Support Support Downloads Knowledge Base Case Manager My Juniper Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

[SRX/IDP] How to perform offline policy templates update/install on SRX

0

0

Article ID: KB27087 KB Last Updated: 27 Jul 2020Version: 3.0
Summary:

This article describes how to install policy templates offline when there is no internet connectivity or when connected via proxy server.

 

Symptoms:

Opening the file (/var/db/idpd/sec-download/sub-download/SignatureUpdate.xml) fails with this message:

No such file or directory

 

Solution:

Perform offline signature update and install the database. Performing offline signature update on SRX devices is described in detail in KB32399 - [SRX] How to update IDP Signature Database off-line.  

To install the policy templates offline, perform the following steps:

  1. All the required files are copied and unzipped once you installed the offline package as per above KB32399 .

Run the following command to install the policy templates:

CLI> request security idp security-package install policy-templates

Check the install status: 

cli> request security idp security-package install status
Done;policy-templates has been successfully updated into internal repository
(=>/var/db/scripts/commit/templates.xsl)!
  1. Check the policy template version using the following command:

CLI> show security idp security-package-version
NOTE

Sometimes a user may come across the following error:

# run request security idp security-package install policy-templates
opening file(/var/db/idpd/sec-download/sub-download/SignatureUpdate.xml) failed;No such file or directory

This is because SignatureUpdate.xml is not copied to the /var/db/idpd/sec-download/sub-download/ directory.

In this case, you can manually copy the SignatureUpdate.xml and templates.xml and try to update again. Follow the steps given here:

  1. Unzip SignatureUpdate.xml.gz & templates.xml.gz  in the offline-update package.

  2. Transfer the templates.xml and SignatureUpdate.xml to /var/db/idpd/sec-download/sub-download/:

# run file list /var/db/idpd/sec-download/sub-download/

/var/db/idpd/sec-download/sub-download/:
SignatureUpdate.xml*
templates.xml*
  1. Run the following command to install policy templates:

# run request security idp security-package install policy-templates

This is processed in async mode. Check the status using the CLI.

  1. Check the install status.
# run request security idp security-package install status
Done;policy-templates has been successfully updated into internal repository
(=>/var/db/scripts/commit/templates.xsl)!

If you require additional assistance, contact Support.

 

Modification History:

2020/07/27: Article reviewed for accuracy; changes per the latest Junos OS release made; links updated

 

Related Links

Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search