Attempting to upgrade EAP660 to 1.1.1 through controller fails with no helpful details
Attempting to upgrade EAP660 to 1.1.1 through controller fails with no helpful details
I recreated the docker container, and restarted the AP. Still won't upgrade. The previous upgrade to 1.1.0 succeeded with this same configuration.
Controller log:
[Failed]Failed to upgrade ap-1 to firmware version 1.1.0 Build 20211027 Rel. 35153 online.
server.log:
05-10-2022 03:16:35.665 INFO [manager-upgrade-center-pool-0] [] c.t.s.o.m.d.d.m.u.t.DeviceUpgradeStaticTask(149): upgrade task upgradeId [...] of OmadacId(...) is running...
05-10-2022 03:16:35.667 INFO [manager-upgrade-center-pool-0] [] c.t.s.o.m.d.d.m.u.t.DeviceUpgradeStaticTask(330): v2 device mac[mac] of omadacId... upgradeId... finished upgrade process in FIRMWARE_DOWNLOAD_FAILED
05-10-2022 03:16:35.678 INFO [manager-upgrade-center-pool-0] [] c.t.s.o.m.d.d.m.u.c.c(396): OmadacId(...) upgradeId[...] DeviceMac(...) upgrade status change from[false] to [true]
05-10-2022 03:16:35.680 INFO [manager-upgrade-center-pool-0] [] c.t.s.o.m.d.d.m.u.t.DeviceUpgradeStaticTask(469): OmadacId(...) upgrade[id=...] finish.
05-10-2022 03:16:35.682 INFO [manager-upgrade-center-pool-0] [] c.t.s.o.m.d.d.m.u.t.DeviceUpgradeStaticTask(155): upgrade task upgradeId [...] of OmadacId(...) is finished
05-10-2022 03:16:35.683 INFO [manager-upgrade-center-pool-0] [] c.t.s.o.m.d.d.m.u.c.c(223): OmadacId(...) upgradeId[...] releaseUpgradeCatelog finished
- Copy Link
- Subscribe
- Bookmark
- Report Inappropriate Content
Finally figured this out. I was binding the HTTP ports to a specific IP address, because 80 & 443 were in use by another site on the same server. Binding the 29810-29814 ports to a specific IP never worked because of broadcast issues, so they were bound to 0.0.0.0.
I changed the HTTP ports so they didn't conflict, and removed the IP address binding, and the upgrade succeeded.
My guess is that the EAP and/or the controller was getting confused, or the way firmware files were send/fetched changed in the latest controller or firmware, and the EAP was trying to fetch the file from a management port on an IP that it wasn't bound to. The port FAQ (which is also out of date) says that one of the 2981x ports is used for upgrades, but now apparently one of the management HTTP ports is also used.
- Copy Link
- Report Inappropriate Content
Is there any chance you are trying to upgrade a firmware version from a different region? If your AP thinks is a US AP, but your controller thinks it's Canadian, that can cause problems. Verify which firmware locale is currently running on the AP and check that against your Controller region. You may just want to do it manually.
- Copy Link
- Report Inappropriate Content
@d0ugmac1 No, the controller is set to US and the EAP is a US model. The controller is offering the firmware, so my assumption is that it's using the correct version.
- Copy Link
- Report Inappropriate Content
@karlshea same thing for me, site#1 got upgraded without a problem. site#2 eap110 wont upgrade even the controller saying there's an update option.
anyone have an idea? thanks
- Copy Link
- Report Inappropriate Content
The problem is probably that tp-link has changed the upgrade port to 443 or 8043, a bit depending on which unit you have.
it is of course not very well documented, it is also completely incomprehensible what they are thinking of, this is the same port used for the administration of the controller, in other words it is available to the whole world.
SO
OC200 / OC300 TCP Port 443
Software controller TCP Port 8043
these must be NATTED into the controller for the remote site to upgrade the firmware
- Copy Link
- Report Inappropriate Content
@shberge This isn't a remote site, it's all local so there shouldn't be a NAT or port issue.
- Copy Link
- Report Inappropriate Content
- Copy Link
- Report Inappropriate Content
@d0ugmac1 There's only one AP. That same AP previously upgraded to 1.1.0 sucessfully, and there have been no changes since other than upgrading to the newest controller version. It looks like the controller downloads a firmware bin file into one of the data directories, and the messaging in the controller ("sending file") suggests that it's pushing it to the AP instead of telling the AP to download the file, but there's no way to tell if that's actually the case based on the limited logging (including none I could find by SSHing into the AP itself).
The AP and controller are both on the same network, no VLANs, and no outgoing firewall restrictions.
TP-LINK support have contacted me to try and troubleshoot, but after seeing the same error they're waiting on an engineer to look again.
Really the issue is that there's no real logging other than "it failed", so no actual errors to look at.
- Copy Link
- Report Inappropriate Content
this is my original post. https://community.tp-link.com/en/business/forum/topic/549738 i also try to manually update those eap but with no luck.
- Copy Link
- Report Inappropriate Content
@shberge I double-checked and forwarded port 8043 into the Docker container (443 already was), and that also didn't help.
- Copy Link
- Report Inappropriate Content
These are the ports being mapped into the controller container:
0.0.0.0:29810 29810/tcp
0.0.0.0:29810 29810/udp
0.0.0.0:29811 29811/tcp
0.0.0.0:29811 29811/udp
0.0.0.0:29812 29812/tcp
0.0.0.0:29812 29812/udp
0.0.0.0:29813 29813/tcp
0.0.0.0:29813 29813/udp
0.0.0.0:29814 29814/tcp
0.0.0.0:29814 29814/udp
192.168.10.221:443 443/tcp
192.168.10.221:80 80/tcp
0.0.0.0:8043 8043/tcp
0.0.0.0:8043 8043/udp
192.168.10.221:8843 8843/tcp
Manage HTTP is set to 80 in the settings
Manage HTTPS to 443
Portal HTTP to 80
Portal HTTPS to 8843
- Copy Link
- Report Inappropriate Content
Information
Helpful: 0
Views: 2237
Replies: 15
Voters 0
No one has voted for it yet.