info_i_25x25.png See important information about Ubiquiti Devices and KRACK Vulnerability in this article. We will update this document as more information becomes available.

UniFi - TFTP Recovery for Bricked Access Points

Overview


Readers will learn how to properly recover a UAP device using the TFTP method, for Windows, Mac OS X, Unix and Linux.

This method should help recover a "bricked" UniFi AP. This method will not void your warranty, whereas opening the chassis for serial TTL will void your warranty. Most soft brick issues will be resolved via this procedure. If your issue continues unresolved, it might indicate a hardware issue that cannot be resolved via software. Feel free to contact support (support@ubnt.com) if you believe this to be the case, and if needed, send your device in for RMA (if under warranty). 

Notes:

  • Since controller 3.2.5/4.5.2, UAP-AC and UAP-AC-Outdoor support TFTP recovery, just use the firmware included with the controller.
  • Both UAP-Pro and UAP-Outdoor+ require a special image for TFTP recovery. The binaries for each are available here:
    • UAP-OD+ | SHA256 = 415e3cd6ad712ee9e197af0ec183b6ebe497679b60b02591239ddb0f2039ed92
    • UAP-Pro  | SHA256 = 314b2043a6a1d380102305d56ec469c73385dfc373dfb8e53c8d5f399c6f9569

Table of Contents


  1. For Windows
  2. For Mac OS X, Unix & Linux
  3. Related Articles

For Windows


Back to Top

Prior to beginning the TFTP recovery, identify the correct firmware by going into your Controller. You can find the correct fw path for the device you need to revive by using one of these two options:

  • The chart found on the bottom of the page HERE
  • This file in the Controller: [unifi_base_dir]/dl/firmware/bundles.json. Note: Not sure where to find <unifi_base>? See this article.

For example, if you have a Debian 7 x64 controller, version 3.1.3.2187, and needed to revive a UniFi AP std, the correct path would be:  /usr/lib/unifi/dl/firmware/BZ2/3.1.3.2187/firmware.bin

1. Once the correct firmware has been identified, download it and save it on your computer.

2. Unplug the ethernet cable from the UniFi AP.

3. Using a paperclip press and hold the UniFi AP's reset button. Make sure you can feel it being depressed by the paperclip. Do not release the button until step 5.

4. While keeping the reset button pressed in, plug the Ethernet cable back into the AP. Keep the reset button depressed until you see the device's LED flashing in upgrade mode (see what colors your AP will flash in this article). This might take up to 25 seconds.

5. You may release the reset button. Now the device is in TFTP transfer mode.

6. Set a static IP on your Computer's NIC. A static IP of 192.168.1.25, subnet of 255.255.255.0 and gateway of 192.168.1.20 will work.

7. Plug the UniFi PoE injector's LAN cable directly to your computer.

8. This example uses the Pumpkin TFTP software, which you can download here). Click on "Put File".

9. In "Local Files" browse for the firmware you downloaded and saved previously (in step 1).

10. In the "Remote host" field enter the gateway you had predetermined (192.168.1.20), then click OK.

11. At this point, the file should begin transferring. The firmware will upgrade now and the device will automatically reboot once it has finished. Do not reboot it yourself.


 

Mac OS X, Unix & Linux


Back to Top

Note: Steps for resetting the AP to "upgrade mode" to prepare it for TFTP are the same as in Windows, but they are also listed below.

Prior to beginning the TFTP recovery, identify the correct firmware by going into your Controller. You can find the correct fw path for the device you need to revive by using one of these two options:

  • The chart found on the bottom of the page HERE
  • This file in the Controller: [unifi_base_dir]/dl/firmware/bundles.json. Note: Not sure where to find <unifi_base>? See this article.

For example, if you have a Debian 7 x64 controller, version 3.1.3.2187, and needed to revive a UniFi AP std, the correct path would be:  /usr/lib/unifi/dl/firmware/BZ2/3.1.3.2187/firmware.bin

1. Once the correct firmware has been identified, download it and save it on your computer.

2. Put the original UAP firmware in your user folder (/Users/your username/).

3. Go to System Preferences > Network and set your computer's network IP address to 192.168.1.25, subnet 255.255.255.0 and gateway 192.168.1.20.

4. Edit the following text by changing firmware.bin to the name of the firmware file you moved to the user folder in step 2. Now copy this text (there is a line break after the last line) to your clipboard. You will paste this after resetting the AP (step 11).

connect 192.168.1.20
binary
rexmt 1
timeout 60
put firmware.bin

5. Open Applications > Utilities > Terminal and type: 

tftp

6. A tftp> command prompt will appear. Here you are ready to reset the AP and connect it to your computer, while it's in "upgrade mode". These steps are the same for Windows and Mac.

7. Unplug the ethernet cable from the UniFi AP.

8. Using a paperclip press and hold the UniFi AP's reset button. Make sure you can feel it being depressed by the paperclip. Do not release the button until step 5.

9. While keeping the reset button pressed in, plug the Ethernet cable back into the AP. Keep the reset button depressed until you see the device's LED flashing in upgrade mode (see what colors your AP will flash in this article). This might take up to 25 seconds.

10. You may release the reset button. Now the device is in TFTP transfer mode.

11. On the TFTP command line in Terminal, paste the five lines you have waiting in your clipboard. If you copied the line break at the end of the last line, the command will be executed as soon as you paste it. Note: according to some users, you may have to paste it several times before it works correctly. Once it is successful, you will see something like this:

tftp> connect 192.168.1.20 
tftp> binary
tftp> rexmt 1
tftp> timeout 60
tftp> put firmware.bin
Sent x bytes in y seconds

The file should begin transferring at this point. The firmware will upgrade now and the device will automatically reboot once it has finished. 

12. Re-connect the PoE injector's LAN cable into your router. Restore the network IP back to what it was before.


Related Articles


Back to Top