How to unblock the IAP firmware upgrade on the secured amp

Aruba Employee
Aruba Employee

This KB is to allow the IAP firmware upgrade from the Airwave server on which we have ran the script to secure the AMP.


Environment : Secured AMP ( and monitoring or managing the IAP's.


Network Topology : IAP's being managed or monitored from the secured AMP.


As of Airwave versions 8.0.1, we have this issue, when we run the script from /root/svn/mercury/scripts to make the AMP secured.  It will pretty much make the AMP isolated, in this case, if we are monitoring or managing IAP's from airwave, we will not be able to upgrade or downgrade the firmware images of IAP using Airwave. 


we could do the following to enable AMP to allow the firmware upgrades.

During the firmware upgrade, Airwave will send the example URL to IAP to download the firmware file:https://<airwave IP>/flash/< IAP firmware image name> 
IAP will try to access the link and download the file, that link technically will access /var/www/html/flash  directory to download that image from airwave, this directory on airwave will have a symlink to " /tftpboot/ " A directory, where the firmware upgrade files will be saved, when we upload from devicesetup --> upload firmware files from the GUI of airwave. when we run the script on airwave, script will remove the symlink. Therefore, disabling the firmware upgrade of IAP's from Airwave.

we could run the below command to establish the symlink again:

# root
# ln -sf /tftpboot/ /var/www/html/flash

Version history
Revision #:
1 of 1
Last update:
‎04-09-2015 07:18 AM
Updated by:
Labels (1)
Search Airheads
Showing results for 
Search instead for 
Did you mean: