cancel
Showing results for 
Search instead for 
Did you mean: 
gsxr1000
Level 7

Upgrade Web Gateway 6.8.7 build 8378

Hi,

Does anyone know how to upgrade Web Gateway 6.8.7 build 8378 from the CLI ?

I want to SSH into the server as root and specify a specify an update server listed here in an upgrade 'command':

https://kc.mcafee.com/corporate/index?page=content&id=KB65496

like

wpm.webwasher.com:      194.231.55.220, 80.237.238.81, 80.66.20.197 (=> 217.172.176.61 as of 04/24/2006)
wpm1-1.webwasher.com:   194.231.55.242
wpm1-2.webwasher.com:   80.237.203.208
wpm1-3.webwasher.com:   217.172.176.60 
wpm2.webwasher.com:     194.231.55.221, 80.237.238.82, 217.172.176.87
wpm3.webwasher.com:     82.165.33.187
wpm-usa1.webwasher.com: 207.36.15.188

thank you for any input

0 Kudos
10 Replies
eelsasser
Level 15

Re: Upgrade Web Gateway 6.8.7 build 8378

If you are upgrading to a new version, you use the `yum update` command.

The update repository is not on the wpm*.webwasher.com sites. They come from appliance.webwasher.com.

0 Kudos
gsxr1000
Level 7

Re: Upgrade Web Gateway 6.8.7 build 8378

tried that and it does not work.

0 Kudos
eelsasser
Level 15

Re: Upgrade Web Gateway 6.8.7 build 8378

what errors do you get?

Do you have to go out through another proxy to download the updates?

0 Kudos
gsxr1000
Level 7

Re: Upgrade Web Gateway 6.8.7 build 8378

no I don't have to go out through a proxy. the image is a screen shot of the errors i get.

more or less:

yum update
Loading "installonlyn" plugin
Setting up Update Process
Setting up repositories
cglinux-base                                                         [1/3]
http://appliance1.webwasher.com/cglinux/5/base/i386/repodata/repomd.xml: [Errno 4] IOError: <urlopen error (-2, 'Name or service not known')>
Trying other mirror.
http://appliance2.webwasher.com/cglinux/5/base/i386/repodata/repomd.xml: [Errno 4] IOError: <urlopen error (-2, 'Name or service not known')>
Trying other mirror.
http://appliance.webwasher.com/cglinux/5/base/i386/repodata/repomd.xml: [Errno 4] IOError: <urlopen error (-2, 'Name or service not known')>
Trying other mirror.
Cannot open/read repomd.xml file for repository: cglinux-base
failure: repodata/repomd.xml from cglinux-base: [Errno 256] No more mirrors to try.
Error: failure: repodata/repomd.xml from cglinux-base: [Errno 256] No more mirrors to try.

0 Kudos
eelsasser
Level 15

Re: Upgrade Web Gateway 6.8.7 build 8378

Sounds like the applance is not resolving DNS to these hosts:

appliance.webwasher.com [64.34.183.68]

appliance2.webwasher.com [217.172.176.87]

Can you ping appliance.webwasher.com from the comman line?

If not, what about the IP address?

Message was edited by: Erik Elsasser on 12/14/10 3:43:10 PM CST
0 Kudos
gsxr1000
Level 7

Re: Upgrade Web Gateway 6.8.7 build 8378

yes I can ping them. I can telnet to them on port 80 as well.

basic ping info

ping appliance.webwasher.com
PING appliance.webwasher.com (64.34.183.68) 56(84) bytes of data.
64 bytes from appliance.webwasher.com (64.34.183.68): icmp_seq=1 ttl=51 time=94.3 ms
64 bytes from appliance.webwasher.com (64.34.183.68): icmp_seq=2 ttl=51 time=95.7 ms
64 bytes from appliance.webwasher.com (64.34.183.68): icmp_seq=3 ttl=51 time=94.1 ms
64 bytes from appliance.webwasher.com (64.34.183.68): icmp_seq=4 ttl=51 time=95.6 ms
64 bytes from appliance.webwasher.com (64.34.183.68): icmp_seq=5 ttl=51 time=95.4 ms

--- appliance.webwasher.com ping statistics ---
5 packets transmitted, 5 received, 0% packet loss, time 3998ms
rtt min/avg/max/mdev = 94.193/95.059/95.719/0.723 ms

ping appliance2.webwasher.com
PING appliance2.webwasher.com (217.172.176.87) 56(84) bytes of data.
64 bytes from wpm2.webwasher.com (217.172.176.87): icmp_seq=1 ttl=57 time=10.1 ms
64 bytes from wpm2.webwasher.com (217.172.176.87): icmp_seq=2 ttl=57 time=11.1 ms
64 bytes from wpm2.webwasher.com (217.172.176.87): icmp_seq=3 ttl=57 time=10.0 ms
64 bytes from wpm2.webwasher.com (217.172.176.87): icmp_seq=4 ttl=57 time=9.79 ms

--- appliance2.webwasher.com ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 2998ms
rtt min/avg/max/mdev = 9.797/10.295/11.196/0.543 ms

0 Kudos
eelsasser
Level 15

Re: Upgrade Web Gateway 6.8.7 build 8378

Then I am stumped.

When you get that error, it's usually some kind of DNS or firewall problem.

Support might have some magic.

# yum clean all

might help.

Message was edited by: Erik Elsasser on 12/14/10 3:56:27 PM CST
0 Kudos

Re: Upgrade Web Gateway 6.8.7 build 8378

Any chance you can run a tcpdump on the outgoing interface interface of the appliance and your firewall (or acl depending on your firewall) when you try and run "yum update"?  On the applicance side you should be able to see whether or not your getting a response back and the firewall side should indicate whether or not your traffic is getting forwarded or dropped.  Hope this helps.

0 Kudos
McAfee Employee

Re: Upgrade Web Gateway 6.8.7 build 8378

Are you allowing partial content on the firewall? (aka HTTP 206 responses?) The Web Gateway will expect 206 responses instead of 200's.

Though I can't remember if this applicable on current versions. But it is something to check for and I have seen in the past.

~jon

0 Kudos