Problems upgrading some of my HiveOS AP330's

  • 1
  • Question
  • Updated 3 years ago
  • Answered
Hi All

I have just upgraded my HM (on-site vm) to version 6.1r1. I then proceeded to download the AP330-350-6.1r1.img HiveOS and upgraded one of my network of AP's and all went very smoothly. I then proceeded to upgrade the HiveOS on my next network but this time I get an error saying that my SCP credentials are incorrect. See attached image. Not sure where to go from here..

Thanks

Adam
Photo of Adam Black

Adam Black

  • 9 Posts
  • 5 Reply Likes

Posted 5 years ago

  • 1
Photo of Jonathan Hurtt

Jonathan Hurtt

  • 98 Posts
  • 48 Reply Likes
Any chance that a Firewall or Content Filter would be blocking TCP Port 22?
Photo of Brian Ambler

Brian Ambler

  • 245 Posts
  • 126 Reply Likes
Hi Adam,

Going off of Jonathan's comment, you could switch the device's CAPWAP transport from UDP to TCP at the CLI using the following commands:
< capwap client transport http >
< capwap client server port 80 >

This change will cause the HiveManager to push the complete config out over HTTPS (TCP 443) rather than SCP (TCP 22). If you suspect a firewall issue, this can be an easy way to determine that, providing TCP 80/443 are open outbound through your firewall.

In the event that there is a firewall issue, make sure you have UDP 12222, TCP 22, TCP 80 and TCP 443 outbound to your HiveManager. This will ensure that you will not see any issues due to the AP being unable to communicate with HiveManager.

Hope this helps
Photo of Adam Black

Adam Black

  • 9 Posts
  • 5 Reply Likes
Hi guys,

There is no firewall between the HM and the AP's but I changed the AP's to http capwap and it work via http. So thanks a mill for your help guys but I don't have a lot of time to discover why scp did not work.

Thanks

Adam
Photo of Brian Ambler

Brian Ambler

  • 245 Posts
  • 126 Reply Likes
Hi Adam,

I am glad to hear that changing the CAPWAP transport from UDP to TCP resolved your short term problem, though I will admit that I am curious as to why you experienced the issue in the first place. If you wind up finding some time down the road to troubleshoot this issue further I'm sure this community could benefit from hearing your resolution.

Cheers,
Brian
Photo of Adam Black

Adam Black

  • 9 Posts
  • 5 Reply Likes
Will do Brian..
Photo of Anjanesh Babu

Anjanesh Babu

  • 68 Posts
  • 7 Reply Likes
"An error occurred when executing the following CLI command: save image tftp://192.10.100.1:AP121-141-6.1r1.img.S no-prompt.The Aerohive device cannot connect to the TFTP server."

Perhaps related - or maybe not. Had a problem with upgrading all APs since yesterday with the new HM 64 bit vm.

On the advise of Tech support , changed the setting to SCP and this resolved the situation.

Unsure what or how this fixed the problem but it did.
No firewall - AP/ HM on same network .
Photo of Adam Black

Adam Black

  • 9 Posts
  • 5 Reply Likes
Not sure but maybe sftp service on your HM was not running? I have no idea why mine worked over http and not over ssh/scp yet I could ssh to the HM manually.
Photo of Anjanesh Babu

Anjanesh Babu

  • 68 Posts
  • 7 Reply Likes
Adam,
Yes - you are right. The TFTP service was turned off by default on the new VM. Since I imported the database and settings , I assumed all settings would be carried over . Apparently not.
Have turned on the tftp service and everything is back to normal.

Thanks for the tip.
Photo of Anjanesh Babu

Anjanesh Babu

  • 68 Posts
  • 7 Reply Likes
Two years later, another vm and same problem . This time the TFTP service was on by default and the issue cropped up again.


Went back into upload settings and switched to SCP , checked that distributed software  was disabled. 
Upload now successful.
Photo of Malcolm Snelgrove

Malcolm Snelgrove

  • 21 Posts
  • 2 Reply Likes
Hi,
I just spent hours trying to get a AP configured and  Brian Ambler,  tip above helped. 
This was with HWOL, and I was getting a save SCP config error "unknown error".

I first had to console in and change the CAPWAP client details to point to the correct HWOL instance. Then changing to http got the AP to automatically upload the new config and reboot. And now it is under the Configured Devices instead of Unconfigured.


You would think a firewall or something was blocking the UDP port, but it is now working happily on the UDP port with the new config and with all the other APs on the same switch!
Regards,
Malcolm Snelgrove