Cisco FirePOWER ASA 5500 series Configuration Manual page 794

Configuring Auto Update Support
To specify the URL of the AUS, use the following command:
Step 1
hostname(config)# auto-update server url [source interface] [verify-certificate]
Where url has the following syntax:
http[s]://[user:password@]server_ip[:port]/pathname
SSL is used when https is specified. The user and password arguments of the URL are used for Basic
Authentication when logging in to the server. If you use the write terminal, show configuration or
show tech-support commands to view the configuration, the user and password are replaced with
'********'.
The default port is 80 for HTTP and 443 for HTTPS.
The source interface argument specifies which interface to use when sending requests to the AUS. If you
specify the same interface specified by the management-access command, the Auto Update requests
travel over the same IPSec VPN tunnel used for management access.
The verify-certificate keyword verifies the certificate returned by the AUS.
(Optional) To identify the device ID to send when communicating with the AUS, enter the following
Step 2
command:
hostname(config)# auto-update device-id {hardware-serial | hostname | ipaddress [if-name]
| mac-address [if-name] | string text}
The identifier used is determined by using one of the following parameters:
hardware-serial—Use the security appliance serial number.
•
hostname—Use the security appliance hostname.
•
ipaddress—Use the IP address of the specified interface. If the interface name is not specified, it
•
uses the IP address of the interface used to communicate with the AUS.
mac-address—Use the MAC address of the specified interface. If the interface name is not
•
specified, it uses the MAC address of the interface used to communicate with the AUS.
string—Use the specified text identifier, which cannot contain white space or the characters ', ", ,
•
>, & and ?.
(Optional) To specify how often to poll the AUS for configuration or image updates, enter the following
Step 3
command:
hostname(config)# auto-update poll-period poll-period [retry-count [retry-period]]
The poll-period argument specifies how often (in minutes) to check for an update. The default is 720
minutes (12 hours).
The retry-count argument specifies how many times to try reconnecting to the server if the first attempt
fails. The default is 0.
The retry-period argument specifies how long to wait (in minutes) between retries. The default is 5.
(Optional) To schedule a specific time for the security appliance to poll the Auto Update server, use the
Step 4
following command:
hostname(config)# auto-update poll-at
retry_period
[
days-of-the-week is any single day or combination of days: Monday, Tuesday, Wednesday, Thursday,
Friday, Saturday and Sunday. Other possible values are daily (Monday through Sunday), weekdays
(Monday through Friday) and weekend (Saturday and Sunday).
Cisco Security Appliance Command Line Configuration Guide
41-10
]]
Chapter 41 Managing Software, Licenses, and Configurations
days-of-the-week time
[randomize
minutes retry_count
] [
OL-10088-01