3 Replies Latest reply on Mar 6, 2017 9:53 AM by mabali

    TFTP backup failing on Cisco IOS switches




      I am using Kiwi cattools to backup the vLan.dat from several Cisco IOS switches. On about 50% of those switches, the backup fails. In the email I get I only see "Aborting command entry due to command error". As the switches are all configured more or less identically and I cannot find anything that would separate the failing switches from the successful switches (switch type, IOS version, location etc)  I wonder where I could start my troubleshooting.

      The failing switches have one thing in common: they are all located overseas, but on the other hand I have one overseas switch giving me perfect output.

      Any help is much appreciated!



        • Re: TFTP backup failing on Cisco IOS switches

          The first step would be to enable debugging:


          a. Use the CatTools File menu to select the "Enable capture mode" option.

          b. Run the activity you are having trouble with. This should create a debug file in the \CatTools3\Debug folder.

          c. Zip up the resulting file and send this to me as an attachment.

          d. Remember to deselect the "enable capture mode" option again.


          This will show you communication between CatTools and the device.

            • Re: TFTP backup failing on Cisco IOS switches

              Thanks for the swift response.

              In the debug files i see the same error for all failing switches:

              %Error opening tftp://<kiwi IP address>/<device_name>.txt (Timed out)

              However, there are no accesslists in place.
              I will continue troubleshooting myself why the abroad switch can't contact the TFTP server, and keep you posted on the outcome.
              The debug information from the "Enable capture mode" gave me a good starting point, thanks!

                • Re: TFTP backup failing on Cisco IOS switches

                  After some troubleshooting I found out that the TFTP session on the switch was not initiated from the vlan1-interface (as I expected), but from a different interface, which was not included in the site to site VPN tunnel.

                  After sending all affected switches the command

                  IP TFTP Source-Interface vlan1

                  everything works fine.

                  1 of 1 people found this helpful