cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
584
Views
0
Helpful
7
Replies

upgrade IDS4235 to ips ver 5

ahmed_salah
Level 1
Level 1

hi,

i have IDS 4235 running ver 4.1 with 4FE-Card i want to upgrade it to act as ips what is the update file name i have to apply for that and where i can get it

regards,

ahmed

7 Replies 7

marcabal
Cisco Employee
Cisco Employee

Filenames:

IPS-K9-maj-5.0-1-S149.rpm.pkg

IPS-K9-sp-5.0-3.pkg

IPS-sig-S183-minreq-5.0-1.pkg

Location:

Go to the main IPS download page:

http://www.cisco.com/kobayashi/sw-center/ciscosecure/ids/crypto/

Find the following section:

Network IPS/IDS Sensor Appliances

Version 5.x (IDS/IPS 42xx Appliances)

Click on the:

Latest Service Pack, Minor, and Major Updates link.

Download and install: IPS-K9-maj-5.0-1-S149.rpm.pkg.

Once that upgrade is done, then download and install: IPS-K9-sp-5.0-3.pkg

Now you just need to ensure the latest signature update is on the sensor.

Go back to the main download page and click on the Latest Signature Update link.

Download and install the latest signature update (currently IPS-sig-S183-minreq-5.0-1.pkg)

Each update has it's own readme file with instructions for installing the updates (if you are already running 4.1, then installation is nothing new).

For User Guides go to the main page for IDS/IPS docs:

http://www.cisco.com/univercd/cc/td/doc/product/iaabu/csids/index.htm

And click on the link for version 5.0 docs.

hi,

thanks for fast replay i try the first file

IPS-K9-maj-5.0-1-S149.rpm.pkg

but i got error message during update

incompatable hardware

do u know what is this error

Execute "show version" and see what platform is reported. Verify that it reports that your are running an IDS-4235 and not an IDS-4230.

(NOTE: Some users have confused the 2 and did not realize that the IDS-4230 is Not supported in version 5.x. At one time there was a program in place for upgrading from a IDS-4230 to a IDS-4235, but I am not sure if that program is still in place.)

If it is a IDS-4230 (or IDS-4220 even) then contact a Cisco representative about upgrading your hardware.

If the platform is not reported in "show version" then the upgrade can not be installed.

Verify that this is a Cisco purchased sensor, and that no user modifications of hardware has been done (like replacing CPUs, memory, or anything else without an official Cisco IDS part number).

Some users have attempted to upgrade their sensor hardware with off the shelf memory and CPUs and this confuses the sensor code that determines the type of platform. Often these off the shelf upgrades can lead to other issues on the sensor, so their use is unsupported.

If no changes have been made to the hardware and "show version" does not show the platform, then there may be a hardware problem with your sensor. Contact the TAC and ask for their assistance to help further diagnose the issue. You may have to RMA the sensor.

If "show version" does show the correct platform, and you still get the error during upgrade. Then you can post a copy of the "show version" output, as well as a "dmesg" output. (You would need to login as the service account to get dmesg output)

And I can take a look.

hi,

thanks for your interest

please find attached o/p of ids which u ask for

for both sh ver and dmesg

regards,

ahmed

Nothing looks out of place from what I can tell.

Can you try the upgrade again so we can see the complete error message.

Within the CLI do a "show version" first, and then "conf t" followed by the "upgrade" command. So we can compare the the "show version" output to the "upgrade" error all in the same CLI connection.

Marco

hi,

thanks for your help i can upgrade now do u know the error was when i upgrade i type the upgrdae file name in small letters but some one told me to type the file charachers as i got from cisco but i have a strange problem after i do sh ver on ips i got this o/p

sensor# sh ver

Application Partition:

Cisco Intrusion Prevention System, Version 5.0(1)S149.0

OS Version 2.4.26-IDS-smp-bigphys

Platform: IDS-4235

Serial Number: 7B3W251

No license present

Sensor up-time is 11 min.

Using 733876224 out of 923549696 bytes of available memory (79% usage)

system is using 17.3M out of 29.0M bytes of available disk space (59% usage)

application-data is using 31.0M out of 174.7M bytes of available disk space (19% usage)

boot is using 40.5M out of 75.9M bytes of available disk space (56% usage)

application-log is using 530.4M out of 2.8G bytes of available disk space (20% usage)

MainApp 2005_Mar_04_14.23 (Release) 2005-03-04T14:35:11-0600 Running

AnalysisEngine 2005_Mar_04_14.23 (Release) 2005-03-04T14:35:11-0600 Running

CLI 2005_Mar_04_14.23 (Release) 2005-03-04T14:35:11-0600

Upgrade History:

IDS-K9-maj-5.0-1- 14:16:00 UTC Thu Mar 04 2004

Recovery Partition Version 1.1 - 5.0(1)S149

sensor#

so what is the meaning of no license present and how i can get it also before upgrade i can connect to ids through https but now i can not so do u know any doc for how to work with ips

regards,

ahmed

Regarding the "No license present" message:

Beginning with IPS 5.0, an IPS Subscription Service License is required to install signature updates.

You can request an IPS Subscription Service License for all sensors covered by a maintenance contract at this URL:

http://www.cisco.com/go/license

To manage your maintenance contracts use the Service Contract Center found at this URL:

http://www.cisco.com/cgi-bin/front.x/scccibdispatch?AppName=ContractAgent

With the initial release of 5.0, the first several signature updates will be released without the license enforcement to allow you time to get your maintenance contracts in order and your sensors licensed. However, it is recommended that you get your license and install it as soon as possible in order to avoid interruptions in your signature updates.

-Rusty

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: