How to Change the Firmware Using Local Upgrade Via SSH
Applicable for: UniFi AP / UniFi Switch
Devices with Internet Access
If the UAP/USW has Internet connectivity, it’s easiest to let it download the update file (direct URL), then install it. SSH to the device, then run the following command replacing the URL with Direct URL found in the Downloads page. You’ll be able to copy this link once you locate the firmware file, click Download and read and accept the terms. Please verify you are using the firmware .bin file specific to your device (UAP, USW, etc) and not the UniFi Network Controller software.
It will download the specified file, upgrade it, and reboot into the new version.
Devices without Internet Access
1. Download the firmware .bin file from our Downloads page. Please verify you are downloading the firmware .bin file specific to your device (UAP, USW, etc) and not the UniFi Network Controller software.
2. Using a terminal such as the Terminal application in macOS/Linux or PuTTY on Windows, issue the command below to transfer the .bin file to the device, and to place it in the UniFi device filesystem. Remember to make the appropriate substitutions before running the command:
scp /foldername/firmwarefile.bin user@IP-of-UAP-or-Switch:/tmp/fwupdate.bin
See below an example of this command for a UAP-FlexHD with the firmware version 4.0.80 file downloaded and saved on a Macbook Pro’s desktop, where the UAP’s IP address is 192.168.1.219:
scp /Users/alexpro/Desktop/BZ.mt7621.v4.0.80.10875.200111.1635.bin [email protected]:/tmp/fwupdate.bin
3. You will now be prompted to enter the password that you use for SSH access. If you are unsure of the SSH authentication user or password of your devices, take a look at .
As you type, no characters will appear on screen for security purposes. Carefully enter the correct password, and press Enter.
4. Then connect to the device via SSH and issue the following command to initiate a local upgrade.
User Tip:Getting an «Invalid Firmware» error when upgrading via SSH might be caused by installing an incorrect version first. Correct this by going to the tmp folder and deleting fwupdate.bin first and then trying the upgrade command once more (making sure it was in the correct folder in the Controller).
Applicable for: UniFi Security Gateway / UniFi Security Gateway Pro
All models of USG allow local upgrade, though they use a .tar file rather than the .bin used by the APs and switches. There are two options for a local upgrade, one downloading via HTTP or HTTPS (HTTPS highly recommended) from USG itself, and one method of doing an offline upgrade.
Internet Upgrade
If the USG has Internet connectivity, it’s easiest to let it download the update file, then install it. Via SSH to USG, run the following, replacing the URL with one found in the Downloads page. Please verify you are downloading the firmware .tar file specific to your device and not the UniFi Network Controller software.
It will download the specified file, upgrade it, and reboot into the new version.
Offline Upgrade
Where the USG is not yet connected to the Internet, you can download the tar file that corresponds to your USG model from the Downloads page to your local system, then use SCP to copy it to USG.
Then SSH to the USG, and run the following to perform the upgrade using that file.
Applicable for: UniFi Dream Machine / UniFi Dream Machine Pro
Connect to the UDM device via SSH, and then run one of the following commands, replacing the URL with one found in the Downloads page. Please verify you are downloading the firmware .bin file specific to your UDM model and not the UniFi Network Controller software.
This command pulls the firmware directly, downloading it and then using it to upgrade your UDM-Pro. If you have a link for the firmware .bin file then this is a good method to use:
For the following method, download the firmware .bin file and place it in the device (UDM-Pro in this example) using SCP as described in the instructions above for . Then issue the ubnt-upgrade command followed by the path of where it is stored. It is recommended to be stored in /mtn/data/ so command would look something like this (substituting «firmware-name.bin» with actual firmware file name):
TFTP for Windows
1. Prior to beginning the TFTP recovery, download the firmware for the device needed by visiting the UniFi Downloads section. Navigate to the UAP in question using the menu on the left, and find the latest firmware file. Confirm it is a .bin firmware file and not the UniFi Network Controller software file before downloading.
2. Once the correct firmware has been identified, download it and save it on your computer.
3. Unplug the ethernet cable from the UniFi AP.
4. Using a paperclip press and hold the UniFi AP’s reset button. Make sure you can feel it being depressed by the paperclip. Do not release the button until step 6.
5. While keeping the reset button pressed in, plug the ethernet cable back into the AP. Keep the reset button depressed until you see the device’s LED flashing in upgrade mode (read about LED patterns in this article). This may take up to 25 seconds.
User Tip: The UAP will not respond to ping requests while in TFTP recovery mode, but will respond to ARP requests.
6. You may release the reset button. Now the device is in TFTP transfer mode.
7. Set a static IP on your Computer’s NIC. A static IP of 192.168.1.25, a subnet of 255.255.255.0 and gateway of 192.168.1.20 will work.
8. Plug the UniFi PoE injector’s LAN cable directly to your computer.
9. This example uses the Pumpkin TFTP software, which you can download here (clicking link will download the .exe file immediately) and disable the firewall or allow the Pumpkin connection. Click on «Put File».
10. In «Local Files» browse for the firmware you downloaded and saved previously (in step 1).
11. In the «Remote host» field enter the gateway you had predetermined (192.168.1.20), then click OK.
12. At this point, the file should begin transferring. The firmware will upgrade now and the device will automatically reboot once it has finished. Do not reboot it yourself.
Процедура обновления
- После загрузки прошивки требуется ее переименовать в fwupdate.bin
- Запускаем сканер и ищем требуемое устройство в сети
- Подключаемся к точке по WinSCP введя ее IP. Логин и пароль одинаковы ubnt : ubnt ИЛИ root / ubntЕсли войти до сих пор не удалось — смотрим его в контроллере. SETTINGS ->Site-> DEVICE AUTHENTICATION. Если выключен включаем и пушим конфигурацию по точкам(может занять длительное время если точек много).
- Выходим в корень и заливаем fwupdate.bin в папку tmp.
- Подключаемся по SSH и вводим:
syswrapper.sh upgrade2
При возникновении ошибки: Couldn’t open image file, проверьте путь по которому загружена прошивка, модель оборудования и имя файла.
Проверить расположение прошивки: /tmp/fwupdate.bin - При повторном подключении по SSH к точке видим, что прошивка обновилась на 3.9.27:
- Если после данной процедуры точку все равно не видно, сбрасываем ее до заводских настроек.
syswrapper.sh restore-default
- Адоптим к контроллеру
На этом процесс ручного обновления можно считать завершенным.
UPD 23.06.2019:
Если после обновления контроллера у вас появилась подобная ошибка: A firmware update is available that includes key updates improving your device functionality and overall experience.И точки доступа не адоптятся даже после сброса, то без ручного обновления прошивки не обойтись.
Если версия точки доступа не настолько старая есть возможность обновить ее командой upgrade.
Пример обновления UniFi UAP. Перед обновлением ОБЯЗАТЕЛЬНО убедитесь что прошивка именно для вашего устройства!Идем на: https://www.ui.com/download/unifi/unifi-ap/uap и выбираем нужный девайс после чего требуется скопировать ссылку.
Заходим на AP по SSH и выполняем команду:
upgrade https://dl.ubnt.com/unifi/firmware/BZ2/4.0.15.9872/BZ.ar7240.v4.0.15.9872.181229.0259.bin
После чего тарелка сама скачает прошивку, установит ее и перезагрузится.Лирическое отступление: Конечно, все это можно сделать и с контроллера, подкинув ссылку данной прошивки в Custom upgrade
Но учитывая, что в каждой версии программного контроллера, сталкивался с огромным количеством багов и глюков, советую делать все через SSH. Ведь всегда можно попросить Ansible сделать это за вас.
UPD 09.12.2019 Способ от Михаила из комментариев:
1. Скачиваем прошивку с сайта под ваше устройство.
2. Авторизуем точку через UNIFI контролер, она ругается и пишет что немогу обновится и.т.п.
3. Переименовываем прошивку: fwupdate.bin
4. Не выключая контролер заливаем переименованную прошивку в /tmp через WinSCP
5. Запускаем в контроллере кнопку Lauch a Browser to……
6. Прошивка начинает само устанавливаться.
Проверенно на Unifi AP Outdoor+
Контроллер UniFi 5.12.22
Прошивка была 3.20 установлена самая последняя 4.0
TFTP for Linux & macOS
1. Prior to beginning the TFTP recovery, download the firmware for the device needed by visiting the UniFi Downloads section. Navigate to the UAP in question using the menu on the left, and find the latest firmware file. Confirm it is a .bin firmware file and not the UniFi Network Controller software file before downloading.
2. Once the correct firmware has been identified, download it and save it on your computer. You will need to know the exact path to your file, so for this example, we are moving the downloaded firmware file to /Users/username/.
3. Go to System Preferences > Network and set your computer’s network IP address to 192.168.1.25, subnet 255.255.255.0 and gateway 192.168.1.20.
User Tip: Take note of what your IP address is before changing it. You will have to revert back to the original IP address on step 12.
4. On macOS Open Applications > Utilities > Terminal and type:
tftp
On Linux, open the command line application of choice and type the following (substituting the bolded path and firmware name for the name of the file you downloaded in step 2 and the path to where it is saved):
tftp -l ~/path/firmware_name.bin -p 192.168.1.20 69
5. A command prompt will appear. You are ready to reset the AP and connect it to your computer, while it’s in «upgrade mode».
6. Unplug the ethernet cable from the UniFi AP.
7. Using a paperclip press and hold the UniFi AP’s reset button. Make sure you can feel it being depressed by the paperclip. Do not release the button until step 9.
8. While keeping the reset button pressed in, plug the ethernet cable back into the AP. Keep the reset button depressed until you see the device’s LED flashing in upgrade mode (read about LED patterns in this article). This may take up to 25 seconds.
User Tip: The UAP will not respond to ping requests while in TFTP recovery mode, but will respond to ARP requests.
9. You may release the reset button. Now the device is in TFTP transfer mode.
10. On the TFTP command line in Terminal, paste these four lines and hit enter:
connect 192.168.1.20binaryrexmt 1timeout 60
11. Type the command followed by the path to the firmware downloaded in step 2 and hit enter. Following the example mentioned in step 2, something similar to this would be typed into the Terminal window:
put /Users/Alex/BZ.qca956x.v3.9.27.8537.180317.1235.bin
IMPORTANT:Remember you must substitute the bolded path and firmware file name with your own path and file name.
Once it is successful, you will see something like this in the Terminal window (bolded words will be different for each user):
tftp> connect 192.168.1.20 tftp> binary tftp> rexmt 1 tftp> timeout 60 tftp> put /path/firmware.binSent x bytes in y seconds
The file should begin transferring at this point. The firmware will upgrade and the device will automatically reboot once it has finished. Do not reboot it yourself.
12. Re-connect the PoE injector’s LAN cable into your router. Restore the network IP back to what it was before.
User Tip:If your device is having trouble getting adopted by Controller after this process. Try forgetting the device by going to the Device section, clicking on the UAP in question and then within the properties panel that pops up, go to Config (gear icon) > Manage Device > Forget this device. Click on the «Forget» button and try the process again.
How to Disable Automatic Upgrades
UniFi Access Points
When you enable the option to «Automatically upgrade AP firmware» all access points will upgrade the moment you upgrade the Controller’s software version. If you are changing the firmware of one of the devices to one other than the released version, you will want to disable the Automatic Upgrades to avoid it rolling back to that public release.
1. To do so, go to Settings > Site > Services section.
2. Make sure the checkbox for Automatic Upgrades (Automatically upgrade AP firmware) is left unchecked. The wording might be slightly different depending on the Controller version.
UniFi Dream Machine and UniFi Dream Machine Pro
The UniFi Dream Machine also has the option to enable or disable automatic firmware upgrades, but these are configured in the device management platform itself, accessible by typing the IP address of the device in your browser bar.
Running v1.5.X
Within the UDM Management user interface go to Settings and change the Update Frequency to Disabled.
Running UniFi OS
1. Enter Settings > Advanced
2. Change Automatic Firmware Updates to Disabled.
