Options

IPS Software Update

cjthedj45cjthedj45 Member Posts: 331 ■■■□□□□□□□
in Off-Topic
Hi

I'm in the middle of updating an IPS module in an 5500 ASA. The licence update worked however the software updates generates this error:

"Cannot upgrade the software on the sensor. The update requires 60340KB in /usr/cids/idsroot/var/updates there are only 57876 available.

I rebooted the Sensor but still the same error. I also logged into the module to see if there was a way to perhaps free up some space.

Has anyone experienced this and have any idead thanks
· Share on FacebookShare on Twitter

Comments

  • Options
    Bl8ckr0uterBl8ckr0uter Inactive Imported Users Posts: 5,031 ■■■■■■■■□□
    IF the asa has a command that works like the squeeze command maybe you could try that
    · Share on FacebookShare on Twitter
  • Options
    cjthedj45cjthedj45 Member Posts: 331 ■■■□□□□□□□
    knwminus wrote: »
    IF the asa has a command that works like the squeeze command maybe you could try that

    Thanks Knwminus I have not heard of the squeeze command before. I looked it up and it would seem that when some files are deleted ghost copies of them are left taking up space and the squeeze command permanently deletes them. The ASA did not seem to pick the command up is it just squeeze? Also I'm not sure if this will work as I believe the IPS modules use a linux back end. I cannot run any of the normal IOS commands when logged into the module I.E Dir, show flash etc.

    I'm still unsure how to tackle this if anyone else has any other ideas that would be much appreciated.
    · Share on FacebookShare on Twitter
  • Options
    tierstentiersten Member Posts: 4,505
    Log into a service account

    rm -rf /usr/cids/idsRoot/var/updates/files/S69
    rm -rf /usr/cids/idsRoot/var/updates/files/common
    rm /usr/cids/idsRoot/var/virtualSensor/*
    rm /usr/cids/idsRoot/var/.tmp/*
    · Share on FacebookShare on Twitter
  • Options
    tierstentiersten Member Posts: 4,505
    knwminus wrote: »
    IF the asa has a command that works like the squeeze command maybe you could try that
    You don't get squeeze on any of the devices that use a FAT formatted CF card as flash storage.
    · Share on FacebookShare on Twitter
  • Options
    cjthedj45cjthedj45 Member Posts: 331 ■■■□□□□□□□
    tiersten wrote: »
    Log into a service account

    rm -rf /usr/cids/idsRoot/var/updates/files/S69
    rm -rf /usr/cids/idsRoot/var/updates/files/common
    rm /usr/cids/idsRoot/var/virtualSensor/*
    rm /usr/cids/idsRoot/var/.tmp/*

    Cheers Tiersten have you ever had the error happen to you whilst upgrading? I'm not sure if going into the Linux commands within the module and deleting files is a good idea. I have looked on Ciscos site and I have not found any case exactly the same as mine but it has been mentioned to reboot the asa or try to re-image the module. There does not seem to be very many good information resources for IPS stuff so I'm still a little unsure
    · Share on FacebookShare on Twitter
  • Options
    tierstentiersten Member Posts: 4,505
    cjthedj45 wrote: »
    Cheers Tiersten have you ever had the error happen to you whilst upgrading? I'm not sure if going into the Linux commands within the module and deleting files is a good idea. I have looked on Ciscos site and I have not found any case exactly the same as mine but it has been mentioned to reboot the asa or try to re-image the module. There does not seem to be very many good information resources for IPS stuff so I'm still a little unsure
    Its what Cisco recommended we do when we were doing an upgrade to 4.1 on an IPS 4255 but that was a few years back now. The other recommendation was to delete all the .pmz files from that directory but we didn't need to do that so didn't. CSCsb81288 is the bug ID if you want to look it up.

    The other solution is to reimage it and start from scratch.
    · Share on FacebookShare on Twitter
  • Options
    cjthedj45cjthedj45 Member Posts: 331 ■■■□□□□□□□
    tiersten wrote: »
    Its what Cisco recommended we do when we were doing an upgrade to 4.1 on an IPS 4255 but that was a few years back now. The other recommendation was to delete all the .pmz files from that directory but we didn't need to do that so didn't. CSCsb81288 is the bug ID if you want to look it up.

    The other solution is to reimage it and start from scratch.

    Cool thanks Tiersten. Your post pointed me in the right direction and I found this PDF http://www.cisco.com/application/pdf/paws/97405/aipssm_unresponsive.pdf which is very useful and has the exact error I'm recieving documented. Apparently I need to runs this command rm/usr/cids/idsroot/var/*pmz although it does not explain exactly what it does. Hopefully it will do no harm when I run it. I will let you know how I get on. Thanks for all your help
    · Share on FacebookShare on Twitter
Sign In or Register to comment.