Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
342
Views
0
Helpful
2
Replies

Upgrading to version 5 from 4.1-5

jware
Level 1
Level 1

‎09-14-2005 11:40 PM - edited ‎03-10-2019 01:38 AM

I am trying to upgrade our version 4.1-5-S190 sensor to version 5. I am trying to do this through VMS 2.3 and am receiving error message

Sensor X: Signature Update Process

The update of the sensor X failed during the update script process, msg=An error occurred while trying to get the configuration file TrustedCertificates from the sensor. err=(Error occurred while communicating with 1.1.1.1: Operation timed out: connect)

An error occurred while running the update script on the sensor named X. Detail = The update of the sensor X failed during the update script process, msg=An error occurred while trying to get the configuration file TrustedCertificates from the sensor. err=(Error occurred while communicating with 1.1.1.1: Operation timed out: connect)

IPS 5.x sensor update complete.

Syncing local MC database as user "System".

MC database sync complete.

When I try to updgrade from the CLI it times out.

I have verified the firewall settings, and am actually able to successfully push minor signature updates out through the MC. I have rebooted the sensor, and checked the space (15+ gigs free), same error.

The major update to version 5 shows it has a signature version of IPS-K9-maj-5.0-1-S149. What is causing the timeouts, and will I have to downgrade the sensor to a version below 149 for this to take? The upgrade looks like it is about 30 MB, and it is going over a slow WAN link. I have tried to change the ftpTimeout and I receive ambiguous command when doing that in conf t, ser host, net, ftpTimeout 1200. Is there another problem here that needs to be addressed?

Labels:
0 Helpful
2 Replies 2

r-simpson
Level 3
Level 3

‎09-21-2005 12:53 PM

After you upgrade to 5.0, you cannot downgrade. If you want to return to the previous version, you must reimage and then copy the backup configuration to the reimaged sensor.

http://www.cisco.com/univercd/cc/td/doc/product/iaabu/csids/csids11/5020_01.htm#wp1063143

0 Helpful

ibanezm
Level 1
Level 1
In response to r-simpson

‎09-21-2005 01:52 PM

Here is a workaround to change the ftpTimeout value:

1) log into service account and become root using same svc acct PW: su

2) cd /usr/cids/idsRoot/etc

3) cp curHostConfig.xml curHostConfig.xml.bak

4) vi curHostConfig.xml

- search for FTPTimeout: /FTPTimeout

- visually confirm that your cursor is on the FTPTimeout line

- delete this line: dd

- search for ftpTimeout: /ftpTimeout

- visually confirm that your cursor is on the ftpTimeout line

- delete this line: dd

- save changes :w

- exit :q

5) reboot: shutdown -r now

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card