cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Highlighted
New Contributor

How to push firmware from N-Command to 1234 behind router

Hi All,

I was wondering in the example setup below if it is possible to have N-Command push firmware directly to the switch behind a router.

Setup: Adtran 6355 > Adtran 1234 POE

Tags (2)
0 Kudos
Reply
3 Replies
Highlighted
New Contributor

Re: How to push firmware from N-Command to 1234 behind router

As long as the device is able to check in to the nCommand server, you would create a Scheduled Job with the task to Push Firmware with the file you wish to apply to the unit. There are a few variables involving what to do with the older firmware files which are explained in the n-Command MSP Manual​​.

0 Kudos
Highlighted
New Contributor

Re: How to push firmware from N-Command to 1234 behind router

Hi Iana,

No it cannot communicate with the NCommand Server...

The Adtran 3430 can, but the 1234 Switch behind the 3430 cannot.

I checked, and not seeing any policy lists, or ACLs that could be blocking. Maybe it's because it is on a different VLAN.

Eth 0/2           802.1q Encapsulation

Eth 0/2.2        Data

Eth 0/2.101    Management

Eth 0/2.102    Phones

interface eth 0/2.101

  description SWITCH_MANAGEMENT_VLAN

  vlan-id 99

  ip address  192.168.101.1  255.255.255.0

  ip access-policy Private

  no shutdown

!

end

20/331651#sh ip policy-class Private

Policy-class "Private":

  21 current sessions (13500 max)

  Discards/Allows/NAT: 0/771/689

  Entry 1 - allow list MATCH_ALL self

  Entry 2 - nat source list VOIP interface loop 1 overload

  Entry 3 - allow list DATA stateless

20/331651#sh ip access-list standard MATCH_ALL

Standard IP access list MATCH_ALL

   permit any (1 matches)

Standard IP access list DATA

   permit any (7913 matches)

Here is what the 1234 sees.

2000.11.03 14:37:57 HTTP_CLIENT Timeout connecting to service at <PUBLIC IP>

14:37:57 AUTOLINK OnWaitForReply.

14:37:57 AUTOLINK OnDiscoveryFailed: Discovery failed.

14:37:57 AUTOLINK Failed to contact <PUBLIC IP>:443 (Primary Server - <PUBLIC IP>)

14:37:57 AUTOLINK Failure reason: HTTP: Timed out.

14:37:57 AUTOLINK closeHttpClientAndDeleteStreams().

14:37:57 AUTOLINK closeHttpConnection().

14:37:57 AUTOLINK deleteHttpClientStreams().

14:37:57 AUTOLINK closeHttpClientAndDeleteStreams().

14:37:57 AUTOLINK closeHttpConnection().

14:37:57 AUTOLINK deleteHttpClientStreams().

14:37:57 AUTOLINK closeHttpFileTransferClientAndDeleteStreams().

14:37:57 AUTOLINK Discovery failed. Could not contact server at <PUBLIC IP>.

14:37:57 AUTOLINK Adding address (<PUBLIC IP>:443) to penalty box.

14:37:57 AUTOLINK No failover servers remaining. No servers were contacted.

14:37:57 AUTOLINK closeHttpClientAndDeleteStreams().

14:37:57 AUTOLINK closeHttpConnection().

14:37:57 AUTOLINK deleteHttpClientStreams().

14:37:57 AUTOLINK closeHttpFileTransferClientAndDeleteStreams().

14:39:10 AUTOLINK HeartbeatTimerEvent::attemptExecution scheduledExecution == true.

14:39:10 AUTOLINK HeartbeatTimerEvent::attemptExecution _client->start().

14:39:10 AUTOLINK HeartbeatTimerEvent::createDefaultPeriodicTimer.

14:39:10 AUTOLINK HeartbeatTimerEvent::getRetryTimer() == 3600.

14:39:11 AUTOLINK OnSendDiscovery.

14:39:11 AUTOLINK resetHttpClientStreams().

14:39:11 AUTOLINK closeHttpConnection().

14:39:11 AUTOLINK deleteHttpClientStreams().

14:39:11 AUTOLINK Sending initial discovery message to <PUBLIC IP>/al/DiscoveryProcessor?action=devinfo.

14:39:11 AUTOLINK HeartbeatTimerEvent::attemptExecution scheduledExecution == false.

14:39:11 AUTOLINK HeartbeatTimerEvent::createDefaultPeriodicTimer.

14:39:11 AUTOLINK HeartbeatTimerEvent::getRetryTimer() == 3600.

14:39:11 AUTOLINK OnWaitForReply.

14:39:12 AUTOLINK OnWaitForReply.

14:39:13 AUTOLINK OnWaitForReply.

14:39:14 AUTOLINK OnWaitForReply.

14:39:15 AUTOLINK OnWaitForReply.

14:39:16 AUTOLINK OnWaitForReply.

14:39:17 AUTOLINK OnWaitForReply.

14:39:18 AUTOLINK OnWaitForReply.

14:39:19 AUTOLINK OnWaitForReply.

14:39:20 AUTOLINK OnWaitForReply.

14:39:21 AUTOLINK OnWaitForReply.

14:39:22 AUTOLINK OnWaitForReply.

14:39:23 AUTOLINK OnWaitForReply.

14:39:24 AUTOLINK OnWaitForReply.

14:39:25 AUTOLINK OnWaitForReply.

14:39:26 AUTOLINK OnWaitForReply.

14:39:27 AUTOLINK OnWaitForReply.

14:39:28 AUTOLINK OnWaitForReply.

14:39:29 AUTOLINK OnWaitForReply.

14:39:30 AUTOLINK OnWaitForReply.

2000.11.03 14:39:31 HTTP_CLIENT Timeout connecting to service at  <Public IP>

14:39:31 AUTOLINK OnWaitForReply.

14:39:31 AUTOLINK OnDiscoveryFailed: Discovery failed.

14:39:31 AUTOLINK Failed to contact <PUBLIC IP>:443 (Primary Server - <PUBLIC IP>)

14:39:31 AUTOLINK Failure reason: HTTP: Timed out.

14:39:31 AUTOLINK closeHttpClientAndDeleteStreams().

14:39:31 AUTOLINK closeHttpConnection().

14:39:31 AUTOLINK deleteHttpClientStreams().

14:39:31 AUTOLINK closeHttpClientAndDeleteStreams().

14:39:31 AUTOLINK closeHttpConnection().

14:39:31 AUTOLINK deleteHttpClientStreams().

14:39:31 AUTOLINK closeHttpFileTransferClientAndDeleteStreams().

14:39:31 AUTOLINK Discovery failed. Could not contact server at <PUBLIC IP>.

14:39:32 AUTOLINK Adding address (<PUBLIC IP>:443) to penalty box.

14:39:32 AUTOLINK No failover servers remaining. No servers were contacted.

14:39:32 AUTOLINK closeHttpClientAndDeleteStreams().

14:39:32 AUTOLINK closeHttpConnection().

14:39:32 AUTOLINK deleteHttpClientStreams().

14:39:32 AUTOLINK closeHttpFileTransferClientAndDeleteStreams().

0 Kudos
Highlighted
New Contributor III

Re: How to push firmware from N-Command to 1234 behind router

Hi hoorah,

If you want to use N-command to continuously manage your 1234, and provided your N-command server is on a public IP, it may be necessary to setup a NAT on the 6355 router with appropriate ACLs, so that 1234 can check in with N-command on a regular basis. While this still won't let you "push" firmware from N-command to 1234, you could at least schedule upgrade jobs on your N-command and let the 1234 "pull" the firmware, as directed. See the N-Command manual for the list of ports used by the N-command, to help with the ACL setup.

If this is a one-time upgrade to your 1234, and you don't need the management functionality of N-command, a simple way to get the code onto it would be using the 6355 to serve the image file to 1234 using TFTP.

To do this

- On 6355, copy the 1234 image into local flash. This can be done via CLI using the "copy <remote file location> flash" or by using the Web GUI (much easier, if you're not hosting the file anywhere)

- enable TFTP server on the 6355 using the "tftp server"command,

- finally, download the firmware file from 6355 to 1234 using the "copy tftp flash" command.

Be sure to turn off the TFTP server on the 6355 after this is done, as the protocol is not secure.

Of course, another option for a one-time upgrade would be to add a public IP to the 1234, grab the firmware and upgrade, then re-IP it again with the private IP.

Hope this helps

Yan.

0 Kudos