Brocade Fibre Channel Networking Community

Expand all | Collapse all

configdownload fails with notpermitted

  • 1.  configdownload fails with notpermitted

    Posted 03-14-2020 01:51 PM
    Hi,

    Just upgraded and wiped a Brocade 6505 switch to 8.2.2

    Switch has ben rebooted and disabled with #switchdisable command

    The new config is vendor provided and should be downloaded via the #configdownload command.​​

    However when I try to download, I get :

    configDownload not permitted

    2020/03/14-12:17:51, [CONF-1023], 298, FID 128, INFO, sw1, configDownload failed for switch.

    Have tried both as the admin and root user on the switch.

    Any ideas?

    BR Bjorn

     



  • 2.  RE: configdownload fails with notpermitted

    Posted 03-15-2020 11:06 PM
    Is there any additional error information if you tried errshow command?


  • 3.  RE: configdownload fails with notpermitted

    Posted 03-17-2020 10:18 AM
    Hi,
    This message is also present:
    Invalid Value for Log Primary Authentication Status. Please enter 'yes' or 'no' for Log Primary Authentication Status.

    We succedded with the download by uploading a config from a switch running 8.2.1b , (the problematis switch ran 8.2.2)
    and then downloading that config to the switch.

    LOG:
    configDownload operation may take several minutes
    to complete for large files.
    Do you want to continue [y/n]: y
    Password:

    Invalid Value for Log Primary Authentication Status. Please enter 'yes' or 'no' for Log Primary Authentication Status.

    Doing configDownload on switch ...

    configDownload not permitted
    2020/03/14-14:21:15, [CONF-1023], 376, FID 128, INFO, sw1, configDownload failed for switch.
    BR Björn


  • 4.  RE: configdownload fails with notpermitted

    Posted 03-18-2020 04:08 AM

    Hi Bjorn,

    The "primary authentication status" can be checked with the "aaaconfig –show" command. So I would expect a discrepancy between the status on the switch and the config file.

    Sample from the CLI: (at the bottom of the output.)

     

    switch:admin> aaaconfig --show

    RADIUS CONFIGURATIONS

    =====================

    Position : 1

    Server : 1.2.3.4

    Port : 1812

    Secret : ********

    Timeout(s) : 3

    Auth-Protocol : CHAP

    Encryption level : AES256

    LDAP CONFIGURATIONS

    ===================

    Position : 1

    Server : 10.38.37.183

    Port : 389

    Domain : la12security.brocade.com

    Timeout(s) : 3

    TACACS+ CONFIGURATIONS

    =====================

    Position : 1

    Server : 1.1.1.1

    Port : 49

    Secret : ********

    Timeout(s) : 3

    Auth-Protocol : CHAP

    Encryption level : AES256

    Primary AAA Service: TACACS+

    Secondary AAA Service: Switch database

    Log Primary Authentication Status: no

     

    Thanks,

    Ed




  • 5.  RE: configdownload fails with notpermitted

    Posted 03-18-2020 12:43 PM
    Hi Ed,

    Could have been the case, can´t check now since we downloaded another config.

    But before configdownload we performed configdefault and cfgclear.

    I was under the impression that in that state any valid config should be downloadable/installable?

    BR Björn


  • 6.  RE: configdownload fails with notpermitted

    Posted 03-19-2020 03:09 AM
    That is what I would expect as well.
    I came across lately that for really wiping a switch, one should do a firmwarecleaninstall. Not sure if that would have made a difference though.
    Regards,
    Ed