Troubleshooting configuration snapshot failures
Observe the following guidelines when using the File Transfer Protocol (FTP), Trivial FTP (TFTP), or Secure Copy (SCP) file transfer mode:
- Ensure that all firewalls between the BMC Network Automation local and remote device agents and the managed devices are not blocking file transfer service application ports (TFTP, FTP, or SCP). Ensure any host-based firewall (such as a Windows firewall) is not blocking such traffic. BMC Network Automation initiates file transfer from the device for Snapshot and Deploy actions, so the device acts as the client side in the socket connection. To unblock ports in the Windows firewall on the BMC Network Automation server, see Unblocking ports.
- When using the FTP or SCP service, ensure that the following options under Admin > Network Admin > Device Agents for the Device Agent configured for the device are selected:
- Enable FTP Transfer Mode
- Enable SCP Transfer Mode
- When using the FTP or SCP service, verify the username and password defined in the device agent. The username refers to a user recognized by the FTP or SCP server program running in the device agent platform. Test the username and password by manually running FTP or SCP requests to the server from a Windows or Linux host.
- Manually attempt the configuration file transfer from the device. Refer to the BMC Network Automation job transcript to view the commands that BMC Network Automation executes. Following is an example of a Snapshot action using TFTP on a Cisco IOS router:
- Telnet to the device (router).
- Log on and go into enable mode.
copy running-config tftp
- When prompted for the address of the remote host, enter the BMC Network Automation device agent IP address, as seen in the transcript.
- When prompted for the destination file name, type
Note that many TFTP servers require the file to exist before a remote client can send it in, so create the file first and ensure that it is writable by all.
- If the preceding test fails, the BMC Network Automation device agent might be behind a Network Address Translation (NAT) server. Find the IP address that the router uses to address the device agent. Edit the device record's NAT Address field by entering the device-facing address of the device agent. You might instead need to specify the Agent IPv4 Address or Agent IPv6 Address fields in the device agent, which provide a global value for the device-facing addresses for these protocols for all devices associated with the agent.
- If the file transfer fails with a timeout error, you might need to increase the Timeout for Script File Transfers or the Timeout for Image File Transfers system parameter. Go to Admin > System Admin > System Parameters and review those settings, depending on what type of file you were transferring. For large operating system image files, you might want to consider using a remote file server physically located closer to your devices to reduce traffic load on your WAN and thus reduce file transfer times.
While using the Tunneled file transfer mode, you perform configuration snapshot by capturing the output of show type commands, for example, show running-configuration. You make configuration changes by batching CLI commands to the device.