Reflash Aruba IAP OS

I recently ordered 4 of the 325 IAPs that were listed in the deals, but accidentally bricked two of them by being impatient. It took me a lot of digging to find a way to get it all to work again, and I wanted to share my knowledge.

How did I Brick Them - Being Impatient

When first booting them up, they TAKE FOREVER to boot. Like up to 10 - 15 mins. So be patient. I was not and decided to hold down the factory reset button pretty early into the process. This screwed up the entire boot process and no OS existed anymore, so they wouldn’t boot in anyway shape or form. So to avoid this whole problem, just be patient, but if you aren’t read the rest.

Connecting to the Console Port

At least the 325’s that I have have an RJ45 port that reads “Console.” Most of the google results say you need to connect to this, but don’t provide much details on HOW to do it for us noobs.

First, you likely need special hardware. Most of us don’t have RJ45 to serial port cables and configurations laying around. Amazon.com worked great for me and is relatively cheap. It has all the logic and chip right in the USB A so you don’t have to do much. Note: my windows laptop didn’t recognize and automatically install the drivers - so I had to download and install them from VCP Drivers - FTDI

Once I had this, I’m so new to serial connections I had no idea how to connect. Answer (on windows) use Putty (I had thought putty was an SSH program, which it is, but it is also a console serial connector.

To do this:

  • Open Device Manager
  • Look for Ports (Com & LPT)
  • Identify the Com number, in my case it was “COM3”
  • Install Putty
  • Click “Serial” instead of the default SSH
  • Enter your COM# port to listen to
  • I left all others as default

Now you have a raw output of what is going on within the Aruba. Typically it will be giving you information, but you won’t be able to interact as its trying to load or successfully loading, but here you can see the messages, errors, and other googlable errors that are happening.

Interacting with the Aruba via Console

Typically, on boot, there are some number of seconds where the Aruba will ask you to press any key to interact. I believe the default is just 2 seconds so pay close attention so you can interact.

Here you’ll be at the boot loaders basic commands - which can be found here: Managing AP Console Settings

You can try various poorly documented commands there to debug or edit your access point.

Reflashing the OS

I used Aruba Instant – AP boot image upgrade | acmxguy as my primary guide for how to do this.

First - You need to download the new version of the OS. This should be trivial, but isn’t always. You need to go to the aruba support portal: https://asp.arubanetworks.com/. But to download, you need to create an account, which I hear can filter out gmail and other non-business accounts. I was lucky enough to have a work account that would work.

Searching for the file is non trivial too. Use the software filters, Aruba Access Point, then your series 320 in this case for me. Then I also put ArubaInstant in the search bar and downloaded the best version that matched my non-bricked ones.

Second - TFTP Server. TFTP is a simple FTP (file transfer protocol) that is designed to BOOT. The Arubas can upload the OS file from a TFTP server. I am starting to mess with a OPNSense router. I couldn’t for the life of me get the Aruba AP to connect to a TFTP server running on my windows laptop (solarwinds) or even ping my local laptop. So, I enabled the TFTP server on my OPNSense router, since the AP could ping that.

To enable the TFTP on the OPNSense box, which runs a version of FreeBSD. I followed: https://www.dragonflybsd.org/docs/howtos/HowToSetupATFTPServer/ a little bitt, but the instructions weren’t 100% right.

  1. SSH into my OPNSense box (I have disabled password access and only allow for key based access, so I had to add my keys on the web gui)
  2. Edit the /etc/inetd.conf file to enable the TFTP. Just uncommented the line.
  3. Create the /tftpboot folder with the local usr
  4. scp the os file to the /tftboot folder
  5. Edit the permissions of the OS file using chmod 666
  6. I don’t need the TFTP to boot every single time, so I skipped the enable steps and skipped the logging steps
  7. Start the TFTP by running sudo /etc/rc.d/inetd onerestart
  8. Test that its up by running sudo netstat -an | grep 69 and expecting something like udp4 0 0 *.69 *.*
  9. Test the tftp by going to the home folder cd ~, running tftp <local Ip address> then get <Aruba OS FileName>. This should “download” the file from the TFTP directory` to your home directory. THen I deleted the file.

Third, to actually install the OS on your AP you need to connect to the console. I like to clear the old os, factory reset, etc.

  • factory_reset
  • clear os
  • osinfo - Should result in nothing on either partition
  • dhcp - Get ip address and routes
  • setenv serverip <TFTP IP> - Tells it where to look for the OS via TFTP
  • upgrade os <Aruba OS Filename> - Pulls the OS from the TFTP and installs it!
  • osinfo - Make sure it was isntalled properly and what partition
  • setenv os_partition=0 or whatever partition you installed the OS on
  • save - Saves the env variables to the actual flash
  • reset - Restart the AP and let it load!
2 Likes

This is exactly the guide I needed for my current situation with my IAP-325. My only issue is that like you, I could not get the TFTP server on my PC (SolarWinds) to connect with the AP. No ping, no nothing. I do not have an OPNSense router - I have PFsense. Are there any alternatives you’d suggest to making this work?