Reply
New Member
Posts: 12
Registered: ‎04-26-2016
Kudos: 1

Unifi Controller not seeing latest device firmware releases, but will see CK or controller updates

Hi,

 

I'm having issues with a cloudkey not playing nicely with the device firmware updates. The latest it has seen is 3.9.54, which is quite happily cached on the controller, but it's not offering to cache anything else. Obviously with the 5.10.x controller specifying a minimum firmware version that is going to be a little bit of an issue.

 

We are curently using controller version 5.9.29 with CK firmware 12.4. Both of these have been offered and updated while the firmware issue has been on going.

 

Not sure if it's related or not, but while most of the AP's are at the 3.9.54 firmware, some are at 3.9.24 and one is at 3.9.42, and the controller seems quite happy to leave them there right now. It's not saying that there is a firmware upgrade available.

 

Our internal network does not use firewalls between the CK or the AP's, however we have a firewall between the internal network and Internet. Historically this has had ports open for the Cloud access, and CDN availability, and this has been working with no issue. Ports and hostnames are listed below:

 

ubnt.unifi.com

80/tcp
443/tcp
3478/udp
8543/tcp
11143/tcp
WebRTC outbound if the firewall allows it.

 

dl.ubnt.com

80/tcp
443/tcp

 

With the new port for cloud access we added 8883/tcp to the first set of ports (we don't use the cloud access for this controller, but opened the ports anyway), however this has made no difference to the controllers ability to see / offer / cache the latest firmware.

 

I have a ticket open with UBNT support, but as the latest update just reaffirmed what I'd supplied in the first email as reasons for opening the ticket, I'm starting to feel like I'm going around in circles with them. I've also been told to open all the ports in the firewall listed in the following link, but don't feel that the first two sections are required as they seem to deal with controller to device comm's rather than controller to UBNT backend network comms.

 

https://help.ubnt.com/hc/en-us/articles/218506997-UniFi-Ports-Used

 

I've also been told to upgrade the AP's manually to enable an upgrade ot he 5.10.x controller. However, having upgraded AP's manually before, I don't particularly want to have a bunch of devices saying "downgrade me" every time I look in the deivce list. Though thinking about it, if it doesn't offer to upgrade certain devices I'm not sure it would offer ot downgrade them either.

 

The only change that has been made for the controllers internet connection in the last few months is the firewalls (HA pair) have been changed. We have verified that the rules on the new firewalls are the same as they were for the old one's and added the extra cloud port. Our last resort would be to put a rule in allowing the CK to everything and watch the firewall logs to see what it's actually using, but I'm hoping there's something simple that UBNT support and myself have missed that will solve the issue.

 

Any thoughts would be appreciated.

 

 

Thanks

 

 

Sam

New Member
Posts: 28
Registered: ‎04-22-2017

Re: Unifi Controller not seeing latest device firmware releases, but will see CK or controller updat

I learnt yesterday that for the first gen APs there is no update to 4.0.2x....

Senior Member
Posts: 16,458
Registered: ‎08-04-2017
Kudos: 3006
Solutions: 810

Re: Unifi Controller not seeing latest device firmware releases, but will see CK or controller updat

Hello @samgill_tdk,

 

Are you seeing any errors in the logs when manually checking for firmware updates?

 

 

Regards,

Glenn R.

Cloud Hosted Controllers | Glenn R. | UniFi Installation/Easy Update Scripts | UniFi-VoIP Installation Scripts
USG-4-PRO • USG
USW-48-500W • USW-24-POE-250W 2x • USW-16-POE-150W 3x • USW-24 • USW-8-150W • USW-8
UAP XG • UAP-SHD • UAP-HD • UAP-NanoHD • UAP-AC-PRO 2x • UAP-AC-LITE • UAP-AC-IW • UAP-AC-M
UCK-G2-PLUS • UCK-G2 • UCK
New Member
Posts: 12
Registered: ‎04-26-2016
Kudos: 1

Re: Unifi Controller not seeing latest device firmware releases, but will see CK or controller updat

Hi Glenn,

 

Just checked the logs, the following command gives the following results:

 

/srv/unifi/logs# cat server.log | grep fwupdate

 

[2019-02-10 16:26:19,499] <webapi-7> WARN fwupdate - unable to get update info for BZ2/release: java.net.SocketTimeoutException: connect timed out
[2019-02-10 16:26:49,534] <webapi-7> WARN fwupdate - unable to get update info for BZ2LR/release: java.net.SocketTimeoutException: connect timed out
[2019-02-10 16:27:19,557] <webapi-7> WARN fwupdate - unable to get update info for S216150/release: java.net.SocketTimeoutException: connect timed out
[2019-02-10 16:27:49,902] <webapi-7> WARN fwupdate - unable to get update info for S224250/release: java.net.SocketTimeoutException: connect timed out
[2019-02-10 16:28:19,938] <webapi-7> WARN fwupdate - unable to get update info for S224500/release: java.net.SocketTimeoutException: connect timed out
[2019-02-10 16:28:49,983] <webapi-7> WARN fwupdate - unable to get update info for S248500/release: java.net.SocketTimeoutException: connect timed out
[2019-02-10 16:29:20,026] <webapi-7> WARN fwupdate - unable to get update info for S248750/release: java.net.SocketTimeoutException: connect timed out
[2019-02-10 16:29:50,056] <webapi-7> WARN fwupdate - unable to get update info for S28150/release: java.net.SocketTimeoutException: connect timed out
[2019-02-10 16:30:20,106] <webapi-7> WARN fwupdate - unable to get update info for U2HSR/release: java.net.SocketTimeoutException: connect timed out
[2019-02-10 16:30:50,136] <webapi-7> WARN fwupdate - unable to get update info for U2IW/release: java.net.SocketTimeoutException: connect timed out
[2019-02-10 16:31:20,172] <webapi-7> WARN fwupdate - unable to get update info for U2Lv2/release: java.net.SocketTimeoutException: connect timed out
[2019-02-10 16:31:50,532] <webapi-7> WARN fwupdate - unable to get update info for U2O/release: java.net.SocketTimeoutException: connect timed out
[2019-02-10 16:32:20,566] <webapi-7> WARN fwupdate - unable to get update info for U2Sv2/release: java.net.SocketTimeoutException: connect timed out
[2019-02-10 16:32:50,609] <webapi-7> WARN fwupdate - unable to get update info for U5O/release: java.net.SocketTimeoutException: connect timed out
[2019-02-10 16:33:20,946] <webapi-7> WARN fwupdate - unable to get update info for U7E/release: java.net.SocketTimeoutException: connect timed out
[2019-02-10 16:33:50,976] <webapi-7> WARN fwupdate - unable to get update info for U7EDU/release: java.net.SocketTimeoutException: connect timed out
[2019-02-10 16:34:21,012] <webapi-7> WARN fwupdate - unable to get update info for U7Ev2/release: java.net.SocketTimeoutException: connect timed out
[2019-02-10 16:34:51,056] <webapi-7> WARN fwupdate - unable to get update info for U7HD/release: java.net.SocketTimeoutException: connect timed out
[2019-02-10 16:35:21,092] <webapi-7> WARN fwupdate - unable to get update info for U7IW/release: java.net.SocketTimeoutException: connect timed out
[2019-02-10 16:35:51,125] <webapi-7> WARN fwupdate - unable to get update info for U7IWP/release: java.net.SocketTimeoutException: connect timed out
[2019-02-10 16:36:21,179] <webapi-7> WARN fwupdate - unable to get update info for U7LR/release: java.net.SocketTimeoutException: connect timed out
[2019-02-10 16:36:51,216] <webapi-7> WARN fwupdate - unable to get update info for U7LT/release: java.net.SocketTimeoutException: connect timed out
[2019-02-10 16:37:21,249] <webapi-7> WARN fwupdate - unable to get update info for U7MP/release: java.net.SocketTimeoutException: connect timed out
[2019-02-10 16:37:51,302] <webapi-7> WARN fwupdate - unable to get update info for U7MSH/release: java.net.SocketTimeoutException: connect timed out
[2019-02-10 16:38:21,338] <webapi-7> WARN fwupdate - unable to get update info for U7NHD/release: java.net.SocketTimeoutException: connect timed out
[2019-02-10 16:38:51,386] <webapi-7> WARN fwupdate - unable to get update info for U7O/release: java.net.SocketTimeoutException: connect timed out
[2019-02-10 16:39:21,728] <webapi-7> WARN fwupdate - unable to get update info for U7P/release: java.net.SocketTimeoutException: connect timed out
[2019-02-10 16:39:51,740] <webapi-7> WARN fwupdate - unable to get update info for U7PG2/release: java.net.SocketTimeoutException: connect timed out
[2019-02-10 16:40:21,789] <webapi-7> WARN fwupdate - unable to get update info for U7SHD/release: java.net.SocketTimeoutException: connect timed out
[2019-02-10 16:40:51,835] <webapi-7> WARN fwupdate - unable to get update info for UCMSH/release: java.net.SocketTimeoutException: connect timed out
[2019-02-10 16:41:21,858] <webapi-7> WARN fwupdate - unable to get update info for UCXG/release: java.net.SocketTimeoutException: connect timed out
[2019-02-10 16:41:51,909] <webapi-7> WARN fwupdate - unable to get update info for UGW3/release: java.net.SocketTimeoutException: connect timed out
[2019-02-10 16:42:22,233] <webapi-7> WARN fwupdate - unable to get update info for UGW4/release: java.net.SocketTimeoutException: connect timed out
[2019-02-10 16:42:52,270] <webapi-7> WARN fwupdate - unable to get update info for UGWXG/release: java.net.SocketTimeoutException: connect timed out
[2019-02-10 16:43:22,305] <webapi-7> WARN fwupdate - unable to get update info for UHDIW/release: java.net.SocketTimeoutException: connect timed out
[2019-02-10 16:43:52,612] <webapi-7> WARN fwupdate - unable to get update info for US16P150/release: java.net.SocketTimeoutException: connect timed out
[2019-02-10 16:44:22,637] <webapi-7> WARN fwupdate - unable to get update info for US24/release: java.net.SocketTimeoutException: connect timed out
[2019-02-10 16:44:52,688] <webapi-7> WARN fwupdate - unable to get update info for US24P250/release: java.net.SocketTimeoutException: connect timed out
[2019-02-10 16:45:23,001] <webapi-7> WARN fwupdate - unable to get update info for US24P500/release: java.net.SocketTimeoutException: connect timed out
[2019-02-10 16:45:53,045] <webapi-7> WARN fwupdate - unable to get update info for US24PL2/release: java.net.SocketTimeoutException: connect timed out
[2019-02-10 16:46:23,081] <webapi-7> WARN fwupdate - unable to get update info for US48/release: java.net.SocketTimeoutException: connect timed out
[2019-02-10 16:46:53,129] <webapi-7> WARN fwupdate - unable to get update info for US48P500/release: java.net.SocketTimeoutException: connect timed out
[2019-02-10 16:47:23,153] <webapi-7> WARN fwupdate - unable to get update info for US48P750/release: java.net.SocketTimeoutException: connect timed out
[2019-02-10 16:47:53,189] <webapi-7> WARN fwupdate - unable to get update info for US48PL2/release: java.net.SocketTimeoutException: connect timed out
[2019-02-10 16:48:23,244] <webapi-7> WARN fwupdate - unable to get update info for US6XG150/release: java.net.SocketTimeoutException: connect timed out
[2019-02-10 16:48:53,255] <webapi-7> WARN fwupdate - unable to get update info for US8/release: java.net.SocketTimeoutException: connect timed out
[2019-02-10 16:49:23,283] <webapi-7> WARN fwupdate - unable to get update info for US8P150/release: java.net.SocketTimeoutException: connect timed out
[2019-02-10 16:49:53,726] <webapi-7> WARN fwupdate - unable to get update info for US8P60/release: java.net.SocketTimeoutException: connect timed out
[2019-02-10 16:50:23,762] <webapi-7> WARN fwupdate - unable to get update info for USC8/release: java.net.SocketTimeoutException: connect timed out
[2019-02-10 16:50:53,805] <webapi-7> WARN fwupdate - unable to get update info for USC8P150/release: java.net.SocketTimeoutException: connect timed out
[2019-02-10 16:51:23,851] <webapi-7> WARN fwupdate - unable to get update info for USC8P60/release: java.net.SocketTimeoutException: connect timed out
[2019-02-10 16:51:53,861] <webapi-7> WARN fwupdate - unable to get update info for USXG/release: java.net.SocketTimeoutException: connect timed out
[2019-02-10 16:52:23,881] <webapi-7> WARN fwupdate - unable to get update info for UXBSDM/release: java.net.SocketTimeoutException: connect timed out
[2019-02-10 16:52:53,929] <webapi-7> WARN fwupdate - unable to get update info for UXSDM/release: java.net.SocketTimeoutException: connect timed out
[2019-02-10 16:53:23,966] <webapi-7> WARN fwupdate - unable to get update info for p2N/release: java.net.SocketTimeoutException: connect timed out

 

 

The only other entries in the log are devices connecting / disconnecting.

 

I've checked the proxy information that is in the environment file, and in an APT config file and they both seem to be as they should be. 

 

 

Not sure if any of that helps..

 

 

Thanks

 

Sam

Senior Member
Posts: 16,458
Registered: ‎08-04-2017
Kudos: 3006
Solutions: 810

Re: Unifi Controller not seeing latest device firmware releases, but will see CK or controller updat

Hello @samgill_tdk,

 

Are you running a firewall that could block it?

You're using a UCK right?

 

 

Regards,

Glenn R.

Cloud Hosted Controllers | Glenn R. | UniFi Installation/Easy Update Scripts | UniFi-VoIP Installation Scripts
USG-4-PRO • USG
USW-48-500W • USW-24-POE-250W 2x • USW-16-POE-150W 3x • USW-24 • USW-8-150W • USW-8
UAP XG • UAP-SHD • UAP-HD • UAP-NanoHD • UAP-AC-PRO 2x • UAP-AC-LITE • UAP-AC-IW • UAP-AC-M
UCK-G2-PLUS • UCK-G2 • UCK
New Member
Posts: 12
Registered: ‎04-26-2016
Kudos: 1

Re: Unifi Controller not seeing latest device firmware releases, but will see CK or controller updat

Hi Glenn,

 

We are running a version 1 CloudKey yes. Current firmware level is 12.4, currently stating there is an update to 13.2 available, and a controller update to 5.10.12, which is what our other CK's are showing as well.

 

We have a firewall between the Internal network and the Firewall, and this blocks ports 80 and 443 globally, hence the proxy. However we also have certain ports open to allow the CK to get out through the firewall, and update iteself. Up until recently, this worked fine.

 

While the firewall has been replaced a few months ago, it has the same ports open as the previous firewall (checked to be sure this was the case). As per the latest firewall document that Ubiquiti have produced showing the ports that need to be opened, we've added the additional cloud port, but this hasn't made a difference. Note that we only have the ports open for the CK to update itself, we aren't actually using the cloud functionality.

 

 

I have had something decent back from Unifi support now suggesting that it's a fault with the controller, and giving me instructions on purging Unifi from the controller and reinstalling so I'm going to try that to see if it works.

 

 

Thanks

 

Sam

Senior Member
Posts: 16,458
Registered: ‎08-04-2017
Kudos: 3006
Solutions: 810

Re: Unifi Controller not seeing latest device firmware releases, but will see CK or controller updat

Hello @samgill_tdk,

 

Let me know how things go!

 

 

Regards,

Glenn R.

Cloud Hosted Controllers | Glenn R. | UniFi Installation/Easy Update Scripts | UniFi-VoIP Installation Scripts
USG-4-PRO • USG
USW-48-500W • USW-24-POE-250W 2x • USW-16-POE-150W 3x • USW-24 • USW-8-150W • USW-8
UAP XG • UAP-SHD • UAP-HD • UAP-NanoHD • UAP-AC-PRO 2x • UAP-AC-LITE • UAP-AC-IW • UAP-AC-M
UCK-G2-PLUS • UCK-G2 • UCK
Reply