How to Set Ironport vESA Update Server


I have a case when I tried to upgrade the Ironport virtual Email Security Appliances (vESA) and then the appliance failed to locate the update server. It happened after migrating from physical appliance to virtual appliance.

The main cause of the problem is the virtual appliance use different update server than the physical unit, so we have to set it manually via console. It is easy😉 so let’s begin!

Login to vESA console. Issue the command I set in bold font. Remember, only type the command in bold font, the rest is just the results or comment.

vESA)> updateconfig

NOTICE: This configuration command has not yet been configured for the current

cluster mode (Machine vESA).

What would you like to do?

  1. Switch modes to edit at mode “Cluster C1”.
  2. Start a new, empty configuration at the current mode (Machine vESA).
  3. Copy settings from another cluster mode to the current mode (Machine

vESA).

[1]> 2  (choose number two to start new configuration)

Service (images):

Update URL:

——————————————————————————–

Feature Key updates

http://downloads.ironport.com/asyncos

Sophos Anti-Virus definitions

Cisco IronPort Servers

IronPort Anti-Spam rules

Cisco IronPort Servers

Outbreak Filters rules

Cisco IronPort Servers

Timezone rules

Cisco IronPort Servers

Enrollment Client Updates (used to fetch certificates for URL Filtering)

Cisco IronPort Servers

Cisco IronPort AsyncOS upgrades

Cisco IronPort Servers

Service (list):

Update URL:

————————————————————————–

Sophos Anti-Virus definitions

Cisco IronPort Servers

IronPort Anti-Spam rules

Cisco IronPort Servers

Outbreak Filters rules

Cisco IronPort Servers

Timezone rules

Cisco IronPort Servers

Enrollment Client Updates (used to fetch certificates for URL Filtering)

Cisco IronPort Servers

Service (list):

Update URL:

——————————————————————————–

Cisco IronPort AsyncOS upgrades

Cisco IronPort Servers

Update interval: 5m

Proxy server: not enabled

HTTPS Proxy server: not enabled

Choose the operation you want to perform:

– SETUP – Edit update configuration.

– CLUSTERSET – Set how updates are configured in a cluster

– CLUSTERSHOW – Display how updates are configured in a cluster

[]> dynamichost (this is to edit the update server)

Enter new manifest hostname:port

[update-manifests.ironport.com:443]> update-manifests.sco.cisco.com:443 

————————————————————————–

(Machine vESA) (SERVICE)> antispamupdate ironport force (this is to force update)

(Machine vESA) (SERVICE)> antispamstatus (this is to check the update status)

Component              Last Update                  Version

CASE Core Files        28 Jul 2015 16:35 (GMT +00:00)  3.5.0-008

CASE Utilities         28 Jul 2015 16:35 (GMT +00:00)  3.5.0-008

Structural Rules       28 Jul 2015 16:35 (GMT +00:00)  3.5.0-20150728_000600

Web Reputation DB      28 Jul 2015 16:35 (GMT +00:00)  20150728_094501

Web Reputation DB Update  28 Jul 2015 16:35 (GMT +00:00) 20150728_094501-20150728_145814

Content Rules          28 Jul 2015 16:35 (GMT +00:00)  20150728_163252

Content Rules Update   28 Jul 2015 16:35 (GMT +00:00)  20150728_163301

Bayes DB               28 Jul 2015 16:35 (GMT +00:00)

20150727_175912-20150727_185306

vESA)> commit (this is to save the configuration)

 

Done.

See, it’s easy, right?😉

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s