Ok, we are not experts in Cisco wireless deployments (CUWN) and we’re still learning and in that learning process our evaluation of vWLC expired and we forgot credentials for our CAPWAP/LWAP access points. Not only our evaluation expired, but we removed the virtual machine from our virtual center.
So what now?
We need to restore factory defaults for those access points. To be honest, I did a lot of googling and this blog is kind of combination of many articles I came across.
First of all, we need to locate the MODE button on our access point. On the 1600 series it is depicted on the following image:
It is usually marked with the “MODE” label.
Now, we power off our AP and connect to it with a console cable. This is important: we press and hold the MODE button. While the button is still pressed, we plug the power back in. We now wait for the message “button is pressed, wait for button to be released…“.
Let’s release the MODE button and wait for the code to load. Here is the process:
Boot from flash
IOS Bootloader – Starting system.
FLASH CHIP: Micronix MX25L256_35F
Xmodem file system is available.
flashfs[0]: 42 files, 9 directories
flashfs[0]: 0 orphaned files, 0 orphaned directories
flashfs[0]: Total bytes: 31936000
flashfs[0]: Bytes used: 18450432
flashfs[0]: Bytes available: 13485568
flashfs[0]: flashfs fsck took 10 seconds.
Reading cookie from SEEPROM
Base Ethernet MAC address: 78:da:6e:e0:26:55
************* loopback_mode = 0
button is pressed, wait for button to be released…
button pressed for 21 seconds
process_config_recovery: set IP address and config to default 10.0.0.1
process_config_recovery: image recovery
image_recovery: Download default IOS tar image tftp://255.255.255.255/ap1g2-k9w7-tar.defaultexamining image…
%Error opening tftp://255.255.255.255/ap1g2-k9w7-tar.default (connection timed out)ap:
At this point basic code is running and we can see the content of a fash: filesystem
ap: dir flash:
Directory of flash:/2 -rwx 1048 <date> private-multiple-fs
12 drwx 384 <date> ap1g2-rcvk9w8-mx
4 -rwx 58258 <date> event.log
5 -rwx 72255 <date> event.capwap
6 drwx 832 <date> ap1g2-k9w8-mx.152-4.JB3
48 drwx 128 <date> configs
49 -rwx 140 <date> env_vars13485568 bytes available (18450432 bytes used)
ap:
We need to delete the file “flash:private-multiple-fs”:
ap: delete flash:private-multiple-fs
Are you sure you want to delete “flash:private-multiple-fs” (y/n)?y
File “flash:private-multiple-fs” deleted
Now we reset the AP:
ap: reset
Are you sure you want to reset the system (y/n)?y
System resetting…Boot from flash
IOS Bootloader – Starting system.
FLASH CHIP: Micronix MX25L256_35F
Xmodem file system is available.
flashfs[0]: 40 files, 9 directories
flashfs[0]: 0 orphaned files, 0 orphaned directories
flashfs[0]: Total bytes: 31936000
flashfs[0]: Bytes used: 18448896
flashfs[0]: Bytes available: 13487104
flashfs[0]: flashfs fsck took 10 seconds.
Reading cookie from SEEPROM
Base Ethernet MAC address: 78:da:6e:e0:26:55
************* loopback_mode = 0
Loading “flash:/ap1g2-rcvk9w8-mx/ap1g2-rcvk9w8-mx”…#####################
File “flash:/ap1g2-rcvk9w8-mx/ap1g2-rcvk9w8-mx” uncompressed and installed, entry point: 0x100000
executing…Restricted Rights Legend
Use, duplication, or disclosure by the Government is
subject to restrictions as set forth in subparagraph
(c) of the Commercial Computer Software – Restricted
Rights clause at FAR sec. 52.227-19 and subparagraph
(c) (1) (ii) of the Rights in Technical Data and Computer
Software clause at DFARS sec. 252.227-7013.cisco Systems, Inc.
170 West Tasman Drive
San Jose, California 95134-1706Cisco IOS Software, C1600 Software (AP1G2-RCVK9W8-M), Version 15.2(4)JA1, RELEASE SOFTWARE (fc2)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2013 by Cisco Systems, Inc.
Compiled Tue 30-Jul-13 23:41 by prod_rel_teamInitializing flashfs…
FLASH CHIP: Micronix MX25L256_35Fflashfs[2]: 40 files, 9 directories
flashfs[2]: 0 orphaned files, 0 orphaned directories
flashfs[2]: Total bytes: 31808000
flashfs[2]: Bytes used: 18448896
flashfs[2]: Bytes available: 13359104
flashfs[2]: flashfs fsck took 10 seconds.
flashfs[2]: Initialization complete.
flashfs[3]: 0 files, 1 directories
flashfs[3]: 0 orphaned files, 0 orphaned directories
flashfs[3]: Total bytes: 11999232
flashfs[3]: Bytes used: 1024
flashfs[3]: Bytes available: 11998208
flashfs[3]: flashfs fsck took 0 seconds.
flashfs[3]: Initialization complete….done Initializing flashfs.This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
no ip http server
^
% Invalid input detected at ‘^’ marker.use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.htmlIf you require further assistance please contact us by sending email to
export@cisco.com.cisco AIR-CAP1602I-E-K9 (PowerPC) processor (revision B0) with 98294K/32768K bytes of memory.
Processor board ID FGL1750X0P9
PowerPC CPU at 533Mhz, revision number 0x2151
Last reset from power-on
LWAPP image version 7.5.1.73
1 Gigabit Ethernet interface32K bytes of flash-simulated non-volatile configuration memory.
Base ethernet MAC Address: 78:DA:6E:E0:26:55
Part Number : 73-14671-04
PCA Assembly Number : 000-00000-00
PCA Revision Number :
PCB Serial Number : FOC17472YR5
Top Assembly Part Number : 800-38552-01
Top Assembly Serial Number : FGL1750X0P9
Top Revision Number : A0
Product/Model Number : AIR-CAP1602I-E-K9
% Please define a domain-name first.
logging facility kern
^
% Invalid input detected at ‘^’ marker.logging trap emergencies
^
% Invalid input detected at ‘^’ marker.Press RETURN to get started!
*Mar 1 00:00:12.843: %LWAPP-3-CLIENTERRORLOG: Config load from flash failed. Initialising Cfg*Mar 1 00:00:13.927: %LINK-6-UPDOWN: Interface GigabitEthernet0, changed state to up
*Mar 1 00:00:14.939: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0, changed state to up
*Mar 1 00:00:15.371: %SYS-5-RESTART: System restarted —
Cisco IOS Software, C1600 Software (AP1G2-RCVK9W8-M), Version 15.2(4)JA1, RELEASE SOFTWARE (fc2)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2013 by Cisco Systems, Inc.
Compiled Tue 30-Jul-13 23:41 by prod_rel_team
*Mar 1 00:00:15.455: %LWAPP-3-CLIENTERRORLOG: Config load from flash failed. Initialising Cfg*Mar 1 00:00:15.455: %CAPWAP-3-ERRORLOG: Failed to load configuration from flash. Resetting to default config
*Mar 1 00:00:15.467: %PARSER-4-BADCFG: Unexpected end of configuration file.*Mar 1 00:00:16.499: %LINEPROTO-5-UPDOWN: Line protocol on Interface BVI1, changed state to uplwapp_crypto_init: MIC Present and Parsed Successfully
no bridge-group 1 source-learning
^
% Invalid input detected at ‘^’ marker.
%Default route without gateway, if not a point-to-point interface, may impact performance
*Mar 1 00:00:39.971: %CDP_PD-4-POWER_OK: All radios disabled – NEGOTIATED inline power source
*Mar 1 00:00:49.803: %DHCP-6-ADDRESS_ASSIGN: Interface BVI1 assigned DHCP address 192.168.0.132, mask 255.255.255.0, hostname AP78da.6ee0.2655
Finally, we use credentials Cisco/Cisco (both with capital “c”) to log in:
AP78da.6ee0.2655 con0 is now available
Press RETURN to get started.
User Access VerificationUsername: Cisco
Password: ! here we type CiscoAP78da.6ee0.2655>
AP78da.6ee0.2655>en
Password: ! this is also Cisco
AP78da.6ee0.2655#
Now we can reinstall our vWLC and connect our APs back to it. On our APs we may also do:
AP78da.6ee0.2655#
AP78da.6ee0.2655#clear capwap private-config
AP78da.6ee0.2655#
AP78da.6ee0.2655#reload
Proceed with reload? [confirm]
Nhật Ký 