employee
In response to Erik.Verkerk_2

‎03-16-2011 04:00 AM

Apology, you are absolutely correct, there is no extra license required for global correlation.

From the output that you have provided, it seems that there has never been any success in updating it.

Can you please advise if the management interface of the AIP module is connected to the network, and it has access to the Internet? Also, do you have web proxy that might be blocking the connection from the AIP module management interface IP Address?

0 Helpful

Go to solution
Erik.Verkerk_2
Level 1
Level 1
In response to Jennifer Halim

‎03-16-2011 05:07 AM

Hi Jennifer,

Good to hear we do not have to buy an additional license and that global-correlation is included in version 7.0.

Thanks for your suggestion "access to internet", I did a re-re-recheck of my configuration and found out that I had a "little routing issue in one of my routers". I solved this and now it is working.

===========================================

sh statistics global-correlation
Network Participation:
   Counters:
      Total Connection Attempts = 0
      Total Connection Failures = 0
      Connection Failures Since Last Success = 0
   Connection History:
Updates:
   Status Of Last Update Attempt = Ok
   Time Since Last Successful Update = 2 minutes
   Counters:
      Update Failures Since Last Success = 0
      Total Update Attempts = 269
      Total Update Failures = 268
   Update Interval In Seconds = 300
   Update Server = update-manifests.ironport.com
   Update Server Address = 204.15.82.17
   Current Versions:
      config = 1236210407
      drop = 1300274962
      ip = 1300276386
      rule = 1300221126
Warnings:

=================================

Thanks for your time and help.

Thanks,

Erik Verkerk.

0 Helpful

Go to solution
Jennifer Halim
Cisco Employee
Cisco Employee
In response to Erik.Verkerk_2

‎03-16-2011 03:16 PM

Great to hear all is good now, and thanks for the update and ratings.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card