CAPWAP Question

Similar Messages

• Capwap layer 3 question

  Hello all,
  I have a question about the capwap. Here http://www.cisco.com/en/US/docs/wireless/controller/7.0/configuration/guide/c70ovrv.html#wp1069102
  I read, that 'CAPWAP communications between the controller and lightweight access points are conducted at Layer 3. Layer 2 mode does not support CAPWAP' and also 'The requirement for Layer 3 CAPWAP communications across subnets is that the controller and lightweight access points are connected through Layer 3 devices'. I cannot understand what's meaning the Layer 3 for CAPWAP? Maybe that the controller and capwap AP must be on the different subnets and connected across the subnets? But, now my controller and APs are on the same subnet and all are working. Example, if I connect a controller and capwap APs to Catalyst 2960s, and all are in same VLAN, I think that it also will work? I see the guide deploy 2500 controller and some scenarios there, where controller and APs are connected to Catalyst 3560 and Catalyst 3560 have only switchport trunk or switcport access settings. I can do this on the Catalyst 2960S too. Where is difference?
  Thanks a lot.   

  Layer 3 CAPWAP has nothing to do with AP being able on the same subnet of the WLC or not. AP and WLC can be on the same subent and operate at Layer 3.
  When we say L2 LWAPP it means that it operates with native L2 ethernet frames.
  The LWAPP Control and Data messages are encapsulated in Ethernet
  frames using Ethertype "0xBBBB". In Layer 2 LWAPP mode, although the access points may get an IP
  address via DHCP, all LWAPP communications between the access point and WLC are in Ethernet
  encapsulated frames, not IP packets. The access points must be on the same Ethernet network as the
  WLC. For this reason, Layer 2 LWAPP mode may not be suitable for scalability purposes in most
  deployments. Furthermore, Layer 2 mode is supported only by the Cisco 410x and 440x series of WLCs
  and the Cisco 1000 series access points. Layer 2 LWAPP is not supported by lightweight Cisco Aironet
  1200, 1130AG, or 1240AG access points, or the Cisco 2006, WiSM, or WLCM series WLCs and ofcourse the new stuff.
  In L3 mode LWAPP/CAPWAP are encapsulated in UDP packets instead of ethernet frames.
  Please make sure to rate correct answers

• CAPWAP Primary/Secondary/Tertiary Question

  After going to the High Availability Tab in the WLC GUI and setting the primary, secondary, and tertiary, how do you see that in the CLI in the AP?
  I tried using show capwap ip config, it doesn't show any entries at all?
  And also, is there a command to do that in the CLI in the AP?  to set the primary, secondary, and tertiary?
  Thank you.

  "ou need to run th config ap... from a WLC.  You have autonomous AP's so  you need to convert them to LWAPP and you also need a WLC to do this."
  It's been converted to LWAPP, but haven't joined a WLC yet.
  What I wanted to do was configure a primary, secondary before joining it to a WLC.
  Because what I would of done is first have it join a controller, then go into the GUI and change the HA (High Availablilty) and add the primary/secondary controllers. 
  Thought if I could skip the first step and try to configure it from the AP.

• Multiple AP Managers Question

  Hi,
  I've got a question concerning the configuration of multiple AP manager interfaces on -for example- a cisco WLC 2504. I've read the configuration guide but I'm not sure whether this is the way the protocol works. Say I want to distribute AP's (and traffic) across various AP Manager interfaces on the WLC. I would configure the following:
  Create one management interface (which will automatically also be an AP-Manager interface)
  Configure 1 (or more) Seperate ap-manager interfaces, assign them to a port number, and select "Enable dynamic AP Management". VLAN ID's will be the same.
  Create a WLAN and configure it's interface to "management"
  Is it correct if I state that the LWAPP protocol takes care of the discovery from the Access Point and sends information about the available AP-manager interfaces back to the AP and the AP knows which ap-manager interfaces are available, connecting to the least loaded one?
  Thanks in advance for your time.

  The AP manager communicates with the AP's using CAPWAP. The use for multiple AP managers to me doesn't make sense to do especially since its a 2504. I have always just used the management interface for AP management and assign a primary and backup port. You can do it the way you have stated, but what is the benefit. I have seen 5508's deployed using only one gigabit port and over 250 AP's and they had no problem.
  Thanks,
  Scott Fella
  Sent from my iPhone

• Downgrade 3600 Capwap AP to Autonomous 3600 AP

  Hello!
  I have to prepare an 3600 Capwap AP for autonomous functionality!
  The following image was downloaded:
  ap3g2-k9w7-tar.152-2.JA
  The release notes say:
  Site-Survey Only Mode for 3600, 3500, and 1550 Access Points
  You can install Cisco IOS Release 15.2(2)JA on Cisco Aironet 3600 and 3500 Series access points and on 1550 series outdoor access points to perform site surveys. This release runs on these access points with limited functionality. You can manually adjust these settings on the site-survey access points:
  • Channel on each radio
  • Transmit power on each radio
  • Enable and disable the radios
  • Manually set basic and supported transmit rates
  • Enable advertised cell power in beacons to client to enable DTPC for doing active surveys
  • Enable and disable SSID broadcast in beacons
  • Enable open authentication
  My Question is:
  Where can i find a instruction for downgrading an AIR-CAP3602i to Autonomous 3600 AP?
  Is it complicate to get the AP running, or what do i need for "downgrading"?
  thx 4 help
  Richard

  the methos to convert is..
  download TFTPd32 from google and install it on ur PC.. point the image that you have downloaded in the TFTP server..
  connect  a ethernet cable between ur laptop and AP.. let both be in the same  subnet.. and connect a console cable and get the hyperterminal console  access and issue the command.. make sure you are able to ping the PC and the AP and vice versa!!
  AP>en
  AP#debug capwap console cli
  AP#config t
  AP(confg)int gi 0
  AP(confg-if)ip addr (same subnet as that of the laptop)
  AP(confg-if)end
  AP#archieve download-sw /force-reload /overwrite tftp:///
  AP#archieve download-sw /force-reload /overwrite tftp://<10.0.0.5>/ap3g2-k9w7-tar.152-2.JA
  you can skip the ip config part if ap getting ip from dhcp.

• High CAPWAP traffic when locally switched

  Hello all,
  We're seeing an ongoing issue where several APs accross multiple sites log the error, "%CAPWAP-3-ERRORLOG: Retransmission count for packet exceeded max(CAPWAP_WTP_EVENT_REQUEST., 12)", then disassociates from the controller, and reassociates almost immediately.  The issue is the users get disassociated from the AP and call the helpdesk.
  A counter measure at one site was to add the CAPWAP traffic (udp ports 5246 & 5247)  to the controller in our QOS Platinum policy (setting the DSCP bit to 'ef'), but that doesn't seem to help.
  We're using Flexconnect with central authentication, local switching.
  A couple of questions:
  1) The Platinum queue on the QOS is showing over 500 kbps when the only thing put in that queue is the CAPWAP traffic - there aren't any phones.  Why so much bandwidth for authentication and control traffic?
  2) What is happening with the APs that they can't talk to the controller that causes the issue in the first place?  Bandwidth doesn't seem to be an issue.
  Below are some config and outputs:
  AP-1242#show capwap reap status
  AP Mode:         REAP, Connected
  Radar detected on:
  AP-1242#show capwap reap association
  REAP Data Switching: Local
  2960#show int fa0/22
    Hardware is Fast Ethernet
    Full-duplex, 100Mb/s, media type is 10/100BaseTX
    Last input 00:00:22, output 00:00:00, output hang never
    Last clearing of "show interface" counters never
    Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
    Queueing strategy: fifo
    Output queue: 0/40 (size/max)
    5 minute input rate 23000 bits/sec, 13 packets/sec
    5 minute output rate 208000 bits/sec, 48 packets/sec
       37478173 packets input, 13839718021 bytes, 0 no buffer
       Received 2818773 broadcasts (0 multicasts)
       0 runts, 0 giants, 0 throttles
       0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
       0 watchdog, 502342 multicast, 0 pause input
       0 input packets with dribble condition detected
       118634332 packets output, 36491262361 bytes, 0 underruns
       0 output errors, 0 collisions, 1 interface resets
       0 babbles, 0 late collision, 0 deferred
       0 lost carrier, 0 no carrier, 0 PAUSE output
       0 output buffer failures, 0 output buffers swapped out
  2811#show policy-map interface multilink 1
  Service-policy output: MPLS-QOS
      queue stats for all priority classes:
         queue limit 64 packets
        (queue depth/total drops/no-buffer drops) 0/0/0
        (pkts output/bytes output) 300637/46124112
      Class-map: PLATINUM (match-any)
        300637 packets, 46124112 bytes
        30 second offered rate 28000 bps, drop rate 0 bps
        Match: ip dscp ef (46)
          300637 packets, 46124112 bytes
          30 second rate 28000 bps
        Priority: 18% (552 kbps), burst bytes 13800, b/w exceed drops: -16
  Any help is appreciated.

  Hi Jeff,
  I think you are hitting a bug (CSCse92856) specific to 1242 AP. Solution given is "Enable Proxy ARP on the default-gateway device of your AP". You can try that & see.
  Even I cannot view detail of this bug as of insufficient access permission.Therefore I do not know more details about this bug fix & which software version affected,etc. Better you contact Cisco TAC & get more information.
  I found this infomration here
  http://www.cisco.com/en/US/tech/tk722/tk809/technologies_tech_note09186a008081103d.shtml
  One other reason that H-REAP APs do not join WLCs is if the Proxy ARP is disabled on the gateway for the H-REAP APs. From the AP console, this message is logged:
  *Jul 29 14:04:10.897: LWAPP_CLIENT_ERROR_DEBUG: 
  Retransmission count for packet exceeded more than max(CHANGE_STATE_EVENT , 1)
  This can be caused by Cisco bug ID CSCse92856. This problem applies only to AP1130 and AP1240. This problem does not apply to AP1000s, AP1100, or AP1200.
  This problem occurs when these conditions are met:
  HREAP mode is used in the WLAN. Local mode is not affected by this issue. Native VLAN mapping is required.
  The APs have to be on a different IP subnet than the AP Manager of the WLCs.
  Proxy ARP is disabled on the default gateway for the AP.
  The H-REAP AP gets the default gateway from a DHCP server.
  In order to resolve this issue, enable Proxy ARP on the default gateway router of the AP
  HTH
  Rasika
  *** Pls rate all useful responses ****

• Some questions about WLC 2504 architecture.

  Good Morning,
  I am in the process of implementing a 2504 with 14 LWAP's... The LWAP's are 1252 and 1262's but this should not matter in reference to my questions.
  Right now i have a test WLAN and Interface set up. 
  XXXXWIRLESS2 and the same for the interface. 
  Both of these are set up on VLAN 8 for test purposes.  My question revolves around the actually switching and routing of the information between the AP's and the controller. 
  I understand that cisco moved to FlexConnect in replacement of HREAP.  Why is this not a default?  it seems to me that the Gig port on the WLC would be a bottleneck for you if all traffic comes back over the CAPWAP tunnel.  Maybe i am not understanding the architecture of the device, but what positive benefit does this serve by sending all traffic back to the WLC instead of out the switches/router to its intended destination? 
  I am under the impression that FlexConnect should do all local switching, instead of sending traffic back over the CAPWAP tunnel.  To me this makes more sense and eliminates bottlenecks in the network. 
  Hopefully someone can enlighten me.
  Thank you,

  "Local" mode is the default mode for all the WLC, as the 5508 and WiSM2 have the ability to have greater than 1G connectivity to the LAN.  This is also partially a holdover from the Airespace days when all of the AP's actually directly connected to the WLC.
  Now for the 2504, I agree that if you have more than ~5 AP you should run in FlexConnect mode, especially if you have a lot of clients that are capapble of 'N' rates.  But it is not necessarily the way that all implementations will go.
  but again, that is IMHO.
  HTH,
  Steve
  Please remember to rate useful posts, and mark questions as answered

• CAPWAP APs drop off the 7500 controller

  I have a multiple 7500 flex controller deployed with over 2000 APs each on them and I notice that APs occasionally drop off.  When I find these APs I am able to telnet to them and I have found a fix for getting them back on the controller, but I want to know why this happens and if there is a way to avoid the problem.
  Observed:
  The APs have telnet enabled so I can get to the CLI.  Once in I do a dir command and see that there is little to no memory available (512 bytes to 0 bytes) in the flash memory.  I see that there are 5 large log files, file names are in the commands below.  When I do a show logging command I see the following over and over again
  *Oct  3 20:31:44.102: %CAPWAP-3-ERRORLOG: Certificate verification failed!
  *Oct  3 20:31:44.102: DTLS_CLIENT_ERROR: ../capwap/base_capwap/capwap/base_capwap_wtp_dtls.c:447 Certificate verified failed!
  *Oct  3 20:31:44.102: %DTLS-5-SEND_ALERT: Send FATAL : Bad certificate Alert to 10.128.5.5:5246
  *Oct  3 20:31:44.102: %DTLS-5-SEND_ALERT: Send FATAL : Close notify Alert to 10.128.5.5:5246
  *Oct  3 20:31:44.103: %CAPWAP-3-ERRORLOG: Invalid event 38 & state 3 combination.
  *Oct  3 20:32:48.999: %CAPWAP-3-ERRORLOG: Selected MWAR 'tc-cl-wlc01'(index 0).
  *Oct  3 20:32:48.999: %CAPWAP-3-ERRORLOG: Go join a capwap controller
  *Oct  3 20:31:44.000: %CAPWAP-5-DTLSREQSEND: DTLS connection request sent peer_ip: 10.128.5.5 peer_port: 5246
  *Oct  3 20:31:44.125: CRYPTO_PKI: New CRL Not Valid - expired (router time not synched to CA?)
  *Oct  3 20:31:44.125:  CRL expires: 05:29:39 UTC Mar 3 2012
  *Oct  3 20:31:44.125:  Router time: 20:31:44 UTC Oct 3 2013
  *Oct  3 20:31:44.125: %PKI-4-CRLINSERTFAIL: Trustpoint "Trustpool2" unknown (error 1804:E_VALIDITY : validity period start later than end)Peer certificate verification failed 0059
  To resolve:
  The working theory is that the flash gets filled up with log files and is unable to download the certificate from the controller during the join process.  I delete the logs with the commands below and then do a wr mem and a copy run start and then reload.  This will fix the problem every time.
  delete /force flash:ap_log_r0_0.log
  delete /force flash:ap_log_r1_0.log
  delete /force flash:ap_log_r0_1.log
  delete /force flash:ap_log_r0_2.log
  delete /force flash:ap_log_r1_1.log
  delete /force flash:ap_log_r1_2.log
  Other info
  - currently running an engineering code of 7.3.113.12 on one 7500 and 7.4.110 on another, both seem to be having this issue.  I do not have this issue on a 5508 running 7.5 code.  Currently getting 7.4 vetted for deployment.
  Good luck with this one

  I have seen this issue, but only with older model access points and it doesn't have to be flexconnect and it doesn't matter what WLC code version your running.  Problamatic access points, I always check the flash to verify if there are logs or not, and do delete them in order to get the AP back up.  Again, I have only seen this with older non-802.11n access points.
  Thanks,
  Scott
  Help out other by using the rating system and marking answered questions as "Answered"

• CAPWAP messages WISM2 7.5.102

               Hi.
  I have a question about a CAPWAP messages in my trap logs after upgrading my WISM2 to 7.5.102.
  AP "xxxxxx", MAC: 34...... disassoiated previously due to Link Failure Uptime 4 days , 10 h... Reason: Capwap WTP Event request
  My AP environment is 1142N attached thru WS-2960S switches. This message was not in my traplogs before upgarding to 7.5.102.
  The switch and WAN environment is the same as before upgarding.
  Thanks for any tips.
  Regards
  Johan Lindstrand

  Hi,
  Thanks for you reply. I´m not sure if my radio stuck, what looks for me that AP lose conectivity for a brief moment with WLC and then recovery connectivity (flapping).
  I have APs(same model) at same site without issues, and APs (same model) in others site with same behavior.
  AP model LAP1141N
  Below logs are from AP reboot process... however joining erros occurs several times during the day... and association time with controller keeps reseting (example: AP up time 1d / association time 15 min).
  That instability to AP association creates WLAN instability, because my authentication is central.
  *Mar  1 00:12:38.693: %CAPWAP-3-ERRORLOG: Selected MWAR 'WLC01'(index 0).
  *Mar  1 00:12:38.693: %CAPWAP-3-ERRORLOG: Go join a capwap controller
  *Dec 20 14:16:42.000: %CAPWAP-5-DTLSREQSEND: DTLS connection request sent peer_ip: 192.168.1.1 peer_port: 5246
  *Dec 20 14:16:42.776: %CAPWAP-5-DTLSREQSUCC: DTLS connection created sucessfully peer_ip: 192.168.1.1 peer_port: 5246
  *Dec 20 14:16:42.777: %CAPWAP-5-SENDJOIN: sending Join Request to 192.168.1.1
  *Dec 20 14:16:42.786: %CAPWAP-3-ERRORLOG: Invalid event 10 & state 5 combination.
  *Dec 20 14:16:42.786: %CAPWAP-3-ERRORLOG: CAPWAP SM handler: Failed to process message type 10 state 5.
  *Dec 20 14:16:42.787: %CAPWAP-3-ERRORLOG: Failed to handle capwap control message from controller
  *Dec 20 14:16:42.787: %CAPWAP-3-ERRORLOG: Failed to process encrypted capwap packet from 192.168.1.1
  *Dec 20 14:16:42.897: Starting Ethernet promiscuous mode
  *Dec 20 14:16:43.202: %LWAPP-4-CLIENTEVENTLOG: OfficeExtend Localssid saved in AP flash
  *Dec 20 14:16:43.294: ac_first_hop_mac - IP:10.8.2.136 Hop IP:10.8.2.136 IDB:BVI1
  *Dec 20 14:16:44.555: %CAPWAP-5-JOINEDCONTROLLER: AP has joined controller WLC01

• Performance with encrypted CAPWAP?

  Does anyone have experience with encrypting CAPWAP tunnels on between your AP's and WLC's?  
  According to:
  http://www.cisco.com/c/en/us/td/docs/wireless/controller/6-0/configuration/guide/Controller60CG/c60lwap.html#wp1508163
  "Encryption limits throughput at both the controller and the access point, and maximum throughput is desired for most enterprise networks."
  My question is- has anyone enabled encryption and seen if there is actually degradation in throughput?  We are considering enabling encryption on a couple hundred APs and dont want this extra overhead to bog things down on the controllers or APs.
  Thanks

  Hi Chad,
  No we dont have large number of APs in our enviournment.
  But my recommandation is: Enable only  when you need like for mesh or office extends AP(to add security).
  I will not recommand to enable on local mode APs.
  As per cisco:
  Encryption limits throughput at both the controller and the access point, and maximum throughput is desired for most enterprise networks.
  Regards
  Dont forget to rate helpful posts

• Converged access question

  I want to use the Cisco 3850 switches to manage my AP's at our remote locations.  Most of the remote locations will use less then 50 AP's so I would only need one MC at each location.  There will be a few locations that will have about 75 AP's each.  So I am better off using a different controller or using 2 3850's setup as MC each?
  Currently I have two 5508's in our core in a centralized configuration and plan to move then into the DMZ to be anchor controllers.  I have two data centers each with an internet connection in a disaster recovery configuration.  So one controller will be in each location.  I thought that maybe I could but another controller at put that in the data center as an MC but was not sure if that would be best or stick with the MC's at the remote sites instead.
  Thank you for the input.

  the current release for the 3850 is 3.3, and it does not support the 3700 series of AP, so the 3850 would not be able to terminate the CAPWAP tunnel
  http://www.cisco.com/en/US/docs/switches/lan/catalyst3850/software/release/3se/release_notes/OL_30562_01.html#wp149415
  HTH,
  Steve
  Please remember to rate useful posts, and mark questions as answered

• Matching IOS capwap flash image file with Wlc image file

  Hello to all Wireless Expert
  My question will perhaps seems a little bit obvious for some of you, but here it is :)
  I'd like to understand the relation between the Capwap IOS image file that I can see while typing 'dir flash' on an AP, and the version a WLC gives to that AP when joining it. My wlc is running 7.4.100 and on the AP's flash (2602i):
  MYCAPWAPAP#dir flash:
  Directory of flash:/
      2  -rwx       75095  Oct 23 2014 07:54:43 +00:00  event.log
      3  -rwx         280  Oct 23 2014 07:57:35 +00:00  lwapp_officeextend.cfg
      4  -rwx       49372  Oct 23 2014 09:37:14 +00:00  lwapp_non_apspecific_reap.cfg
      5  -rwx       95008  Oct 23 2014 07:54:34 +00:00  lwapp_reap.cfg.bak
     10  drwx        2048  Oct 23 2014 07:54:33 +00:00  ap3g2-k9w8-mx.152-4.JB6
     51  drwx         128  Oct 23 2014 07:57:38 +00:00  configs
     52  -rwx          64  Oct 23 2014 07:54:34 +00:00  sensord_CSPRNG0
     53  -rwx          64  Oct 23 2014 07:54:34 +00:00  sensord_CSPRNG1
     77  -rwx       95008  Oct 23 2014 07:57:55 +00:00  lwapp_reap.cfg
      7  -rwx        7192  Oct 23 2014 09:36:56 +00:00  private-multiple-fs
     56  -rwx           0  Mar 26 2014 14:37:17 +00:00  ce
     13  drwx         448   Nov 9 2013 19:06:17 +00:00  ap3g2-rcvk9w8-mx
      8  -rwx       75303  Oct 22 2014 16:30:26 +00:00  event.capwap
     76  -rwx         230  Oct 23 2014 07:57:34 +00:00  env_vars
  31739904 bytes total (10376704 bytes free)
  Does it mean that the 7.4.100 image file is included in the ap3g2 file? In other word, where is stored the wlc firmware image on the AP? As an AP has a primary image and a backup one, it must be stored somewhere on it, or maybe I'm missing something here!
  Thanks,
  Theo

  Hi Theo,
  If you read this post you will understand the ap3g2 represent the AP platform.
  https://supportforums.cisco.com/document/77131/understanding-access-point-ios-images
  platform-featureset-tar.version.tar
  ap1g1 - 700 series (702w beginning with 15.2(4)JB5)
  ap1g2 - 1600 series
  ap1g3 - 1530 series
  ap3g2 - 3700/3600/2700/2600 series (3700 supported beginning with 15.2(4)JB; 2700 beginning with 15.2(4)JB5)
  ap3g1 - 3500/1260 series
  In lightweight mode, there is Recovery Imange & Full-image. (Recovery image has min files to boot the AP & discover a WLC, then  WLC will push the full image according to the software code running on WLC.
  ap3g2-k9w8-mx.152-4.JB6
  ap3g2-rcvk9w8-mx
  In this case you can see some directories with the above name on your AP. So corresponding image should be within these sub-directories.
  HTH
  Rasika
  **** Pls rate all useful responses ****

• CAPWAP AP Crash Logs

  I recently had a number of CAPWAP access points lose IP connectivity, but were still up at L2 and seen by CDP.  Resetting them via PoE port shutdown recovered them, but no AP crash log or useful log info on the WLC.  The AP also had no local logging info after the reset.
  Does anyone know a way to get the AP to log locally to NVRAM?  Or why this isn't enabled/possible?
  I assume that syslog to a server will be of little benefit...
  Thanks in advance.
  Rob

  Hi Amjad,
  No console available I'm afraid.  TAC advised the following when asked the question about local AP logging:
  Yes you can use syslog from the WLC, “and I would recommend the following”:
  WLC > config session timeout 0
  WLC >config ap syslog host global x.x.x.x
  but also, I would like to have the AP it self, so you run the telnet for the AP on “AP > advance tap”, and to open session for it “make sure you configure session timeout to zero on WLC and to configure the putty to not expire.
  So basically, AP logging isn't helpful if the AP loses IP connectivity you need a console cable to find out why.  You may see something from AP syslog before the IP connectivity loss.
  Still wondering why the logging to NVRAM can't at least be optionally enabled, if its considered a security risk.
  Cheers
  Rob

• Cisco 1040 IOS to CAPWAP possible?

  I´m looking to a project where we want to start using Autonomous AP with possibility to change to controller based on near future.
  Will Cisco Aironet 1040 Series Access Points allow us to change from IOS to CAPWAP when needed? I read some posts about the oposite process (CAPWAP to IOS) so I think it´s possible on both way. Can some one confirm this to me?

  Hi,
  Here is the way we convert the AP from LWAPP to IOS  (make sure you are using the right image), example is for 1142 AP..
  The  image that is on the device is LWAPP one, not the autonomous..  if  you  want to use the AP in autonomous mode then the image should be  W7..   that is..
  c1140-k9w7-tar.124-21a.JY.tar not c1140-rcvk9w8-tar.124-23c.JA.tar
  I request you to do download any image from the below link and perform the conversion from LWAPP image to autonomous..
  http://tools.cisco.com/support/downloads/go/PlatformList.x?sftType=IOS+Software&mdfid=282439881&treeName=Wireless&mdfLevel=Model&url=null&modelName=Cisco+Aironet+1140+Access+Point&isPlatform=N&treeMdfId=278875243&modifmdfid=null&imname=&hybrid=Y&imst=N
  the methos to convert is..
  download TFTPd32 from google and install it on ur PC.. point the image that you have downloaded in the TFTP server..
  connect    a ethernet cable between ur laptop and AP.. both should be in the  same   subnet.. and connect a console cable and get the hyperterminal  console   access and issue the command.. make sure you are able to ping  the PC  and the AP and vice versa!!
  AP>en
  AP#debug lwapp console cli or debug capwap console cli
  AP#config t
  AP(confg)int fa 0
  AP(confg-if)ip addr (same subnet as that of the laptop)
  AP(confg-if)end
  AP#archieve download-sw /force-reload /overwrite tftp:///
  AP#archieve download-sw /force-reload /overwrite tftp://<10.0.0.5>/c1140-k9w7-tar.124-21a.JY.tar
  The above command will do it for you!!
  lemme know if this answered your question..
  Regards
  Surendra
  ====
  Please dont forget to rate the posts which answered your question and mark it as answered or was helpfull

• Capability to Downgrade AP 1042 from CAPWAP to autonomous

  /* Style Definitions */
  table.MsoNormalTable
  {mso-style-name:"Table Normal";
  mso-tstyle-rowband-size:0;
  mso-tstyle-colband-size:0;
  mso-style-noshow:yes;
  mso-style-priority:99;
  mso-style-qformat:yes;
  mso-style-parent:"";
  mso-padding-alt:0cm 5.4pt 0cm 5.4pt;
  mso-para-margin:0cm;
  mso-para-margin-bottom:.0001pt;
  mso-pagination:widow-orphan;
  font-size:11.0pt;
  font-family:"Calibri","sans-serif";
  mso-ascii-font-family:Calibri;
  mso-ascii-theme-font:minor-latin;
  mso-fareast-font-family:"Times New Roman";
  mso-fareast-theme-font:minor-fareast;
  mso-hansi-font-family:Calibri;
  mso-hansi-theme-font:minor-latin;
  mso-bidi-font-family:"Times New Roman";
  mso-bidi-theme-font:minor-bidi;}
  I would like to confirm if it is possible to downgrade AP 1042 from CAPWAP to autonomous?
  I want to buy the AP model AIR-LAP1042N-A-K9. But i don't sure if in the future it could support this feature.
  Thanks in advance.
  Regards
  JOSE LUIS

  Hi Jose,
  here is the step by step procedure to convert CAPWAP to IOS
  >> I request you to follow the below steb by step procedure to resolve the issue that we are facing..
  -    Initially console in to the LAP using the console cable and issue the Command ' debug lwap console cli' from the AP# prompt . (This give us capability enter the config mode of AP and use it like Autonomous )
  Ap>en
  Ap#debug lwapp console cli OR Ap#debug capwap console cli
  -     Now assign an IP address to Fast Ethernet interface of the AP which can be reach from the LAPTOP/DESKTOP .  (Basically in the same range or able to ping and telnet)
  AP#config t
  Ap(config)#int fa 0
  Ap(config-if)ip address
  Ap(config-if)#no shut
  Ap(config-if)#end
  -    Download the IOS image: www.cisco.com downloads for 1042  AP series.
  Cisco.com --- Click on the Support tab in top--- Then click  Download software------ Choose Wireless --- Then select AP from product list-Then choose the AP model - choose IOS image..
  http://www.cisco.com/cisco/software/release.html?mdfid=283445229&flowid=17961&softwareid=280805680&release=12.4.25d-JA&rellifecycle=ED&relind=AVAILABLE&reltype=latest
  -    Open the TFTP server (We used TFTP D32 ) (make sure that the TAR file's name is shown as in the web site, because sometimes it gets renamed to "Download .tar" and if that happens you need to rename).  Browse the TAR file and select it and click ok.
  -     Go to enable mode of AP and enter the command:
  -    archive download-sw /overwrite /force-reload tftp:///
  That is..
  If the laptop Ehternet interface is assigned the ip addess 10.0.0.4 with the mask of 255.255.255.0 and the AP fa interface is assigned the ip address 10.0.0.1 255.255.255.0 and if we are running TFTPd32 on the local laptop.. the nthe server ip address will be 10.0.0.4.. finally the command will be..
  AP# archive download-sw /overwrite /force-reload tftp://10.0.0.4/ 1140-k9w7-tar.124-25d.JA.tar
  lemme know if this answered your question..
  Regards
  Surendra
  ====
  Please dont forget to rate the posts which answered your question and mark it as answered or was helpfull