The Cisco Prime Infrastructure Plug and Play Gateway patch 184.108.40.206 must be installed on the Cisco Prime Infrastructure Plug and Play Gateway Server 2.2.1 or 3.0 or 3.1. The system requirements are the same as that for the Cisco Prime Infrastructure 2.2 Plug and Play gateway server.
This section contains instructions for installing the Cisco Prime Infrastructure Plug and Play Gateway.
Plug and Play Gateway Patch Installation in Standalone Configuration
The Plug and Play Gateway standalone server patch is available in the pnp-packaging-220.127.116.11.tar.gz file. The patch upgrade procedure requires an FTP or TFTP server containing the patch file.
You can access this server from the Cisco Prime Infrastructure 2.2.1 Plug and Play Gateway standalone server by following these steps:
Step 1 Log in to the Plug and Play Gateway standalone server as admin user. The following is a sample output of the patch upgrade with the url FTP:
pnp-server login: admin
pnp-server/admin# configure Enter configuration commands, one per line. End with CNTL/Z. pnp-server/admin(config)# repository <repository-name>
pnp-server/admin(config-Repository)# user <user-ID> password <option> <password>
Step 2Use the application upgrade command to install the pnp-packaging-18.104.22.168.tar.gz Plug and Play Gateway standalone patch. The following is a sample output of the Plug and Play gateway patch upgrade:
Save the current ADE-OS running configuration? (yes/no) [yes] ?
Saved the ADE-OS running configuration to startup successfully
Initiating Application Upgrade...
Stage 1 of 7: Transferring file...
Stage 2 of 7: Unpacking file...
Stage 3 of 7: Executing pre-install...
Stage 4 of 7: Upgrading binaries...
Restore the Version 22.214.171.124
Restoring on a new installation setup required
Tue Jul 28 11:48:19 UTC 2015
Restore operation started
Backup Filename used is /tmp/pnp_upgrade/20150728114745.pnp_backup.tar.gz
Upgrade from 126.96.36.199 setup required
Upgrade operation no automatic setup possible
Restore operation ended
Application upgrade successful
Step 3 Exit from the current terminal (shell) and re-login as admin user.
Step 4 Execute the pnp setup command to reconfigure the Plug and Play standalone server and start the plug and play process.
Plug and Play-gateway 188.8.131.52 provides fix for POODLE vulnerability and for enabling/disabling SSLv3 on your server. You can disable SSLv3 and other lower versions only if you setup the Plug and Play gateway in Advanced mode.
To disable SSLv3, follow these steps:
Step 1 After upgrading to 184.108.40.206, use the following command to setup the Plug and Play gateway in Advanced mode.
pnp setup advanced
Step 2 The following prompt appears after you setup the Plug and Play gateway 220.127.116.11 in Advanced mode.
Do you want to disable SSLv3 and below (y/n) ? [n]
Select Yes or No (y/n).
Step 3 If SSLv3 is enabled by default, enter ‘y’ in the prompt to disable SSLv3.
Note If SSLv3 is disabled on Standalone Plug and Play server, then IOS image of the devices must be upgraded to a version which supports protocols other than SSLv3 such as TLS. The Plug and Play gateway does not work if this upgrade is not done.
Plug and Play Gateway Patch Installation in High Availability Configuration
If the Plug and Play Gateway is configured in high availability mode, then follow the below steps to upgrade the patch on both primary or secondary servers:
Subscribe to What’s New in Cisco Product Documentation, which lists all new and revised Cisco technical documentation, as an RSS feed and deliver content directly to your desktop using a reader application. The RSS feeds are a free service.
Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this URL: www.cisco.com/go/trademarks. Third-party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1110R)
Any Internet Protocol (IP) addresses and phone numbers used in this document are not intended to be actual addresses and phone numbers. Any examples, command display output, network topology diagrams, and other figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses or phone numbers in illustrative content is unintentional and coincidental.