Opengear Firmware Recovery Introduction ~~~~~~~~~~~~ This guide explains how to recover an Opengear device from a corrupt firmware image or unbootable configuration (requires the bootloader to still be working). Note that the recovery process will reset any device configuration back to factory defaults with no opportunity to recover it. For more information visit: http://www.opengear.com/faq263.html In this file: - Required Files - Setting Up Your PC - Configuring DHCP Server and TFTP Server - Recovering The Unit Required Files ~~~~~~~~~~~~~~ The bootloader on each Opengear device supports loading a runtime image into RAM using the tftp protocol. For this you require a tftp server and a dhcp server. For Linux: $ sudo apt-get install atftpd dhcp3-server For Windows: http://tftpd32.jounin.net/ The above program offers both a dhcp server and a tftp server. The latest firmware can be downloaded from: ftp://ftp.opengear.com/release/ Finally, you will need the appropriate recovery image from: http://cvs.opengear.com/releases/recovery/ Refer to the following table for the file you require: -------------------------------------- Opengear | Recovery Image File ------------x------------------------- ACM500x | ACM_Recovery.flash CM4001 | CM4001_Recovery.flash CM4002 | CM4001_Recovery.flash SD4001 | CM4001_Recovery.flash SD4002 | CM4001_Recovery.flash CM4008 | CM4008_Recovery.flash SD4008 | CM4008_Recovery.flash IM42xx | IM42xx_Recovery.flash IM4004 | IM4004_Recovery.flash -------------------------------------- Setting Up Your PC ~~~~~~~~~~~~~~~~~~ - Disable all network connections except for one wired Ethernet connection you'll be using to connect to the console server you are recovering - Set up the connection with the static IP address 192.168.0.100 subnet mask 255.255.255.0 (gateway and DNS don't matter) - Connect the unit's first Ethernet port directly to your Ethernet port with an Ethernet cable - Ensure all firewall and antivirus software is configured to allow TFTP and DHCP services to run on this interface. If unsure, disable all firewall and antivirus software - Ensure the Windows DHCP service isn't running i.e. Click Start -> Programs -> Administrative Tools -> Services and if the DHCP Server (not DHCP Client) is running, right click and stop it Configuring DHCP Server and TFTP Server ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Windows: - Launch tftpd32.exe and select 192.168.0.100 as the Server Interface - Ensure the Current Directory is the directory with the recovery image - Click on Settings and edit the DHCP tab - Enter the following DHCP Pool definitions: IP pool starting address : 192.168.0.10 Size of pool : 10 Boot File : recovery_image.flash Mask : 255.255.255.0 - Click OK - Ensure that the Boot File is consistent with the name of the firmware file you wish to load. Linux: Edit your dhcp server configuration (e.g. /etc/dhcpd.conf) to include an entry for the Opengear device. The entry might look something like: host myopengear { hardware ethernet 00:13:C6:00:00:01; fixed-address 192.168.0.10; filename "recovery_image.flash"; option root-path "/var/lib/tftpboot"; } Ensure that filename is consistent with the name of the firmware file you wish to load. Make the option root-path point to where your tftp server stores its files. Edit your tftp server configuration (e.g. /etc/default/atftpd) to specify the tftp directory (eg /tftpboot) and to run as a server directly. USE_INETD=false OPTIONS="--tftpd-timeout 300 --retry-timeout 5 --mcast-port 1758 --mcast-addr 239.239.239.0-255 --mcast-ttl 1 --maxthread 100 --verbose=5 /tftpboot" Recovering The Unit ~~~~~~~~~~~~~~~~~~~ To effect a net-boot: 1. Turn the device off 2. Depress the erase button 3. Turn the device on while still holding the erase button The Opengear unit will load the recovery .flash file into RAM and run it. This may take up to a minute or two. Check down the bottom under the tftp32.exe DHCP server tab for the allocated address, e.g. 192.168.0.10. Browse to http://192.168.0.10/ and select a working firmware image to upload. Please note that the recovery image UI is accessible through http as opposed to https.