09-14-2005 11:40 PM - edited 03-10-2019 01:38 AM
I am trying to upgrade our version 4.1-5-S190 sensor to version 5. I am trying to do this through VMS 2.3 and am receiving error message
Sensor X: Signature Update Process
The update of the sensor X failed during the update script process, msg=An error occurred while trying to get the configuration file TrustedCertificates from the sensor. err=(Error occurred while communicating with 1.1.1.1: Operation timed out: connect)
An error occurred while running the update script on the sensor named X. Detail = The update of the sensor X failed during the update script process, msg=An error occurred while trying to get the configuration file TrustedCertificates from the sensor. err=(Error occurred while communicating with 1.1.1.1: Operation timed out: connect)
IPS 5.x sensor update complete.
Syncing local MC database as user "System".
MC database sync complete.
When I try to updgrade from the CLI it times out.
I have verified the firewall settings, and am actually able to successfully push minor signature updates out through the MC. I have rebooted the sensor, and checked the space (15+ gigs free), same error.
The major update to version 5 shows it has a signature version of IPS-K9-maj-5.0-1-S149. What is causing the timeouts, and will I have to downgrade the sensor to a version below 149 for this to take? The upgrade looks like it is about 30 MB, and it is going over a slow WAN link. I have tried to change the ftpTimeout and I receive ambiguous command when doing that in conf t, ser host, net, ftpTimeout 1200. Is there another problem here that needs to be addressed?
09-21-2005 12:53 PM
After you upgrade to 5.0, you cannot downgrade. If you want to return to the previous version, you must reimage and then copy the backup configuration to the reimaged sensor.
http://www.cisco.com/univercd/cc/td/doc/product/iaabu/csids/csids11/5020_01.htm#wp1063143
09-21-2005 01:52 PM
Here is a workaround to change the ftpTimeout value:
1) log into service account and become root using same svc acct PW: su
2) cd /usr/cids/idsRoot/etc
3) cp curHostConfig.xml curHostConfig.xml.bak
4) vi curHostConfig.xml
- search for FTPTimeout: /FTPTimeout
- visually confirm that your cursor is on the FTPTimeout line
- delete this line: dd
- search for ftpTimeout: /ftpTimeout
- visually confirm that your cursor is on the ftpTimeout line
- delete this line: dd
- save changes :w
- exit :q
5) reboot: shutdown -r now
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide