How to import configuration via SFTP?
Hi guys,
I would like to upload configuration files to my XGS2210 switches (firmware 4.50) via SFTP but I can't figure out the correct way to do this.
Example:
I back up a configuration from a switch via SFTP:
$ sftp admin@1.2.3.4
admin@1.2.3.4's password:
Connected to 1.2.3.4.
sftp> get /config backup_switchname_2018-03-20.config
Fetching /config to backup_switchname_2018-03-20.config
/config 100% 6572 6.4KB/s 00:00
sftp> bye
$
Now the switch is defective and I would like to restore the configuration saved earlier onto another switch, and do:
$ sftp admin@192.168.1.1
admin@192.168.1.1's password:
Connected to 192.168.1.1.
sftp> put backup_switchname_2018-03-20.config /config
Uploading backup_switchname_2018-03-20.config to /config
backup_switchname_2018-03-20.config 100% 6572 6.5KB/s 00:00
Connection closed
$
As the SFTP connection is closed immediately after upload, I expected that the switch reboots into the new configuration, but it does not. So I tried uploading the config again and followed by either "write memory", "boot config 1", "reload config 1" and combinations of that, in order to activate the config I just uploaded -- but without success.
However, uploading the config via HTTPS works as expected and is currently my unloved fallback, but I would like to streamline and automate initial configuration and recovey via SSH/SFTP.
What is the correct workflow for uploading a configuration via SFTP?
Best regards,
// Veit
I would like to upload configuration files to my XGS2210 switches (firmware 4.50) via SFTP but I can't figure out the correct way to do this.
Example:
I back up a configuration from a switch via SFTP:
$ sftp admin@1.2.3.4
admin@1.2.3.4's password:
Connected to 1.2.3.4.
sftp> get /config backup_switchname_2018-03-20.config
Fetching /config to backup_switchname_2018-03-20.config
/config 100% 6572 6.4KB/s 00:00
sftp> bye
$
Now the switch is defective and I would like to restore the configuration saved earlier onto another switch, and do:
$ sftp admin@192.168.1.1
admin@192.168.1.1's password:
Connected to 192.168.1.1.
sftp> put backup_switchname_2018-03-20.config /config
Uploading backup_switchname_2018-03-20.config to /config
backup_switchname_2018-03-20.config 100% 6572 6.5KB/s 00:00
Connection closed
$
As the SFTP connection is closed immediately after upload, I expected that the switch reboots into the new configuration, but it does not. So I tried uploading the config again and followed by either "write memory", "boot config 1", "reload config 1" and combinations of that, in order to activate the config I just uploaded -- but without success.
However, uploading the config via HTTPS works as expected and is currently my unloved fallback, but I would like to streamline and automate initial configuration and recovey via SSH/SFTP.
What is the correct workflow for uploading a configuration via SFTP?
Best regards,
// Veit
0
Comments
-
Hi @Veit,
Welcome to Zyxel community.
I have followed your description on my XGS2210, the following is my screenshot: (I use SFTP via Windows cmd )
I create VLAN 2 in the backup configuration and restore it back to the switch via SFTP.
I also connect a console cable from my PC to the switch, the following is what I see from the console port.
Therefore, I recommend you may connect a console cable to see if you see "Finish restore configuration" after you restore the configuration.
You may also use "show logging page" to check if there is any system log related to restoring.IN system: Restore system configuration successfully<br>IN system: Save system configuration<br>IN system: Now, start restoring system configuration
Hope it helps.
Jason0 -
Hi @Zyxel_Jason,
thank you for your fast response.
Unfortunately this does not work for me, but your logging hint shows that something is going wrong, though sadly not the reason itself:
Importing a configuration file via SFTP logs the following lines:
---
1 Mar 21 11:35:47 DE interface: Port 1 - LAN link up
2 Mar 21 11:35:44 ER system: Restore system configuration failed
3 Mar 21 11:35:44 IN system: Line:1 Error:Syntax Command:vlan 10
4 Mar 21 11:35:44 DE interface: Port 1 - LAN link down
5 Mar 21 11:35:43 IN system: Now, start restoring system configuration
---
Whereas importing the exact same configuration file via web interface succeeds:
---
1 Mar 21 11:38:25 NO system: Gets the time and date from a time server successfully
2 Mar 21 11:38:20 DE interface: Port 1 - LAN link up
3 Mar 21 11:38:18 DE interface: Port 1 - LAN link down
4 Mar 21 11:38:17 DE interface: Port 1 - LAN link up
5 Mar 21 11:38:15 IN system: Restore system configuration successfully
6 Mar 21 11:38:04 IN system: Save system configuration
7 Mar 21 11:38:00 DE interface: Port 1 - LAN link down
8 Mar 21 11:38:00 IN system: Now, start restoring system configuration
---
As I could not find anything wrong with the configuration file, I played with unix2dos and dos2unix to convert line endings, and I scanned the file for special characters or whatsoever, but all without success.
To ensure that nothing is wrong with my configuration file, I finally reset the switch to factory defaults, downloaded the default configuration via SFTP and uploaded it again -- and even this fails:
---
$ ssh admin@192.168.1.1
admin@192.168.1.1's password:
Copyright (c) 1994 - 2017 Zyxel Communications Corp.
XGS2210# show running-config
Building configuration...
Current configuration:
vlan 1
name 1
normal ""
fixed 1-28
forbidden ""
untagged 1-28
ip address 192.168.1.1 255.255.255.0
exit
interface route-domain 192.168.1.1/24
exit
XGS2210# show logging
1 Jan 01 00:01:23 IN authentication: SSH user admin login [IP address = 192.168.1.2]
2 Jan 01 00:01:21 NO system: System cold start
3 Jan 01 00:01:21 IN system: Image 1 F/W version V4.50(AAZJ.0) | 09/08/2017 boot up
4 Jan 01 00:01:21 AL system: System has reset without management command
---
Now in another tab I downloaded config:
---
$ sftp admin@192.168.1.1
admin@192.168.1.1's password:
Connected to 192.168.1.1.
sftp> get config
Fetching /config to config
/config 0% 341 0.3KB/s 27:19:59 ETA
sftp> bye
---
I cleared logging for easier debugging:
---
XGS2210# clear logging
---
And uploaded the config (without any change) again:
---
$ sftp admin@192.168.1.1
admin@192.168.1.1's password:
Connected to 192.168.1.1.
sftp> put config
Uploading config to /config
config 100% 341 0.3KB/s 00:00
Write failed: Broken pipe
Connection closed
---
But the same problem occured again:
---
XGS2210# show logging
1 Jan 01 00:03:03 DE interface: Port 1 link up
2 Jan 01 00:03:01 ER system: Restore system configuration failed
3 Jan 01 00:03:00 IN system: Line:6 Error:Syntax Command:vlan 1
4 Jan 01 00:02:59 DE interface: Port 1 link down
5 Jan 01 00:02:59 IN system: Now, start restoring system configuration
XGS2210#
---
This is the config downloaded from switch:
---
; Product Name = XGS2210-28
; Firmware Version = V4.50(AAZJ.0) | 09/08/2017
; SysConf Engine Version = 1.2
; Config last updated = = 00:00:00 (UTC) 2016-01-01
vlan 1
name 1
normal ""
fixed 1-28
forbidden ""
untagged 1-28
ip address 192.168.1.1 255.255.255.0
exit
interface route-domain 192.168.1.1/24
exit
---
During firmware upgrade from 4.40 (factory image) to 4.50, the release notes PDF states that an "configuration upgrade" shall be performed by uploading a .rom file to /rom-0 on the switch via FTP, but /rom-0 does neither exist when accessing the switch using FTP nor SFTP, so I assumed this only applies to switches other (maybe bigger) than XGS2210. On my switch I only see "config", "ras-0" and "ras-1", and trying to upload the .rom file to /rom-0 returned an error message.
Might this be the root of this problem?
Thank you in advance for your help.
Best regards,
// Veit
0 -
Update:
Via SFTP instead of FTP I was able to upload the .rom file to /rom-0 without error. I rebooted the switch using "boot config 1" and tried to upload the config file again, but the error persists:
---
$ sftp admin@192.168.1.1
admin@192.168.1.1's password:
Connected to 192.168.1.1.
sftp> ls -l
-rw-rw-rw- 1 owner group 33554432 Jul 01 12:00 config
--w--w--w- 1 owner group 7338278 Jul 01 12:00 ras-0
--w--w--w- 1 owner group 7338278 Jul 01 12:00 ras-1
sftp> put 450AAZJ0C0.rom rom-0
Uploading 450AAZJ0C0.rom to /rom-0
450AAZJ0C0.rom 100% 1280KB 142.2KB/s 00:09
sftp> Write failed: Broken pipe
sftp> bye
---
Cleared logging and issued reboot...
---
$ sftp admin@192.168.1.1
admin@192.168.1.1's password:
Connected to 192.168.1.1.
sftp> put config
Uploading config to /config
config 100% 341 0.3KB/s 00:00
Write failed: Broken pipe
Connection closed
---
---
XGS2210# show logging
1 Jan 01 00:01:37 DE interface: Port 1 link up
2 Jan 01 00:01:35 ER system: Restore system configuration failed
3 Jan 01 00:01:35 IN system: Line:6 Error:Syntax Command:vlan 1
4 Jan 01 00:01:33 DE interface: Port 1 link down
5 Jan 01 00:01:33 IN system: Now, start restoring system configuration
6 Jan 01 00:01:28 IN authentication: SSH user admin login [IP address = 192.168.1.2]
7 Jan 01 00:01:22 NO system: System cold start
8 Jan 01 00:01:22 IN system: Image 1 F/W version V4.50(AAZJ.0) | 09/08/2017 boot up
9 Jan 01 00:01:22 NO system: System has reset due to a management command
XGS2210#
---
0 -
Hi @Zyxel_Jason,
uploading the configuration file via FTP works, too (but is not applicable as we need to disable FTP):
---
28 Jan 02 03:45:27 DE interface: Port 1 link up
29 Jan 02 03:45:24 DE interface: Port 1 link down
30 Jan 02 03:45:23 DE interface: Port 1 link up
31 Jan 02 03:45:21 IN authentication: FTP user admin logout [IP address = 192.168.1.2]
32 Jan 02 03:45:21 IN system: Restore system configuration successfully
33 Jan 02 03:45:13 IN system: Save system configuration
34 Jan 02 03:45:10 DE interface: Port 1 link down
35 Jan 02 03:45:10 IN system: Now, start restoring system configuration
36 Jan 02 03:44:55 IN authentication: FTP user admin login [IP address = 192.168.1.2]
---
I tried various versions of OpenSSH sftp tool, as yours on Cygwin seems to work correctly, but the results remain the same. I tried without success:
- version 7.4p1-13.el7_4 as shipped with CentOS 7.4 x86_64
- version 6.6.1p1-25.el7_2 as shipped with RedHat Enterprise Linux 7.2 x86_64
- version 6.1p1 built from vanilla sources
Regards,
// Veit
0 -
Uploading the file via curl (built against libssh2 for SFTP support) instead of using OpenSSH sftp fails equally:
---
-(~:$)-> curl --upload-file config sftp://admin:1234@192.168.1.1/config
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 338 0 0 100 338 0 147 0:00:02 0:00:02 --:--:-- 147
100 338 0 0 100 338 0 147 0:00:02 0:00:02 --:--:-- 147
---
---
2 Jan 02 04:20:47 DE interface: Port 1 link up
3 Jan 02 04:20:45 ER system: Restore system configuration failed
4 Jan 02 04:20:44 IN system: Line:5 Error:Syntax Command:vlan 1
5 Jan 02 04:20:42 DE interface: Port 1 link down
6 Jan 02 04:20:42 IN system: Now, start restoring system configuration
7 Jan 02 04:20:39 IN authentication: SSH user admin login [IP address = 192.168.1.2]
---
0 -
Hi @Zyxel_Jason,
could you be so kind to test restoring config using SFTP on an actual XGS2210-28?
As I can reproduce this problem across different SFTP clients on different computers with different OS, but it works for you, the most striking difference seems to be that I am on XGS2210-28 but you tested on a PoE+ model of this series.
This leads me to the assumption, that this might be a bug in the model-specific firmware for my model. Although I run 27 ZyXEL switches so far, unfortunately all of them are XGS2210-28.
Best regards,
// Veit
0 -
Hi @Veit,
Sorry for the late response.
I have reproduced the same symptom on my XGS2210-28HP via SFTP by using Linux OS.
Our internal team will verify it and I will update on the forum once I get the result.
During this time, hope you may use HTTPS first to restore your configuration.
Thanks.
Jason0 -
Hi @Zyxel_Jason,
thanks for your reply. I will patiently wait for the results, but I would like to add that I successfully updated the firmware of all our ZyXEL switches using SFTP from the same clients that I try to use to restore the config from, and I experienced not a single problem with firmware transfers.
Could you please provide information on whether updating the .rom file from firmware releases is required and what it does? Just because updating the firmware through the web interface does not request a .rom file at all and until yesterday I assumed that the XGS2210-28 doesn't even take it as in SFTP/FTP no /rom-0 or /rom-1 is shown. I would have to schedule a change to update and reboot the switches that are in production at the moment.
Thank and regards,
// Veit
0 -
Hi @Veit,Note: We will update the release note this reset configuration part in the next firmware release.Uploading .rom file to XGS2210 series via SFTP/FTP is the way to reset the configuration to factory default.
After uploading the .rom file successfully, the Switch needs a reboot to complete the "reset factory default".
XGS2210 series has dual ROM, but the uploading place is according to the running ROM.
Therefore, there is only one command "put <.rom file> rom-0" to upload the file.
EX: Although you are running image 2, the command still is "put <.rom file> rom-0".
Hope it helps.
Jason0 -
Hi @Zyxel_Jason,
thank you very much. Thank goodness I did not "update" rom-0 on the production switches...
Thanks,
// Veit
0
Categories
- All Categories
- 415 Beta Program
- 2.4K Nebula
- 146 Nebula Ideas
- 96 Nebula Status and Incidents
- 5.7K Security
- 262 USG FLEX H Series
- 271 Security Ideas
- 1.4K Switch
- 74 Switch Ideas
- 1.1K Wireless
- 40 Wireless Ideas
- 6.4K Consumer Product
- 249 Service & License
- 387 News and Release
- 84 Security Advisories
- 29 Education Center
- 10 [Campaign] Zyxel Network Detective
- 3.5K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 85 About Community
- 73 Security Highlight