Set Up Software Image Management
- Make Sure Devices Are Configured Correctly
- Verify the FTP/TFTP/SFTP/SCP Settings on the Cisco EPN Manager Server
- How to Control Images that are Saved to the Image Repository During Inventory Collection
- Adjust Criteria for Cisco.com Image Recommendations
- Adjust Image Transfer and Distribution Preferences
- Change Cisco.com Credentials for Software Image Operations
Note |
Software Image Management is not supported on Cisco IOS-XR devices configured with a management VRF. |
Make Sure Devices Are Configured Correctly
Cisco EPN Manager can transfer files to and from devices only if the SNMP read-write community strings configured on your devices match the strings that were specified when the devices were added to Cisco EPN Manager. In addition, devices must be configured according to the settings in How Often Is Inventory Collected?.
Note |
To improve security, Cisco EPN Manager no longer uses some of the SSH CBC (Cipher Block Chaining) ciphers that older Cisco IOS-XE and IOS-XR versions use, as they have been deemed weak. For devices running Cisco IOS-XE, ensure that you upgrade to version 16.5.x or later. And for devices running Cisco IOS-XR, upgrade to version 6.1.2 or later. Otherwise, several Software Image Management operations will fail. Although we do not recommend doing so (since it weakens security), you also have the option to add the CBC ciphers that Cisco EPN Manager stopped using back to its SSHD service configuration file. To do so, first configure the CBC ciphers in the ciphers line of the file located in the /etc/ssh/sshd_config directory (as shown in the example below), then restart the sshd service using the service sshd stop/start command.
|
Note |
Software Image Management is not supported in the NAT environment. This means that image management features such as image import, upgrade, distribution, and activation, will not function in the NAT environment. |
Verify the FTP/TFTP/SFTP/SCP Settings on the Cisco EPN Manager Server
If you will be using FTP, TFTP, SFTP, or SCP make sure that it is enabled and properly configured. See Enable FTP/TFTP/SFTP Service on the Server.
How to Control Images that are Saved to the Image Repository During Inventory Collection
Because collecting software images can slow the data collection process, by default, Cisco EPN Manager does not collect and store device software images in the image repository when it performs inventory collection. Users with Administration privileges can change that setting using the following procedure.
Procedure
Step 1 |
Choose , then choose . |
Step 2 |
To retrieve and store device images in the image repository when Cisco EPN Manager performs inventory collection, check the Collect images along with inventory collection check box. |
Step 3 |
Click Save. |
Adjust Criteria for Cisco.com Image Recommendations
You can use Cisco.com to get information about recommended images based on criteria you provide. The following procedure shows how you can adjust those recommendations. The following table also lists the default settings.
Note |
To use these features, the device must support image recommendations. |
Procedure
Step 1 |
Choose Inventory > Image management . , then choose |
|||||||||||||||
Step 2 |
Adjust the recommendation settings as follows.
|
|||||||||||||||
Step 3 |
Click Save. |
Adjust Image Transfer and Distribution Preferences
Use this procedure to specify the default protocols Cisco EPN Manager should use when transferring images from the software image management server to devices. You can also configure Cisco EPN Manager to perform, by default, a variety of tasks associated with image transfers and distributions—for example, whether to back up the current image before an upgrade, reboot the device after the upgrade, continue to the next device if a serial upgrade fails, and so forth. Users with Administration privileges can change that setting using the following procedure.
This procedure only sets the defaults. You can override these defaults when you perform the actual distribute operation.
Note |
Cisco EPN Manager does not support the TFTP protocol for distributions from the software image management server to devices. |
Procedure
Step 1 |
Choose , then choose . |
|||||||||||||||
Step 2 |
Specify the default protocol Cisco EPN Manager should use when transferring images in the Image Transfer Protocol Order. Arrange the protocols in order of preference. If the first protocol listed fails, Cisco EPN Manager will use the next protocol in the list.
|
|||||||||||||||
Step 3 |
Specify the default protocol Cisco EPN Manager should use when configuring images on devices in the Image Config Protocol Order area. Arrange the protocols in order of preference. |
|||||||||||||||
Step 4 |
Specify the tasks that Cisco EPN Manager should perform when distributing images:
|
|||||||||||||||
Step 5 |
Click Save. |
Add a Software Image Management Server to Manage Groups of Devices
To distribute images to a group of devices, add a software image management server and specify the protocol it should use for image distribution. You can add a maximum of three servers.
Procedure
Step 1 |
Add the server.
|
Step 2 |
Configure the server protocol settings.
|
Change Cisco.com Credentials for Software Image Operations
When Cisco EPN Manager connects to Cisco.com to perform software image management operations (for example, to check image recommendations), it uses the credentials stored in the Account Settings page. You can change those settings using the following procedure.
Procedure
Step 1 |
Choose , then choose . |
Step 2 |
Click the Cisco.com Credentials tab. |
Step 3 |
Change the settings, then click Save. |