cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1180
Views
0
Helpful
6
Replies

Add Images to software repository using SSH over NAT

jesper_fr
Level 1
Level 1

I have problems adding images to software repository using SSH when the CiscoWorks servers adr. is using NAT to some networks. It works fine to the networks that is not using NAT. I have entered the adr. the CiscoWorks server is NAT to, but every time it fails getting the image. The NAT i done in a Cisco PIX. I i make a capure in the firewall, then i can see it only tryes to connect using TELNET, and NEVER tryes to connect using SSH. I have no problems getting images using TELNET to other devices using the same NATTET adr. Further more i can get configs using SSH from the same devices that fails software download using SSH

Any god ideas to what could be wrong ?

By the way, CiscoWorks version is 2.6

6 Replies 6

Joe Clarke
Cisco Employee
Cisco Employee

Check the settings under RME > Admin > Software Management > View/Edit Preferences. Make sure "Use SSH for software image upgrade and software image import through CLI." is checked.

the "check" was missing, but it still fails. I get this message in the log file:

dir /all flash:

Directory of flash:/

2 -rwx 8295106 Mar 28 1993 07:04:22 +02:00 c3560-ipbasek9-mz.122-40.SE.bin

3 -rwx 996 Feb 13 2008 10:22:11 +01:00 vlan.dat

5 -rwx 7345 Feb 14 2008 08:25:15 +01:00 config.text

6 -rwx 3580 Feb 14 2008 08:25:15 +01:00 private-config.text

7 -rwx 1048 Feb 14 2008 08:25:15 +01:00 multiple-fs

32514048 bytes total (24203776 bytes free)

T2P2-04#copy flash:c3560-ipbasek9-mz.122-40.SE.bin tftp:// 149.212.15.54/rep_sw_5188428246247112850

copy flash:c3560-ipbasek9-mz.122-40.SE.bin tftp://149.212.15.54/rep_sw_5188428246247112850

% Invalid input detected at '^' marker.

T2P2-04#

The marker i surposed to be at the : after tftp

Is there really a space after "tftp://"? If so, double-check your RME NAT ID, and make sure there is no space there. You should also try performing the copy operation manually to rule out any potential authorization problems on the device.

There was a space in front of the NATTET IP adr.

Now it works.

Thanks a lot :o)

Now it works using SSH, but not with TELNET. We do not run SSH to all devices. On some we use TELNET and some use SSH.

If "Use SSH for software image upgrade and software image import through CLI" is checked, then it allways use SSH for downloading images. If it's not checked, then i will not work using SSH over NAT, but will work with TELNET.

What do i do in a case like this ?

This problem was fixed in RME 4.1 (part of LMS 3.0). If you can't upgrade, you will have to continue to toggle the checkbox when you need to operate on devices with different access policies.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: