How to Update Firmware on Cisco Catalyst 1000 Series Switches from the Command Line

You’ll have no issues configuring and managing Cisco’s new Catalyst 1000 Series campus LAN access switches if you’re familiar with Cisco’s old Catalyst 2900 series switches, such as the ubiquitous 2960x.

The Catalyst 1000 series runs classic IOS and shares almost all of the same commands.

One thing the Catalyst 1000 series brings to the table is a much improved web interface that is actually useful for low level troubleshooting or one off configuration changes.

To maintain this web interface we need to update our switch using the .tar file which will unpack all the html files and other dependencies that the web interface needs.

This is likely a departure from the methods most are familiar with which is just dropping the .bin file on the flash and rebooting the switch.

Have no fear, this is actually a really simple upgrade process. It also comes with the added benefit of being able to do things such as cleaning up the old install files on the fly so you don’t have to come back around to manually (or programattically) clean the flash.

How to Update a Cisco c1000 Switch Using ‘archive download-sw’

To simplify downloading, unpacking, and installing our firmware image we will make use of the ‘archive download-sw‘ command. This command has several options which you can view by entering a question mark after the command like so:

LAB1000#archive download-sw ?
  /allow-feature-upgrade  Allow installation of image with different feature sets
  /directory              Specify a directory for images
  /force-reload           Unconditionally reload system after successful sw upgrade
  /force-ucode-reload     Upgrade UCODE after successful sw upgrade and before an unconditional reload
  /imageonly              Load only the IOS image(s)
  /leave-old-sw           Leave old sw installed after successful sw upgrade
  /no-set-boot            Don't set BOOT -- leave existing boot config alone
  /no-version-check       skip version check that prevents incompatible image install
  /overwrite              OK to overwrite an existing image
  /reload                 Reload system (if no unsaved config changes) after successful sw upgrade
  /safe                   Always load before deleting old version
  /upgrade-ucode          Upgrade UCODE after successful sw upgrade (no reload)
  flash1:                 Image file
  flash:                  Image file
  ftp:                    Image file
  http:                   Image file
  https:                  Image file
  rcp:                    Image file
  scp:                    Image file
  sftp:                   Image file
  tftp:                   Image file

I personally prefer to use the /safe command switch instead of /overwrite to ensure that the new firmware loads before the system deletes the old version from the flash. In my example, I will also use tftp but you can use any of the protocols listed above to accomplish the same task on more secure networks. I can personally recommend (because it’s what I use) Solarwinds free TFTP and SFTP/SCP server downloads if you don’t already have one of those file transfer servers deployed.

Enough chit chat, lets update our switch!

1. Download the .tar package for your desired software version and place it on your tftp root share.
2. Log into your switch and enter enable mode


3. Enter your desired archive download-sw string. I’m going to use:

LAB1000#archive download-sw /safe /reload tftp://

This command string tells the switch to download my new software from my tftp server at and then unpack and load the software before removing the prior version and then reboot.

4. Watch as the switch prints to the screen the steps it is taking to unpack, install, and clean up your software before finally reloading:

Loading c1000-universalk9-tar.152-7.E2.tar from (via Vlan10): !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
[OK - 34519040 bytes]

Loading c1000-universalk9-tar.152-7.E2.tar from (via Vlan10): !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
examining image stack version...
extracting info (106 bytes)
Read major stacking number 1.
Read minor stacking number 1.
examining image...
extracting info (106 bytes)
extracting c1000-universalk9-mz.152-7.E2/info (958 bytes)
extracting info (106 bytes)

Stacking Version Number: 1.1

System Type:             0x00000001
  Ios Image File Size:   0x00FA7A00
  Total Image File Size: 0x020EBA00
  Minimum Dram required: 0x08000000
  Image Suffix:          universalk9-152-7.E2
  Image Directory:       c1000-universalk9-mz.152-7.E2
  Image Name:            c1000-universalk9-mz.152-7.E2.bin
  Image Feature:         IP|LAYER_2|SSH|3DES|MIN_DRAM_MEG=128

Old image for switch 1: flash:/c1000-universalk9-mz.152-7.E1
  Old image will be deleted after download.

Extracting images from archive into flash...
Installing (renaming): `flash:update/c1000-universalk9-mz.152-7.E2' ->
New software image installed in flash:/c1000-universalk9-mz.152-7.E2

Removing old image: flash:/c1000-universalk9-mz.152-7.E1

Deleting old files from dc profile dir "flash:/dc_profile_dir"

extracting dc profile file from "flash:/c1000-universalk9-mz.152-7.E2/dc_default_profiles.txt" to "flash:/dc_profile_dir/dc_default_profiles.txt"

extracting day0 file from "flash:/c1000-universalk9-mz.152-7.E2/day0.cfg" to "flash:/dc_profile_dir/day0.cfg"
All software images installed.
Requested system reload in progress...

5. Log back into your switch and verify you are running the newest version of your software by entering ‘show version‘:

LAB1000#show version | i Cisco IOS
Cisco IOS Software, C1000 Software (C1000-UNIVERSALK9-M), Version 15.2(7)E2, RELEASE SOFTWARE (fc3)

6. Run the command ‘dir flash:‘ to see that the switch has created a new directory for your new software version and deleted the old version:

LAB1000#dir flash:
Directory of flash:/

  516  -rwx        3096  Jun 12 2020 10:51:58 -05:00  multiple-fs
  259  -rwx        5705  Jun 12 2020 10:51:58 -05:00  private-config.text
  258  -rwx       11405  Jun 12 2020 10:51:58 -05:00  config.text
  514  -rwx         104  Jan 12 2020 11:12:06 -06:00  express_setup.debug
  515  -rwx         856  Jan 13 2020 18:48:18 -06:00  vlan.dat.renamed
  513  -rwx          34   Jun 8 2020 21:44:05 -05:00  pnp-tech-time
  770  -rwx       52114   Jun 8 2020 21:44:07 -05:00  pnp-tech-discovery-summary
  262  -rwx        1036   Jun 8 2020 22:13:59 -05:00  vlan.dat
  520  drwx        2048  Jun 12 2020 10:50:35 -05:00  c1000-universalk9-mz.152-7.E2
  518  drwx        2048  Jun 12 2020 10:50:35 -05:00  dc_profile_dir
    2  drwx        2048  Feb 28 1993 18:00:02 -06:00  lost+found

And that’s the nuts and bolts of it. Feel free to use the other options available under the archive download-sw command to suit your environment and preferences. The nice thing about updating these switches using this command is it’s a one liner which makes it super easy to script and push out to multiple devices.

I personally use Solarwinds NCM (Network Configuration Manager) to push out mass changes to my Cisco devices (as well as back up configs, detect config changes, monitor for vulnerabilities, search through configs, and a plethora of other great features). If you haven’t tried I highly recommend it. It’s very easy to use and very powerful.

Recommended for You: Solarwinds Network Configuration Manager (NCM)

What would you do if one of your pieces of networking equipment failed? Could you rebuild it quickly? Do you know exactly what configuration it had? What ports were on what vlan? What about port channels?

You get the point.

Automate backing up configurations and updating of all your switching, routing, and firewall equipment without needing to know a single line of code with Solarwinds Network Configuration Manager.

This is one of those tools that pays for itself in man hours the first time you need to rely on it. Plus, you’ll sleep easier knowing you really have backed up all the things.

Leave a Reply

Your email address will not be published. Required fields are marked *