Switches, Hubs, and Modems
cancel
Showing results for 
Search instead for 
Did you mean: 

Software update via PCM+ (Scopy)

EvRooyen
Occasional Advisor

Software update via PCM+ (Scopy)

Hi,
We are running OCM on the same server as the WDS (Windows Deployment Services). WDS uses TFTP/BOOTP, so I cannot update switch software via TFTP (as I had done before installing WDS)

I thought that I could use Securecopy rather, and have set this in PCM global settings.
* Use secure copy for configuration file transfer
* Note that I have unticked "Allow TFTP if secure copy is not supported", as well as "Allow TFTP if secure copy fails"

I've also set up secure copy on the switch and checked TFTP is now disabled (as expected).

I've tried upgrading now, and after about 15 min it fails with error 1107, Firmware update error.

My q is:

a) Can Secure Copy be used in this way?
b) Why am I getting this error? Is there anything else I should have configured? Where can I get more verbose information?

Many thanks,
Eugene
2 REPLIES
imdavies
Occasional Advisor

Re: Software update via PCM+ (Scopy)

Eugene,

what devices are you trying to update?

Are you sure they support securecopy.

The following is an exerpt from the PCM+ help pages:

Use the following procedures to check SSH-related configurations.

For SSH with Password Authentication
Select a switch that supports SSH.

Use the Test Communication Parameters wizard to ensure the switch and PCM are in sync with each other.

Telnet to the switch and run the following commands:

$ ip ssh key-size 1024

$ crypto key generate ssh rsa

$ ip ssh

Using the Communication Parameters in PCM wizard for the device, modify the CLI options to configure the SSH (Password) settings to match the switch.

For SSH with Key Authentication
Navigate to the SSH Key window.

Click the Tools menu.

Select Preferences from the drop-down list.

Select Device Access.

Select SSH Key.

Set the key size to 1024.

Click Generate new key pair.

Verify the SSH version installed on the switch.

Telnet to the device, and TFTP the version specific pub-key-file from the PNM/server/config directory:

copy tftp pub-key-file procurveSSH.pub

Replace the with the IP address of the PCM server, and replace the with the SSH version number (1 or 2). For example:

copy tftp pub-key-file 192.15.41.3 procurveSSH2.pub

Display and copy (CTRL+C) the fingerprint of the host-public-key from the switch using the CLI command:

show crypto host-public-key fingerprint

Open the Communication Parameters in PCM wizard for the device, and paste (CTRL+V) the device public key finger print into the Key field of the Configure SSH Credentials window.

This should allow for launching the SSH terminal after authentication.


Let me know what you are trying to update and whether or not this helps any.
EvRooyen
Occasional Advisor

Re: Software update via PCM+ (Scopy)

Thanks for the response!

I am doing this on a 2824, which afaik is ok with scopy.

I have only 3 of these, about 20 other 3500/4100's, and it doesn't work for these either.

I am using SSH with pwd not key, and I tested this from PCM, can connect to the switch in this way without any issue at all.
Since I have no access to tftp, I cannot test anything via TFTP as suggest in the help pages. But I guess using SSH with pwd and not key should be fine? Or do you suggest I go trough the whole key excercise?

I am trying to update switch software for all the switches. Before I used TFTP (unavailable as per my original post).

Regards,

Eugene