H3C SecPath F1000-AI-10 Series

Release time:2022-11-13
HomeSupportSecurityH3C SecPath F1000-AI FirewallSoftware DownloadF1000-AI-10 Series

 

H3C SECPATH1010G2F-CMW710-R8860P28

Release Notes

Contents

Introduction· 1

Version information· 1

Version number 1

Version history· 1

Hardware and software compatibility matrix· 2

Upgrade restrictions and guidelines· 3

Hardware feature updates· 4

Hardware feature updates in R8860P1212· 4

Hardware feature updates in R8860P1211· 4

Hardware feature updates in R8860P12· 4

Software feature and command updates· 5

MIB updates· 5

Operation changes· 6

Restrictions and cautions· 6

License management 7

About licenses· 7

License application and installation· 7

Open problems and workarounds· 7

List of resolved problems· 7

Resolved problems in R8860P28· 7

Resolved problems in R8860P25· 8

Resolved problems in R8860P24· 8

Resolved problems in R8860P22· 9

Resolved problems in R8860P18· 11

Resolved problems in R8860P1212· 11

Resolved problems in R8860P1211· 11

Resolved problems in R8860P12· 11

Resolved problems in R8860P10· 11

Resolved problems in E8860P02· 12

Resolved problems in A8860P01· 12

Resolved problems in A8801P01· 12

Related documentation· 12

Technical support 12

Appendix A Feature list 1

Hardware features· 1

Software features· 1

Appendix B List of severe vulnerabilities· 4

Severe vulnerabilities in R8860P28 and earlier versions· 4

Appendix C Upgrading software· 6

Software images· 7

Software images types· 7

Software release forms· 7

Configuration files· 7

Upgrade methods· 7

Preparing for the upgrade· 8

Upgrading system software· 9

Upgrading system software from the Web interface· 9

Upgrading system software from the CLI 12

Upgrading system software from BootWare menus· 19

Upgrading the BootWare· 23

Upgrading the BootWare from the CLI 23

Upgrading BootWare from BootWare menus· 23

Handling software upgrade failures· 27

Appendix D Using BootWare menus· 27

Overview· 27

BootWare menus· 27

BootWare shortcut keys· 28

Using the BASIC-BOOTWARE menu· 29

Accessing the BASIC-BOOTWARE menu· 29

Modifying serial port parameters· 29

Upgrading the extended BootWare segment 30

Upgrading the entire BootWare· 30

Running the primary extended BootWare segment 30

Running the backup extended BootWare segment 31

Accessing the BASIC ASSISTANT menu· 31

Testing the memory· 31

Using the EXTENDED-BOOTWARE menu· 32

Accessing the EXTENDED-BOOTWARE menu· 32

Controlling the password recovery capability· 34

Running Comware images· 34

Accessing the Serial submenu· 35

Accessing the Ethernet submenu· 36

Managing files· 37

Restoring the factory-default configuration· 48

Skipping the configuration file· 49

Accessing the BootWare Operation submenu· 49

Skipping console login authentication· 50

Managing storage media· 50

Accessing the EXTEND ASSISTANT submenu· 50

Formatting the file system·· 51

 


List of tables

Table 1 Version history............................................................................................................................................................. 1

Table 2 Hardware and software compatibility matrix..................................................................................................... 2

Table 4 MIB updates................................................................................................................................................................. 5

Table 5 Hardware specifications............................................................................................................................................ 1

Table 6 Firewall software features........................................................................................................................................ 1

Table 7 Default login information......................................................................................................................................... 9

Table 10 BootWare menus.................................................................................................................................................... 28

Table 11 BootWare shortcut keys....................................................................................................................................... 28

Table 13 BASIC ASSISTANT menu options...................................................................................................................... 31

Table 15 Serial submenu options....................................................................................................................................... 35

Table 18 File Control submenu options........................................................................................................................... 38

Table 19 BootWare Operation submenu options......................................................................................................... 49

Table 20 DEVICE CONTROL menu options...................................................................................................................... 50

Table 21 EXTEND ASSISTANT submenu options........................................................................................................... 51

 


Introduction

This document describes the features, restrictions and guidelines, open problems, and workarounds for version R8860P28. Before you use this version on a live network, back up the configuration and test the version to avoid software upgrade affecting your live network.

Use this document in conjunction with H3C SECPATH1010G2F-CMW710-R8860P28 Release Notes (Software Feature Changes) and the documents listed in "Related documentation."

Version information

Version number

Comware software, Version 7.1.064, Release 8860P28

Note: You can see the version number with the display version command in any view. Please see Note①.

Version history

Table 1 Version history

Version number

Last version

Release date

Release type

Remarks

R8860P28

R8860P25

2022-09-28

Release version

Fixed bugs and released for technical support and production.

R8860P25

R8860P24

2022-06-28

Release version

Fixed bugs and released for technical support.

R8860P24

R8860P22

2022-05-30

Release version

Fixed bugs and released for technical support.

R8860P22

R8860P18

2022-03-28

Release version

Fixed bugs and released for technical support.

R8860P18

R8860P1212

2021-12-15

Release version

Fixed bugs and released for technical support, and production.

R8860P1212

R8860P1211

2021-09-14

Release version

Fixed bugs and released for TR5 of F1000-AI-15, TR4A of F1000-SASE200, technical support, and production.

R8860P1211

R8860P12

2021-07-16

Release version

Fixed bugs and released for TR4A of F1000-AI-15, technical support, and production.

R8860P12

R8860P10

2021-05-27

Release version

Fixed bugs and released for production use and the use of Technical Support.

R8860P10

E8860P02

2021-03-29

Release version

This version is released for TR6, technical support, and production.

E8860P02

A8860P01

2020-07-29

ESS version

This version is released for TR5, technical support, and production.

A8860P01

A8801P01

2020-06-22

Alpha version

This version is released for TR4A and trial-produce.

A8801P01

First release

2020-04-21

Alpha version

This version is released for TR4A.

 

Hardware and software compatibility matrix

CAUTION:

To avoid an upgrade failure, use Table 2 to verify the hardware and software compatibility before performing an upgrade.

 

Table 2 Hardware and software compatibility matrix

Item

Specifications

Hardware platform

F1000-AI-10/F1000-AK1150/F1000-AK1160/F1000-AK1170/F1000-AK1180/F1000-9320-AI/F1000-9330-AI/F1000-C8330/F100-A-G5/F1000-730-HI/F100-A81-WiNet

F1000-AI-15/F1000-SASE200

Memory

2 GB

4 GB

EMMC Flash (stores the IPE file)

4 GB EMMC Flash

Flash

16 MB Nor Flash

Boot ROM version

1.05 (Note: Execute the display version command in any view to view the version information. Please see Note②)

Host software (MD5 checksum)

SECPATH1010G2F-CMW710-R8860P28.ipe (8105634f243dadefeb9c44f364d75e8a)

f1010g2fw-cmw710-boot-R8860P28.bin (5c2dd54c93505ccb2643e43ac46b26ea)

f1010g2fw-cmw710-system-R8860P28.bin (6108a5e939e888e6706aade77ed762c0)

iMC version

iMC EIA 7.3 (E0611P13)

iMC IVM 7.3 (E0506)

iMC PLAT 7.3 (E0705P12)

iMC PLAT (iMC DM)7.3 (E0705P12)

iMC SSM 7.3 (E0506H01)

iMC SHM 7.3 (E0707L06)

NOTE:

Only F1000-AI-10 devices support the SSM component.

H3C SecCenter CSAP-S version

E1143P02

H3C SecCenter SMP version

E1112P02

H3C SecCloud OMP version

E1301P01

ADWAN

Not supported

ADDC

Not supported

ADcampus

Not supported

iNode version

Non-GM: iNode PC 7.3 (E0585)

GM: iNode PC 7.3 (C0530)

Remarks

1.      The time on the iMC server must be consistent with the time on the device.

2.      As a best practice, do not use the wildcard subnet address type when you configure address groups on the device management page of security services on iMC.

3.      Enable action parameters before you configure them on the device management page of security services on iMC.

 

Sample: To display the host software and BootWare version of F1000-AI-10, perform the following:

<H3C> display version

H3C Comware Software, Version 7.1.064, Release 8860P28       ------NOTE①                  

Copyright (c) 2004-2022 New H3C Technologies Co., Ltd. All rights reserved.   

H3C SecPath F1000-AI-10 uptime is 0 weeks, 0 days, 0 hours, 15 minutes          

Last reboot reason: User reboot                                                                                                                                 Boot image: sda0:/f1010g2fw-cmw710-boot-R8860P28.bin                            

Boot image version: 7.1.064, Release 8860P28                                     

  Compiled Jun 14 2022 14:00:00                                                

System image: sda0:/f1010g2fw-cmw710-system-R8860P28.bin                        

System image version: 7.1.064, Release 8860P28                                  

  Compiled Jun 14 2022 14:00:00

 

SLOT 1

Uptime is 0 weeks, 0 days, 0 hours, 15 minutes                                 

CPU type: Multi-core CPU                                                        

DDR4 SDRAM Memory      2032M bytes                                             

CPLD_A           Version:  2.0                                                 

Board PCB        Version:Ver.A                                                 

Basic  BootWare  Version: 1.05  ------NOTE②                                                    

Extend BootWare  Version: 1.05                                                 

[SubSlot 0]2MGNT+30GE+2XGE  (Hardware)Ver.A, (Driver)1.0                       

Boot Type: Warm                                                                

Upgrade restrictions and guidelines

·            To ensure hardware compatibility, do not downgrade the factory software version.

·            The BootWare version is packaged into the IPE file. When the device reboots, it compares the current BootWare version with that in the IPE file. If the BootWare version in the IPE file is higher, the device automatically upgrades with the BootWare version in the IPE file.

·            When you manually upgrade the AV/URL signature database, follow these restrictions and guidelines: For the signature databases for anti-virus and URL filtering, the official website provides two sizes for different device storage spaces. The letter H in the name indicates a large signature database. For example, V7-AV-H-1.0.68.dat is a large signature database and V7-AV-1.0.68.dat is a small one. When you perform a manual upgrade, examine your device storage capacity to determine which signature database should be downloaded. The large signature databases are supported when the memory is larger than 8 GB, and the capacity of the storage medium (flash memory, SD card, or CF card) is larger than 1 GB. Otherwise, only the small signature databases are supported.

·            After an ISSU, clear the browser cache for the Web interface to correctly display the configuration information of modified features.

·            You can check the Upgrade Way field in the output from the display version comp-matrix command for recommended ISSU methods.

Table 3 ISSU compatibility list

Version description

Version identifier

Version number

ISSU compatibility

Baseline version

V0

E8860P02

Incompatible

Last software version

Vn-1

R8860P25

Incompatible

Last Release version

Vk

R8860P25

Incompatible

 

Hardware feature updates

Hardware feature updates in R8860P1212

The following hardware platforms were added:

·            F1000-SASE200.

For more information about the hardware features, see "Hardware features" in the appendix.

Hardware feature updates in R8860P1211

The following hardware platforms were added:

·            F1000-AI-15.

For more information about the hardware features, see "Hardware features" in the appendix.

Hardware feature updates in R8860P12

The following hardware platforms were added:

·            F1000-AK1150

·            F1000-AK1160

·            F1000-AK1170

·            F1000-AK1180

·            F1000-9320-AI

·            F1000-9330-AI

·            F1000-C8330

·            F100-A-G5

·            F1000-730-HI

·            F100-A81-WiNet

For more information about the hardware features, see "Hardware features" in the appendix.

Software feature and command updates

This version has the following changes:

·            New feature: Enabling preferential processing of RADIUS authentication requests

For information about the software feature and command update history, see the H3C SECPATH1010G2F-CMW710-R8860P28 Release Notes (Software Feature Changes).

MIB updates

Table 4 MIB updates

Item

MIB file

Module

Description

R8860P28

New

None

None

None

Modified

None

None

None

R8860P25

New

None

None

None

Modified

None

None

None

R8860P24

New

None

None

None

Modified

None

None

None

R8860P22

New

None

None

None

Modified

None

None

None

R8860P18

New

None

None

None

Modified

None

None

None

R8860P1211

New

None

None

None

Modified

None

None

None

R8860P12

New

None

None

None

Modified

None

None

None

R8860P10

New

None

None

None

Modified

None

None

None

E8860P02

New

None

None

None

Modified

None

None

None

A8860P01

New

None

None

None

Modified

None

None

None

A8801P01

New

None

None

None

Modified

None

None

None

 

Operation changes

None.

Restrictions and cautions

Before performing an upgrade, see H3C SECPATH1010G2F-CMW710-R8860P28 Release Notes (Software Feature Changes) and related documentation to see the software feature changes and evaluate the influence on the service.

To avoid abnormality and configuration failure, follow these restrictions:

·            Use the following browsers:

¡  Chrome 40 or higher.

¡  Firefox 19 or higher.

¡  Internet Explorer 10 or higher.

·            The encoding format of the CLI must be GB18030. Otherwise, the Web interface displays garbled characters.

·            The Web interface and CLI cannot be used together. Do not configure a feature through both the Web interface and CLI.

·            The user-defined contexts, server load balancing, and AFT are not supported.

·            SSL VPN Web access to WeChat, Alipay, and hao123 webpages might fail because of missing URL rewriting for some of the contents to be accessed.

·            The device does not support IRF.

·            As from R8660P22, the IP address of an email server on the report subscription page can be an IP address or a host name.

·            The standby device in RBM cannot process SSL VPN dialup traffic.

·            The MAC addresses of a main interface and its subinterfaces must be the same.

·            As from R8860P22, AFT supports session backup but does not support the following functions:

¡  Hot backup of dynamic port blocks.

¡  Hot backup of static port blocks.

¡  Generating logs, including port block assignment, port block withdrawal, and alarm.

·            After the vulnerability caused by weak password algorithms is resolved, the iNode client (TLS 1.0 is used for negotiation by default) carried in the earlier version cannot log in to the SSL VPN gateway. You must use a new iNode client (E0582 or later).

License management

About licenses

To use license-based features, you must purchase licenses from H3C and install the licenses.

For license-based features, see H3C SecPath F1000 & F5000 Firewall Series License Matrixes.

License application and installation

H3C allows you to register, install, or transfer a license at the following URL: http://www.h3c.com/en/License/

For more information about license registrtion, installation, and transfer, see H3C Security Products Licensing Configuration Demonstration Video(Comware 7), H3C Security Products Licensing Configuration Demonstration (Comware 7), H3C Security Products Licensing Configuration Examples (Comware 7), and H3C Security Products Licensing Guide(Comware V7).

For license-related FAQs, see H3C Security Products Licensing FAQ (Comware 7).

Open problems and workarounds

None.

List of resolved problems

Resolved problems in R8860P28

202208270490

·            Symptom: Session debug information cannot be filtered by using an ACL.

·            Condition: This symptom occurs if you enable session debugging.

202208091175

·            Symptom: Core files are generated for the RBM process in the default context.

·            Condition: This symptom occurs if you use scripts to perform the following operations repeatedly on an RBM+VRRP active/standby network:

¡  Restart the AFT process and the IPsec process in a non-default context on both the master and backup devices.

¡  Restart the RBM process in the default context on the master device.

¡  Stop and start a non-default context on the master device.

202208080780

·            Symptom: On an RBM network in dual-active mode, the device with a higher IP address cannot become the active device.

·            Condition: This symptom occurs if you execute the backup-mode dual-active command first on the device with a higher IP address and then on the other device and do not enable traffic switchover upon failure recovery.

202207060327

·            Symptom: On an RBM network, the backup device synchronizes its configuration to the master device after the active MPU on the master device reboots and the RBM connection is disconnected.

·            Condition: This symptom occurs if the active MPU on the master device reboots and the RBM connection is disconnected.

202206281707

·            Symptom: On an RBM network, it takes 10 seconds for the backup device to become the new master after the original master is power cycled.

·            Condition: This symptom occurs if the original master is power cycled.

Resolved problems in R8860P25

202205170749

·            Symptom: Messages might be issued to the aclmgrd process. As a result, the aclmgrd process becomes busy.

·            Condition: This symptom occurs if the addresses translated by DNS do not change but their order changes.

202205310884

·            Symptom: Address 1.1.1.1 newly added to the address object group of the fuzzy domain name might not be deployed to the kernel.

·            Condition: This symptom occurs if the newly added address is lower than the existing address in the current address object group of the fuzzy domain name (for example, the translated address is 2.2.2.2, and the newly added address is 1.1.1.1).

202205201435

·            Symptom: On the original backup host, the VRRP state is correct, and the RBM state is master. However, both the VRRP state and RBM state might be backup on the original master device.

·            Condition: This symptom occurs if the backup host is restarted and then the master host is immediately rebooted in the VRRP+RBM dual-master environment.

Resolved problems in R8860P24

202203310385

·            Symptom: On the Web interface, the editing of an IPv6 security policy cannot succeed, and the Please wait dialog box exists all the time.

·            Condition: This symptom occurs after you edit an IPv6 security policy and click OK on the Edit Security Policy page.

202204200077

·            Symptom: In active mode, the FTP data channel fails to forward packets.

·            Condition: This symptom occurs if an one-to-one mapping for outbound static NAT is configured with the reversible keyword and an ACL specified.

202204191526

·            Symptom: FTP access fails.

·            Condition: This symptom occurs if you configure three rules in a security policy as follows:

a.    Configure an FTP filtering criterion in the first rule.

b.    Configure any application as a filtering criterion in the second rule.

c.    Configure the drop action in the third rule.

202205050998

·            Symptom: On an IRF fabric, the dns snooping enable command does not take effect after the IRF fabric is rebooted.

·            Condition: This symptom occurs if you perform the following operations on an IRF fabric:

a.    Execute the dns snooping enable command.

b.    Save the configuration and reboot the IRF fabric.

202204150051

·            Symptom: A service port on a subordinate device cannot be pinged successfully after it changes to Layer 3 mode.

·            Condition: This symptom occurs if you perform the following operations on an IRF fabric:

a.    Use a VLAN interface for MAD.

b.    Configure a service port on the subordinate device to operate in Layer 2 mode.

c.    Assign the service port to the same VLAN as the VLAN interface used for MAD.

d.    Configure the service port on the subordinate device to operate in Layer 3 mode.

Resolved problems in R8860P22

202201040114

·            Symptom: A security policy referencing an address object group does not take effect because the device does not actively send DNS requests.

·            Condition: This symptom occurs if the device loads a software version between R8860P13 and R8860P19 and an exact domain name is configured in the address object group.

202105060373

·            Symptom: In an IRF fabric, memory leaks occur on the subordinate device after the input interface of the forward flow is changed.

·            Condition: This symptom occurs if you have enabled last hop holding and last hop backup.

202107281498

·            Symptom: A security policy containing an address object group cannot work correctly after an IRF fabric is rebooted.

·            Condition: This symptom occurs if the object group contains domain names.

202112310557

·            Symptom: Core files are generated because the SSH process experiences exceptions.

·            Condition: This symptom occurs when a system vulnerability scan is performed on the device.

202201040413

·            Symptom: Nessus found the FTP Privileged Port Bounce Scan high-risk vulnerability.

·            Condition: This symptom might occur if you use Nessus to scan the system for vulnerabilities when multiple protocols are enabled.

202110291292

·            Symptom: The device reboots when it processes an abnormal IPv4 packet.

·            Condition: This symptom might occur when the device processes abnormal IPv4 packets.

202111110695

·            Symptom: The SSL VPN service with the 0x81d0049 memory tag leaks memory during SSL VPN login.

·            Condition: This symptom occurs if you obtain verification codes repeatedly but do not log in.

202201181541

·            Symptom: IPsec traffic triggers the update of the input interface information of the session, and subsequent negotiation packets are dropped by ASPF.

·            Condition: This symptom occurs if the following conditions exist:

¡  The IPsec tunnel is an IPsec NAT traversal tunnel.

¡  An interzone policy is configured allow traffic from the Untrust security zone to the Local security zone.

¡  No interzone policy is configured allow traffic from the Any security zone to the Local security zone.

¡  IP addresses of private network interfaces ping each other.

202201190694

·            Symptom: NTP clock synchronization fails.

·            Condition: This symptom occurs if the time zone name in the clock timezone command contains more than three non-number characters and one or more numbers.

202202220060

·            Symptom: The device model suffix cannot be modified.

·            Condition: This symptom occurs if a software version earlier than D060SP22 is loaded.

202202250905

·            Symptom: Only four users come online.

·            Condition: This symptom occurs if the following operations are performed:

a.    Enable and disable MAC authentication repeatedly.

b.    Configure a RADIUS scheme with the maximum amount of configuration.

c.    Send traffic with unknown source MAC addresses of 4000 users.

202112161429

·            Symptom: Failed to send emails.

·            Condition: This symptom occurs if the mail server address is configured as a domain name.

202202210546

·            Symptom: The memory usage is high for the ntopd process.

·            Condition: This symptom occurs if the following operations are performed:

a.    Insert a hard disk.

b.    Send many flows with different source and destination IP addresses.

c.    Enable traffic logging and session statistics collection.

202112220320

·            Symptom: The RBM connection fails to be established.

·            Condition: This symptom occurs if you configure the dual-active mode for RBM and use an IPv6 address for the control channel.

202203181737

·            Symptom: The CVE-2022-0778 vulnerability exists.

·            Condition: This symptom occurs when you scan the system for vulnerabilities.

202111080212

·            Symptom: The commands of some modules get stuck, and the related processes are abnormal. Or, some non-default contexts stay in the starting state.

·            Condition: This symptom occurs if the device is forwarding heavy traffic or the non-default contexts are repeatedly started and stopped.

Resolved problems in R8860P18

202108280156

·            Symptom: The device reboots.

·            Condition: This symptom occurs when the packet accessing the SSL VPN gateway carries the svnp_rewrite_code field.

202109130126

·            Symptom: Failed to log in to the Web interface. The following log message is printed: XMLSOAP/3/THREAD: Maximum number of NETCONF threads already reached.

·            Condition: This symptom occurs when a software version earlier than R9660P18 is loaded.

202109150027

·            Symptom: The memory is not released for the dpid process.

·            Condition: This symptom occurs if the dpid process uses the memory management library glibc instead of tcmalloc.

202108020312

·            Symptom: Security policies containing object groups cannot work correctly after an IRF fabric is rebooted.

·            Condition: This symptom occurs if the object groups contain domain names.

Resolved problems in R8860P1212

N/A.

Resolved problems in R8860P1211

202106070732

·            Symptom: Interface NAT is not supported.

·            Condition: None.

Resolved problems in R8860P12

None.

Resolved problems in R8860P10

None.

Resolved problems in E8860P02

None.

Resolved problems in A8860P01

None.

Resolved problems in A8801P01

None. First release.

Related documentation

·            H3C SecPath F1000-AI-X0 Firewall Series Installation Guide

·            H3C SecPath F1000-AI-X0 Firewall Series Installation Quick Start

·            H3C SecPath Firewall Command References(V7)-6W600

·            H3C SecPath Firewall Configuration Guides(V7)-6W600

·            H3C Security Products Comware 7 System Log Messages Reference

Technical support

service@h3c.com

http://www.h3c.com/en/

 


Appendix A Feature list

Hardware features

Table 5 Hardware specifications

Item

Specifications

Dimensions (H × W × D)

F1000-AI-15/F1000-SASE200:  43.6× 440 × 360 mm (1.72 × 17.32 × 14.17 in)

Others: 43.6 × 440 × 260 mm (1.72 × 17.32 × 10.23 in)

Weight (fully configured)

F1000-AI-15/F1000-SASE200: 4.8 kg (10.58 lb)

Others: 3.7 kg (8.16 lb)

Ports

1 × console port (CON)

2 × management Ethernet ports

18 × GE copper ports

2 × 10GE fiber ports

8 × combo ports

4 × bypass ports

2 × USB 2.0 ports

Expansion slots

None.

Hard disk slots

Two M.2 SSD expansion slots.

Memory

F1000-AI-15/F1000-SASE200: 4G DDR4 SDRAM

Others: 2G DDR4 SDRAM

Flash

·          NOR flash: 16 MB

·          EMMC flash: 4 GB

Power supply

F1000-AI-15/F1000-SASE200: Two power supplies

Others: Single power supply

Operating temperature

·          Operating:

¡  Without hard disks: 0°C to 45°C (32°F to 113°F)

¡  With hard disks: 5°C to 40°C (41°F to 104°F)

·          Storage: –40°C to 70°C (–40°F to 158°F)

Relative humidity

·          Operating:

¡  Without hard disks: 5% RH to 95% RH, noncondensing

¡  With hard disks: 10% RH to 90% RH, noncondensing

·          Storage: 5% RH to 95% RH, noncondensing

 

Software features

Table 6 Firewall software features

Category

Features

AAA

RADIUS/HWTACACS+ authentication.

CHAP authentication.

PAP authentication.

Domain authentication.

Firewall

Packet filtering.

Security zone-based access control.

Time-based access control.

ASPF.

Virtual firewall.

Attack defense.

Control of ICMP redirection and destination unreachable messages.

Tracert message control.

Control of IP packets with the RR option.

Security management

Real-time attack protection logs.

Blacklist logs.

Session logs.

Binary logs.

Traffic statistic collection and analysis.

Security event statistics.

NAT

NAT support for address pools.

Easy IP.

NAT server.

Effective period of NAT.

NAT ALGs, including FTP, DNS, QQ, MSN, H323, NBT, ILS, RTSP, SQLNET, SIP, RSH, and MGCP.

NAT444.

Application recognization

APR signature library.

PBAR.

NBAR.

Application group.

Bandwidth management

Traffic profile.

Traffic policy

Interface bandwidth limit.

Reports and logs.

IPS

IPS policy.

IPS working mode.

IPS signature.

IPS signature action.

Reports and logs.

IPSec/IKE

AH and ESP.

Manual SA setup and IKE SA setup.

ESP support for DES, 3DES, and AES encryption algorithms.

Support for MD5 and SHA-1 authentication algorithms.

Support for IKE main mode and aggressive mode.

DPD.

NAT traversal.

L2TP

L2TP.

GRE

GRE tunnel.

SSL VPN

IP access.

TCP access.

Smart terminal access.

User authentication.

LAN

Ethernet_II.

VLAN.

IP services

ARP.

Static domain name resolution.

IP address borrowing.

DHCP relay.

DHCP server.

DHCP client.

IP routing

Static route management.

RIP-1/RIP-2.

OSPF.

BGP.

Routing policy.

PBR.

Basic IPv6 protocols.

Protocol processing.

Ethernet link layer.

ICMPv6.

IPv6 address management.

PMTU.

Socket.

TCP6.

UDP6.

RAWIP6.

Ping6.

DNS6.

Tracert6.

Telnet6.

FIB6.

DHCPv6 client.

DHCPv6 relay.

IPv6 routing and multicast

RIPng.

OSPFv3.

BGP4+.

Static routes.

PBR.

PIM-SM.

PIM-DM.

IPv6 security

NAT-PT.

IPv6 packet filtering.

RADIUS.

VRRP

VRRP.

CLI

Local configuration through a console port.

Local or remote configuration through Telnet or SSH.

Control of user access to commands.

Debugging.

Network diagnostic tools, including tracert and ping.

Telnetting from the device to other devices.

FTP server/client, and file and application upload and download.

TFTP file transmission.

Logging.

File system management.

User line configuration.

Network management

Support for SNMPv3 and compatibility with SNMPv2C and SNMPv1.

NTP time synchronization.

 

Appendix B List of severe vulnerabilities

Severe vulnerabilities in R8860P28 and earlier versions

CVE-2017-3735

An attacker can exploit this vulnerability to bypass security protections and execute unauthorized operations.

CVE-2019-3855

An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 in the way packets are read from the server. libssh2 is a client-side C library implementing the SSH2 protocol. A remote attacker who compromises an SSH server may be able to execute code on the client system when a user connects to the server.

HSVD-201904-001

A TCP/IP SYN + FIN packet filtering vulnerability. A remote host does not discard TCP SYN packets with the FIN flag set. An attacker might bypass the firewall, depending on the type of firewall used.

HSVD-201902-001

A remote host can exploit the TCP timestamp vulnerability to obtain the online time.

[HSVD-201901-016] CVE-2019-0548

A Linux kernel vulnerability that can cause information revealing.

JavaScript library vulnerability

Internal IP addresses in destination URLs might be revealed.

CVE-2020-10188

utility.c in telnetd in netkit telnet through 0.17 allows remote attackers to execute arbitrary code via short writes or urgent data, because of a buffer overflow involving the netclear and nextitem functions.

Web JavaScript vulnerability

A medium-risk vulnerability found during Web vulnerability scanning.

Web CSRF vulnerability

A CSRF vulnerability was found on the SSL VPN Web login interface.

HTTP method vulnerability

An attacker can use the OPTIONS method to determine the HTTP methods allowed by each directory.

CRLF injection vulnerability

This vulnerability can be exploited when an HTTP request contains a user-configured domain in the cookies or the request is GET /enterdomain.cgi?domain=%0d%0aSomeCustomInjectedHeader:%0d%0aset-cookie:iamyy HTTP1/1.

CVE-2019-1547

An attacker can exploit this vulnerability to obtain sensitive information.

CVE-2019-1563

An attacker, after sending a very large number of messages to be decrypted, can recover a CMS/PKCS7 transported encryption key or decrypt any RSA encrypted message that was encrypted with the public RSA key.

CVE-2016-7056

A malicious user with local access can exploit this vulnerability to recover Elliptic Curve Digital Signature Algorithm (ECDSA) P-256 private keys. This vulnerability is due to incorrect setting of the BN_FLG_CONSTTIME identifier by the ecdsa_sign_setup() function in the crypto/ec/ecdsa_ossl.c file.

CVE-2018-0739

Constructed ASN.1 types with a recursive definition (such as can be found in PKCS7) could eventually exceed the stack given malicious input with excessive recursion. This could result in a DoS attack.

CVE-2019-1559

An attacker can exploit this vulnerability to bypass access controls and obtain sensitive information.

CVE-2018-0737

An attacker with sufficient access to mount cache timing attacks during the RSA key generation process could recover the private key.

CVE-2018-0732

An attacker can exploit this vulnerability to launch a DoS attack.

CVE-2019-1552

This vulnerability is related to OpenSSL. An attacker can exploit this vulnerability to bypass security controls.

CVE-2018-5407

This vulnerability is related to OpenSSL. An attacker can exploit this vulnerability to obtain sensitive information and launch more attacks.

X-Frame-Options vulnerability

The absence of the X-Frame-Options header in HTTP packets can cause a clickjacking attack.

CVE-2011-1473

SSL in the kernel does not process the field for disabling SSL renegotiation. As a result, an SSL client can renegotiate successfully.

CVE-2021-23841/CVE-2021-23840/CVE-2020-1971

This vulnerability is related to OpenSSL. The X.509 GeneralName type is a generic type for representing different types of names. One of those name types is known as EDIPartyName. OpenSSL provides a function GENERAL_NAME_cmp that compares different instances of a GENERAL_NAME to see if they are equal or not. This function behaves incorrectly and NULL pointer dereference might occur when both GENERAL_NAMEs contain an EDIPARTYNAME.

CVE-2016-6329

Algorithm vulnerability. If the device is configured to not support the algorithms that have this vulnerability, users might not be able to log in to the device through Web after the device is upgraded. To avoid this vulnerability, do not specify 8-byte block CBC algorithms (such as DES, 3DES, and RC2) in the ciphersuite of an SSL server policy. Instead, you can use other ciphers, such as the aes_256_cbc algorithm, and then restart the HTTPS service.

CVE-2022-0778

The OpenSSL BN_mod_sqrt DoS vulnerability is fixed. The BN_mod_sqrt() function used for parsing certificates contains a bug that can cause it to loop forever for non-prime moduli. The infinite loop is triggered through generating a certificate containing invalid explicit curve parameters. Because certificate parsing is executed before the certificate signature is verified, any program of parsing external certificate might encounter a DoS attack. Additionally, when a crafted private key (containing explicit elliptic curve parameters) is parsed, an infinite loop will be triggered. Thus vulnerable situations include: TLS clients consuming server certificates; TLS servers consuming client certificates; Hosting providers taking certificates or private keys from customers; Certificate authorities parsing certification requests from subscribers; Anything else which parses ASN.1 elliptic curve parameters.

CVE-2021-3711

OpenSSL SM2 decryption buffer overflow. To decrypt SM2 encrypted data, OpenSSL calls the API function EVP_PKEY_decrypt. The function might calculate the buffer size incorrectly, leading to a buffer overflow.

CVE-2021-3712

OpenSSL ASN.1 strings read buffer overflow. ASN.1 strings are represented internally within OpenSSL as an ASN1_STRING structure. If an ASN1_STRING structure does not NULL terminate the byte array as required, a buffer overflow might occur when OpenSSL prints the ASN.1 data.

Appendix C Upgrading software

CAUTION:

Do not power off or reboot the device during the upgrade process.

 

The software upgrade procedure is the same for all security devices. This chapter describes how to upgrade software from the CLI, Web interface, and BootWare menus. The default storage medium varies by device model. This chapter uses the CF card as the default storage medium.

Software images

Software images types

The following software types are available:

·            BootWare image—A .btw file that contains a basic segment and an extended segment. The basic segment is the minimum code that bootstraps the system. The extended segment enables hardware initialization and provides system management menus. You can use these menus to load software and the startup configuration file or manage files when the device cannot start up correctly.

·            System software image—Includes the following image subcategories:

¡  Boot image—A .bin file that contains the Linux operating system kernel. It provides process management, memory management, file system management, and the emergency shell.

¡  System image—A .bin file that contains the Comware kernel and standard features, including device management, interface management, configuration management, and routing.

¡  Patch image—A .bin file that is released for fixing bugs without rebooting the device. A patch image does not add or remove features.

You can assign the following attributes to a system software image:

¡  Main—The image is the primary image. The system always attempts to load the main image at startup in preference to the backup image.

¡  Backup—The image is the backup image. It is used only if the primary image is corrupt or not available.

Software release forms

Software images are released in one of the following forms:

·            Separate .bin files. You must verify compatibility between software images.

·            As a whole in one .ipe package file. The images in an .ipe package file are compatible. The system decompresses the file automatically, loads the .bin images and sets them as startup software images.

Configuration files

You can save settings you made to a configuration file so they can survive a reboot.

The device supports .cfg configuration files. The default .cfg configuration file is named startup.cfg.

Upgrade methods

To upgrade system software, use one of the following methods:

·            Upgrading system software from the Web interface

·            Upgrading system software from the CLI

·            Upgrading system software from BootWare menus

To upgrade the BootWare, use either of the following methods:

·            Upgrading the BootWare from the CLI

·            Upgrading BootWare from BootWare menus

You must reboot the device after a system software or BootWare upgrade. A device reboot interrupts services.

Before a software upgrade, read the release notes to identify the command changes. Some commands in the configuration file might not be supported after a software upgrade.

Preparing for the upgrade

The device can function as the TFTP client, FTP client, or FTP server. In the following examples that use TFTP or FTP, the device functions as the TFTP or FTP client.

To use a PC as the TFTP or FTP server, prepare the TFTP or FTP server software by yourself. The device is not shipped with the software.

Before you upgrade system software, complete the following tasks:

·            Set up the upgrade environment as shown in Figure 1. The IP address and subnet mask of the PC are 192.168.0.2 and 255.255.255.0, respectively.

·            Run a TFTP or FTP server on the file server. (Skip this task if you upgrade software from the Web interface.)

·            Assign an IP address to the file server. Make sure the management Ethernet port on the device and the file server can reach each other.

By default, the IP address of the management Ethernet port GigabitEthernet 1/0/0 is 192.168.0.1/24 and the management Ethernet port belongs to the Management security zone. The Management security zone and the Local security zone can communicate with each other.

You can also change the IP address of the management Ethernet port from its default and add it to a security zone other than Management. Then, you configure a zone pair to make sure the security zone and the Local security zone can communicate with each other. For more information about security zones and zone pairs, see the security zone configuration in the fundamentals configuration guide.

·            Transfer the software upgrade file to the file server and set the working directory on the TFTP or FTP server.

·            Log in to the CLI of the device through the console port. (Skip this task if you upgrade software from the Web interface.)

·            Make sure the upgrade has minimal impact on the network services. During the upgrade, the device cannot provide any services.

Figure 1 Setting up the upgrade environment

 

Upgrading system software

The startup files used in this example are for illustration only. The actual file names might differ on your device.

Upgrading system software from the Web interface

To upgrade system software from the Web interface, use one of the following methods:

·            Using BIN files to upgrade the system software

·            Using an IPE file to upgrade the system software

 

CAUTION:

·       You can use the default account settings or create a new account to log in to the Web interface for the first time. This section uses the default account settings. For security purposes, if you use the default account settings, modify the default password or create a new account and delete the default account after the first login.

·       Do not perform any operation on the Web interface while the system is upgrading software.

 

Table 7 describes the default settings for you to log in to the Web interface.

Table 7 Default login information

Login information

Default setting

Username

admin

Password

admin

IP address of GigabitEthernet 1/0/0

192.168.0.1/24

 

 

NOTE:

The default management Ethernet port varies by device model. In this example, the default management Ethernet port is GigabitEthernet 1/0/0.

 

Using BIN files to upgrade the system software

1.      Use an Ethernet cable to connect the PC to an Ethernet port on the device. As a best practice, connect the PC to the management Ethernet port on the device.

2.      Assign an IP address on the same subnet as the management port GigabitEthernet 1/0/0 to the PC.

In this example, assign 192.168.0.2 to the PC.

3.      Launch the Web browser, and enter 192.168.0.1 in the address bar.

The Web login page opens.

4.      Type the default username and password, and click Login.

5.      Select System > Upgrade Center > Software Upgrade from the navigation tree.

6.      Click Upgrade immediately on the Software Upgrade page.

7.      Select the bin startup file type.

Figure 2 Upgrade Immediately page

 

8.      Select Delete all startup files, and then click Yes.

 

 

NOTE:

·       As a best practice, select Delete all startup files if the size of the BIN files is larger than the free disk space.

·       The device cannot start up without a startup file. If you choose to delete all startup files but the upgrade fails, the device cannot start up.

 

Figure 3 Deleting all startup files

 

9.      Select the startup files to be used, and then click OK to start upgrading the system software.

Figure 4 Selecting startup files

 

Using an IPE file to upgrade the system software

1.      Use an Ethernet cable to connect the PC to an Ethernet port on the device. As a best practice, connect the PC to the management Ethernet port on the device.

2.      Assign an IP address on the same subnet as the management port GigabitEthernet 1/0/0 to the PC.

In this example, assign 192.168.0.2 to the PC.

3.      Launch the Web browser, and enter 192.168.0.1 in the address bar.

The Web login page opens.

4.      Type the default username and password, and click Login.

5.      Select System > Upgrade Center > Software Upgrade from the navigation tree.

6.      Click Upgrade immediately on the Software Upgrade page.

7.      Select the ipe startup file type, select the startup file, and then click OK.

Figure 5 Upgrade Immediately page

 

Upgrading system software from the CLI

You can use TFTP or FTP on the device to access the TFTP or FTP server to back up or download software files.

Using TFTP to upgrade system software

1.      Back up the running system software image and configuration file:

a.    Display current software images and startup software images.

<Sysname> display boot-loader

Software images on slot 1:

Current software images:

  cfa0:/main-cmw710-boot-R8513.bin

  cfa0:/main-cmw710-system-R8513.bin

Main startup software images:

  cfa0:/main-cmw710-boot-R8513.bin

  cfa0:/main-cmw710-system-R8513.bin

Backup startup software images:

  None

b.    Back up the current software images.

<Sysname> copy main-cmw710-boot-R8513.bin boot_backup.bin

<Sysname> copy main-cmw710-system-R8513.bin system_backup.bin

c.    Specify boot_backup.bin and system_backup.bin as the backup startup image files.

<Sysname> boot-loader file boot cfa0:/boot_backup.bin system cfa0:/system_backup.bin backup

d.    Execute the save command in any view to save the running configuration.

<Sysname> save

The current configuration will be written to the device. Are you sure? [Y/N]:y

Please input the file name(*.cfg)[cfa0:/startup.cfg]

(To leave the existing filename unchanged, press the enter key):

cfa0:/startup.cfg exists, overwrite? [Y/N]:y

Validating file. Please wait...

Saved the current configuration to mainboard device successfully.

e.    Execute the dir command in user view to identify the system software image and configuration file names and verify that the CF card has sufficient space for the new system software image.

<Sysname> dir

Directory of cfa0:

   0 -rw-        4269 Jul 12 2018 13:34:36   + attachmentname + .ak

   1 -rw-     5723136 Oct 24 2018 13:03:16   boot_backup.bin

   2 drw-           - Sep 26 2018 15:21:36   diagfile

   3 drw-           - Sep 14 2018 08:04:50   dpi

   4 -rw-     5723136 Oct 23 2018 16:52:51   main-cmw710-boot-R8513.bin

   5 -rw-   137090048 Oct 23 2018 16:58:19   main-cmw710-system-R8513.bin

   6 -rw-         735 Sep 13 2018 19:16:22   hostkey

   7 -rw-         730 Oct 23 2018 16:58:50   ifindex.dat

   8 drw-           - Jul 12 2018 13:34:36   license

   9 drw-           - Sep 13 2018 18:29:20   logfile

  10 drw-           - Sep 13 2018 19:16:24   pki

  11 drw-           - Sep 13 2018 18:33:24   seclog

  12 -rw-         591 Sep 13 2018 19:16:24   serverkey

  13 -rw-        5109 Oct 23 2018 16:58:50   startup.cfg

  14 -rw-      134782 Oct 23 2018 16:58:51   startup.mdb

  15 -rw-   137090048 Oct 24 2018 13:11:57   system_backup.bin

  16 drw-           - Oct 23 2018 17:04:21   versionInfo

 

4088468 KB total (3972960 KB free)

f.     Execute the tftp put command in user view to upload the startup.cfg file to the TFTP server.

<Sysname> tftp 192.168.0.2 put startup.cfg

Press CTRL+C to abort.

  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current

                                 Dload  Upload   Total   Spent    Left  Speed

100  3950    0     0  100  3950      0   204k --:--:-- --:--:-- --:--:--  642k

2.      Upgrade the system software:

a.    Execute the tftp get command in user view to download the system software image file to the CF card on the device.

<Sysname> tftp 192.168.0.2 get main.ipe

 

Press CTRL+C to abort.

  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current

                                 Dload  Upload   Total   Spent    Left  Speed

100  102M  100  102M    0     0   461k      0  0:03:48  0:03:48 --:--:--  554k

Writing file...Done.

 

<Sysname>

b.    Execute the boot-loader file command in user view to load the main.ipe file and specify it as the main image file at the next reboot.

<Sysname> boot-loader file cfa0:/main.ipe all main

Verifying the file cfa0:/main.ipe on slot 1.........Done.

H3C SecPath T5020 images in IPE:

  main-cmw710-boot-R8514.bin

  main-cmw710-system-R8514.bin

This command will set the main startup software images. Please do not reboot any MPU during the upgrade. Continue? [Y/N]:y

Add images to slot 1.

File cfa0:/main-cmw710-boot-R8514.bin already exists on slot 1.

File cfa0:/main-cmw710-system-R8514.bin already exists on slot 1.

Overwrite the existing files? [Y/N]:y

Decompressing file main-cmw710-boot-R8514.bin to cfa0:/main-cmw710-boot-R8514.bin..........Done.

Decompressing file main-cmw710-system-R8514.bin to cfa0:/main-cmw710-system-R8514.bin............................................................................................................................................................................Done.

Verifying the file cfa0:/main-cmw710-boot-R8514.bin on slot 1...Done.

Verifying the file cfa0:/main-cmw710-system-R8514.bin on slot 1.........Done.

The images that have passed all examinations will be used as the main startup software images at the next reboot on slot 1.

Decompression completed.

Do you want to delete cfa0:/main.ipe now? [Y/N]:N

<Sysname>

c.    Execute the display boot-loader command in user view to verify that the file has been loaded.

<Sysname> display boot-loader

Software images on slot 1:

Current software images:

  cfa0:/main-cmw710-boot-R8513.bin

  cfa0:/main-cmw710-system-R8513.bin

Main startup software images:

  cfa0:/main-cmw710-boot-R8514.bin

  cfa0:/main-cmw710-system-R8514.bin

Backup startup software images:

  cfa0:/boot_backup.bin

  cfa0:/system_backup.bin

<Sysname>

d.    Execute the reboot command in user view to reboot the device.

<Sysname> reboot

 Start to check configuration with next startup configuration file, please wait.

........DONE!

 This command will reboot the device. Continue? [Y/N]:y

System is starting...

e.    After the reboot is complete, execute the display version command to verify that the system software image is correct.

<Sysname> display version

H3C Comware Software, Version 7.1.064, Release 8514

Copyright (c) 2004-2018 New H3C Technologies Co., Ltd. All rights reserved.

H3C SecPath T5020 uptime is 0 weeks, 2 days, 5 hours, 53 minutes

Last reboot reason: User reboot

 

Boot image: cfa0:/main-cmw710-boot-R8514.bin

Boot image version: 7.1.064, Release 8514

  Compiled Sep 18 2018 15:00:00

System image: cfa0:/main-cmw710-system-R8514.bin

System image version: 7.1.064, Release 8514

  Compiled Sep 18 2018 15:00:00

 

SLOT 1

Uptime is 0 weeks, 2 days, 5 hours, 53 minutes

CPU type: Multi-core CPU

DDR3 SDRAM Memory      32766M bytes

CF0 Card         4002M bytes

Board PCB        Version:Ver.A

CPLD_A           Version:  1.0

CPLD_B           Version:  2.0

Release          Version:SecPath T5020-8514    

Basic  BootWare  Version: 2.04

Extend BootWare  Version: 2.04

<Sysname>

Using FTP to upgrade system software

1.      Back up the running system software image and configuration file:

a.    Display current software images and startup software images.

<Sysname> display boot-loader

Software images on slot 1:

Current software images:

  cfa0:/main-cmw710-boot-R8513.bin

  cfa0:/main-cmw710-system-R8513.bin

Main startup software images:

  cfa0:/main-cmw710-boot-R8513.bin

  cfa0:/main-cmw710-system-R8513.bin

Backup startup software images:

  None

<Sysname>

b.    Back up the current software images.

<Sysname> copy main-cmw710-boot-R8513.bin boot_backup.bin

<Sysname> copy main-cmw710-system-R8513.bin system_backup.bin

c.    Specify boot_backup.bin and system_backup.bin as the backup startup image files.

<Sysname> boot-loader file boot cfa0:/boot_backup.bin system cfa0:/system_backup.bin backup

d.    Execute the save command in any view to save the running configuration.

<Sysname> save

The current configuration will be written to the device. Are you sure? [Y/N]:y

Please input the file name(*.cfg)[cfa0:/startup.cfg]

(To leave the existing filename unchanged, press the enter key):

cfa0:/startup.cfg exists, overwrite? [Y/N]:y

Validating file. Please wait...

Saved the current configuration to mainboard device successfully.

<Sysname>

e.    Execute the dir command in user view to identify the system software image and configuration file names and verify that the CF card has sufficient space for the new system software image.

<Sysname> dir

Directory of cfa0:

   0 -rw-        4269 Jul 12 2018 13:34:36   + attachmentname + .ak

   1 -rw-     5723136 Oct 24 2018 13:03:16   boot_backup.bin

   2 drw-           - Sep 26 2018 15:21:36   diagfile

   3 drw-           - Sep 14 2018 08:04:50   dpi

   4 -rw-     5723136 Oct 23 2018 16:52:51   main-cmw710-boot-R8513.bin

   5 -rw-   137090048 Oct 23 2018 16:58:19   main-cmw710-system-R8513.bin

   6 -rw-         735 Sep 13 2018 19:16:22   hostkey

   7 -rw-         730 Oct 23 2018 16:58:50   ifindex.dat

   8 drw-           - Jul 12 2018 13:34:36   license

   9 drw-           - Sep 13 2018 18:29:20   logfile

  10 drw-           - Sep 13 2018 19:16:24   pki

  11 drw-           - Sep 13 2018 18:33:24   seclog

  12 -rw-         591 Sep 13 2018 19:16:24   serverkey

  13 -rw-        5109 Oct 23 2018 16:58:50   startup.cfg

  14 -rw-      134782 Oct 23 2018 16:58:51   startup.mdb

  15 -rw-   137090048 Oct 24 2018 13:11:57   system_backup.bin

  16 drw-           - Oct 23 2018 17:04:21   versionInfo

 

4088468 KB total (3972960 KB free)

 

<Sysname>

f.     Execute the ftp command in user view to access the FTP server.

<Sysname> ftp 192.168.0.2

Press CTRL+C to abort.

Connected to 192.168.0.2 (192.168.0.2).

220 3Com 3CDaemon FTP Server Version 2.0

User (192.168.0.2:(none)): user123

331 User name ok, need password

Password:

230 User logged in

Remote system type is UNIX.

Using binary mode to transfer files.

ftp>

g.    Execute the put command in FTP client view to upload the startup.cfg file to the FTP server.

ftp> put startup.cfg

227 Entering passive mode (192,168,0,2,26,3).

125 Using existing data connection.

226 Closing data connection; File transfer successful.

3950 bytes sent in 0.001 seconds (4.13 Mbytes/s)

ftp>

2.      Upgrade the system software:

a.    Execute the get command in FTP client view to download the system software image file to the CF card on the device.

ftp> get main.ipe

227 Entering passive mode (192,168,0,2,8,252)

125 Using existing data connection

226 Closing data connection; File transfer successful.

107934720 bytes received in 187.994 seconds (560.68 Kbytes/s)

ftp>

b.    Execute the quit command in FTP client view to return to user view.

ftp> quit

221 Service closing control connection

<Sysname>

c.    Execute the boot-loader file command in user view to load the main.ipe file and specify it as the main image file at the next reboot.

<Sysname> boot-loader file cfa0:/main.ipe all main

Verifying the file cfa0:/main.ipe on slot 1.........Done.

H3C SecPath T5020 images in IPE:

  main-cmw710-boot-R8514.bin

  main-cmw710-system-R8514.bin

This command will set the main startup software images. Please do not reboot any MPU during the upgrade. Continue? [Y/N]:y

Add images to slot 1.

File cfa0:/main-cmw710-boot-R8514.bin already exists on slot 1.

File cfa0:/main-cmw710-system-R8514.bin already exists on slot 1.

Overwrite the existing files? [Y/N]:y

Decompressing file main-cmw710-boot-R8514.bin to cfa0:/main-cmw710-boot-R8514.bin..........Done.

Decompressing file main-cmw710-system-R8514.bin to cfa0:/main-cmw710-system-R8514.bin............................................................................................................................................................................Done.

Verifying the file cfa0:/main-cmw710-boot-R8514.bin on slot 1...Done.

Verifying the file cfa0:/main-cmw710-system-R8514.bin on slot 1.........Done.

The images that have passed all examinations will be used as the main startup software images at the next reboot on slot 1.

Decompression completed.

Do you want to delete cfa0:/main.ipe now? [Y/N]:N

<Sysname>

d.    Execute the display boot-loader command in user view to verify that the file has been loaded.

<Sysname> display boot-loader

Software images on slot 2:

Current software images:

  cfa0:/main-cmw710-boot-R8513.bin

  cfa0:/main-cmw710-system-R8513.bin

Main startup software images:

  cfa0:/main-cmw710-boot-R8514.bin

  cfa0:/main-cmw710-system-R8514.bin

Backup startup software images:

  cfa0:/boot_backup.bin

  cfa0:/system_backup.bin

<Sysname>

e.    Execute the reboot command in user view to reboot the device.

<Sysname> reboot

 Start to check configuration with next startup configuration file, please wait.

........DONE!

 This command will reboot the device. Continue? [Y/N]:y

System is starting...

f.     After the reboot is complete, execute the display version command to verify that the system software image is correct.

<Sysname> display version

H3C Comware Software, Version 7.1.064, Release 8514

Copyright (c) 2004-2018 New H3C Technologies Co., Ltd. All rights reserved.

H3C SecPath T5020 uptime is 0 weeks, 2 days, 5 hours, 53 minutes

Last reboot reason: User reboot

 

Boot image: cfa0:/main-cmw710-boot-R8514.bin

Boot image version: 7.1.064, Release 8514

  Compiled Sep 18 2018 15:00:00

System image: cfa0:/main-cmw710-system-R8514.bin

System image version: 7.1.064, Release 8514

  Compiled Sep 18 2018 15:00:00

 

SLOT 1

Uptime is 0 weeks, 2 days, 5 hours, 53 minutes

CPU type: Multi-core CPU

DDR3 SDRAM Memory      32766M bytes

CF0 Card         4002M bytes

Board PCB        Version:Ver.A

CPLD_A           Version:  1.0

CPLD_B           Version:  2.0

Release          Version:SecPath T5020-8514    

Basic  BootWare  Version: 2.04

Extend BootWare  Version: 2.04

 

<Sysname>

Upgrading system software from BootWare menus

To upgrade Comware images from BootWare menus, use one of the following methods:

·            Using TFTP to upgrade system software through the management Ethernet port

·            Using FTP to upgrade system software through the management Ethernet port

Preparing for the upgrade

1.      Connect the configuration terminal to the MPU's console port.

2.      Connect the MPU's management Ethernet port to the TFTP or FTP file server.

The TFTP or FTP server can be co-located with the configuration terminal (typically, a PC).

3.      Prepare the upgrade file:

¡  If you are using TFTP, store the upgrade file on the TFTP server, and specify the directory.

¡  If you are using FTP, store the upgrade file on the FTP server, and specify the directory, FTP username, and password.

4.      Run the terminal emulation program on the configuration terminal.

5.      Power on the device, and then press Ctrl+B within 5 seconds at prompt to access the EXTEND-BOOTWARE menu (see "Using the EXTENDED-BOOTWARE menu").

Using TFTP to upgrade system software through the management Ethernet port

1.      Enter 3 in the EXTEND-BOOTWARE menu to access the Ethernet submenu.

==========================<Enter Ethernet SubMenu>==========================

|Note:the operating device is sda0                                         |

|<1> Download Image Program To SDRAM And Run                               |

|<2> Update Main Image File                                                |

|<3> Update Backup Image File                                              |

|<4> Download Files(*.*)                                                   |

|<5> Modify Ethernet Parameter                                             |

|<0> Exit To Main Menu                                                     |

|<Ensure The Parameter Be Modified Before Downloading!>                    |

============================================================================

Enter your choice(0-5):

2.      Enter 5 in the Ethernet submenu to configure the network settings.

 

 

NOTE:

To use the existing setting for a field, press Enter without modifying the setting.

 

======================<ETHERNET PARAMETER SET>==============================

|Note:       '.' = Clear field.                                            |

|            '-' = Go to previous field.                                   |

|          Ctrl+D = Quit.                                                  |

============================================================================

Protocol (FTP or TFTP):tftp

Load File Name        :main.ipe

Target File Name      :main.ipe

Server IP Address     :192.168.0.2

Local IP Address      :192.168.0.1

Subnet Mask            :255.255.255.0

Gateway IP Address    :0.0.0.0

Table 8 Network parameter fields and shortcut keys

Field

Description

'.' = Clear field

Press a dot (.) and then press Enter to clear the setting for a field.

'-' = Go to previous field

Press a hyphen (-) and then press Enter to return to the previous field.

Ctrl+D = Quit

Press Ctrl+D to exit the ETHERNET PARAMETER SET menu.

Protocol (FTP or TFTP)

Set the file transfer protocol to TFTP.

Load File Name

Set the name of the file to be downloaded.

Target File Name

Set a file name for saving the file on the device. The target file name must have the same extension as the source file.

By default, the target file name is the same as the source file name.

Server IP Address

Set the IP address of the TFTP server.

Local IP Address

Set the IP address of the Ethernet interface that connects to the TFTP server.

Subnet Mask

Set the IP address mask.

Gateway IP Address

Set a gateway IP address if the device is on a different network than the server.

 

After you finish setting the TFTP parameters, the system returns to the Ethernet submenu.

==========================<Enter Ethernet SubMenu>==========================

|Note:the operating device is sda0                                        |

|<1> Download Image Program To SDRAM And Run                               |

|<2> Update Main Image File                                                |

|<3> Update Backup Image File                                              |

|<4> Download Files(*.*)                                                   |

|<5> Modify Ethernet Parameter                                             |

|<0> Exit To Main Menu                                                     |

|<Ensure The Parameter Be Modified Before Downloading!>                    |

============================================================================

Enter your choice(0-5):

3.      Enter 2 or 3 in the Ethernet submenu to upgrade the main or backup software images. For example, enter 2 to upgrade the main software images.

Loading.....................................................................

............................................................................

.........................Done!

94786560 bytes downloaded!

Image file main-cmw710-boot-A9615.bin is self-decompressing...

Saving file sda0:/main-cmw710-boot-A9615.bin ......Done.

Image file main-cmw710-system-A9615.bin is self-decompressing...

Saving file sda0:/main-cmw710-system-A9615.bin .......................

............................................................................

..................Done.  .

==========================<Enter Ethernet SubMenu>==========================

|Note:the operating device is sda0                                        |

|<1> Download Image Program To SDRAM And Run                               |

|<2> Update Main Image File                                                |

|<3> Update Backup Image File                                              |

|<4> Download Files(*.*)                                                   |

|<5> Modify Ethernet Parameter                                             |

|<0> Exit To Main Menu                                                     |

|<Ensure The Parameter Be Modified Before Downloading!>                    |

============================================================================

Enter your choice(0-5):

4.      Enter 0 in the Ethernet submenu to return to the EXTEND-BOOTWARE menu.

5.      Enter 1 in the EXTEND-BOOTWARE menu to run the new Comware images.

Using FTP to upgrade system software through the management Ethernet port

1.      Enter 3 in the EXTEND-BOOTWARE menu to access the Ethernet submenu.

==========================<Enter Ethernet SubMenu>==========================

|Note:the operating device is sda0                                        |

|<1> Download Image Program To SDRAM And Run                               |

|<2> Update Main Image File                                                |

|<3> Update Backup Image File                                              |

|<4> Download Files(*.*)                                                   |

|<5> Modify Ethernet Parameter                                             |

|<0> Exit To Main Menu                                                     |

|<Ensure The Parameter Be Modified Before Downloading!>                    |

============================================================================

Enter your choice(0-5):

2.      Enter 5 in the Ethernet submenu to configure the network settings.

 

 

NOTE:

To use the existing setting for a field, press Enter without modifying the setting.

 

======================<ETHERNET PARAMETER SET>==============================

|Note:       '.' = Clear field.                                            |

|            '-' = Go to previous field.                                   |

|          Ctrl+D = Quit.                                                  |

============================================================================

Protocol (FTP or TFTP):ftp

Load File Name        :main.ipe

Target File Name      :main.ipe

Server IP Address     :192.168.0.2

Local IP Address      :192.168.0.1

Subnet Mask           :255.255.255.0

Gateway IP Address    :0.0.0.0

FTP User Name         :admin

FTP User Password     :******

Table 9 Network parameter fields and shortcut keys

Field

Description

'.' = Clear field

Press a dot (.) and then press Enter to clear the setting for a field.

'-' = Go to previous field

Press a hyphen (-) and then press Enter to return to the previous field.

Ctrl+D = Quit

Press Ctrl+D to exit the ETHERNET PARAMETER SET menu.

Protocol (FTP or TFTP)

Set the file transfer protocol to FTP.

Load File Name

Set the name of the file to be downloaded.

Target File Name

Set a file name for saving the file on the device. The target file name must have the same extension as the source file.

By default, the target file name is the same as the source file name.

Server IP Address

Set the IP address of the FTP or TFTP server.

Local IP Address

Set the IP address of the Ethernet interface that connects to the TFTP or FTP server.

Subnet Mask

Set the IP address mask.

Gateway IP Address

Set a gateway IP address if the device is on a different network than the server.

FTP User Name

Set the username for accessing the FTP server. This username must be the same as the username configured on the FTP server.

FTP User Password

Set the password for accessing the FTP server. This password must be the same as the password configured on the FTP server.

 

After you finish setting the FTP parameters, the system returns to the Ethernet submenu.

==========================<Enter Ethernet SubMenu>==========================

|Note:the operating device is sda0                                         |

|<1> Download Image Program To SDRAM And Run                               |

|<2> Update Main Image File                                                |

|<3> Update Backup Image File                                              |

|<4> Download Files(*.*)                                                   |

|<5> Modify Ethernet Parameter                                             |

|<0> Exit To Main Menu                                                     |

|<Ensure The Parameter Be Modified Before Downloading!>                    |

============================================================================

Enter your choice(0-5):

3.      Enter 2 or 3 in the Ethernet submenu to upgrade the main or backup software images. For example, enter 2 to upgrade the main software images.

Loading.....................................................................

............................................................................

.........................Done!

94786560 bytes downloaded!

Image file main-cmw710-boot-A9615.bin is self-decompressing...

Saving file sda0:/main-cmw710-boot-A9615.bin ......Done.

Image file main-cmw710-system-A9615.bin is self-decompressing...

Saving file sda0:/main-cmw710-system-A9615.bin .......................

............................................................................

..................Done.

==========================<Enter Ethernet SubMenu>==========================

|Note:the operating device is sda0                                         |

|<1> Download Image Program To SDRAM And Run                               |

|<2> Update Main Image File                                                |

|<3> Update Backup Image File                                              |

|<4> Download Files(*.*)                                                   |

|<5> Modify Ethernet Parameter                                             |

|<0> Exit To Main Menu                                                     |

|<Ensure The Parameter Be Modified Before Downloading!>                    |

============================================================================

Enter your choice(0-5):

4.      Enter 0 in the Ethernet submenu to return to the EXTEND-BOOTWARE menu.

5.      Enter 1 in the EXTEND-BOOTWARE menu to run the new system software.

Upgrading the BootWare

You can upgrade the BootWare from the CLI or BootWare menus.

Upgrading the BootWare from the CLI

Whether a .btw file is compressed together with an .ipe file depends on the device model and software release. Please check it with H3C technical support. This section describes only how to upgrade the BootWare from the CLI.

To upgrade the BootWare from the CLI:

1.      Use FTP or TFTP to download or upload the new BootWare image file to the root directory of the storage medium on the device.

2.      Execute the bootrom update command to upgrade the BootWare.

<System> bootrom update file cfa0:/main.btw slot 2

  This command will update bootrom file, Continue? [Y/N]:y

  Now updating bootrom, please wait...

 

 Updating basic bootrom!

 

 Update basic bootrom success!

 Updating extended bootrom!

 

 Update extended bootrom success!

 Update bootrom success!

<System>

3.      Execute the reboot command to reboot the device.

Upgrading BootWare from BootWare menus

To upgrade the BootWare image from BootWare menus, use one of the following methods:

·            Using TFTP to upgrade BootWare through the management Ethernet port

·            Using FTP to upgrade BootWare through the management Ethernet port

For more information about BootWare menus, see "Using BootWare menus."

 

 

NOTE:

This section uses the MPU as an example to describe how to upgrade BootWare.

 

Preparing for the upgrade

1.      Connect the MPU's console port to the configuration terminal.

2.      Connect the MPU's management Ethernet port to the TFTP or FTP file server.

The TFTP or FTP server can be co-located with the configuration terminal (typically, a PC).

3.      Prepare the upgrade file:

¡  If you are using TFTP, store the upgrade file on the TFTP server, and specify the file directory.

¡  If you are using FTP, store the upgrade file on the FTP server, and specify the file directory, FTP username, and password.

4.      Run the terminal emulation program on the configuration terminal.

5.      Power on the device, and then press Ctrl+B within 5 seconds at prompt to access the EXTEND-BOOTWARE menu (see "Using the EXTENDED-BOOTWARE menu").

Using TFTP to upgrade BootWare through the management Ethernet port

1.      Enter 7 in the BootWare menu to access the BootWare Operation submenu.

=========================<BootWare Operation Menu>==========================

|Note:the operating device is sda0                                        |

|<1> Backup Full BootWare                                                  |

|<2> Restore Full BootWare                                                 |

|<3> Update BootWare By Serial                                             |

|<4> Update BootWare By Ethernet                                           |

|<0> Exit To Main Menu                                                     |

============================================================================

Enter your choice(0-4):

2.      Enter 4 in the BootWare Operation submenu to enter the Ethernet submenu.

===================<BOOTWARE OPERATION ETHERNET SUB-MENU>===================

|<1> Update Full BootWare                                                  |

|<2> Update Extended BootWare                                              |

|<3> Update Basic BootWare                                                 |

|<4> Modify Ethernet Parameter                                             |

|<0> Exit To Main Menu                                                     |

============================================================================

Enter your choice(0-4):

3.      Enter 4 in the Ethernet submenu to configure the network settings.

 

 

NOTE:

To use the existing setting for a field, press Enter without modifying the setting.

 

==========================<ETHERNET PARAMETER SET>==========================

|Note:       '.' = Clear field.                                            |

|            '-' = Go to previous field.                                   |

|          Ctrl+D = Quit.                                                  |

============================================================================

Protocol (FTP or TFTP):tftp

Load File Name         :Main.btw

                       :

Target File Name       :Main.btw

                       :

Server IP Address      :192.168.0.2

Local IP Address       :192.168.0.1

Subnet Mask            :255.255.255.0

Gateway IP Address     :0.0.0.0

For more information about the fields, see Table 8.

After you finish setting the TFTP parameters, the system returns to the BOOTWARE OPERATION ETHERNET submenu.

===================<BOOTWARE OPERATION ETHERNET SUB-MENU>===================

|<1> Update Full BootWare                                                  |

|<2> Update Extended BootWare                                              |

|<3> Update Basic BootWare                                                 |

|<4> Modify Ethernet Parameter                                             |

|<0> Exit To Main Menu                                                     |

============================================================================

Enter your choice(0-4):

4.      Choose an option from options 1 to 3. For example, enter 1 to upgrade the entire BootWare image.

Loading..............Done.

64245 bytes downloaded!

Updating Basic BootWare? [Y/N]

5.      Enter Y to upgrade the basic BootWare segment.

Updating Basic BootWare........Done.

Updating Extended BootWare? [Y/N]

6.      Enter Y to upgrade the extended BootWare segment.

Updating Extended BootWare.........Done!

 

===================<BOOTWARE OPERATION ETHERNET SUB-MENU>===================

|<1> Update Full BootWare                                                  |

|<2> Update Extended BootWare                                              |

|<3> Update Basic BootWare                                                 |

|<4> Modify Ethernet Parameter                                             |

|<0> Exit To Main Menu                                                     |

============================================================================

Enter your choice(0-4):

7.      Enter 0 to return to the BootWare Operation menu.

8.      Enter 0 in the BootWare Operation menu to return to the EXTEND-BOOTWARE menu.

9.      Enter 0 in the EXTEND-BOOTWARE menu to reboot the system.

Using FTP to upgrade BootWare through the management Ethernet port

1.      Enter 7 in the BootWare menu to access the BootWare Operation submenu.

=========================<BootWare Operation Menu>==========================

|Note:the operating device is sda0                                        |

|<1> Backup Full BootWare                                                  |

|<2> Restore Full BootWare                                                 |

|<3> Update BootWare By Serial                                             |

|<4> Update BootWare By Ethernet                                           |

|<0> Exit To Main Menu                                                     |

============================================================================

Enter your choice(0-4):

2.      Enter 4 in the BootWare Operation submenu to enter the Ethernet submenu.

===================<BOOTWARE OPERATION ETHERNET SUB-MENU>===================

|<1> Update Full BootWare                                                  |

|<2> Update Extended BootWare                                              |

|<3> Update Basic BootWare                                                 |

|<4> Modify Ethernet Parameter                                             |

|<0> Exit To Main Menu                                                     |

============================================================================

Enter your choice(0-4):

3.      Enter 4 in the Ethernet submenu to configure the network settings.

 

 

NOTE:

To use the existing setting for a field, press Enter without modifying the setting.

 

==========================<ETHERNET PARAMETER SET>==========================

|Note:       '.' = Clear field.                                            |

|            '-' = Go to previous field.                                   |

|          Ctrl+D = Quit.                                                  |

============================================================================

Protocol (FTP or TFTP) :ftp

Load File Name         :Main.btw

                       :

Target File Name       :Main.btw

                       :

Server IP Address      :192.168.0.2

Local IP Address       :192.168.0.1

Subnet Mask            :255.255.255.0

Gateway IP Address     :0.0.0.0

FTP User Name          :admin

FTP User Password      :******

For more information about the fields, see Table 9.

After you finish setting the FTP parameters, the system returns to the BOOTWARE OPERATION ETHERNET submenu.

===================<BOOTWARE OPERATION ETHERNET SUB-MENU>===================

|<1> Update Full BootWare                                                  |

|<2> Update Extended BootWare                                              |

|<3> Update Basic BootWare                                                 |

|<4> Modify Ethernet Parameter                                             |

|<0> Exit To Main Menu                                                     |

============================================================================

Enter your choice(0-4):

4.      Choose an option from options 1 to 3. For example, enter 1 to upgrade the entire BootWare image.

Loading.......Done.

64245 bytes downloaded!

Updating Basic BootWare? [Y/N]

5.      Enter Y to upgrade the basic BootWare segment.

Updating Basic BootWare........Done.

Updating Extended BootWare? [Y/N]

6.      Enter Y to upgrade the extended BootWare segment.

Updating Extended BootWare.........Done.

 

===================<BOOTWARE OPERATION ETHERNET SUB-MENU>===================

|<1> Update Full BootWare                                                  |

|<2> Update Extended BootWare                                              |

|<3> Update Basic BootWare                                                 |

|<4> Modify Ethernet Parameter                                             |

|<0> Exit To Main Menu                                                     |

============================================================================

Enter your choice(0-4):

7.      Enter 0 to return to the BootWare Operation menu.

8.      Enter 0 in the BootWare Operation menu to return to the EXTEND-BOOTWARE menu.

9.      Enter 0 in the EXTEND-BOOTWARE menu to reboot the system.

Handling software upgrade failures

If a software upgrade fails, the system runs the old software version. To handle a software failure:

1.      Check the physical ports for a loose or incorrect connection, and verify that the LEDs are reflecting the correct port status.

2.      If you are using the console port for file transfer, check the HyperTerminal settings (including the baud rate and data bits) for any wrong setting.

3.      Check the file transfer settings:

¡  If TFTP is used, you must enter the same server IP addresses, file name, and working directory as set on the TFTP server.

¡  If FTP is used, you must enter the same FTP server IP address, source file name, working directory, and FTP username and password as set on the FTP server.

4.      Check the FTP or TFTP server for incorrect settings.

5.      Check that the CF card has sufficient space for the upgrade file.

6.      If the message "Something is wrong with the file" appears, check the file for file corruption.

Appendix D Using BootWare menus

Overview

BootWare provides a menu method to perform basic file operations, software upgrade, and system management when the Comware CLI is inaccessible because of image corruption.

BootWare is stored in each MPU's built-in the SD card. It has one basic segment and one extended segment. The basic segment enables the system to complete basic initialization, and the extended segment bootstraps the Comware images.

BootWare menus

Table 10 lists the menus that each segment provides and the major tasks you can perform using these menus. You can access these menus only during system startup.

Table 10 BootWare menus

BootWare segment

Menu

Tasks

Reference

Basic

BASIC-BOOTWARE

·          Modify serial port parameters.

·          Upgrade BootWare.

·          Start the primary or backup BootWare extended segment.

Using the BASIC-BOOTWARE menu

Basic

BASIC ASSISTANT

Perform RAM test.

Accessing the BASIC-BOOTWARE menu

Extended

EXTEND-BOOTWARE

·          Upgrade Comware software.

·          Manage files.

·          Access the system when the console login password is lost.

·          Clear user privilege passwords.

Using the EXTENDED-BOOTWARE menu

Extended

EXTEND-ASSISTANT

·          Examine system memory.

·          Search system memory.

Accessing the EXTEND ASSISTANT submenu

 

BootWare shortcut keys

BootWare provides the shortcut keys listed in Table 11.

Table 11 BootWare shortcut keys

Shortcut keys

Prompt message

Function

Ctrl+B

access EXTENDED-BOOTWARE MENU

Accesses the EXTENDED-BOOTWARE menu while the device is starting up.

Ctrl+C

Please Start To Transfer File, Press <Ctrl+C> To Exit.

Stops the ongoing file transfer and exits the current operation interface.

Info: Press Ctrl+C to abort or return to EXTENDED ASSISTANT MENU.

Returns to the EXTENDED ASSISTANT menu. If the system is outputting the result of an operation, this shortcut key combination aborts the display first.

Ctrl+D

Press Ctrl+D to access BASIC-BOOTWARE MENU

Accesses the BASIC-BOOTWARE menu while the device is starting up.

Ctrl+D = Quit

Exits the parameter settings menu.

Ctrl+E

Memory Test(press Ctrl+C to skip it,press Ctrl+E to ECHO INFO)

Prints information during the memory test.

Ctrl+F

Ctrl+F: Format File System

Formats the current storage medium.

Ctrl+T

Press Ctrl+T to start memory test

Performs a memory test.

Ctrl+U

Access BASIC ASSISTANT MENU

Accesses the BASIC ASSISTANT menu from the BASIC-BOOTWARE menu.

Ctrl+Z

Ctrl+Z: Access EXTENDED ASSISTANT MENU

Accesses the EXTENDED ASSISTANT menu from the EXTENDED-BOOTWARE menu.

 

Using the BASIC-BOOTWARE menu

Accessing the BASIC-BOOTWARE menu

1.      Power on the device.

2.      Press Ctrl+D within 4 seconds after the "Press Ctrl+D to access BASIC-BOOTWARE MENU" prompt message appears. If you fail to do this within the time limit, the system starts to run the extended BootWare segment.

======================<BASIC-BOOTWARE MENU(Ver 1.19)>=======================

|<1> Modify Serial Interface Parameter                                     |

|<2> Update Extended BootWare                                              |

|<3> Update Full BootWare                                                  |

|<4> Boot Extended BootWare                                                |

|<5> Boot Backup Extended BootWare                                         |

|<0> Reboot                                                                |

============================================================================

Ctrl+U: Access BASIC ASSISTANT MENU

Enter your choice(0-5):

Table 12 BASIC-BOOTWARE menu options

Option

Task

Reference

<1> Modify Serial Interface Parameter

Change the baud rate of the console port.

Perform this task before downloading an image through the console port for software upgrade.

Modifying serial port parameters

<2> Update Extended BootWare

Upgrade the extended BootWare segment.

If the extended segment is corrupt, choose this option to repair it.

Upgrading the extended BootWare segment

<3> Update Full BootWare

Upgrade the entire BootWare, including the basic segment and the extended segment.

Upgrading the entire BootWare

<4> Boot Extended BootWare

Run the primary extended BootWare segment.

Running the primary extended BootWare segment

<5> Boot Backup Extend BootWare

Run the backup extended BootWare segment.

Running the backup extended BootWare segment

<0> Reboot

Reboot the device.

N/A

Ctrl+U: Access BASIC ASSISTANT MENU

Press Ctrl+U to access the BASIC ASSISTANT menu.

Accessing the BASIC ASSISTANT menu

 

Modifying serial port parameters

To change the baud rate of the console port:

1.      Enter 1 in the BASIC-BOOTWARE menu.

Enter your choice(0-5): 1

===============================<BAUDRATE SET>===============================

|Note:'*'indicates the current baudrate                                    |

|     Change The HyperTerminal's Baudrate Accordingly                      |

|---------------------------<Baudrate Available>---------------- ----------|

|<1> 9600(Default)*                                                        |

|<2> 19200                                                                 |

|<3> 38400                                                                 |

|<4> 57600                                                                 |

|<5> 115200                                                                |

|<0> Exit                                                                  |

============================================================================

Enter your choice(0-5):

2.      Enter the number that represents the baud rate you want to choose. For example, enter 5 to set the baud rate to 115200 bps.

 

 

NOTE:

Baud rate change is a one-time operation. The baud rate will restore to the default (9600 bps) at reboot. To set up a console session with the device after a reboot, you must change the baud rate of the configuration terminal back to 9600 bps.

 

Upgrading the extended BootWare segment

Enter 2 in the BASIC-BOOTWARE menu.

Enter your choice(0-5): 2

Please Start To Transfer File, Press <Ctrl+C> To Exit.

Waiting ...CCC

Upgrading the entire BootWare

Enter 3 in the BASIC-BOOTWARE menu.

Enter your choice(0-5): 3

Please Start To Transfer File, Press <Ctrl+C> To Exit.

Waiting ...CCC

Running the primary extended BootWare segment

Enter 4 in the BASIC-BOOTWARE menu.

Enter your choice(0-5): 4

Booting Normal Extended BootWare.

The Extended BootWare is self-decompressing....Done.

****************************************************************************

*                                                                          *

*                   H3C SecPath BootWare, Version 1.05                     *

*                                                                          *

****************************************************************************

Copyright (c) 2004-2017 New H3C Technologies Co., Ltd.

Compiled Date       : Aug 31 2017

Memory Type         : DDR3 SDRAM

Memory Size         : 16384MB

Sda0 Size          : 8MB

sda0 Size           : 3728MB

CPLD Version        : 1.0

PCB Version         : Ver.B

BootWare Validating...

Press Ctrl+B to access EXTENDED-BOOTWARE MENU...

Loading the main image files...

Loading file sda0:/Main-CMW710-SYSTEM-A9615.bin. ......................

............................................................................

...........................Done.

Image file sda0:/Main-CMW710-BOOT-A9615.bin is self-decompressing......

.................................................Done.

System image is starting...

Running the backup extended BootWare segment

Enter 5 in the BASIC-BOOTWARE menu.

For information about backing up the extended BootWare segment, see "Accessing the BootWare Operation submenu."

Enter your choice(0-5): 5

Booting Backup Extended BootWare.

The Extended BootWare is self-decompressing............................Done!

 

 

NOTE:

This option is not supported if the password recovery capability is enabled. For more information about configuring the password recovery capability at the CLI, see "Controlling the password recovery capability."

 

Accessing the BASIC ASSISTANT menu

Press Ctrl+U in the BASIC-BOOTWARE menu.

===========================<BASIC-ASSISTANT MENU>===========================

|<1> RAM Test                                                              |

|<0> Exit To Main Menu                                                     |

============================================================================

Enter your choice(0-1):

Table 13 BASIC ASSISTANT menu options

Option

Description

<1> RAM Test

Test the memory.

<2> Exit To Main Menu

Return to the BASIC-BOOTWARE menu.

 

Testing the memory

IMPORTANT:

To avoid unexpected exceptions, perform this task under the guidance of H3C Support.

 

To test the memory, use one of the following methods:

·            In the BASIC-BOOTWARE menu, press Ctrl+T within 4 seconds after the "Press Ctrl+T to start memory test" prompt message appears.

·            In the BASIC-BOOTWARE menu, press Ctrl+U to access the BASIC ASSISTANT menu.

Using the EXTENDED-BOOTWARE menu

Accessing the EXTENDED-BOOTWARE menu

1.      Power on the device.

2.      Press Ctrl+B within 5 seconds after the "Press Ctrl+B to access EXTENDED-BOOTWARE MENU..." prompt message appears. If you fail to do this within the time limit, the system starts up.

System is starting...

Press Ctrl+D to access BASIC-BOOTWARE MENU...

Press Ctrl+T to start heavy memory test..

Booting Normal Extended BootWare

The Extended BootWare is self-decompressing....Done.

 

****************************************************************************

*                                                                          *

*                   H3C SecPath BootWare, Version 1.05                     *

*                                                                          *

****************************************************************************

Copyright (c) 2004-2017 New H3C Technologies Co., Ltd.

 

Compiled Date       : Aug 31 2017

Memory Type         : DDR3 SDRAM

Memory Size         : 16384MB

Sda0 Size          : 8MB

sda0 Size           : 3728MB

CPLD Version        : 1.0

PCB Version         : Ver.B

 

 

BootWare Validating...

Press Ctrl+B to access EXTENDED-BOOTWARE MENU...

 

Password recovery capability is enabled.

Note: The current operating device is sda0

Enter < Storage Device Operation > to select device.

3.      Press Enter to access the EXTENDED-BOOTWARE menu.

===========================<EXTENDED-BOOTWARE MENU>=========================

|<1> Boot System                                                           |

|<2> Enter Serial SubMenu                                                  |

|<3> Enter Ethernet SubMenu                                                |

|<4> File Control                                                          |

|<5> Restore to Factory Default Configuration                              |

|<6> Skip Current System Configuration                                     |

|<7> BootWare Operation Menu                                               |

|<8> Skip Authentication for Console Login                                 |

|<9> Storage Device Operation                                              |

|<0> Reboot                                                                |

============================================================================

Ctrl+Z: Access EXTENDED ASSISTANT MENU

Ctrl+F: Format File System

Enter your choice(0-9):   

Availability of some options in this menu depends on the password recovery capability state (displayed on top of the EXTEND-BOOTWARE menu). For more information about the feature, see "Controlling the password recovery capability."

Table 14 EXTENDED-BOOTWARE menu options

Option

Tasks

Reference

<1> Boot System

Run the Comware software without rebooting the device.

Choose this option after completing operations in the EXTENDED-BOOTWARE menu.

N/A

<2> Enter Serial SubMenu

Accessing the Serial submenu.

Accessing the Serial submenu

<3> Enter Ethernet SubMenu

Use FTP or TFTP to upgrade Comware images through the management Ethernet port.

Accessing the Ethernet submenu

<4> File Control

·          Display files on the current storage medium.

·          Set a Comware image file as the main or backup startup software image file.

·          Delete files to release storage space.

Managing files

<5> Restore to Factory Default Configuration

Restore the factory-default configuration.

This option is available only if password recovery capability is disabled.

Restoring the factory-default configuration

<6> Skip Current System Configuration

Start the device with the factory-default configuration without loading any configuration file.

This option is available only if password recovery capability is enabled.

Skipping the configuration file

<7> BootWare Operation Menu

Back up, recover, and upgrade the BootWare image.

Accessing the BootWare Operation submenu

<8> Skip Authentication for Console Login

Skip console login authentication.

This option is available only if password recovery capability is enabled.

This is a one-time operation and takes effect only for the first system boot or reboot after you choose this option.

Skipping console login authentication

<9> Storage Device Operation

Set the storage medium from which the device will start up.

Set the storage medium where file operations are performed. This storage medium is referred to as the "current storage medium."

Managing storage media

Ctrl+F: Format File System

Format the file system.

Formatting the file system

Ctrl+Z: Access EXTENDED ASSISTANT MENU

Access the EXTENDED ASSISTANT menu.

Accessing the EXTEND ASSISTANT submenu

<0> Reboot

Reboot the device.

N/A

 

Controlling the password recovery capability

Password recovery capability controls console user access to the device configuration from BootWare menus. This feature decides the method to handle a password loss situation.

·            If password recovery capability is enabled, a console user can handle a password loss situation as follows:

¡  If the console login password is lost, the user can skip console login authentication, and then access the CLI to configure a new password.

¡  If a user role password is lost, the user can skip the configuration file, and then access the CLI to configure a new password.

·            If password recovery capability is disabled, console users must restore the factory-default configuration before they can configure new passwords.

To enhance system security, disable password recovery capability.

To enable or disable password recovery capability:

 

Step

Command

Remarks

4.      Enter system view.

system-view

N/A

5.      Enable or disabled password recovery capability.

·          Enable the feature:
password-recovery enable

·          Disable the feature:
undo password-recovery enable

By default, password recovery capability is enabled.

 

Running Comware images

Enter 1 in the EXTEND-BOOTWARE menu.

Enter your choice(0-9): 1

Loading the main image files...

Loading file cfa0:/main-cmw710-system-e8526.bin.........................

............................................................................

.....................................................Done.

Loading file cfa0:/main-cmw710-boot-e8526.bin...........................

...................................Done.

Image file cfa0:/main-cmw710-boot-e8526.bin is self-decompressing.......

............................................................................

........Done.

System image is starting...

Accessing the Serial submenu

Enter 2 in the EXTEND-BOOTWARE menu.

Enter your choice(0-9): 2

===========================<Enter Serial SubMenu>===========================

|Note:the operating device is sda0                                        |

|<1> Download Image  Program To SDRAM And Run                              |

|<2> Update Main Image File                                                |

|<3> Update Backup Image File                                              |

|<4> Download Files(*.*)                                                   |

|<5> Modify Serial Interface Parameter                                     |

|<0> Exit To Main Menu                                                     |

============================================================================

Enter your choice(0-5):

Table 15 Serial submenu options

Option

Tasks

<1> Download Image Program To SDRAM And Run

Load and run Comware images in SDRAM.

This option is available only if password recovery capability is enabled.

<2> Update Main Image File

Download Comware images to the current storage medium as the main images (the file attribute is set to M).

As a result, the M file attribute of the original main images is removed.

<3> Update Backup Image File

Download Comware images to the current storage medium as backup images (the file attribute is set to B).

As a result, the B file attribute of the original backup images is removed.

<4> Download Files(*.*)

Download files from the server to the device.

<5> Modify Serial Interface Parameter

Change the baud rate of the console port.

The baud rate change is a one-time operation. The baud rate will restore to the default (9600 bps) at reboot. To set up a console session with the device after a reboot, you must change the baud rate setting on the configuration terminal to 9600 bps.

<0> Exit To Main Menu

Return to the EXTENDED-BOOTWARE menu.

 

 

NOTE:

To set the current storage medium, see "Managing storage media."

 

Accessing the Ethernet submenu

You can upgrade the Comware software through the management Ethernet port from the Ethernet submenu and configure file transfer settings.

1.      Enter 3 in the EXTENDED-BOOTWARE menu and press Enter to access the Ethernet submenu.

Enter your choice(0-9):3

==========================<Enter Ethernet SubMenu>==========================

|Note:the operating device is sda0                                        |

|<1> Download Image Program To SDRAM And Run                               |

|<2> Update Main Image File                                                |

|<3> Update Backup Image File                                              |

|<4> Download Files(*.*)                                                   |

|<5> Modify Ethernet Parameter                                             |

|<0> Exit To Main Menu                                                     |

|<Ensure The Parameter Be Modified Before Downloading!>                    |

============================================================================

Enter your choice(0-5):  

Table 16 Ethernet submenu options

Option

Description

<1> Download Image Program To SDRAM And Run

Load and run software images in SDRAM.

If password recovery capability is enabled, this option is not available.

<2> Update Main Image File

Download software images to the current storage medium as main images (the file attribute is set to M).

As a result, the M file attribute of the original main images is removed.

<3> Update Backup Image File

Download software images to the current storage medium as backup images (the file attribute is set to B).

As a result, the B file attribute of the original backup images is removed.

<4> Download Files(*.*)

Download files from the server to the device.

<5> Modify Ethernet Parameter

Configure FTP or TFTP file transfer settings.

<0> Exit To Main Menu

Return to the EXTENDED-BOOTWARE menu.

 

2.      Enter 4 in the Ethernet submenu to configure file transfer settings on the MPU.

Enter your choice(0-4):4

======================<ETHERNET PARAMETER SET>=============================

|Note:       '.' = Clear field.                                           |

|            '-' = Go to previous field.                                  |

|          Ctrl+D = Quit.                                                 |

===========================================================================

Protocol (FTP or TFTP) :ftp

Load File Name         :main.ipe

                       :

Target File Name       :main.ipe

                       :

Server IP Address      :192.168.0.2

Local IP Address       :192.168.0.1

Subnet Mask            :255.255.255.0

Gateway IP Address     :0.0.0.0

FTP User Name          :admin

FTP User Password      :******

Table 17 Setting Ethernet parameters for file transfer

Field

Description

'.' = Clear field

Press the dot (.), and then press Enter to clear the setting for a field.

'-' = Go to previous field

Press the hyphen (-), and then press Enter to return to the previous field.

Ctrl+D = Quit

Press Ctrl + D to exit the Ethernet parameter settings menu.

Protocol (FTP or TFTP)

Set the file transfer protocol to FTP or TFTP.

Load File Name

Set the name of the file to be downloaded.

Target File Name

Set a file name for saving the file in the current storage medium on the device.

By default, the target file name is the same as the source file name.

Server IP Address

Set the IP address of the FTP or TFTP server.

Local IP Address

Set the IP address of the device.

Subnet Mask

Set the IP address mask.

Gateway IP Address

Set a gateway IP address if the device is on a different network than the server.

FTP User Name

Set the username for accessing the FTP server. This username must be the same as configured on the FTP server. This field is not available for TFTP.

FTP User Password

Set the password for accessing the FTP server. This password must be the same as configured on the FTP server. This field is not available for TFTP.

 

Managing files

You can display all files, set the attribute for a file, and delete a file from the File Control submenu.

Enter 4 in the EXTEND-BOOTWARE menu and then press Enter to access the File Control submenu.

Enter your choice(0-9):4

===============================<File CONTROL>===============================

|Note:the operating device is cfa0                                         |

|<1> Display All File(s)                                                   |

|<2> Set Image File type                                                   |

|<3> Set Bin File type                                                     |

|<4> Set Configuration File type                                           |

|<5> Delete File                                                           |

|<0> Exit To Main Menu                                                     |

============================================================================

Enter your choice(0-5):

Table 18 File Control submenu options

Option

Description

<1> Display All File(s)

Display all files.

<2> Set Image File type

Set the attribute for a software image file.

<3> Set Bin File type

Set the attribute for a .bin file.

<4> Set Configuration File type

Set the type for a configuration file.

<5> Delete File

Delete a file.

<0> Exit To Main Menu

Return to the EXTEND-BOOTWARE menu.

 

Displaying all files

Enter 1 in the File Control submenu.

Enter your choice(0-5): 1

Display all file(s) in cfa0:

 'M' = MAIN      'B' = BACKUP      'N/A' = NOT ASSIGNED

============================================================================

|NO. Size(B)   Time                 Type   Name                            |

|1   956       Jan/21/2019 17:59:34 N/A    cfa0:/ifindex.dat               |

|2   24671     Mar/28/2018 09:08:56 N/A    cfa0:/wdydiudie.cfg             |

|3   735       Mar/28/2018 09:18:22 N/A    cfa0:/hostkey                   |

|4   116549    Oct/09/2017 13:51:02 N/A    cfa0:/lwb-t5k.cfg               |

|5   963       Mar/27/2018 15:24:12 N/A    cfa0:/license/history/deviceid_2|

|0180327152412.did                                                         |

|6   965       Mar/27/2018 15:24:12 N/A    cfa0:/license/210235a1rsh1640000|

|06.did                                                                    |

|7   3237      Dec/25/2017 15:14:54 N/A    cfa0:/license/ngips2017122515235|

|923325.ak                                                                 |

|8   3249      Apr/16/2018 16:40:28 N/A    cfa0:/license/ngips2018041616523|

|608292.ak                                                                 |

|9   1611429   Jan/22/2019 14:14:22 N/A    cfa0:/logfile/logfile.log       |

|10  1048575   Apr/16/2018 17:57:26 N/A    cfa0:/logfile/ips.log           |

|11  5230      Mar/19/2018 14:40:30 N/A    cfa0:/logfile/uflt.log          |

|12  1048405   Apr/16/2018 17:57:26 N/A    cfa0:/logfile/anti-vir.log      |

|13  44840     Aug/10/2017 15:25:46 N/A    cfa0:/logfile/dfilter.log       |

|14  14195     Jan/21/2019 16:47:54 N/A    cfa0:/logfile/cfglog.log        |

|15  251751    Jan/03/2019 09:09:56 N/A    cfa0:/diagfile/diagfile.log     |

|16  69784     Mar/28/2018 09:18:28 N/A    cfa0:/dpi/ips/predefined/ips_sig|

|pack_curr.dat                                                             |

|17  2373992   Mar/28/2018 09:18:28 N/A    cfa0:/dpi/ips/predefined/ips_sig|

|pack_back.dat                                                             |

|18  32027352  Apr/16/2018 16:56:28 N/A    cfa0:/dpi/av/predefined/av_sigpa|

|ck_curr.dat                                                               |

|19  9574536   Apr/16/2018 16:48:00 N/A    cfa0:/dpi/av/predefined/av_sigpa|

|ck_back.dat                                                               |

|20  68040     Mar/28/2018 09:18:28 N/A    cfa0:/dpi/uflt/predefined/uflt_s|

|igpack_curr.dat                                                           |

|21  10330760  Mar/28/2018 09:18:36 N/A    cfa0:/dpi/uflt/predefined/uflt_s|

|igpack_back.dat                                                           |

|22  342232    Mar/28/2018 09:18:24 N/A    cfa0:/dpi/apr/predefined/apr_sig|

|pack_curr.dat                                                             |

|23  979448    Mar/28/2018 09:18:24 N/A    cfa0:/dpi/apr/predefined/apr_sig|

|pack_back.dat                                                             |

|24  2840      Jan/22/2019 14:12:46 N/A    cfa0:/dpi/filereg/predefined/fil|

|ereg_sigpack_curr.dat                                                     |

|25  30        Jan/21/2019 16:53:16 N/A    cfa0:/dpi/dpi_sigpack.log       |

|26  1566      Mar/28/2018 09:18:20 N/A    cfa0:/pki/https-server.p12      |

|27  591       Mar/28/2018 09:18:22 N/A    cfa0:/serverkey                 |

|28  259308    Mar/28/2018 09:08:58 N/A    cfa0:/wdydiudie.mdb             |

|29  723419    Oct/09/2017 13:51:04 N/A    cfa0:/lwb-t5k.mdb               |

|30  22692     Jan/21/2019 17:59:36 M      cfa0:/startup.cfg               |

|31  686202    May/20/2017 19:15:56 N/A    cfa0:/pn.cfg                    |

|32  9275      Oct/28/2017 13:50:12 N/A    cfa0:/zp.cfg                    |

|33  807       Oct/09/2017 15:59:54 N/A    cfa0:/.trash/.trashinfo         |

|34  5327872   Aug/15/2017 13:06:42 N/A    cfa0:/.trash/main-cmw710-boo|

|t-e8518.bin_0001                                                          |

|35  5331968   Aug/15/2017 10:30:04 N/A    cfa0:/.trash/main-cmw710-boo|

|t-e8519.bin_0001                                                          |

|36  9048064   Aug/21/2017 13:54:12 N/A    cfa0:/.trash/main-cmw710-boo|

|t-e8520.bin_0001                                                          |

|37  2056192   Aug/12/2017 18:05:54 N/A    cfa0:/.trash/main-cmw710-dev|

|kit-e8518.bin_0001                                                        |

|38  163840    Aug/14/2017 16:57:06 N/A    cfa0:/.trash/main-cmw710-dev|

|kit-e8519.bin_0001                                                        |

|39  163840    Aug/21/2017 14:07:26 N/A    cfa0:/.trash/main-cmw710-dev|

|kit-e8520.bin_0001                                                        |

|40  103891968 Aug/15/2017 13:07:04 N/A    cfa0:/.trash/main-cmw710-sys|

|tem-e8518.bin_0001                                                        |

|41  107120640 Aug/15/2017 10:30:58 N/A    cfa0:/.trash/main-cmw710-sys|

|tem-e8519.bin_0001                                                        |

|42  171900928 Aug/21/2017 14:07:02 N/A    cfa0:/.trash/main-cmw710-sys|

|tem-e8520.bin_0001                                                        |

|43  2238      Jan/22/2019 14:14:22 N/A    cfa0:/context/context3/logfile/l|

|ogfile.log                                                                |

|44  24        Jan/21/2019 17:59:50 N/A    cfa0:/context/context3/ifindex.d|

|at                                                                        |

|45  1192      Jan/21/2019 17:59:50 N/A    cfa0:/context/context3/startup.c|

|fg                                                                        |

|46  34023     Jan/21/2019 17:59:50 N/A    cfa0:/context/context3/startup.m|

|db                                                                        |

|47  18468     Jan/22/2019 14:14:22 N/A    cfa0:/context/context4/logfile/l|

|ogfile.log                                                                |

|48  1566      Mar/28/2018 09:19:08 N/A    cfa0:/context/context4/pki/https|

|-server.p12                                                               |

|49  1671      Jan/22/2019 09:27:00 N/A    cfa0:/context/context4/startup.c|

|fg                                                                        |

|50  37050     Jan/22/2019 09:27:00 N/A    cfa0:/context/context4/startup.m|

|db                                                                        |

|51  52        Jan/22/2019 09:27:00 N/A    cfa0:/context/context4/ifindex.d|

|at                                                                        |

|52  9054208   Apr/20/2018 13:27:02 N/A    cfa0:/main-cmw710-boot-e8526|

|.bin                                                                      |

|53  227919    Jan/21/2019 17:59:36 N/A    cfa0:/startup.mdb               |

|54  186294272 Apr/20/2018 13:27:30 N/A    cfa0:/main-cmw710-system-e85|

|26.bin                                                                    |

|55  123384832 Jan/21/2019 17:20:04 N/A    cfa0:/main.ipe             |

|56  3920      Jul/19/2017 18:32:04 N/A    cfa0:/86.raw                    |

|57  3242      Jul/07/2017 09:36:50 N/A    cfa0:/ngips2017070709142354252.a|

|k                                                                         |

|58  120804    Jun/17/2017 17:00:30 N/A    cfa0:/1.cfg                     |

|59  822025    Jun/17/2017 17:00:34 N/A    cfa0:/1.mdb                     |

|60  120727    Jun/17/2017 17:01:02 N/A    cfa0:/2.cfg                     |

|61  821866    Jun/17/2017 17:01:06 N/A    cfa0:/2.mdb                     |

|62  16        Jan/21/2019 17:48:10 N/A    cfa0:/versioninfo/versionctl.dat|

|63  536       Jan/21/2019 17:48:10 N/A    cfa0:/versioninfo/version0.dat  |

|64  796       Mar/20/2018 16:23:44 N/A    cfa0:/versioninfo/version1.dat  |

|65  796       Mar/20/2018 16:30:22 N/A    cfa0:/versioninfo/version2.dat  |

|66  796       Mar/20/2018 16:32:22 N/A    cfa0:/versioninfo/version3.dat  |

|67  796       Mar/20/2018 16:39:04 N/A    cfa0:/versioninfo/version4.dat  |

|68  536       Mar/27/2018 12:36:40 N/A    cfa0:/versioninfo/version5.dat  |

|69  796       Mar/27/2018 14:23:12 N/A    cfa0:/versioninfo/version6.dat  |

|70  536       Mar/28/2018 09:18:16 N/A    cfa0:/versioninfo/version7.dat  |

|71  796       Apr/16/2018 18:06:04 N/A    cfa0:/versioninfo/version8.dat  |

|72  536       Jul/24/2018 11:50:02 N/A    cfa0:/versioninfo/version9.dat  |

|73  9696      Sep/11/2017 17:41:56 N/A    cfa0:/libpty.so                 |

|74  500446    Jul/29/2017 17:59:46 N/A    cfa0:/ips.rules                 |

|75  19586056  Oct/16/2017 17:58:08 N/A    cfa0:/50w-2.dat                 |

|76  117405304 Oct/16/2017 15:38:20 N/A    cfa0:/500w-2.dat                |

|77  7125      Sep/11/2017 19:43:30 N/A    cfa0:/new1.rules                |

|78  963       Oct/16/2017 17:12:58 N/A    cfa0:/210235a1rsh164000006.did  |

|79  9172      Oct/26/2017 11:30:30 N/A    cfa0:/uzi.cfg                   |

|80  792001    May/20/2017 19:15:58 N/A    cfa0:/pn.mdb                    |

|81  554834    May/18/2017 15:40:52 N/A    cfa0:/fullconfig.cfg            |

|82  684919    May/19/2017 13:50:20 N/A    cfa0:/fullconfig2.cfg           |

|83  554834    May/18/2017 16:20:36 N/A    cfa0:/fullconfig1.cfg           |

|84  788347    May/19/2017 13:50:22 N/A    cfa0:/fullconfig2.mdb           |

|85  154433    Oct/26/2017 11:30:30 N/A    cfa0:/uzi.mdb                   |

|86  685411    May/23/2017 14:08:56 N/A    cfa0:/wdy0523.cfg               |

|87  791322    May/23/2017 14:08:58 N/A    cfa0:/wdy0523.mdb               |

|88  3246      Oct/16/2017 17:38:58 N/A    cfa0:/ngips2017101617275868747.a|

|k                                                                         |

|89  164864    Apr/20/2018 13:36:44 N/A    cfa0:/main-cmw710-devkit-e85|

|26.bin                                                                    |

|90  582397    Dec/25/2017 16:17:00 N/A    cfa0:/1024.rules                |

|91  93544     Dec/25/2017 16:17:30 N/A    cfa0:/url.dat                   |

|92  5684224   Jul/24/2018 11:39:04 N/A    cfa0:/main-cmw710-boot-e8530|

|.bin                                                                      |

|93  154961    Oct/28/2017 13:50:14 N/A    cfa0:/zp.mdb                    |

|94  504464    Oct/28/2017 19:22:12 N/A    cfa0:/5e9dd320d3c7fd6fbec3a81a85|

|788002.6d9ada99                                                           |

|95  2491008   Oct/29/2017 15:57:14 N/A    cfa0:/8ac3b6bff681d9be6a20f865ac|

|e15a14                                                                    |

|96  20        Jan/31/2018 14:20:10 N/A    cfa0:/.snmpboots                |

|97  2216      Apr/16/2018 18:05:22 N/A    cfa0:/pcap/excpt-currentcpu11-20|

|180117140659.cap                                                          |

|98  128016    Jan/17/2018 14:29:32 N/A    cfa0:/firewall.exp              |

|99  2812      Jan/17/2018 20:07:28 N/A    cfa0:/web/threat/cn/subthreatrep|

|ort.html                                                                  |

|100 1139      Jan/17/2018 20:07:28 N/A    cfa0:/web/threat/cn/threatid.htm|

|l                                                                         |

|101 2148      Jan/17/2018 20:07:28 N/A    cfa0:/web/threat/cn/threatlog.ht|

|ml                                                                        |

|102 2370      Jan/17/2018 20:07:28 N/A    cfa0:/web/threat/cn/threatrank.h|

|tml                                                                       |

|103 2067      Jan/17/2018 20:07:28 N/A    cfa0:/web/threat/cn/threatrankdl|

|g.html                                                                    |

|104 4122      Jan/17/2018 20:07:28 N/A    cfa0:/web/threat/cn/threatreport|

|.html                                                                     |

|105 3571      Jan/17/2018 20:07:28 N/A    cfa0:/web/threat/cn/threattrend.|

|html                                                                      |

|106 2857      Jan/17/2018 20:07:28 N/A    cfa0:/web/threat/en/subthreatrep|

|ort.html                                                                  |

|107 1429      Jan/17/2018 20:07:28 N/A    cfa0:/web/threat/en/threatlog.ht|

|ml                                                                        |

|108 2651      Jan/17/2018 20:07:28 N/A    cfa0:/web/threat/en/threatrank.h|

|tml                                                                       |

|109 2419      Jan/17/2018 20:07:28 N/A    cfa0:/web/threat/en/threatrankdl|

|g.html                                                                    |

|110 4213      Jan/17/2018 20:07:28 N/A    cfa0:/web/threat/en/threatreport|

|.html                                                                     |

|111 2721      Jan/17/2018 20:07:28 N/A    cfa0:/web/threat/en/threattrend.|

|html                                                                      |

|112 14068     Jan/17/2018 20:07:28 N/A    cfa0:/web/threat/nc.js          |

|113 36539     Jan/17/2018 20:07:28 N/A    cfa0:/web/threat/netconf.rbac   |

|114 19541     Jan/17/2018 20:07:28 N/A    cfa0:/web/threat/subthreatreport|

|.js                                                                       |

|115 13032     Jan/17/2018 20:07:28 N/A    cfa0:/web/threat/threatid.js    |

|116 98591     Jan/17/2018 20:10:04 N/A    cfa0:/web/threat/threatlog.js   |

|117 55749     Jan/17/2018 20:07:30 N/A    cfa0:/web/threat/threatrank.js  |

|118 37582     Jan/17/2018 20:07:30 N/A    cfa0:/web/threat/threatrankdlg.j|

|s                                                                         |

|119 31328     Jan/17/2018 20:07:30 N/A    cfa0:/web/threat/threatreport.js|

|120 133659    Jan/17/2018 20:07:30 N/A    cfa0:/web/threat/threattrend.js |

|121 106004480 Jul/24/2018 11:39:24 N/A    cfa0:/main-cmw710-system-e85|

|30.bin                                                                    |

|122 5692416   Jan/21/2019 17:29:52 M      cfa0:/main-cmw710-boot-e8524|

|p15.bin                                                                   |

|123 117685248 Jan/21/2019 17:30:12 M      cfa0:/main-cmw710-system-e85|

|24p15.bin                                                                 |

|124 7300      Jan/24/2018 08:53:08 N/A    cfa0:/0a704f6998e9602ac5203b1306|

|7b2317                                                                    |

|125 151348    Jun/05/2017 16:40:44 N/A    cfa0:/o.mdb                     |

|126 17704     Jan/31/2018 09:44:08 N/A    cfa0:/dpi.cfg                   |

|127 235207    Jan/31/2018 09:44:10 N/A    cfa0:/dpi.mdb                   |

|128 17659     Jan/31/2018 10:53:24 N/A    cfa0:/dpi1.cfg                  |

|129 231817    Jan/31/2018 10:53:26 N/A    cfa0:/dpi1.mdb                  |

|130 110592    Jan/31/2018 14:31:18 N/A    cfa0:/core/node16_dpid_202565_11|

|_20180131-143118_1517409078.core                                          |

|131 118784    Jul/24/2018 11:51:10 N/A    cfa0:/core/node16_ntopd_820_11_2|

|0180724-115110_1532433070.core                                            |

|132 118784    Dec/17/2018 08:32:20 N/A    cfa0:/core/node16_ntopd_803_11_2|

|0181217-083220_1545035540.core                                            |

|133 3249      Apr/16/2018 16:40:28 N/A    cfa0:/ngips2018041616523608292.a|

|k                                                                         |

============================================================================   

Setting the attribute for software images

1.      Enter 2 in the File Control submenu.

===============================<File CONTROL>===============================

|Note:the operating device is cfa0                                         |

|<1> Display All File(s)                                                   |

|<2> Set Image File type                                                   |

|<3> Set Bin File type                                                     |

|<4> Set Configuration File type                                           |

|<5> Delete File                                                           |

|<0> Exit To Main Menu                                                     |

============================================================================

Enter your choice(0-5): 2

 

 'M' = MAIN      'B' = BACKUP      'N/A' = NOT ASSIGNED

============================================================================

|NO. Size(B)   Time                 Type   Name                            |

|1   123384832 Jan/21/2019 17:20:04 N/A    cfa0:/main.ipe             |

|0   Exit                                                                  |

============================================================================ 

2.      Enter the numbers of the files you are working with. For example, enter 1.

Enter file No.:1

 

Modify the file attribute:

============================================================================

|<1>+Main                                                                  |

|<2>+Backup                                                                |

|<0> Exit                                                                  |

============================================================================

Enter your choice(0-2):

3.      Enter a number in the range of 0 to 2 to add or delete a file attribute for the files. For example, enter 1 to assign the M attribute to the files.

Enter your choice(0-2):1

This operation may take several minutes. Please wait....

The file is exist,will you overwrite it? [Y/N]Y

Image file main-cmw710-boot-E8524P15.bin is self-decompressing...

Saving file cfa0:/main-cmw710-boot-E8524P15.bin ........................

............................................................................

.................Done.

Image file main-cmw710-system-E8524P15.bin is self-decompressing...

Saving file cfa0:/main-cmw710-system-E8524P15.bin ......................

............................................................................

............................................................................

.....................................................................Done.

Set the file attribute success!

Setting the attribute for .bin files

Enter 3 in the File Control submenu.

Enter your choice(0-5): 3

'M' = MAIN      'B' = BACKUP      'N/A' = NOT ASSIGNED

============================================================================

|NO. Size(B)   Time                 Type   Name                            |

|1   9054208   Apr/20/2018 13:27:02 N/A    cfa0:/main-cmw710-boot-e8526|

|.bin                                                                      |

|2   186294272 Apr/20/2018 13:27:30 N/A    cfa0:/main-cmw710-system-e85|

|26.bin                                                                    |

|3   164864    Apr/20/2018 13:36:44 N/A    cfa0:/main-cmw710-devkit-e85|

|26.bin                                                                    |

|4   5684224   Jul/24/2018 11:39:04 N/A    cfa0:/main-cmw710-boot-e8530|

|.bin                                                                      |

|5   106004480 Jul/24/2018 11:39:24 N/A    cfa0:/main-cmw710-system-e85|

|30.bin                                                                    |

|6   5692416   Jan/22/2019 14:47:32 M      cfa0:/main-cmw710-boot-e8524|

|p15.bin                                                                   |

|7   117685248 Jan/22/2019 14:47:50 M      cfa0:/main-cmw710-system-e85|

|24p15.bin                                                                 |

|0   Exit                                                                  |

============================================================================

Note:Select .bin files. One but only one boot image and system image must

be included.

Enter file No.(Allows multiple selection):1

Enter another file No.(0-Finish choice):2

Enter another file No.(0-Finish choice):0

You have selected:

cfa0:/main-cmw710-boot-e8526.bin

cfa0:/main-cmw710-system-e8526.bin

Modify the file attribute:

============================================================================

|<1>+Main                                                                  |

|<2>+Backup                                                                |

|<0> Exit                                                                  |

============================================================================

Enter your choice(0-2):1

This operation may take several minutes. Please wait....

Set the file attribute success!

Deleting a file

1.      Enter 5 in the File Control submenu.

Enter your choice(0-5): 5

 

Deleting the file in cfa0:

 'M' = MAIN      'B' = BACKUP      'N/A' = NOT ASSIGNED

============================================================================

|NO. Size(B)   Time                 Type   Name                            |

|1   956       Jan/21/2019 17:59:34 N/A    cfa0:/ifindex.dat               |

|2   24671     Mar/28/2018 09:08:56 N/A    cfa0:/wdydiudie.cfg             |

|3   735       Mar/28/2018 09:18:22 N/A    cfa0:/hostkey                   |

|4   116549    Oct/09/2017 13:51:02 N/A    cfa0:/lwb-t5k.cfg               |

|5   963       Mar/27/2018 15:24:12 N/A    cfa0:/license/history/deviceid_2|

|0180327152412.did                                                         |

|6   965       Mar/27/2018 15:24:12 N/A    cfa0:/license/210235a1rsh1640000|

|06.did                                                                    |

|7   3237      Dec/25/2017 15:14:54 N/A    cfa0:/license/ngips2017122515235|

|923325.ak                                                                 |

|8   3249      Apr/16/2018 16:40:28 N/A    cfa0:/license/ngips2018041616523|

|608292.ak                                                                 |

|9   1611429   Jan/22/2019 14:14:22 N/A    cfa0:/logfile/logfile.log       |

|10  1048575   Apr/16/2018 17:57:26 N/A    cfa0:/logfile/ips.log           |

|11  5230      Mar/19/2018 14:40:30 N/A    cfa0:/logfile/uflt.log          |

|12  1048405   Apr/16/2018 17:57:26 N/A    cfa0:/logfile/anti-vir.log      |

|13  44840     Aug/10/2017 15:25:46 N/A    cfa0:/logfile/dfilter.log       |

|14  14195     Jan/21/2019 16:47:54 N/A    cfa0:/logfile/cfglog.log        |

|15  251751    Jan/03/2019 09:09:56 N/A    cfa0:/diagfile/diagfile.log     |

|16  69784     Mar/28/2018 09:18:28 N/A    cfa0:/dpi/ips/predefined/ips_sig|

|pack_curr.dat                                                             |

|17  2373992   Mar/28/2018 09:18:28 N/A    cfa0:/dpi/ips/predefined/ips_sig|

|pack_back.dat                                                             |

|18  32027352  Apr/16/2018 16:56:28 N/A    cfa0:/dpi/av/predefined/av_sigpa|

|ck_curr.dat                                                               |

|19  9574536   Apr/16/2018 16:48:00 N/A    cfa0:/dpi/av/predefined/av_sigpa|

|ck_back.dat                                                               |

|20  68040     Mar/28/2018 09:18:28 N/A    cfa0:/dpi/uflt/predefined/uflt_s|

|igpack_curr.dat                                                           |

|21  10330760  Mar/28/2018 09:18:36 N/A    cfa0:/dpi/uflt/predefined/uflt_s|

|igpack_back.dat                                                           |

|22  342232    Mar/28/2018 09:18:24 N/A    cfa0:/dpi/apr/predefined/apr_sig|

|pack_curr.dat                                                             |

|23  979448    Mar/28/2018 09:18:24 N/A    cfa0:/dpi/apr/predefined/apr_sig|

|pack_back.dat                                                             |

|24  2840      Jan/22/2019 14:12:46 N/A    cfa0:/dpi/filereg/predefined/fil|

|ereg_sigpack_curr.dat                                                     |

|25  30        Jan/21/2019 16:53:16 N/A    cfa0:/dpi/dpi_sigpack.log       |

|26  1566      Mar/28/2018 09:18:20 N/A    cfa0:/pki/https-server.p12      |

|27  591       Mar/28/2018 09:18:22 N/A    cfa0:/serverkey                 |

|28  259308    Mar/28/2018 09:08:58 N/A    cfa0:/wdydiudie.mdb             |

|29  723419    Oct/09/2017 13:51:04 N/A    cfa0:/lwb-t5k.mdb               |

|30  22692     Jan/21/2019 17:59:36 M      cfa0:/startup.cfg               |

|31  686202    May/20/2017 19:15:56 N/A    cfa0:/pn.cfg                    |

|32  9275      Oct/28/2017 13:50:12 N/A    cfa0:/zp.cfg                    |

|33  807       Oct/09/2017 15:59:54 N/A    cfa0:/.trash/.trashinfo         |

|34  5327872   Aug/15/2017 13:06:42 N/A    cfa0:/.trash/main-cmw710-boo|

|t-e8518.bin_0001                                                          |

|35  5331968   Aug/15/2017 10:30:04 N/A    cfa0:/.trash/main-cmw710-boo|

|t-e8519.bin_0001                                                          |

|36  9048064   Aug/21/2017 13:54:12 N/A    cfa0:/.trash/main-cmw710-boo|

|t-e8520.bin_0001                                                          |

|37  2056192   Aug/12/2017 18:05:54 N/A    cfa0:/.trash/main-cmw710-dev|

|kit-e8518.bin_0001                                                        |

|38  163840    Aug/14/2017 16:57:06 N/A    cfa0:/.trash/main-cmw710-dev|

|kit-e8519.bin_0001                                                        |

|39  163840    Aug/21/2017 14:07:26 N/A    cfa0:/.trash/main-cmw710-dev|

|kit-e8520.bin_0001                                                        |

|40  103891968 Aug/15/2017 13:07:04 N/A    cfa0:/.trash/main-cmw710-sys|

|tem-e8518.bin_0001                                                        |

|41  107120640 Aug/15/2017 10:30:58 N/A    cfa0:/.trash/main-cmw710-sys|

|tem-e8519.bin_0001                                                        |

|42  171900928 Aug/21/2017 14:07:02 N/A    cfa0:/.trash/main-cmw710-sys|

|tem-e8520.bin_0001                                                        |

|43  2238      Jan/22/2019 14:14:22 N/A    cfa0:/context/context3/logfile/l|

|ogfile.log                                                                |

|44  24        Jan/21/2019 17:59:50 N/A    cfa0:/context/context3/ifindex.d|

|at                                                                        |

|45  1192      Jan/21/2019 17:59:50 N/A    cfa0:/context/context3/startup.c|

|fg                                                                        |

|46  34023     Jan/21/2019 17:59:50 N/A    cfa0:/context/context3/startup.m|

|db                                                                        |

|47  18468     Jan/22/2019 14:14:22 N/A    cfa0:/context/context4/logfile/l|

|ogfile.log                                                                |

|48  1566      Mar/28/2018 09:19:08 N/A    cfa0:/context/context4/pki/https|

|-server.p12                                                               |

|49  1671      Jan/22/2019 09:27:00 N/A    cfa0:/context/context4/startup.c|

|fg                                                                        |

|50  37050     Jan/22/2019 09:27:00 N/A    cfa0:/context/context4/startup.m|

|db                                                                        |

|51  52        Jan/22/2019 09:27:00 N/A    cfa0:/context/context4/ifindex.d|

|at                                                                        |

|52  9054208   Apr/20/2018 13:27:02 M      cfa0:/main-cmw710-boot-e8526|

|.bin                                                                      |

|53  227919    Jan/21/2019 17:59:36 N/A    cfa0:/startup.mdb               |

|54  186294272 Apr/20/2018 13:27:30 M      cfa0:/main-cmw710-system-e85|

|26.bin                                                                    |

|55  123384832 Jan/21/2019 17:20:04 N/A    cfa0:/main.ipe             |

|56  3920      Jul/19/2017 18:32:04 N/A    cfa0:/86.raw                    |

|57  3242      Jul/07/2017 09:36:50 N/A    cfa0:/ngips2017070709142354252.a|

|k                                                                         |

|58  120804    Jun/17/2017 17:00:30 N/A    cfa0:/1.cfg                     |

|59  822025    Jun/17/2017 17:00:34 N/A    cfa0:/1.mdb                     |

|60  120727    Jun/17/2017 17:01:02 N/A    cfa0:/2.cfg                     |

|61  821866    Jun/17/2017 17:01:06 N/A    cfa0:/2.mdb                     |

|62  16        Jan/21/2019 17:48:10 N/A    cfa0:/versioninfo/versionctl.dat|

|63  536       Jan/21/2019 17:48:10 N/A    cfa0:/versioninfo/version0.dat  |

|64  796       Mar/20/2018 16:23:44 N/A    cfa0:/versioninfo/version1.dat  |

|65  796       Mar/20/2018 16:30:22 N/A    cfa0:/versioninfo/version2.dat  |

|66  796       Mar/20/2018 16:32:22 N/A    cfa0:/versioninfo/version3.dat  |

|67  796       Mar/20/2018 16:39:04 N/A    cfa0:/versioninfo/version4.dat  |

|68  536       Mar/27/2018 12:36:40 N/A    cfa0:/versioninfo/version5.dat  |

|69  796       Mar/27/2018 14:23:12 N/A    cfa0:/versioninfo/version6.dat  |

|70  536       Mar/28/2018 09:18:16 N/A    cfa0:/versioninfo/version7.dat  |

|71  796       Apr/16/2018 18:06:04 N/A    cfa0:/versioninfo/version8.dat  |

|72  536       Jul/24/2018 11:50:02 N/A    cfa0:/versioninfo/version9.dat  |

|73  9696      Sep/11/2017 17:41:56 N/A    cfa0:/libpty.so                 |

|74  500446    Jul/29/2017 17:59:46 N/A    cfa0:/ips.rules                 |

|75  19586056  Oct/16/2017 17:58:08 N/A    cfa0:/50w-2.dat                 |

|76  117405304 Oct/16/2017 15:38:20 N/A    cfa0:/500w-2.dat                |

|77  7125      Sep/11/2017 19:43:30 N/A    cfa0:/new1.rules                |

|78  963       Oct/16/2017 17:12:58 N/A    cfa0:/210235a1rsh164000006.did  |

|79  9172      Oct/26/2017 11:30:30 N/A    cfa0:/uzi.cfg                   |

|80  792001    May/20/2017 19:15:58 N/A    cfa0:/pn.mdb                    |

|81  554834    May/18/2017 15:40:52 N/A    cfa0:/fullconfig.cfg            |

|82  684919    May/19/2017 13:50:20 N/A    cfa0:/fullconfig2.cfg           |

|83  554834    May/18/2017 16:20:36 N/A    cfa0:/fullconfig1.cfg           |

|84  788347    May/19/2017 13:50:22 N/A    cfa0:/fullconfig2.mdb           |

|85  154433    Oct/26/2017 11:30:30 N/A    cfa0:/uzi.mdb                   |

|86  685411    May/23/2017 14:08:56 N/A    cfa0:/wdy0523.cfg               |

|87  791322    May/23/2017 14:08:58 N/A    cfa0:/wdy0523.mdb               |

|88  3246      Oct/16/2017 17:38:58 N/A    cfa0:/ngips2017101617275868747.a|

|k                                                                         |

|89  164864    Apr/20/2018 13:36:44 N/A    cfa0:/main-cmw710-devkit-e85|

|26.bin                                                                    |

|90  582397    Dec/25/2017 16:17:00 N/A    cfa0:/1024.rules                |

|91  93544     Dec/25/2017 16:17:30 N/A    cfa0:/url.dat                   |

|92  5684224   Jul/24/2018 11:39:04 N/A    cfa0:/main-cmw710-boot-e8530|

|.bin                                                                      |

|93  154961    Oct/28/2017 13:50:14 N/A    cfa0:/zp.mdb                    |

|94  504464    Oct/28/2017 19:22:12 N/A    cfa0:/5e9dd320d3c7fd6fbec3a81a85|

|788002.6d9ada99                                                           |

|95  2491008   Oct/29/2017 15:57:14 N/A    cfa0:/8ac3b6bff681d9be6a20f865ac|

|e15a14                                                                    |

|96  20        Jan/31/2018 14:20:10 N/A    cfa0:/.snmpboots                |

|97  2216      Apr/16/2018 18:05:22 N/A    cfa0:/pcap/excpt-currentcpu11-20|

|180117140659.cap                                                          |

|98  128016    Jan/17/2018 14:29:32 N/A    cfa0:/firewall.exp              |

|99  2812      Jan/17/2018 20:07:28 N/A    cfa0:/web/threat/cn/subthreatrep|

|ort.html                                                                  |

|100 1139      Jan/17/2018 20:07:28 N/A    cfa0:/web/threat/cn/threatid.htm|

|l                                                                         |

|101 2148      Jan/17/2018 20:07:28 N/A    cfa0:/web/threat/cn/threatlog.ht|

|ml                                                                        |

|102 2370      Jan/17/2018 20:07:28 N/A    cfa0:/web/threat/cn/threatrank.h|

|tml                                                                       |

|103 2067      Jan/17/2018 20:07:28 N/A    cfa0:/web/threat/cn/threatrankdl|

|g.html                                                                    |

|104 4122      Jan/17/2018 20:07:28 N/A    cfa0:/web/threat/cn/threatreport|

|.html                                                                     |

|105 3571      Jan/17/2018 20:07:28 N/A    cfa0:/web/threat/cn/threattrend.|

|html                                                                      |

|106 2857      Jan/17/2018 20:07:28 N/A    cfa0:/web/threat/en/subthreatrep|

|ort.html                                                                  |

|107 1429      Jan/17/2018 20:07:28 N/A    cfa0:/web/threat/en/threatlog.ht|

|ml                                                                        |

|108 2651      Jan/17/2018 20:07:28 N/A    cfa0:/web/threat/en/threatrank.h|

|tml                                                                       |

|109 2419      Jan/17/2018 20:07:28 N/A    cfa0:/web/threat/en/threatrankdl|

|g.html                                                                    |

|110 4213      Jan/17/2018 20:07:28 N/A    cfa0:/web/threat/en/threatreport|

|.html                                                                     |

|111 2721      Jan/17/2018 20:07:28 N/A    cfa0:/web/threat/en/threattrend.|

|html                                                                      |

|112 14068     Jan/17/2018 20:07:28 N/A    cfa0:/web/threat/nc.js          |

|113 36539     Jan/17/2018 20:07:28 N/A    cfa0:/web/threat/netconf.rbac   |

|114 19541     Jan/17/2018 20:07:28 N/A    cfa0:/web/threat/subthreatreport|

|.js                                                                       |

|115 13032     Jan/17/2018 20:07:28 N/A    cfa0:/web/threat/threatid.js    |

|116 98591     Jan/17/2018 20:10:04 N/A    cfa0:/web/threat/threatlog.js   |

|117 55749     Jan/17/2018 20:07:30 N/A    cfa0:/web/threat/threatrank.js  |

|118 37582     Jan/17/2018 20:07:30 N/A    cfa0:/web/threat/threatrankdlg.j|

|s                                                                         |

|119 31328     Jan/17/2018 20:07:30 N/A    cfa0:/web/threat/threatreport.js|

|120 133659    Jan/17/2018 20:07:30 N/A    cfa0:/web/threat/threattrend.js |

|121 106004480 Jul/24/2018 11:39:24 N/A    cfa0:/main-cmw710-system-e85|

|30.bin                                                                    |

|122 5692416   Jan/22/2019 14:47:32 N/A    cfa0:/main-cmw710-boot-e8524|

|p15.bin                                                                   |

|123 117685248 Jan/22/2019 14:47:50 N/A    cfa0:/main-cmw710-system-e85|

|24p15.bin                                                                 |

|124 7300      Jan/24/2018 08:53:08 N/A    cfa0:/0a704f6998e9602ac5203b1306|

|7b2317                                                                    |

|125 151348    Jun/05/2017 16:40:44 N/A    cfa0:/o.mdb                     |

|126 17704     Jan/31/2018 09:44:08 N/A    cfa0:/dpi.cfg                   |

|127 235207    Jan/31/2018 09:44:10 N/A    cfa0:/dpi.mdb                   |

|128 17659     Jan/31/2018 10:53:24 N/A    cfa0:/dpi1.cfg                  |

|129 231817    Jan/31/2018 10:53:26 N/A    cfa0:/dpi1.mdb                  |

|130 110592    Jan/31/2018 14:31:18 N/A    cfa0:/core/node16_dpid_202565_11|

|_20180131-143118_1517409078.core                                          |

|131 118784    Jul/24/2018 11:51:10 N/A    cfa0:/core/node16_ntopd_820_11_2|

|0180724-115110_1532433070.core                                            |

|132 118784    Dec/17/2018 08:32:20 N/A    cfa0:/core/node16_ntopd_803_11_2|

|0181217-083220_1545035540.core                                            |

|133 3249      Apr/16/2018 16:40:28 N/A    cfa0:/ngips2018041616523608292.a|

|k                                                                         |

|0   Exit                                                                  |

============================================================================

Enter file No.:  

2.      Enter the number of the file to delete. For example, enter 13 to delete the sda0:/test.cfg file.

3.      When the following message appears, enter Y.

The file you selected is sda0:/test.cfg,Delete it? [Y/N]

If the following message appears, the file is successfully deleted.

Deleting.....Done!

Restoring the factory-default configuration

CAUTION:

Restoring the factory-default configuration will permanently delete startup configuration files and backup configuration files in the current storage medium.

 

To restore the factory-default configuration from the EXTENDED-BOOTWARE menu, make sure password recovery capability is disabled. If the capability is enabled, you cannot perform the task.

After you perform this task, the device uses the factory-default configuration instead of the configuration file for the next startup.

To enhance system security, disable password recovery capability.

To restore the factory-default configuration:

1.      Enter 5 in the EXTEND-BOOTWARE menu and then press Enter.

Enter your choice(0-9): 5

2.      Follow the system instruction to complete the task.

¡  If password recovery capability is enabled, first disable the capability from the CLI, and then reboot the device to access the EXTENDED-BOOTWARE menu.

Password recovery capability is enabled. To perform this operation, first disable the password recovery capability using the undo password-recovery enable command in CLI.

¡  If password recovery capability is disabled, enter Y at the prompt to complete the task.

Because the password recovery capability is disabled, this operation can cause the configuration files to be deleted, and the system will start up with factory defaults. Are you sure to continue?[Y/N]Y

Setting...Done.

Skipping the configuration file

To perform this task, make sure password recovery capability is enabled. If the capability is disabled, you cannot perform the task.

To start the device with the factory-default configuration:

1.      Enter 6 in the EXTEND-BOOTWARE menu and press Enter.

Enter your choice(0-9): 6

Flag Set Success.

2.      Follow the system instruction to complete the task.

¡  If password recovery capability is enabled, the device uses the factory-default configuration instead of the configuration file for the next startup.

¡  If password recovery capability is disabled, first enable the capability from the CLI, and then reboot the device to access the EXTENDED-BOOTWARE menu.

Password recovery capability is disabled. To perform this operation, first enable the password recovery capability using the password-recovery enable command in CLI.

Accessing the BootWare Operation submenu

Enter 7 in the EXTEND-BOOTWARE menu and press Enter.

Enter your choice(0-9): 7

=========================<BootWare Operation Menu>==========================

|Note:the operating device is sda0                                        |

|<1> Backup Full BootWare                                                  |

|<2> Restore Full BootWare                                                 |

|<3> Update BootWare By Serial                                             |

|<4> Update BootWare By Ethernet                                           |

|<0> Exit To Main Menu                                                     |

============================================================================

Enter your choice(0-4):

Table 19 BootWare Operation submenu options

Option

Description

<1> Backup Full BootWare

Back up the entire BootWare image.

<2> Restore Full BootWare

Recover the entire BootWare image.

<3> Update BootWare By Serial

Upgrade the BootWare image through the serial port.

<4> Update BootWare By Ethernet

Upgrade BootWare through the management Ethernet port.

<0> Exit To Main Menu

Return to the EXTEND-BOOTWARE menu.

 

Skipping console login authentication

To perform this task, make sure password recovery capability is enabled. If the capability is disabled, you cannot perform this task.

This is a one-time operation and takes effect only for the reboot after you perform this task.

To enable the device to load the next-startup configuration file with the console login password ignored:

1.      Enter 8 in the EXTEND-BOOTWARE menu and press Enter.

Enter your choice(0-9): 8

2.      Follow the system instruction to complete the task.

¡  If password recovery capability is enabled, the device clears the password for user privilege change.

Clear Image Password Success!

¡  If password recovery capability is disabled, first enable the capability from the CLI, and then reboot the device to access the EXTENDED-BOOTWARE menu.

Password recovery capability is disabled. To perform this operation, first enable the password recovery capability using the password-recovery enable command in CLI.

Managing storage media

Enter 9 in the EXTEND-BOOTWARE menu and press Enter.

Enter your choice(0-9):9

==============================<DEVICE CONTROL>==============================

|<1> Display All Available Nonvolatile Storage Device(s)                   |

|<2> Set The Operating Device                                              |

|<3> Set The Default Boot Device                                           |

|<0> Exit To Main Menu                                                     |

============================================================================

Enter your choice(0-3):

Table 20 DEVICE CONTROL menu options

Option

Description

<1> Display All Available Nonvolatile Storage Device(s)

Display all storage media on the MPU you are working with.

<2> Set The Operating Device

Set the current storage medium. All file operations in BootWare menus are performed on the current storage medium.

<3> Set The Default Boot Device

Set the default storage medium from which the system will start up.

<0> Exit To Main Menu

Return to the EXTENDED-BOOTWARE menu.

 

Accessing the EXTEND ASSISTANT submenu

Press Ctrl+Z in the EXTEND-BOOTWARE menu.

==========================<EXTENDED ASSISTANT MENU>=========================

|<1> Display Memory                                                        |

|<2> Search Memory                                                         |

|<0> Exit To Main Menu                                                     |

============================================================================

Enter your choice(0-2):

Table 21 EXTEND ASSISTANT submenu options

Option

Description

<1> Display Memory

View memory information that meets certain requirements.

<2> Search Memory

Search memory for data that meets certain requirements.

<0> Exit To Main Menu

Return to the EXTEND-BOOTWARE menu.

 

Formatting the file system

CAUTION:

Formatting the file system clears all files and directories in a storage medium permanently. The cleared files and directories cannot be recovered.

 

Press Ctrl+F in the EXTEND-BOOTWARE menu.

Warning:All files on sda0 will be lost! Are you sure to format? [Y/N]

 

 

  • Cloud & AI
  • InterConnect
  • Intelligent Computing
  • Security
  • SMB Products
  • Intelligent Terminal Products
  • Product Support Services
  • Technical Service Solutions
All Services
  • Resource Center
  • Policy
  • Online Help
All Support
  • Become a Partner
  • Partner Resources
  • Partner Business Management
All Partners
  • Profile
  • News & Events
  • Online Exhibition Center
  • Contact Us
All About Us
新华三官网