Hello,

I configured the host-key option as you suggested and it apparently worked well. I still am having troubles transferring the upgrade file to the ISE local disk.

I am entering this command on the ISE CLI...

XXX-ISE-01/admin# copy sftp://SFTP_Server_IP_Address/ise-upgradebundle-1.1.x-to-1.2.0.899.i386.tar.gZ disk:/

The response I get from ISE is this...

XXX_ISE-01/admin# copy sftp://SFTP_Server_IP_Address/ise-upgradebundle-1.1.x-to-1.2.0.899.i386.tar.gZ disk:/

Username: AdminUserName

Password:

% Error: Transfer failed

(The SFTP_Server_IP_Address is the IP address of my desktop which is running an SFTP server. The file to be transferred is located on the root of the sftp server.)

There is about a 60 second pause from the point at which I enter my password and click "Enter" and the point at which it comes up with the "% Error: transfer failed" message.

After I attempt the file transfer I enter the "show repo local" command on the ISE CLI there is the file name shown but when I enter the "dir" command the file shows that it has a file size of 0 (zero).

I have no firewalls between my desktop SFTP server and the ISE node.

Any ideas?

I was wondering why the last character is capitalized. Also are you able to copy files from the disk file over to the same repository. I havent had any problems and I see in a seperate thread that the user gave other directions on how to transfer the file.

If you can open two ssh connection and try to run the following command to tail the logs:

"show logging system ade/ADE.log tail"

You should get some messaging behind the error you are receiving, for example I went to look for a file that did not exist (even though I am using ftp you should get the same error).

Here is when the transfer fails:

2014-01-02T13:41:22.506519-06:00 ise01 ADE-SERVICE[4786]: [30325]:[info] transfe

r: cars_xfer.c[264] [tadmani]: ftp copy in of ftp://172.16.249.1/test requested

2014-01-02T13:41:22.522470-06:00 ise01 ADE-SERVICE[4786]: [30325]:[error] transf

er: cars_xfer_util.c[349] [tadmani]: curl error: FTP: couldn't retrieve (RETR fa

iled) the specified file

2014-01-02T13:41:22.523040-06:00 ise01 ADE-SERVICE[4786]: [30325]:[error] copy:

cm_copy.c[1144] [tadmani]: local file disk:/ transfer from url ftp://172.16.249.

1/test failed retcode=-302

2014-01-02T13:41:22.527148-06:00 ise01 ADEOSShell[30325]: ADEAUDIT 3017, type=CO

PY, name=COPY IN FILE FAILED, username=tadmani, cause=Error while copying file f

rom remote system, adminipaddress=172.16.247.12, interface=CLI, detail=Disk file

disk:/ transfer from url ftp://172.16.249.1/test failed

Here is when login fails:

curl error: FTP: login denied

Here is some logging around a successful transfer -

2014-01-02T13:44:46.897499-06:00 ise01 ADE-SERVICE[4786]: [30766]:[info] transfe

r: cars_xfer.c[264] [tadmani]: ftp copy in of ftp://172.16.249.1/running-config

requested

2014-01-02T13:44:46.934972-06:00 ise01 ADEOSShell[30766]: ADEAUDIT 2042, type=CO

PY, name=COPY FILE, username=tadmani, cause=Copied a file, adminipaddress=172.16

.247.12, interface=CLI, detail=Copied disk file disk:/ from url ftp://172.16.249

.1/running-config successfully

Thanks,

Tarik Admani
*Please rate helpful posts*

Hello Tarik,

I have tried all these things without success. I am going to open a case with Cisco TAC. I will update this thread when I am successful.

Thank you,

Bob

Hello again Tarik,

I was still unsuccessful with my file transfer using SFTP. Because of time restraints I used FTP to get the file transferred.

One of the mistakes I was making was in my understanding of the CLI programming for the repository. First, to create a repository when upgrading to Version 1.2 you can only use the CLI to accomplish this. You cannot use the Create Repository location on the UI.

When creating a repo you will enter...

isebox01/admin(config)# repository SFTP

In the above line the SFTP does not refer to the protocol to be used at all. It simply is naming the repo.

isebox01/admin(config)# user cisco password plain C1sc0123

isebox01/admin(config)# url sftp:172.17.1.7

In the above line the protocol to be used is now named. It is sftp. If you wanted to use FTP you would have entered ftp here.

Thank you all for your help,

I hope this helps the next admin.

Bob

I was finally successful in creating a functioning SFTP repository. Here is what I had to do...

On my SFTP server on my workstation I deleted all my user accounts and created one new user.

Next. I went to the ISE UI and deleted the SFTP repository that I had been using.

Next. I went to the ISE GUI and deleted the same SFTP repo again.

Next. I created a new repo in the ISE GUI and pointed it at the SFTP server in my desktop workstation.

Next. I went to the ISE CLI and from the # prompt I added the crypto host-key add "IP_Address_of_workstation".

This finally got the job done.

Basically, I had to delete everything and re-enter it along with the crypto host-key add command.

I hope this helps someone!

Tarik, thank you for your help,

Bob