DX NetOps

I'm trying to setup some remedial actions within NCM for Cisco IOS devices. The devices are in the Cisco IOS - SSH Capable family which should NOT need to use TFTP - it doesn't use TFTP for config capture so why is it trying to use it for upload?

A network trace shows a SSH conversation with the router followed by a series of TFTP read attempts initiated by the router, all of which fail with an access violation TFTP error. The trace shows that the router is attempting to upload a file named SCM_0x4765de (0x4756de is the Model_Handle of the device).

We do have TFTP configured in the TFTP Configuration section of the Configuration Manager and it is running. Examining the TFTP directory during the time when the  command was being executed did NOT show any file present in the directory.

Is there someplace where the upload method is defined? Shouldn't this be using a SSH Expect script?

Some things to check:

1. Check the permissions of the TFTP Server. We use the SNMP/TFTP option but had a lot of issues with permissions.

2. Make sure there are no firewalls blocking TFTP. TFTP uses high port numbers for communication and these are usually stopped by firewalls.

3. Make sure there are no ACL's on the devices themselves stopping either SSH or TFTP.

4. Use a sniffer (tcpdump/wireshark) to see what is going on - it helps.

basically when you click the update config button, Spectrum writes the SCM_ file to the TFTP directory, then uses TFTP to send it - after it's done or has an error the SCM_ file is removed again.

Regards,

Frank

Frank,

Thanks for your thoughts.

- The TFTP directory is 777 and files created there by the spectrum user are world-readable

- No firewalls or ACLs involved

- A packet capture is what showed the filename - the router had obviously been told to fetch the particular file and was requesting it. As I mentioned, I repeatedly listed the directory during the period when it was trying to get the file and no file was ever seen in the directory.

Still puzzled