Apple iPhone/iPad iOS7 update from 7.0 - 7.02 through WSA

Jeffrey Richmond · ‎10-01-2013

Greetings All!

I wanted to make everybody aware of an issue that is occurring for iPhone and iPad upgrades from 7.0 - 7.0.2 through the WSA. For versions 7.5.x and 7.7.x of the WSA, the upgrade will fail almost immediately. The issue is that the WSA changes the Last Modified header from GMT to UTC, which breaks RFC and the iOS update (tracked under bug CSCzv03132). We have confirmed that going through a box where this behavior doesn’t occur the update succeeds. While a fix for the bug is being worked on, the only workaround at this time is to bypass either the client IP address or the following domains (bypassing on domain may or may not work as they use Akamai servers and could resolve to different IP addresses for the bypass settings):

mesu.apple.com

appldnld.apple.com

To bypass the client IP address(es) or domains go to Web Security Manager > Bypass settings from the WSA GUI or you can deny redirection for the IP address/subnet by modifying the redirect-list being used for WCCP.

Regards,

Jeff Richmond

Customer Support Engineer

Content Security Technical Services (CSTS) - Web Security

Michael Novelle · ‎11-08-2013

Any update on this? We are still waiting for a fix.

Jeffrey Richmond · ‎11-11-2013

Hello Michael,

The fix has been implemented into the next build of 7.5.2, but I do not have a release date for this build at the moment.

Regards,

Jeff Richmond

Customer Support Engineer

Content Security Technical Services (CSTS) - Web Security

VeNoMouSNZ · ‎11-11-2013

Appears to have been fixed in 7.7.5-0194 http://www.cisco.com/en/US/docs/security/wsa/wsa7.7.5/release_notes/WSA_7_7_5_194_Release_Notes.pdf

http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCzv03132