Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
645
Views
0
Helpful
1
Replies

IPS automatic update not successfull

k.abillama
Level 1
Level 1

‎02-10-2011 12:27 AM - edited ‎03-10-2019 05:15 AM

Dear All,

One of ou customers has a ASA failover pait with an AIP-SSM running version 7.0(4)E4 on it. Whenever automatic sig  update is configured the signature is downloaded on the IPS but a manual reboot is required for the module to succesfully apply it

However, when manually downloading the sig and applying it, the problem doesn't appear. Please advise

Regards

Labels:
0 Helpful
1 Reply 1

fadlouni
Level 1
Level 1

‎02-11-2011 06:45 AM

Hi Karim.

nice to meet you again :-).

this should not happen.

there is bug CSCtf34752 which can cause the sensor sometimes (and not always) to get stuck in the middle of downloading the packege due to memory issues and the only way is to reload and then it should work next time. this bug is not fixed at the moment.

to verify if you are matching this bug, create a service user account on the sensor, login using that account, you'll end up in the linux subsystem. do "su -" and enter the same password, then:

 A "ps -e fw" command from the service account shows that sendCtlTrans is still running indicating that 
the sigupdate is hung.

In the ipsDebug output (bottom of show tech output) check the thread with desc="CT handler" for the 
sensorApp process and look to see if the tstate="C".  This shows that this thread is in "core" state which 
tells us that the thread was attemptng to write the core.txt file but hung attempting to acquire memory 
from libhoard.

If you don't think this applies to your sensor, we'll need to have a look at the show tech ourselves to see what's happening with the sensor after the upgrade.. if that's too sensitive to discuss in public, you can open an SR (from this thread itself).

Regards,

Fadi.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card