Introducing SOC Insights for BloxOne Threat Defense: Boost your SOC efficiency with AI-driven insights to eliminate manual work and accelerate investigation and response times. Read the blog announcement here.

Network Change & Configuration Management

Reply

Troubleshoot Cisco Switch IOS Upgrade

New Member
Posts: 3
7107     0

Hi everybody,

 

I am trying to run the script below to download a Cisco IOS image from our server that we have setup.

 

I selected "scp" and "Download Only" when starting this and the problem I am getting is that the code isn't downloading the image to the switch and when checking the commands the switch ran, it isn't there.

 

I was wondering if anybody can help me with this.

 

Thanks!

 

Script-Filter:
#	PLEASE REVIEW BEFORE USING!!!
#
#	This script content is provided to the user as is and is not 
#	warranted or guaranteed against specific vendor devices or user 
#	scenarios. It is provided by Infoblox to the user of this platform
#	as an example, and should not be executed against production network
#	devices unless the user has reviewed and/or made the proper 
#	modification to assure safe execution in specific network 
#	configurations. Please contact your Infoblox representative or 
#	Infoblox support if you have questions or concerns about how to 
#	safely use the following scripted content in your network.
#
#	You MUST check the "enable_changes" option for any commands to
#	be executed. When NOT selected, the script will log the commands it
#	would execute, but not download files or make changes to the device.
#
#	You may specify addtional path information in the server field when
#	using the ftp and http protocols.
#	
#	If multiple protocols are selected, only one will be used. Order of
#	preference is http, scp, ftp, then tftp.
#
#	The clean_flash option will attempt to free space in flash by 
#	deleting common files such as crash dumps and misc html files. 
#	If you use this option, you may want to adjust the file pattern 
#	matches in the "Delete Files" action.
#   
#	Use of scp requires that the device currently be running an image
#	with crypto support (a.k.a., a "k9" image). 
#
#	If you use scp, the password will appear in the process log of
#	the Job details viewer. Use a dedicated, restricted account for this.
#	In addition, the image file must exist in the user's home directory.
#
#	To use ftp transfer, you must first define ftp user, password, and
#	mode settings (i.e., ip ftp username, ip ftp password, ip ftp passive)
#
#	The current running image AND the new image MUST end in ".bin". 
#	This means if you are currently using a running image that was not
#	copied with its original filename intact, you must manually correct
#	this before using this script.
#
#	The script will not do a force delete of the current running image
#	from flash, if it exists. This is to help prevent leaving a device
#	without an image if there is a problem during the file copy.
#
#	The download only option will copy the new file to flash if needed,
#	but will not change the configuration or attempt to reload the device.
#
#	It is not necessary to specify either of the "reload_now" or 
#	"reload_cmd" options. Devices can be manually restarted later or
#	perhaps reloaded by another script.

	$Vendor eq "Cisco"   and
	$sysDescr like /IOS/
#	( $model like /^C29(?:6|8)\d{1}(?:SXM)?/  or
#	  $model like /^3(?:6|7|8)\d{2}(?:XM)?$/ )

Script-Variables:
	$use_scp		boolean
	$use_http		boolean
	$use_ftp		boolean
	$use_tftp		boolean
	$server			string		"Enter server/path info here"
	$new_image_name		string		"Enter image name here"
	$new_image_size		string		"Enter size of file in bytes"	number
	$new_image_md5		string		"Enter md5 hash here"
	$scp_username		string		"Enter username if using scp"
	$scp_password		password	"x"
	$download_only		boolean
	$clean_flash		boolean
	$reload_cmd		string		"Enter reload in command here"
	$reload_now		boolean
	$enable_changes		boolean

#########################################################################
Action:
	Set Variables and Download Method

Action-Description:
	Set method of download based on above variables.
	If one of these are not set the script will fail. 

Action-Commands:
	SET: $runscript = "no"
	SET: $have_current_image = "no"
	SET: $usehttp = "no"
	SET: $useftp = "no"
	SET: $usetftp = "no"
	SET: $usescp = "no"

Action-Commands: { $use_http eq "on" }
	SET: $usehttp = "yes"
	SET: $runscript = "yes"

Action-Commands: { $usehttp eq "no" and $use_scp eq "on" }
	SET: $usescp = "yes"
	SET: $runscript = "yes"

Action-Commands: { $usehttp eq "no" and $usescp eq "no" and $use_ftp eq "on" }
	SET: $useftp = "yes"
	SET: $runscript = "yes"

Action-Commands: { $usehttp eq "no" and $usescp eq "no" and $useftp eq "no" and $use_tftp eq "on" }
	SET: $usetftp = "yes"
	SET: $runscript = "yes"

#########################################################################
Action:
	Delete Files

Action-Description:
	Delete various files if selected.  This frees up space for the new file.
	This script can only handle up to a total of nine image files in flash.

	This action requires that a download protocol was selected.  If
	one of these are not set, the new file can not be downloaded.
	
	Set the terminal length to 0 so that results are not paginated.
	You may want to adjust some of the delete statements below to suit
	your site.

Action-Filter:
	$runscript ne "no"

Action-Commands: { $enable_changes eq "on" and $clean_flash eq "on" }
	delete /force flash:*.html\r
	delete /force flash:*.TXT\r
	delete /force flash:*.gif\r
	delete /force flash:*.js\r
	delete /force flash:*.log\r
	delete /force flash:*.template\r
	delete /force flash:*.pkg\r
	delete /force flash:*.sdf\r
	delete /force flash:*.tar\r
	delete /force flash:*.shtml\r
	delete /force flash:*.cfg\r
	delete /force flash:/crash*\r
	delete /force flash:*.zup\r
	delete /force flash:*.sbin\r
	delete /force flash:*.loads\r
	delete /force flash:*.sb2\r
	delete /force flash:*.sbn\r
	delete /force flash:*.cfg\r
	delete /force flash:*.au\r
	delete /force flash:crash*\r
	delete /force flash:P00*\r
	delete /force flash:S00*\r
	delete /force flash:cmterm*\r
	delete /force /rec html\r

Action-Commands: { $enable_changes eq "off" and $clean_flash eq "on" }
	DEBUG:delete /force flash:*.html\r
	DEBUG:delete /force flash:*.TXT\r
	DEBUG:delete /force flash:*.gif\r
	DEBUG:delete /force flash:*.js\r
	DEBUG:delete /force flash:*.log\r
	DEBUG:delete /force flash:*.template\r
	DEBUG:delete /force flash:*.pkg\r
	DEBUG:delete /force flash:*.sdf\r
	DEBUG:delete /force flash:*.tar\r
	DEBUG:delete /force flash:*.shtml\r
	DEBUG:delete /force flash:*.cfg\r
	DEBUG:delete /force flash:/crash*\r
	DEBUG:delete /force flash:*.zup\r
	DEBUG:delete /force flash:*.sbin\r
	DEBUG:delete /force flash:*.loads\r
	DEBUG:delete /force flash:*.sb2\r
	DEBUG:delete /force flash:*.sbn\r
	DEBUG:delete /force flash:*.cfg\r
	DEBUG:delete /force flash:*.au\r
	DEBUG:delete /force flash:crash*\r
	DEBUG:delete /force flash:P00*\r
	DEBUG:delete /force flash:S00*\r
	DEBUG:delete /force flash:cmterm*\r
	DEBUG:delete /force /rec html\r

Action-Commands:
	terminal length 0
	show ver

Output-Triggers:
	Find Running Image
	Failed Determining Active IOS Image

########################################################################
Trigger:
	Find Running Image

Trigger-Description:
	This trigger determines the running IOS filename and calls a
	second trigger that looks for the new IOS image in flash. The
	command specifically looks only for .bin files.

Trigger-Variables:
	$currentbootimage	/\w\d{4}[\w\-\.]+\.bin/

Trigger-Template:
	flash:[[$currentbootimage]]

Trigger-Filter:
	$runscript ne "no"

Trigger-Commands:
	dir /all
	SET: $have_current_image = "yes"

Output-Triggers:
	Check Files and Delete

########################################################################
Trigger:
	Check Files and Delete

Trigger-Description:
	This trigger looks for the user-supplied new image name in the
	output of the "dir" command in the previous trigger.

	$imagename must be a string of characters ending in ".bin".

	The $file variable is used to determine each file's position in flash.
	This allows the script to keep track of the number of image files in flash.
	
	If the .bin file is not the running image or the new image delete it
	to make room.

	$dir needs to match date strings as well as <no date> in case
	a file was uploaded to the device when the date/time was not available.
	For example, it must properly pull the file sequence and .bin file
	name from both of these:

    1  -rw-     8699556  Mar 13 2007 22:27:30 +00:00  c3660-i-mz.123-9e.bin
    3  -rw-     8477240                    <no date>  c3660-i-mz.123-3i.bin

Trigger-Variables:
	$file   	/\d+/
	$read		/\s*-\w+-\s*/
	$size		/\d+/	
	$dir 		/\s*[<|>]\w+\s\w+[<|>]\s+|\s*\w*\s*\d*\s*\w+\s*\d+\s*\d+\s*\d+:\d+:\d+\s*[\+|-]\d+:\d+\s*/
	$imagename   	/\w\d{4}[\w\-\.]+\.bin/

Trigger-Template:
	[[$file]][[$read]][[$size]][[$dir]][[$imagename]]

Trigger-Commands: { $imagename eq $new_image_name }
	verify /md5 flash:$imagename

Trigger-Commands: { $imagename ne $currentbootimage and $imagename ne $new_image_name and $enable_changes eq "on" }
	del /force $imagename\r

Trigger-Commands: { $imagename ne $currentbootimage and $imagename ne $new_image_name and $enable_changes eq "off" }
	DEBUG:del /force $imagename\r

Output-Triggers:
	Check Image MD5 Hash

########################################################################
Trigger:
	Check Image MD5 Hash

Trigger-Description:
	Test that the calculated image MD5 hash matches the user-supplied value.

Trigger-Variables:
	$imagemd5 /[[:xdigit:]]+/

Trigger-Filter:
	$imagename eq $new_image_name

Trigger-Template:
	.+Done!
	.+ = [[$imagemd5]]

Trigger-Commands: { $imagemd5 eq $new_image_md5 }
	SET: $havenewimage = "yes"
	SET: $nofireissue = "yes"

Trigger-Commands: { $imagemd5 ne $new_image_md5 }
	SET: $corruptnewimage = "yes"
	SET: $nofireissue = "yes"

Output-Triggers:
	Corrupt IOS Image File

#########################################################################
Action:
	Squeeze

Action-Description:
	Determine if deleted files are in flash, if so, try to squeeze the
	flash to make room. It is ran at this point in case a previous copy 
	failed or we need to squeeze deleted files from the first action.

	This is an action so that it is not called after each file delete.

Action-Filter:
	$runscript ne "no" and $have_current_image eq "yes"

Action-Commands:
	dir /all

Output-Triggers:
	Deleted
	Run Squeeze
	
#########################################################################
Trigger:
	Deleted

Trigger-Description:
	Determine if there are deleted files still in flash. Deleted files
	will show in between brackets [].

Trigger-Template:
	\[\S+\]

Trigger-Commands:
	SET: $deleted = "yes"

#########################################################################
Trigger:
	Run Squeeze

Trigger-Description:
	Squeeze flash if deleted files were found. Also do another dir
	command to determine free space left in flash.

Trigger-Timeout:
	1500

Trigger-Filter:
	$runscript ne "no"

Trigger-Commands: { $deleted eq "yes" and $enable_changes eq "on" }
	squeeze flash:\r

Trigger-Commands: { $deleted eq "yes" and $enable_changes eq "off" }
	DEBUG:squeeze flash:\r

Trigger-Commands: { $enable_changes eq "on" }
	dir /all

Trigger-Commands: { $enable_changes eq "off" }
	DEBUG:dir /all

Output-Triggers:
	Check Space

########################################################################
Trigger:
	Check Space

Trigger-Description:
	This trigger determines if there is enough space in flash to load
	the new image. The dir command output from the previous trigger is
	parsed to determine free space remaining.

	If we don't already have the new image in flash, and there is not
	enough space to download it, fire an issue.

Trigger-Variables:
	$flash		/\d+/	number
	$paren		/\(/
	$freespace	/\d+/	number

Trigger-Template:
	[[$flash]] bytes total [[$paren]][[$freespace]] bytes free

Trigger-Commands: { $freespace >= $new_image_size }
	SET: $spaceavailable = "yes"

Output-Triggers:
	Insufficient Space for IOS Image

#########################################################################
Action:
	Download IOS

Action-Description:
	Copy the new image file to flash via SCP, TFTP, FTP or HTTP.

Action-Timeout:
	5400

Action-Filter:
	$runscript ne "no" and
	$havenewimage ne "yes" and 
	$spaceavailable eq "yes" and
	$have_current_image eq "yes"

Action-Commands: { $usehttp eq "yes" and $enable_changes eq "on" }
	copy http://$server/$new_image_name flash:$new_image_name\r\rn\r
	verify /md5 flash:$new_image_name
	SET: $havenewimage = "yes"

Action-Commands: { $usehttp eq "yes" and $enable_changes eq "off"}
	DEBUG:copy http://$server/$new_image_name flash:$new_image_name\r\rn\r
	DEBUG:verify /md5 flash:$new_image_name
	SET: $havenewimage = "yes"

Action-Commands: { $usescp eq "yes" and $enable_changes eq "on" }
	copy scp://$server/$new_image_name flash:$new_image_name\r$scp_username\r\rn$scp_password\r
	verify /md5 flash:$new_image_name
	SET: $havenewimage = "yes"

Action-Commands: { $usescp eq "yes" and $enable_changes eq "off"}
	DEBUG:copy scp://$server/$new_image_name flash:$new_image_name\r$scp_username\r\rn$scp_password\r
	DEBUG:verify /md5 flash:$new_image_name
	SET: $havenewimage = "yes"

Action-Commands: { $useftp eq "yes" and $enable_changes eq "on"}
	copy ftp://$server/$new_image_name flash:$new_image_name\r\rn
	verify /md5 flash:$new_image_name
	SET: $havenewimage = "yes"

Action-Commands: {$useftp eq "yes" and $enable_changes eq "off"}
	DEBUG:copy ftp://$server/$new_image_name flash:\r\rn
	DEBUG:verify /md5 flash:$new_image_name
	SET: $havenewimage = "yes"

Action-Commands: { $usetftp eq "yes" and $enable_changes eq "on" }
	copy tftp://$server/$new_image_name flash:\r\rn\r
	verify /md5 flash:$new_image_name
	SET: $havenewimage = "yes"

Action-Commands: { $usetftp eq "yes" and $enable_changes eq "off"}
	DEBUG:copy tftp://$server/$new_image_name flash:\r\rn\r
	DEBUG:verify /md5 flash:$new_image_name
	SET: $havenewimage = "yes"

Output-Triggers:
	Check Image MD5 Hash
	Check Download Complete

########################################################################
Trigger:
	Check Download Complete

Trigger-Description:
	Verify download completed successfully.

Trigger-Template:
	%Error

Trigger-Commands:
	SET: $copyfail = "yes"

Output-Triggers:
	IOS Image File Copy Failed

#########################################################################
Action:
	Change Boot Image and Verify Changes

Action-Description:
	Since this is a new action we need to redetermine the running version
	and change the boot system flash: commands in the following triggers.

Action-Filter:
	$runscript ne "no" and $have_current_image eq "yes"

Action-Commands:
	show ver
	show flash:

Output-Triggers:
	Update Boot Sequence
	IOS Upgrade Succeeded
	IOS Upgrade Failed
	Flash Squeeze Operation Failed
	Incorrect or Missing Boot Commands

#########################################################################
Trigger:
	Update Boot Sequence

Trigger-Description:
	Make the new file the first boot image and the current image
	the second boot image by updating the configuration and saving
	to NVRAM.

Trigger-Variables:
	$currentimageverify	/[\w\-\.]+\.bin/

Trigger-Filter:
	$havenewimage eq "yes"
	and $download_only eq "off"
	and $spaceavailable eq "yes"

Trigger-Template:
	flash:[[$currentimageverify]]

Trigger-Commands: { $havenewimage eq "yes" and $enable_changes eq "on"}
	config terminal
	no boot system
	boot system flash:$new_image_name
	boot system flash:$currentimageverify
	end
	write memory
	show start | include boot system
	SET: $bootchange = "yes"

Trigger-Commands: { $havenewimage eq "yes" and $enable_changes eq "off"}
	DEBUG:config terminal
	DEBUG:no boot system
	DEBUG:boot system flash:$new_image_name
	DEBUG:boot system flash:$currentimageverify
	DEBUG:end
	DEBUG:write memory
	show start | include boot system
	SET: $bootchange = "yes"

Output-Triggers:
	Verify Boot

#########################################################################
Trigger:
	Verify Boot

Trigger-Description:
	Verify that the boot statements	exist for the new IOS image that
	was installed into flash. Then run another dir command.

Trigger-Template:
	boot system flash:$new_image_name
	boot system flash:$currentimageverify

Trigger-Commands:
	SET: $bootexists = "yes"
	dir /all

Output-Triggers:
	Verify Squeeze

#########################################################################
Trigger:
	Verify Squeeze

Trigger-Description:
	Verify that the squeeze command completed by checking that no deleted
	files appear in flash.

Trigger-Template:
	\[\S+\]

Trigger-Commands:
	SET: $squeezefailed = "yes"

#########################################################################
Issue:
	Insufficient Space for IOS Image

Issue-ID:
	IOSUpgradeNoSpace

Issue-Severity:
	Warning

Issue-Description:
	Insufficient storage space in flash to install the new IOS image.

Issue-Filter:
	$spaceavailable ne "yes" and
	$nofireissue ne "yes"

Issue-Details:
	Host		$IPAddress
	Name		$Name
	SpaceNeeded	$new_image_size
	SpaceAvailable	$freespace
	InstalledFlash	$flash

#########################################################################
Issue:
	IOS Image File Copy Failed

Issue-ID:
	IOSUpgradeCopyFailed

Issue-Severity:
	Error

Issue-Description:
	There was an error during the IOS image copy.

Issue-Filter:
	$copyfail eq "yes"

Issue-Details:
	Host		$IPAddress
	Name		$Name

#########################################################################
Issue:
	IOS Upgrade Succeeded

Issue-ID:
	IOSUpgradeComplete

Issue-Severity:
	Info

Issue-Description:
	The IOS upgrade completed successfully.

Issue-Filter:
	$bootexists eq "yes" and
	$havenewimage eq "yes" and
	$squeezefailed ne "yes"

Issue-Details:
	Host		$IPAddress
	Name		$Name

#########################################################################
Issue:
	IOS Upgrade Failed

Issue-ID:
	IOSUpgradeFailed

Issue-Severity:
	Error

Issue-Description:
	The IOS upgrade failed.  The boot commands are not in the configuration,
	the new image doesn't exist in flash, or deleted files are still present 
	(squeeze operation failed).

Issue-Filter:
	($bootexists ne "yes" and
	 $download_only eq "off") or
	$havenewimage ne "yes"    or
	$squeezefailed eq "yes"   or
	$spaceavailable ne "yes"

Issue-Details:
	Host		$IPAddress
	Name		$Name

#########################################################################
Issue:
	Flash Squeeze Operation Failed

Issue-ID:
	IOSUpgradeSqueezeFailed

Issue-Severity:
	Warning

Issue-Description:
	Squeeze operation failed.  Deleted files still appear in flash.

Issue-Filter:
	$squeezefailed eq "yes"

Issue-Details:
	Host		$IPAddress
	Name		$Name

#########################################################################
Issue:
	Incorrect or Missing Boot Commands

Issue-ID:
	IOSUpgradeBootIncorrect

Issue-Severity:
	Error

Issue-Description:
	Boot commands are incorrect or missing from the configuration.

Issue-Filter:
	$bootexists ne "yes"    and
	$download_only eq "off" and
	$nofireissue ne "yes"

Issue-Details:
	Host		$IPAddress
	Name		$Name

#########################################################################
Issue:
	Corrupt IOS Image File

Issue-ID:
	IOSUpgradeCorruptImage

Issue-Severity:
	Error

Issue-Description:
	The new image file was found in flash, but the MD5 checksum didn't match.

Issue-Filter:
	$corruptnewimage = "yes"

Issue-Details:
	Host		$IPAddress
	Name		$Name
	imagename	$new_image_name
	BadMD5		$imagemd5

#########################################################################
Issue:
	Failed Determining Active IOS Image

Issue-ID:
	IOSUpgradeCurrentImage

Issue-Severity:
	Error

Issue-Description:
	Unable to determine the name of the currently active image.

Issue-Filter:
	$have_current_image ne "yes"

Issue-Details:
	Host		$IPAddress
	Name		$Name

#########################################################################
Action:
	Reload Now

Action-Description:
	Reload the device one minute after a successful upgrade. This delay 
	is necessary since NetMRI expects a response when a command is entered.

Action-Filter:
	$reload_now eq "on"     	and
	$have_current_image eq "yes" 	and
	$bootexists eq "yes"    	and
	$havenewimage eq "yes"  	and
	$squeezefailed ne "yes"

Action-Commands: { $enable_changes eq "on" }
	reload in 1\r

Action-Commands: { $enable_changes eq "off" }
	DEBUG:reload in 1\r

#########################################################################
Action:
	Reload Later

Action-Description:
	Reload the device at a scheduled time or a specific interval
	after a successful upgrade.

	The reload command entered at startup is directly executed.

	For example, "reload at 02:00" can be used to defer restart until
	early in the morning. Other options are available to the reload
	command.

Action-Filter:
	$reload_cmd not like /Enter reload in command here/ and
	$have_current_image eq "yes"	and
	$bootexists eq "yes"    	and
	$havenewimage eq "yes"  	and
	$squeezefailed ne "yes"

Action-Commands: { $enable_changes eq "on" }
	$reload_cmd\r

Action-Commands: { $enable_changes eq "off" }
	DEBUG:$reload_cmd\r

#########################################################################
##                            End of Script                            ##
#########################################################################

Re: Troubleshoot Cisco Switch IOS Upgrade

Adviser
Posts: 65
7107     0

This is the IOS upgrade script that we provide out of the box, with the script just as is an no indications or logs as to what went wrong on your end it is hard to guess where it ran into a snag.

 

Have a look at the different job logs and share them if you want another set of eyes on them.

Re: Troubleshoot Cisco Switch IOS Upgrade

New Member
Posts: 3
7107     0

Hi Ingmar,

 

Here is Session Log that shows what the switch is doing when running the script.

 

From the looks of it, it doesn't even run the copy scp command to download the image from the scp server I have setup.

 

Cisco Switch#
Cisco Switch#enable
Cisco Switch#
Cisco Switch#terminal no monitor
Cisco Switch#terminal no editing
Cisco Switch#terminal length 0
Cisco Switch#terminal length 0
Cisco Switch#show ver
Cisco IOS Software, C3560CX Software (C3560CX-UNIVERSALK9-M), Version 15.2(4)E6, RELEASE SOFTWARE (fc4)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2018 by Cisco Systems, Inc.
Compiled Thu 05-Apr-18 03:17 by prod_rel_team

ROM: Bootstrap program is C3560CX boot loader
BOOTLDR: C3560CX Boot Loader (C3560CX-HBOOT-M) Version 15.2(4r)E5, RELEASE SOFTWARE (fc4)

Cisco Switch uptime is 30 weeks, 5 days, 14 hours, 29 minutes
System returned to ROM by power-on
System restarted at 01:28:54 UTC Thu Jan 17 2019
System image file is "flash:c3560cx-universalk9-mz.152-4.E6.bin"
Last reload reason: Reload command



This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.

A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html

If you require further assistance please contact us by sending email to
export@cisco.com.

License Level: ipbase
License Type: Default. No valid license found.
Next reload license Level: ipbase

cisco WS-C3560CX-8TC-S (APM86XXX) processor (revision G0) with 524288K bytes of memory.
Processor board ID XXX
Last reset from reload command
3 Virtual Ethernet interfaces
12 Gigabit Ethernet interfaces
The password-recovery mechanism is enabled.

512K bytes of flash-simulated non-volatile configuration memory.
Base ethernet MAC Address       : XX:XX:XX:XX:XX:XX
Motherboard assembly number     : 73-16472-05
Power supply part number        : 341-0208-03
Motherboard serial number       : XXXXXXXXXXX
Power supply serial number      : XXXXXXXXXXX
Model revision number           : G0
Motherboard revision number     : A0
Model number                    : WS-C3560CX-8TC-S
System serial number            : XXX
Top Assembly Part Number        : 68-5358-03
Top Assembly Revision Number    : E0
Version ID                      : V03
CLEI Code Number                : XXXXXXXXXXX
Hardware Board Revision Number  : 0x02


Switch Ports Model                     SW Version            SW Image                 
------ ----- -----                     ----------            ----------               
*    1 12    WS-C3560CX-8TC-S          15.2(4)E6             C3560CX-UNIVERSALK9-M    


Configuration register is 0xF

Cisco Switch#dir /all
Directory of flash:/

    2  -rwx    21507072  Jan 17 2019 01:21:39 +00:00  c3560cx-universalk9-mz.152-4.E6.bin
    3  -rwx         676  Jan 17 2019 01:45:03 +00:00  vlan.dat
  580  -rwx        3749  Jun 18 2019 14:57:40 +00:00  private-config.text
    6  -rwx        2072  Jun 18 2019 14:57:40 +00:00  multiple-fs
    7  drwx         512  Oct 22 2016 18:58:55 +00:00  c3560cx-universalk9-mz.152-4.E2
  578  drwx         512  Oct 22 2016 18:58:56 +00:00  dc_profile_dir
  581  -rwx        5134  Jun 18 2019 14:57:40 +00:00  config.text

122185728 bytes total (73472000 bytes free)
Cisco Switch#dir /all
Directory of flash:/

    2  -rwx    21507072  Jan 17 2019 01:21:39 +00:00  c3560cx-universalk9-mz.152-4.E6.bin
    3  -rwx         676  Jan 17 2019 01:45:03 +00:00  vlan.dat
  580  -rwx        3749  Jun 18 2019 14:57:40 +00:00  private-config.text
    6  -rwx        2072  Jun 18 2019 14:57:40 +00:00  multiple-fs
    7  drwx         512  Oct 22 2016 18:58:55 +00:00  c3560cx-universalk9-mz.152-4.E2
  578  drwx         512  Oct 22 2016 18:58:56 +00:00  dc_profile_dir
  581  -rwx        5134  Jun 18 2019 14:57:40 +00:00  config.text

122185728 bytes total (73472000 bytes free)
Cisco Switch#show ver
Cisco IOS Software, C3560CX Software (C3560CX-UNIVERSALK9-M), Version 15.2(4)E6, RELEASE SOFTWARE (fc4)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2018 by Cisco Systems, Inc.
Compiled Thu 05-Apr-18 03:17 by prod_rel_team

ROM: Bootstrap program is C3560CX boot loader
BOOTLDR: C3560CX Boot Loader (C3560CX-HBOOT-M) Version 15.2(4r)E5, RELEASE SOFTWARE (fc4)

Cisco Switch uptime is 30 weeks, 5 days, 14 hours, 29 minutes
System returned to ROM by power-on
System restarted at 01:28:54 UTC Thu Jan 17 2019
System image file is "flash:c3560cx-universalk9-mz.152-4.E6.bin"
Last reload reason: Reload command



This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.

A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html

If you require further assistance please contact us by sending email to
export@cisco.com.

License Level: ipbase
License Type: Default. No valid license found.
Next reload license Level: ipbase

cisco WS-C3560CX-8TC-S (APM86XXX) processor (revision G0) with 524288K bytes of memory.
Processor board ID XXX
Last reset from reload command
3 Virtual Ethernet interfaces
12 Gigabit Ethernet interfaces
The password-recovery mechanism is enabled.

512K bytes of flash-simulated non-volatile configuration memory.
Base ethernet MAC Address       : XX:XX:XX:XX:XX:XX
Motherboard assembly number     : 73-16472-05
Power supply part number        : 341-0208-03
Motherboard serial number       : XXXXXXXXXXX
Power supply serial number      : XXXXXXXXXXX
Model revision number           : G0
Motherboard revision number     : A0
Model number                    : WS-C3560CX-8TC-S
System serial number            : XXX
Top Assembly Part Number        : 68-5358-03
Top Assembly Revision Number    : E0
Version ID                      : V03
CLEI Code Number                : XXXXXXXXXXX
Hardware Board Revision Number  : 0x02


Switch Ports Model                     SW Version            SW Image                 
------ ----- -----                     ----------            ----------               
*    1 12    WS-C3560CX-8TC-S          15.2(4)E6             C3560CX-UNIVERSALK9-M    


Configuration register is 0xF

Cisco Switch#show flash:

Directory of flash:/

    2  -rwx    21507072  Jan 17 2019 01:21:39 +00:00  c3560cx-universalk9-mz.152-4.E6.bin
    3  -rwx         676  Jan 17 2019 01:45:03 +00:00  vlan.dat
  580  -rwx        3749  Jun 18 2019 14:57:40 +00:00  private-config.text
    6  -rwx        2072  Jun 18 2019 14:57:40 +00:00  multiple-fs
    7  drwx         512  Oct 22 2016 18:58:55 +00:00  c3560cx-universalk9-mz.152-4.E2
  578  drwx         512  Oct 22 2016 18:58:56 +00:00  dc_profile_dir
  581  -rwx        5134  Jun 18 2019 14:57:40 +00:00  config.text

122185728 bytes total (73472000 bytes free)
Cisco Switch#exit

Re: Troubleshoot Cisco Switch IOS Upgrade

Adviser
Posts: 65
7107     0

Based on that output and the script it fails to enter the Download IOS section. Without the full logs it is impossible to say why some things to check:

  • Did you check the use scp and enable changes flag? 
  • Is the image name you are using different from the image currently running on the box
  • Check what variables are set during runtime for the Action-Filter:
Action:
	Download IOS

Action-Description:
	Copy the new image file to flash via SCP, TFTP, FTP or HTTP.

Action-Timeout:
	5400

Action-Filter:
	$runscript ne "no" and
	$havenewimage ne "yes" and 
	$spaceavailable eq "yes" and
	$have_current_image eq "yes"

...

Action-Commands: { $usescp eq "yes" and $enable_changes eq "on" }
	copy scp://$server/$new_image_name flash:$new_image_name\r$scp_username\r\rn$scp_password\r
	verify /md5 flash:$new_image_name
	SET: $havenewimage = "yes"

Action-Commands: { $usescp eq "yes" and $enable_changes eq "off"}
	DEBUG:copy scp://$server/$new_image_name flash:$new_image_name\r$scp_username\r\rn$scp_password\r
	DEBUG:verify /md5 flash:$new_image_name
	SET: $havenewimage = "yes"

Re: Troubleshoot Cisco Switch IOS Upgrade

New Member
Posts: 3
7107     0
  • I have scp turned on but I did not have the enable changes flag on
  • The image on the switch is different from the one I am trying to download
    • Image on switch: c3560cx-universalk9-mz.152-4.E6.bin
    • Image trying to download: c3560cx-universalk9-mz.152-4.E8.bin
Showing results for 
Search instead for 
Did you mean: 

Recommended for You