Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1186
Views
5
Helpful
4
Replies

Sourcefire IPS 7120 failed to Upgrade Version

Go to solution
ralphbuot10
Level 1
Level 1

‎02-06-2017 10:15 PM - edited ‎03-10-2019 06:45 AM

Hi Everyone,

I have some trouble upgrading the Cisco SourceFire IPS 7120


I had a V.M Firesight version 5.4.1.3 and a Demo unit of IPS 7120 version 5.4.0.4
with IP of x.x.x.11

And now the actual unit of IPS 7120 version 5.4.0.1 with IP of x.x.x.12
is already inline on their production network accessible by Firesight
management.

I tried to update it to 5.4.0.4 but Error occur.

Please see attach file for the error.

Thank you in advance.

Labels:
Preview file
34 KB
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
rhomelvincenthalog
Level 1
Level 1

‎02-07-2017 04:23 AM

Hi Ralph,

1. Does it have FMC registered to it? If no, try to register to a FMC first, then from the FMC, upgrade it.

2. Does it have access control policy applied? try to apply at least System, Health & default Access Control Policy. that should work.

Vincent H.

View solution in original post

0 Helpful
4 Replies 4

Go to solution
rhomelvincenthalog
Level 1
Level 1

‎02-07-2017 04:23 AM

Hi Ralph,

1. Does it have FMC registered to it? If no, try to register to a FMC first, then from the FMC, upgrade it.

2. Does it have access control policy applied? try to apply at least System, Health & default Access Control Policy. that should work.

Vincent H.

0 Helpful

Go to solution
ralphbuot10
Level 1
Level 1
In response to rhomelvincenthalog

‎02-07-2017 11:38 PM

Hi Sir Rhomel,

Yes the Sourcefire Sensor is registered to FMC and try to upgrade it thru FMC, I also try to local upgrade accessing my Sourcefire sensor but stil  Upgrading failed.

I'll try to apply those policy before I upgrade.

Many Thanks,

Ralph

0 Helpful

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame

‎02-07-2017 07:20 AM

Log into the cli of the 7120 and navigate to the /var/log/sf directory.

There should be a subdirectory for the attempted upgrade(s). Go into it and "tail status.log". The last entry there will tell you exactly where the failure occured. It may point to a further subdirectory and you can navigate there for even more details.

Most commonly, very old sensors are running Snort rules that are too out of date. Re-applying a current policy set with associated definitions from the managing FirePOWER Manager usually remedies that issue. (Vincent's recommendation takes care of that.)

Go to solution
ralphbuot10
Level 1
Level 1
In response to Marvin Rhoads

‎02-07-2017 11:44 PM

Thank you for this knowledgeable commands.

I'll try what Sir Vincent advice as what you also recommend, monitor it on CLI if the error will occur again and what will be the error.

Thank you.

Ralph

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card