Solved

Problems upgrading Cisco IDS 4235

Posted on 2006-06-14
9
391 Views
Last Modified: 2012-06-22
I hope I am not making some stupid mistake, but I am having problems upgrading my IDS OS from 4.1.(1) to 4.1.(5).  I enter config terminal using the CLI then issue the commands upgrade ftp://%username%/%ip-address%/%directory%/%filename%.  The Cisco IDS then states that an upgrade is being prepared and finally says the upgrade has been installed and requires a reset.  I let the IDS then reset and come back up.  I then do a show version command and I still have the same IDS OS 4.1.(1).  Why is it stating that the upgrade is successful and yet my OS still shows a old version?
0
Comment
Question by:icarus2256
  • 5
  • 4
9 Comments
 

Author Comment

by:icarus2256
Comment Utility
??
0
 
LVL 32

Expert Comment

by:rsivanandan
Comment Utility
Are you trying to upgrade with the correct upgrade file? I mean, rpm.pkg ???

Cheers,
Rajesh
0
 

Author Comment

by:icarus2256
Comment Utility
Yes, I have double checked the file name from Cisco's site.  They state that the 4.1.(5).......rpm.pkg file can upgrade the 4.1.(1)s47 version.  I have tried other versions as well, but they won't work either.
0
 
LVL 32

Expert Comment

by:rsivanandan
Comment Utility
I assume that you are using this syntax for upgrading it; even though you have it listed as ftp://%username%/%ip-address%/%directory%/%filename%.

upgrade ftp://user@server_ipaddress//upgrade_path/*.rpm.pkg

Now if this is correct and you are still not able to do it, there is another way to do it. Login as service account and do a ftp from IDS box to the server where you've kept the upgrade file (extracted zip file). Then download the rpm file to the harddisk of IDS device. Exit out of it;

now try;

upgrade scp://<serviceaccountname>@<IDS Address>/*.rpm.pkg

at this stage, it will give an error saying, the upgrade package is not found in a specified* path. Login back again and copy the upgrade package to that specific path.

Then try once again, it should work. Let me know how it goes.

Cheers,
Rajesh

0
Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

 
LVL 32

Expert Comment

by:rsivanandan
Comment Utility
It would be better if you could also post the whole procedure captured during your upgrade session.

Cheers,
Rajesh
0
 

Author Comment

by:icarus2256
Comment Utility
Rajesh:

I did exactly as you said with no problems.  The IDS then reset itself and I still get this information below.




Application Partition:

Cisco Systems Intrusion Detection Sensor, Version 4.1(1)S47

OS Version 2.4.18-5smpbigphys
Platform: IDS-4235
Sensor up-time is 1 min.
Using 221896704 out of 921522176 bytes of available memory (24% usage)
Using 627M out of 15G bytes of available disk space (5% usage)


MainApp             2003_Jun_20_06.00   (Release)   2003-06-20T05:53:31-0500   Running
AnalysisEngine      2003_Jun_20_06.00   (Release)   2003-06-20T05:53:31-0500   Running
Authentication      2003_Jun_20_06.00   (Release)   2003-06-20T05:53:31-0500   Running
Logger              2003_Jun_20_06.00   (Release)   2003-06-20T05:53:31-0500   Running
NetworkAccess       2003_Jun_20_06.00   (Release)   2003-06-20T05:53:31-0500   Running
TransactionSource   2003_Jun_20_06.00   (Release)   2003-06-20T05:53:31-0500   Running
WebServer           2003_Jun_20_06.00   (Release)   2003-06-20T05:53:31-0500   Running
CLI                 2003_Jun_20_06.00   (Release)   2003-06-20T05:53:31-0500    

Upgrade History:

No upgrades installed

Recovery Partition Version 1.2 - 4.1(1)S47

0
 
LVL 32

Expert Comment

by:rsivanandan
Comment Utility
Okay, You are trying with IDS-K9-sp-4.1-5-S189.rpm.pkg right ?

I did some reading and seems that this was repackaged due to some upgrade related errors. So what I would suggest is to go to Cisco site and download it again. Then try applying it.

It should work for sure,

One more step you can try is to first go to 4.1(4) and then from there go to 4.1(5). I used to work for this team and I remember that we occasionally had problems like this and had to repackage the file.

Try this and let me know.

Cheers,
Rajesh
0
 

Author Comment

by:icarus2256
Comment Utility
Rajesh:

Still more headaches.  I just downloaded the newest file from Cisco and still no helpeeeee.  Here are the most recent commands:

mason(config)# upgrade ftp://administrator@172.20.20.7/img/ids-k9-sp-4.1-5-s189.rpm.pkg
Password: *********
Warning: Executing this command will apply a service pack to the application partition. The system may be rebooted to complete the upgrade.
Continue with upgrade? : yes





Application Partition:

Cisco Systems Intrusion Detection Sensor, Version 4.1(1)S47

OS Version 2.4.18-5smpbigphys
Platform: IDS-4235
Sensor up-time is 2 min.
Using 221937664 out of 921522176 bytes of available memory (24% usage)
Using 627M out of 15G bytes of available disk space (5% usage)


MainApp             2003_Jun_20_06.00   (Release)   2003-06-20T05:53:31-0500   Running
AnalysisEngine      2003_Jun_20_06.00   (Release)   2003-06-20T05:53:31-0500   Running
Authentication      2003_Jun_20_06.00   (Release)   2003-06-20T05:53:31-0500   Running
Logger              2003_Jun_20_06.00   (Release)   2003-06-20T05:53:31-0500   Running
NetworkAccess       2003_Jun_20_06.00   (Release)   2003-06-20T05:53:31-0500   Running
TransactionSource   2003_Jun_20_06.00   (Release)   2003-06-20T05:53:31-0500   Running
WebServer           2003_Jun_20_06.00   (Release)   2003-06-20T05:53:31-0500   Running
CLI                 2003_Jun_20_06.00   (Release)   2003-06-20T05:53:31-0500    

Upgrade History:

No upgrades installed

Recovery Partition Version 1.2 - 4.1(1)S47
0
 
LVL 32

Accepted Solution

by:
rsivanandan earned 250 total points
Comment Utility
Okay, I believe there is something wrong with the box itself. You should contact Cisco and you can open a TAC case with a high priority and let them take a look at it.

Probably they are going have to RMA the device but before that they'll have you reimage the box with the CD and try upgrading.

You do have a service contract right ?

Cheers,
Rajesh
0

Featured Post

Free Trending Threat Insights Every Day

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

What’s a web proxy server? A proxy server is a server that goes between clients and web servers, used in corporate to enforce corporate browsing policy and ensure security. Proxy servers are commonly used in three modes. A)    Forward proxy …
This is an article about my experiences with remote access to my clients (so that I may serve them) and eventually to my home office system via Radmin Remote Control. I have been using remote access for over 10 years and have been improving my metho…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now