Anyone out there have FTP working as a protocol option for modern Cisco routers ISR 4000 and/or Cisco 3900/2900 routers? I get the disallowed on all router devices.
Noticed that I do not have these MIBS which Cisco says is a dependency for Cisco Flash MIB. The MIBS compile but when I try to add them after successful compile MIB Tools throws an error like "Error adding module RFC1212-MIB.mib to the MIB Database". Each MIB compiles but will not add to MIB Tools. Perhaps I don't need these but have to research more.
Can you upload a screenshot of what you are getting when trying to use NCM?
We have had customers in the past use FTP instead of TFTP due to speed issues. Worked for them okay.
Certainly could be a MIB support problem from the device side - Spectrum will already have those loaded.
I get "Operation is not available...." trying FTP, SCP, RCP with IOS-SSH device family but TFTP is allowed. Here's a wireshark of when I tried FTP load firmware task. You can see it does an snmp set "4" for FTP and a response but I'm not certain why it doesn't go forward.
Maybe it is device or MIB doesn't work properly which would mean no one is using it so that why I'm curious. The slowest option does work but takes way to long for 400-500 Meg IOS file over WAN. Using Cisco Prime works for FTP but it doesn't use the MIB. Just wanted to finalize what I can or can't use and why for IOS-SSH family.
Request from Spectrum to router
Response from router to Spectrum, notice error-status: wrongValue (10) --maybe this is the device rejecting, not sure.
188.8.131.52.184.108.40.206.10.1.2.1.1.3 integer 4 is FTP
I assume you have setup the transfer settings already right?
You could Set the NCM_SnmpFirmwareUploadDebugFlag attribute to Yes on the device family collected the debug in the $SPECROOT/SS/VNM.OUT file.
Not sure if we are getting far enough for that debug to kick in but hopefully to get some more info.
Device needs to support CISCO-FLASH-MIB in order for this to work, as far as I know that is the only requirement outside of permissions/privileges.
Yep, have the ftp username and password filled in. This is the debug output from trying to do FTP on an ISR4321 router.
Jul 18 15:39:18 ERROR TRACE at IHHostConfig.cc(1035): Action to determine device support has startedThe device NFABRTR1.vfc.com (0x5610aa) does not support the default family protocol of UnknownDevice 0x5610aa (NFABRTR1.vfc.com) Supports MIB or Script Firmware Upload: FALSEDevice 0x5610aa (NFABRTR1.vfc.com) Supports default reload: TRUEDevice 0x5610aa (NFABRTR1.vfc.com) Supports script cancel reload: TRUEDevice 0x5610aa (NFABRTR1.vfc.com) Supports Script Cancel Reload: TRUEJul 18 15:39:18 ERROR TRACE at IHHostConfig.cc(1365): Action to determine device support has finished
I came across this note on an older case w/ FTP and Cisco:
does not support the default family protocol of Unknown
" The device does not support the default family protocol of unknown." Thiserror message occurs when we try to determine if the device supports theprotocol and it fails. We try and write to the ciscoFlashCopyEntryStatus,the ciscoFlashCopyCommand, and the ciscoFlashCopyProtocol. If the writefails, we determine that the device doesn't support the protocol and weprint this error message.NEXT ACTION:To troubleshoot the FTP issue further what you could do is get a wiresharkcapture from the SpectroSERVER to the device and look at the snmp sets tothe ciscoFlashCopyEntryStatus, ciscoFlashCopyCommand, and theciscoFlashCopyProtocol mib object and check the responses to the snmp set,are there errors? Were we setting a "4" for the ciscoFlashCopyProtocol, didthat fail? The device may not support the FTP protocol.
You're right it is the device. I got this from Cisco case where they tried via CLI. Such a shame!! Will have to look at script option in Spectrum or work on some Python.
I did some research on these MIBs. I notice that RFC1215 is included in Spectrum 10.2. But RFC1212 and SNMPv2-CONF I did not see already included. I then went online and grabbed some copies of the MIBs and get the same error when trying to add them.
I found this communities post which mentions RFC1212 is not a real MIB but contain info on how MIB is written. I didn't find the same for SNMPV2-CONF - but maybe these MIBs are not actually required? As you mention, further research is needed.
MIB adding error (RFC-1212)