migrate_server import failure, Failed to import IP...

Vladimir · ‎2021-07-25

I have run into migrate import failing at 36% with Failed to import IPS package file, exit code: 5:

Importing the Management Database
Operation started at Sun Jul 25 11:08:53 EDT 2021

[==================> ] 36% Importing IPS Data ... \
Upgrade progress information is available at /opt/CPsuite-R80.40/fw1/log/upgrade_report-2021.07.25_11.37.53.html
Operation finished at Sun Jul 25 11:40:24 EDT 2021
25Jul2021-113807: Failed to import: Failed: java.lang.RuntimeException: java.lang.RuntimeException: java.lang.RuntimeException: Failed to import IPS package file, exit code: 5
Detailed upgrade report is available at /opt/CPsuite-R80.40/fw1/log/upgrade_report-2021.07.25_11.37.53.html
[Expert@mgt1:0]#

The html report does not have anything more meaningful.

Import is being performed on the offline R80.40 JFH T294 with latest migration tools package ngm_upgrade_wrapper_994000406_1.tgz

Any suggestions on how to get around this issue are appreciated.

Thank you,

Vladimir

Peter_Lyndley · ‎2021-07-25

I think i've seen this one before.

If i remember correctly, you need to update IPS to latest level before doing the initial export (if possible) and also update the machine you are importing too, so that they are same level when it tries to import.

I also had the added complication of a Global Policy as well, make sure you are not still connected to a global policy before you export.

Hope you find this useful

Vladimir · ‎2021-07-25

@Peter_Lyndley , thank you. This is not an MDS though, it is SMS.

I cannot upgrade the existing SMS to R80.40, hence the export/import to higher version.

Will try updating the IPS signatures on the source before trying it again.

Cheers,

Vladimir

PhoneBoy · ‎2021-07-25

If the IPS signatures haven't been updated in a while, it seems to cause issues with migrate export/import (and migrate_server).
Not sure why, but updating signatures to the latest definitely helps.

Vladimir · ‎2021-07-25

Thanks! I've already sent this to the client. Will see if this will help tomorrow:)

fwmeister · ‎2021-07-26

Make sure you have no snort signatures and/or IoCs. That will definitely screw things up.

Vladimir · ‎2021-07-27

@fwmeister , thanks. I thought about this possibility, but in this client's case there is close to 0 probability that they are using custom IoCs. I've confirmed today that this is the case.

Vladimir · ‎2021-07-27

Nope. Tried it again today after successful IPS upgrade on a source management server. Same result with rather unhelpful HTML report:

While the export for the source file resulted in:

K_montalvo · ‎2021-12-14

i would be very helpful if there's a HTML document of in the CLI while doing the import/export process to let me know the estimated time to complete. If this existed kindly let me know please!

PhoneBoy · ‎2021-12-14

I'm pretty sure the above HTML file is on the gateway/management somewhere.
Offhand, I don't know where it is, but I bet you could find it based on the URL presented when you see that page.

K_montalvo · ‎2021-12-15

@PhoneBoythe report is on /opt/CPSuite-R81.10/fw1/log... but im not able to downloaded while in progress. If i try to open a new session via SFTP to the management and download the HTML file the import progress gets interrupted.

PhoneBoy · ‎2021-12-17

That would probably break things, depending on how the upgrade process modifies that file.

Are you a member of CheckMates?

migrate_server import failure, Failed to import IPS package file, exit code: 5