08-12-2005 01:22 AM - edited 03-10-2019 01:34 AM
hi,
i have IDS 4235 running ver 4.1 with 4FE-Card i want to upgrade it to act as ips what is the update file name i have to apply for that and where i can get it
regards,
ahmed
08-12-2005 09:19 AM
Filenames:
IPS-K9-maj-5.0-1-S149.rpm.pkg
IPS-K9-sp-5.0-3.pkg
IPS-sig-S183-minreq-5.0-1.pkg
Location:
Go to the main IPS download page:
http://www.cisco.com/kobayashi/sw-center/ciscosecure/ids/crypto/
Find the following section:
Network IPS/IDS Sensor Appliances
Version 5.x (IDS/IPS 42xx Appliances)
Click on the:
Latest Service Pack, Minor, and Major Updates link.
Download and install: IPS-K9-maj-5.0-1-S149.rpm.pkg.
Once that upgrade is done, then download and install: IPS-K9-sp-5.0-3.pkg
Now you just need to ensure the latest signature update is on the sensor.
Go back to the main download page and click on the Latest Signature Update link.
Download and install the latest signature update (currently IPS-sig-S183-minreq-5.0-1.pkg)
Each update has it's own readme file with instructions for installing the updates (if you are already running 4.1, then installation is nothing new).
For User Guides go to the main page for IDS/IPS docs:
http://www.cisco.com/univercd/cc/td/doc/product/iaabu/csids/index.htm
And click on the link for version 5.0 docs.
08-12-2005 11:16 AM
hi,
thanks for fast replay i try the first file
IPS-K9-maj-5.0-1-S149.rpm.pkg
but i got error message during update
incompatable hardware
do u know what is this error
08-12-2005 12:36 PM
Execute "show version" and see what platform is reported. Verify that it reports that your are running an IDS-4235 and not an IDS-4230.
(NOTE: Some users have confused the 2 and did not realize that the IDS-4230 is Not supported in version 5.x. At one time there was a program in place for upgrading from a IDS-4230 to a IDS-4235, but I am not sure if that program is still in place.)
If it is a IDS-4230 (or IDS-4220 even) then contact a Cisco representative about upgrading your hardware.
If the platform is not reported in "show version" then the upgrade can not be installed.
Verify that this is a Cisco purchased sensor, and that no user modifications of hardware has been done (like replacing CPUs, memory, or anything else without an official Cisco IDS part number).
Some users have attempted to upgrade their sensor hardware with off the shelf memory and CPUs and this confuses the sensor code that determines the type of platform. Often these off the shelf upgrades can lead to other issues on the sensor, so their use is unsupported.
If no changes have been made to the hardware and "show version" does not show the platform, then there may be a hardware problem with your sensor. Contact the TAC and ask for their assistance to help further diagnose the issue. You may have to RMA the sensor.
If "show version" does show the correct platform, and you still get the error during upgrade. Then you can post a copy of the "show version" output, as well as a "dmesg" output. (You would need to login as the service account to get dmesg output)
And I can take a look.
08-14-2005 12:49 AM
08-15-2005 11:24 AM
Nothing looks out of place from what I can tell.
Can you try the upgrade again so we can see the complete error message.
Within the CLI do a "show version" first, and then "conf t" followed by the "upgrade" command. So we can compare the the "show version" output to the "upgrade" error all in the same CLI connection.
Marco
08-16-2005 12:35 AM
hi,
thanks for your help i can upgrade now do u know the error was when i upgrade i type the upgrdae file name in small letters but some one told me to type the file charachers as i got from cisco but i have a strange problem after i do sh ver on ips i got this o/p
sensor# sh ver
Application Partition:
Cisco Intrusion Prevention System, Version 5.0(1)S149.0
OS Version 2.4.26-IDS-smp-bigphys
Platform: IDS-4235
Serial Number: 7B3W251
No license present
Sensor up-time is 11 min.
Using 733876224 out of 923549696 bytes of available memory (79% usage)
system is using 17.3M out of 29.0M bytes of available disk space (59% usage)
application-data is using 31.0M out of 174.7M bytes of available disk space (19% usage)
boot is using 40.5M out of 75.9M bytes of available disk space (56% usage)
application-log is using 530.4M out of 2.8G bytes of available disk space (20% usage)
MainApp 2005_Mar_04_14.23 (Release) 2005-03-04T14:35:11-0600 Running
AnalysisEngine 2005_Mar_04_14.23 (Release) 2005-03-04T14:35:11-0600 Running
CLI 2005_Mar_04_14.23 (Release) 2005-03-04T14:35:11-0600
Upgrade History:
IDS-K9-maj-5.0-1- 14:16:00 UTC Thu Mar 04 2004
Recovery Partition Version 1.1 - 5.0(1)S149
sensor#
so what is the meaning of no license present and how i can get it also before upgrade i can connect to ids through https but now i can not so do u know any doc for how to work with ips
regards,
ahmed
08-16-2005 08:07 AM
Regarding the "No license present" message:
Beginning with IPS 5.0, an IPS Subscription Service License is required to install signature updates.
You can request an IPS Subscription Service License for all sensors covered by a maintenance contract at this URL:
http://www.cisco.com/go/license
To manage your maintenance contracts use the Service Contract Center found at this URL:
http://www.cisco.com/cgi-bin/front.x/scccibdispatch?AppName=ContractAgent
With the initial release of 5.0, the first several signature updates will be released without the license enforcement to allow you time to get your maintenance contracts in order and your sensors licensed. However, it is recommended that you get your license and install it as soon as possible in order to avoid interruptions in your signature updates.
-Rusty
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: