Configuring Communication With An Auto Update Server - Cisco PIX 500 Series Configuration Manual
Security appliance command line
Hide thumbs
Also See for PIX 500 Series:
- Administration manual (653 pages) ,
- Quick start manual (72 pages) ,
- User manual (60 pages)
Table of Contents
Advertisement
Configuring Auto Update Support
The security appliance can be configured as either a client or a server. As an Auto Update client, it
periodically polls the Auto Update server for updates to software images and configuration files. As an
Auto Update server, it issues updates for security appliances configured as Auto Update clients.
Auto Update is supported in single context mode only.
Note
This section includes the following topics:
•
•
•
Configuring Communication with an Auto Update Server
To configure the security appliance as an Auto Update client, perform the following steps:
To specify the URL of the AUS, use the following command:
Step 1
hostname(config)# auto-update server url [source interface ] [verify-certificate]
Where url has the following syntax:
http[s]://[ user : password @] server_ip [: port ]/ pathname
SSL is used when https is specified. The user and password arguments of the URL are used for Basic
Authentication when logging in to the server. If you use the write terminal, show configuration or
show tech-support commands to view the configuration, the user and password are replaced with
'********'.
The default port is 80 for HTTP and 443 for HTTPS.
The source interface argument specifies which interface to use when sending requests to the AUS. If you
specify the same interface specified by the management-access command, the Auto Update requests
travel over the same IPSec VPN tunnel used for management access.
The verify-certificate keyword verifies the certificate returned by the AUS.
(Optional) To identify the device ID to send when communicating with the AUS, enter the following
Step 2
command:
hostname(config)# auto-update device-id { hardware-serial | hostname | ipaddress [ if-name ]
| mac-address [ if-name ] | string text }
The identifier used is determined by using one of the following parameters:
•
•
•
•
•
Cisco Security Appliance Command Line Configuration Guide
41-20
Configuring Communication with an Auto Update Server, page 41-20
Configuring Client Updates as an Auto Update Server, page 41-22
Viewing Auto Update Status, page 41-23
hardware-serial—Use the security appliance serial number.
hostname—Use the security appliance hostname.
ipaddress—Use the IP address of the specified interface. If the interface name is not specified, it
uses the IP address of the interface used to communicate with the AUS.
mac-address—Use the MAC address of the specified interface. If the interface name is not
specified, it uses the MAC address of the interface used to communicate with the AUS.
string—Use the specified text identifier, which cannot contain white space or the characters ', ", ,
>, & and ?.
Chapter 41
Managing Software, Licenses, and Configurations
OL-12172-03
Advertisement
Table of Contents
Troubleshooting
