08-13-2004 09:06 AM - edited 03-09-2019 08:26 AM
I have recently acquired a Netranger 4220 and have loaded the recovery image successfully.
Cisco Systems Intrusion Detection Sensor, Version 4.1(1)S47
MainApp 2003_Jun_20_06.00 (Release) 2003-06-20T05:53:31-0500Running
AnalysisEngine 2003_Jun_20_06.00 (Release) 2003-06-20T05:53:31-0500Running
Authentication 2003_Jun_20_06.00 (Release) 2003-06-20T05:53:31-0500Running
Logger 2003_Jun_20_06.00 (Release) 2003-06-20T05:53:31-0500Running
NetworkAccess 2003_Jun_20_06.00 (Release) 2003-06-20T05:53:31-0500Running
TransactionSource 2003_Jun_20_06.00 (Release) 2003-06-20T05:53:31-0500Running
WebServer 2003_Jun_20_06.00 (Release) 2003-06-20T05:53:31-0500Running
The problem at hand is that I am attempting to upgrade the sensor (Either a sp or sig) and each time I do I receive this error.
stimey(config)# upgrade ftp://username@ftpserver//IDS-K9-sp-4.1-2-S58.rpm.pkg
Password: *******
Warning: Executing this command will apply a service pack to the application partition. The system may be rebooted to complete the upgrade.
Continue with upgrade? : yes
Error: exp timeout
Does anyone know what may cause this issue and what can be done to resolve it?
Thanks
08-13-2004 12:45 PM
Brent-
I don't have any prior history with a 4220, but I do know that version 4.1(4)S47 requires 512Mb of RAM to install. I would suspect that is the problem you are experiencing. Cisco offered free memory upgrades to 4210 owners, but I don't know about 4220's (I believe that the 4220's only came with 256Mb too, but I am not certain).
Hope that helps.
Don
08-15-2004 08:45 AM
Don,
You are correct about the 4220s, but I have already installed the memory upgrade. Currently the 4220 has 512MB installed. Thanks for the reply. I really appreciate the assistance.
Brent
08-16-2004 06:48 AM
There are some known restrictions with ftp upgrades (pre 4.1(4)) :
- do not use anonymous account
- do not configure ftp server to use custom prompts
- do not configure ftp server to expect MSDOS filesystem paths (use unix filesystem paths)
- do configure ftp server to use passive mode
If none of these help then you can try the following workaround:
1) Create a service account
2) Login with the service account
3) Ftp the file to the home directory of the service account on the sensor
4) Exit service account
5) Login with the cisco account
6) Execute "ssh host-key
7) Type "yes" to accept the key
8) Execute "upgrade
scp://
terminal" mode.
NOTE: in 4.1(4) the sensor ftp client implementation is much more robust (without above restrictions).
08-16-2004 10:03 AM
James,
Thank you for the insight. It worked. I had to use the SCP feature. I cant believe that it was not documented (at least I could not find it) somewhere. You really saved my bacon. Thanks again.
Brent
09-13-2004 04:30 AM
Hi james,
i just thought i'd pass on my thanks for this post. You have just saved my bacon BIG time.
Regards
Phil
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide