WLC downgrade

Similar Messages

• WLC 7.4.100.0 Downgrade

  Hello,
  Some time ago I updated a WLC, model 2504, from version 7.3 to 7.4.100.0. I also update the FUS (Field Upgrade Software) to the latest release, 1.8.0.0.
  Now I need to downgrade the WLC back to 7.3 version.
  My doubt is: Can I just take the normal processes and downgrade the WLC back to 7.3, even with the FUS in version 1.8.0.0?
  Tks guys,
  Bartulihe

  Leo,
  I do it all the time especially when I beta test. So far I have not had any issues downgrading, but I always double check the config to make sure that the config hasn't changed. Now this could be because of issues I had in the past or when testing beta code, but even when I upgrade, I still check to make sure. There were a few code versions that did change some if my settings back to default.
  Sent from Cisco Technical Support iPhone App

• Downgrading WLC 7.x to 6.x software

  Hi,
  I've had to downgrade my WLC software from 7.x to 6.x to resolve some issue. I just went ahead and did the downgrade without re-aplying and configs or anything. My setup is very simple, no clean air or advanced features, so is this all OK or should I factory reset and re-apply config from scratch???
  thanks,
  Simon

  You should be ok. But I would double check your configs. As you know if you make a setting in 7 that isnt in 6 you might see a problem. I would play close attention to client issues and your wlc logs.

• Downgrade WLC 4.2 to 4.0.219

  Hi, Is it straight process for downgrading OS or do I need any intermediary version ?
  Thanks for helping

  4.2 and later code has the configuration in xml, prior versions is in bianary. So if you decide to downgrade to 4.2 to 4.0 then you will have to reconfigure the wlc from the startup wizard and then you can restore the wlc configuration if you had a good backup from that version.
  http://www.cisco.com/en/US/tech/tk722/tk809/technologies_configuration_example09186a00805f381f.shtml#t2

• WLC 4400 downgrade

  Hi Experts,
  Awhile ago, I upgraded the standby 4404 WLC from 5.1.151.0 to 5.2.193.0 to 7.0.240.0 and the upgrade was successful.  Before upgrading the active WLC, I tested a couple of APs to join the standby WLC (enabled master controller) and the APs don't join the standby WLC, it joins back to the active WLC.  The client wants to return to the old code.  Is there any downgrade path I have to follow and what would be the procedure for downgrading?
  Regards,

  Hi,
  No, that command won't help you to force that AP to go & register to that WLC (unless you have a single WLC ). Once AP register to a WLC it will learn all the WLC information in that mobility group. So as long as your active & standby 4400 in same mobility group all your AP already aware of both WLC.
  You have to specify the primary controller in order for an AP to go & register for that particular WLC. Below do that for you.
  LAP#capwap ap primary-base <WLC-NAME> <WLC-MGT-IP>
  OR
  LAP#lwapp ap primary-base <WLC-NAME> <WLC-MGT-IP>
  If 5.x. support you can do that via WLC CLI as well.
  config ap primary-base <controller_name> <Cisco_AP_name> [controller_IP_Addres]
  See this for AP Failover behavior of this 7.x code.
  http://mrncciew.com/2013/04/07/ap-failover/
  HTH
  Rasika
  **** Pls rate all useful responses ****

• Downgrade versions of WLC controller code.

  Hi All,
  We have recently upgraded controller code to 7.3.101.0 from Version 7.0.116.0. after that users started reporting wirless disconnction issues.
  we wanted to roolback to older code 7.0.116.0.
  But WLC shows....
  Primary images as 7.3.101.0
  Backup images as 7.2.110.0
  We need some clarification to procees further...please help
  Can we simply downgrade to 7.2.110.0 ? --- by setecting secondary code in WLC ... command -->Config boot --> by selecting seondary code.
  Is there any impact ?
  or upload 7.0.116.0 code on WLC and reload of WLC will work ?
  Thanks
  Sri

  Sri,
  First off... Did you upgrade the FUS image when you upgraded to 7.3? This FUS image is required when the WLC is upgraded to v7.2.x.
  Also note that if you have 3602 AP's you need v7.2.x.
  If you want to downgrade, just load the code you want and it will replace one of the code versions and I believe it will replace the secondary, but that doesn't matter. After you upload the code, then push that code to all the AP's. When that completes, interchange the image on the ap and verify that the ap image has the code you are going to as primary and then you can reboot the WLC.
  Sent from Cisco Technical Support iPhone App

• Downgrading WLC to Primary 4.0 Backup 4.0 from a Primar of 4.1

  Guys (& gals)
  Looking to roll back a classroom controller to 4.0. Is it possible to roll backwards both Primary and backup images to 4.0 (to prevent students booting to 4.1) 4402 controller.
  thanks Rob

  You can downgrading from 4.1 to the 4.0 release. But it will result in the config needing to be re-entered. The config changes in 4.1 will not carry over to the 4.0 release when downgrading.

• Windows 8.1 compatibility with WLC v7.0.98.218 and DELL DEVICES

  hello,
  We have a lot wlc (4400, WiSM, WS-C3750G-24PS and 5500) running on version 7.0.98.218.
  Windows 7 and Windows 8 clients are able to connect to the WiFi, which has Windows 8.1 can no longer connect.
  we tested two WLAN's, one with security policy: [WPA2] [Auth (802.1X)] and another with [WPA2] [Auth (PSK)], MAC Filtering
  in any of the WLAN's the clients with Windows 8.1 did not bind (cannot connect).
  the outup obtained is attached
  one of the devices which are having problems is a dell laptop E5430.
  We've update the wireless card drivers ... according to the dell ... I did downgrade for old version... upgrade to last versions given by broadcom ... but still the problem
  can you help me ?!?
  Regards,
  Tiago Marques

  To enable that your network is ready for 802.11w and Windows 8 ensure that you are running the latest Cisco Unified releases in your wireless controller network.
  Please find the link :-
  http://www.my80211.com/home/2012/10/19/bug-cscua29504-upgrade-that-code-if-you-want-windows-8-to-wo.html

• Cisco APs not updating after WLC-update

  Hello everyone,
  I need to update my 5508 WLCs to a newer software, to support new AP-models.
  Started with AIR-CT5500-K9-1-7-0-0-FUS.aes and AIR-CT5500-K9-7-0-240-0.aes, everything worked fine. Pre-Downloaded the newer Image to the APs, restarted the WLCs and everything was ok.
  Now I tried to update to 7.6.100.0 as well as 7.4.121.0. Both Versions should support my APs, but it doesn't work at all.
  Any ideas are highly appreciated.
  If you need further output, just let me know.
  Regards,
  Manuel
  These are some informations about the environment, AP-info and logging after "upgrade" to 7.4.121.0, controller-information after downgrading again...
  AP#  sh ver
  Cisco IOS Software, C1240 Software (C1240-K9W8-M), Version 12.4(23c)JA7, RELEASE SOFTWARE (fc1)
  ROM: Bootstrap program is C1240 boot loader BOOTLDR: C1240 Boot Loader (C1240-BOOT-M) Version 12.4(13d)JA, RELEASE SOFTWARE (fc2)
  AP uptime is 1 minute System returned to ROM by power-on System image file is "flash:/c1240-k9w8-mx.124-23c.JA7/c1240-k9w8-mx.124-23c.JA7"
  cisco AIR-LAP1242AG-E-K9  (PowerPCElvis) processor (revision A0) with 27638K/5120K bytes of memory.
  Processor board ID FCZ1545812F
  PowerPCElvis CPU at 262Mhz, revision number 0x0950
  Last reset from power-on LWAPP image version 7.0.240.0
  1 FastEthernet interface
  2 802.11 Radio(s)
  32K bytes of flash-simulated non-volatile configuration memory.
  Base ethernet MAC Address: 70:CA:9B:07:86:B8
  Part Number                          : 73-10256-07
  PCA Assembly Number                  : 800-26918-06
  PCA Revision Number                  : A0
  PCB Serial Number                    : FOC15402NP4
  Top Assembly Part Number            : 800-29152-03
  Top Assembly Serial Number          : FCZ1545812F
  Top Revision Number                  : A0
  Product/Model Number                : AIR-LAP1242AG-E-K9
  Configuration register is 0xF
  AP#dir
  Directory of flash:/
  2  -rwx      89311  Jan 18 2014 20:41:00 +00:00  event.log
  3  drwx          64  Jan 18 2014 20:43:21 +00:00  update
  5  drwx        256  Jan 18 2014 20:40:55 +00:00  c1240-k9w8-mx.124-23c.JA7
  4  -rwx        6168  Nov 2 2011 23:32:18 +00:00  private-multiple-fs
  7  -rwx        395  Mar 1 2002 00:00:05 +00:00  env_vars
  15740928 bytes total (8772096 bytes free)
  AP#dir
  Directory of flash:/c1240-k9w8-mx.124-23c.JA7/
  9  -rwx      131328  Jan 18 2014 20:39:46 +00:00  7101.img
  10  -rwx        292  Jan 18 2014 20:39:46 +00:00  info
  11  -rwx    4642714  Jan 18 2014 20:40:55 +00:00  c1240-k9w8-mx.124-23c.JA7
  15  -rwx      131328  Jan 18 2014 20:40:56 +00:00  6701.img
  #sh logging --> see attached file
  CONTROLLER (unfortunately after downgrading it again):
  (Cisco Controller) >show sysinfo
  Manufacturer's Name.............................. Cisco Systems Inc.
  Product Name..................................... Cisco Controller
  Product Version.................................. 7.0.240.0
  Bootloader Version............................... 1.0.16
  Field Recovery Image Version..................... 7.0.112.21
  Firmware Version................................. FPGA 1.7, Env 1.8, USB console 2.2
  Build Type....................................... DATA + WPS
  System ObjectID.................................. 1.3.6.1.4.1.9.1.1069
  IP Address....................................... WLC-IP
  Last Reset....................................... Software reset
  System Up Time................................... 0 days 0 hrs 26 mins 3 secs
  System Timezone Location......................... (GMT +1:00) Amsterdam, Berlin, Rome, Vienna Current Boot
  License Level....................... base
  Current Boot License Type........................ Permanent
  Next Boot License Level.......................... base
  Next Boot License Type........................... Permanent
  Configured Country............................... DE  - Germany
  State of 802.11b Network......................... Enabled
  State of 802.11a Network......................... Enabled
  Number of WLANs.................................. 2
  Number of Active Clients......................... 5
  Burned-in MAC Address............................ 1C:DF:0F:C6:D8:80
  Power Supply 1................................... Present, OK
  Power Supply 2................................... Absent
  Maximum number of APs supported.................. 150
  (Cisco Controller) >show boot
  Primary Boot Image............................... 7.4.121.0
  Backup Boot Image................................ 7.0.240.0 (default) (active)
  (Cisco Controller) >show ap bundle primary
  Primary AP Image        Size
  ap1g2                  9576
  ap3g1                  6684
  ap3g2                  11208
  ap801                  5192
  ap802                  5232
  c1100                  3096
  c1130                  4972
  c1140                  4992
  c1200                  3364
  c1240                  4812
  c1250                  5512
  c1310                  3136
  c1520                  6412
  c3201                  4324
  c602i                  3716
  (Cisco Controller) >show ap bundle secondary
  Secondary AP Image      Size
  ap3g1                  6684
  ap801                  5192
  ap802                  5232
  c1100                  3096
  c1130                  4972
  c1140                  4992
  c1200                  3364
  c1240                  4812
  c1250                  5512
  c1310                  3136
  c1520                  6412
  c3201                  4324
  c602i                  3716
  Nachricht geändert durch Manuel Sporleder

  Hi Scott,
  I am not trying to pre-download it anymore, since this doesn't work at all.
  If I just restart the controller, the APs are downloading the image telling me "everything is fine", are rebooted and that stated with the old image again.
  This is what you can see in the attached log-file:
  *Mar  1 00:00:05.873: soap_prepare_new_image_crash: mini ios flash:/c1240-rcvk9w8-mx/c1240-rcvk9w8-mx
  *Mar  1 00:00:06.242: %SOAP_FIPS-2-SELF_TEST_IOS_SUCCESS: IOS crypto FIPS self test passed
  *Mar  1 00:00:07.662: %SOAP_FIPS-2-SELF_TEST_RAD_SUCCESS: RADIO crypto FIPS self test passed on interface Dot11Radio 0
  *Mar  1 00:00:09.054: %SOAP_FIPS-2-SELF_TEST_RAD_SUCCESS: RADIO crypto FIPS self test passed on interface Dot11Radio 1
  *Mar  1 00:00:09.152: %LWAPP-3-CLIENTEVENTLOG: Read and initialized AP event log (contains, 1024 messages)
  *Mar  1 00:00:09.181:  status of voice_diag_test from WLC is false
  *Mar  1 00:00:11.381: %LINK-3-UPDOWN: Interface FastEthernet0, changed state to up
  *Mar  1 00:00:11.440: %SYS-5-RESTART: System restarted
  *Mar  1 00:00:11.441: %SNMP-5-COLDSTART: SNMP agent on host AP is undergoing a cold start
  *Nov  2 23:31:59.107: %LINK-5-CHANGED: Interface Dot11Radio1, changed state to reset
  *Nov  2 23:31:59.108: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to reset
  *Nov  2 23:31:59.929: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0, changed state to up
  *Nov  2 23:32:00.107: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio1, changed state to down
  *Nov  2 23:32:00.107: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to down
  *Nov  2 23:32:18.102: %CAPWAP-5-CHANGED: CAPWAP changed state to DISCOVERY
  *Nov  2 23:32:18.163: bsnUnlockDevice: not bring radio up: radio 1 is in admin disable state
  *Nov  2 23:32:18.345: %SSH-5-ENABLED: SSH 2.0 has been enabled
  *Nov  2 23:32:18.759:  status of voice_diag_test from WLC is false
  *Nov  2 23:32:18.847: Logging LWAPP message to 255.255.255.255.
  *Nov  2 23:32:33.181: %CDP_PD-4-POWER_OK: Full power - NEGOTIATED inline power source
  *Nov  2 23:32:33.247: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to up
  *Nov  2 23:32:34.212: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to up
  *Nov  2 23:32:34.213: %SYS-6-LOGGINGHOST_STARTSTOP: Logging to host 255.255.255.255 started - CLI initiated
  *Jan 20 20:32:44.000: %CAPWAP-5-DTLSREQSEND: DTLS connection request sent peer_ip: WLC-1-IP peer_port: 5246
  *Jan 20 20:32:44.001: %CAPWAP-5-CHANGED: CAPWAP changed state to
  *Jan 20 20:32:45.479: %CAPWAP-5-DTLSREQSUCC: DTLS connection created sucessfully peer_ip: WLC-1-IP peer_port: 5246
  *Jan 20 20:32:45.480: %CAPWAP-5-SENDJOIN: sending Join Request to WLC-1-IP
  *Jan 20 20:32:45.481: %CAPWAP-5-CHANGED: CAPWAP changed state to JOIN
  *Jan 20 20:32:45.483: %CAPWAP-3-ERRORLOG: Invalid event 10 & state 5 combination.
  *Jan 20 20:32:45.483: %CAPWAP-3-ERRORLOG: CAPWAP SM handler: Failed to process message type 10 state 5.
  *Jan 20 20:32:45.483: %CAPWAP-3-ERRORLOG: Failed to handle capwap control message from controller
  *Jan 20 20:32:45.484: %CAPWAP-3-ERRORLOG: Failed to process encrypted capwap packet from WLC-1-IPperform archive download capwap:/c1240 tar file
  *Jan 20 20:32:45.494: %CAPWAP-5-AP_IMG_DWNLD: Required image not found on AP. Downloading image from Controller.
  *Jan 20 20:32:45.499: %CAPWAP-5-CHANGED: CAPWAP changed state to IMAGE
  *Jan 20 20:33:58.755: %DTLS-3-BAD_RECORD: Erroneous record received from WLC-1-IP: Duplicate (replayed) record
  *Jan 20 20:33:59.315: image upgrade successfully, system is now reloading
  This happens again and again and again...
  Regards, Manuel

• Upgrade procedure for multiple WLCs without N+1

  Hello, I would like to discuss another method of a bulk controller upgrade and see what other engineers take on this upgrade path would be.
  Say I have an instance of 8 4404s with 50 APs each, In this case I have N+1 redundancy where I can follow the normal proceedure
  Normal Proceedure
  Move all APs to controllers 1-4
  Preload all APs with the new code version
  Upgrade and reboot empty controllers 5-8  to new code version
  Move all APs to 5-8 with new code versoin
  Upgrade empty 1-4
  Move all APs back home
  Now take the same scenario only chage it to 80 APs per controller. I've now lost my N+1 and cannot do it quite as smoothly.
  As opposed to trying to follow the normal proceedure and have an extended window of "brown outs" How about doing it all at once.
  Black-out accelerated proceedure:
  Preload new code on all controllers
  Preload new image on all APs on all controllers
  Reboot all 8 controllers at the same time.
  Allow time for APs to connect back and load the new image
  I assume with this proceedure that I might see around 15-30 minutes of actual downtime to the site but it seems like that could be preferable to two-three hours of brown outs.
  What are your thoughts, and do you feel that 15-30 minutes is

  Michael,
  Welcome to CSC!
  I have 40+ WLCs and like you looked at this very closely. In my environment I do a predowload and reboot them all. Ive tried the surgical approach and in my case if you get aps bouncing back and forth on WLCs they will upgrade then downgrade etc.
  Also note -- If you are on 7.0.98.0 code, predownload "may" have a bug. I noticed an issue during a recent upgrade in mu network and later someone commented about the same issue here on CSC.

• AP(2720e) not joining a WLC (2504)

  I recently purchased two 2702e AP's to expand the wireless coverage of our network but when I plug them in, they will not join the AP for some reason.
  This is what I am getting on the controller;
  (Cisco Controller) >show ap join stats detailed f44e0544e944
  Discovery phase statistics
  - Discovery requests received.............................. 51
  - Successful discovery responses sent...................... 26
  - Unsuccessful discovery request processing................ 0
  - Reason for last unsuccessful discovery attempt........... Not applicable
  - Time at last successful discovery attempt................ Dec 08 10:24:37.695
  - Time at last unsuccessful discovery attempt.............. Not applicable
  Join phase statistics
  - Join requests received................................... 0
  - Successful join responses sent........................... 0
  - Unsuccessful join request processing..................... 0
  - Reason for last unsuccessful join attempt................ Not applicable
  - Time at last successful join attempt..................... Not applicable
  - Time at last unsuccessful join attempt................... Not applicable
  Configuration phase statistics
  - Configuration requests received.......................... 0
  - Successful configuration responses sent.................. 0
  - Unsuccessful configuration request processing............ 0
  - Reason for last unsuccessful configuration attempt....... Not applicable
  --More-- or (q)uit
  - Time at last successful configuration attempt............ Not applicable
  - Time at last unsuccessful configuration attempt.......... Not applicable
  Last AP message decryption failure details
  - Reason for last message decryption failure............... Not applicable
  Last AP disconnect details
  - Reason for last AP connection failure.................... Not applicable
  - Last AP disconnect reason................................ Not applicable
  Last join error summary
  - Type of error that occurred last......................... None
  - Reason for error that occurred last...................... Not applicable
  - Time at which the last join error occurred............... Not applicable
  AP disconnect details
  - Reason for last AP connection failure.................... Not applicable
  I have tried it with just the default settings and by setting the IP on the AP to no avail.
  Any suggestion would be much appreciated.
  Eric

  Hi Eric,
  What software code is running on your 2504 ? I hope it is 7.6.130.0
  If it is 8.0.100.0, then there was a crtical bug given below, you need to check whether you hitting this
  https://tools.cisco.com/bugsearch/bug/CSCur43050
  Conditions:
  Seen only with APs that were manufactured in August, September or October, 2014 - all Aironet APs were affected EXCEPT the 700 series. Seen with WLCs running 8.0.100.0 or an 8.0.100.x special.
  If the WLC was manufactured in September 2014, or later (i.e. has a SHA2 MIC), then the first symptom is seen, i.e. the AP joins the 8.0.100 WLC, downloads the image, but then fails to rejoin.
  If the WLC was manufactured before September 2014 (i.e. does not have a SHA2 MIC), then the second symptom is seen, i.e. the AP can join the 8.0.100 WLC OK, but then will fail download during a subsequent upgrade.
  Also seen with new APs trying to join a controller running IOS-XE 3.6.0 (15.3(3)JN k9w8 image.) (Track CSCur50946 for the IOS-XE fix)
  Workaround:
  Downgrade to AireOS 7.6.130.0, or to IOS-XE 3.3, if the APs are supported in the earlier code
  Pls attach  AP console output while trying to boot & register to see the exact reason for failure.
  HTH
  Rasika
  **** Pls rate all useful responses ****

• [WLC - CWA] [ISE] Wlan Portal with Local Switiching

  Description: Guest Portal ISE (WLAN) in a Flexconnect local switching enviorment.
  Problem: The communication stops everytime we turn on the feature Radius NAC on the WLC.
  We are trying to use Central WebAuth in a Flexconnect environment and with so the procedure that we are using it´s the one that´s available in the cisco DOCS ( http://www.cisco.com/c/en/us/support/docs/security/identity-services-engine/116087-configure-cwa-wlc-ise-00.html ) but there´s something occuring in my setup. I´ve configured step by step the WLC and ISE in accordance with previous DOC but I can´t establish communication everytime I turn on the feature RADIUS NAC in the WLC.
  All the ACL´s were configured, I can see the ISE policy beeing sent to the client but when the PC tries to establish the connection to him nothing leaves the PC ( a simple ping was done ). I´ve tried a bunch of setups to see if it was a misconfiguration or something else but at the end , everytime I trun on the NAC feature the final client looses all the comms to anywere.
  You can see in the following attachment the setup of WLC, and AP with flexconnect groups (I´ve also tried without a group but the final result was the same)
  We are using a WLC 5500 with 7.6.120.0 ( http://www.cisco.com/c/en/us/td/docs/wireless/controller/7-6/configuration-guide/b_cg76.html ) and the only thing I can foun is a simple note stating,
  "Flex local switching with Radius NAC support is added in Release 7.2.110.0. It is not supported in 7.0 Releases and 7.2 Releases. Downgrading 7.2.110.0 and later releases to either 7.2 or 7.0 releases will require you to reconfigure the WLAN for Radius NAC feature to work."
  In the Flexconnect Feature Matrix the RADIUS NAC is supported in a local switching enviorment ( http://www.cisco.com/c/en/us/support/docs/wireless/5500-series-wireless-controllers/112042-technote-product-00.html?referring_site=RE&pos=3&page=http://www.cisco.com/c/en/us/support/docs/wireless/flex-7500-series-wireless-controllers/113605-ewa-flex-guide-00.html) but what  we´ve found out so far it´s  the other way around.
  Another thing that we´ve found is that in the version 7.4 configuration guide ( http://www.cisco.com/c/en/us/td/docs/wireless/controller/7-4/configuration/guides/consolidated/b_cg74_CONSOLIDATED/b_cg74_CONSOLIDATED_chapter_0110100.html#ID2372 ) cisco says that the "FlexConnect local switching is not supported."
  So, after seeing several docs my question is: Does Cisco support Radius NAC in a local switching environment ?

  Viten,
  tnx for the quick reply but,
  a) what do you mean by webauth ( http://www.cisco.com/c/en/us/support/docs/security/identity-services-engine/116087-configure-cwa-wlc-ise-00.html) ?
  b) When I say comms stop is that I´m simple using ping as a test to see what happens in the client.Whenever I activate the radius feature the final client (laptop) ceases all comms in a local switching environment.
  BR,
  DS

• Wireless Migration from WCS to NCS and MSE/WLC 7.0.230 to 7.2.110.0

  Hello,
  I'm in the process of ripping out all of my wireless network and putting a new one in and have a couple of questions regarding code compatibility between the NCS, WLC, and MSE.
  My current infrastructure consists of Wism running 7.0.230.0 code, WCS 7.0.230.0 code, and MSE 7.0.230.0 code.  I am planning on migrating my WCS over to NCS 1.1.1.24 while maintaining the 7.0.230.0 code on my WiSM and MSE.  Does anyone know if this will function properly and maintain location services?
  Also,  I am going to be replacing my MSE (3350) 7.0.230 code with redundant MSE (3355)  7.2.110.0 code running high availability. Will I be able to import the backups/config  from the 7.0.230 code onto the 7.2.110.0 new servers? Or would it be better for me to load my new servers (3355) with 7.0.230 code, import the backups, and then proceed with the upgrade to 7.2.110.0.  What is the best way to migrate my CAS licenses over to the new servers?
  Thanks for any suggestions.

  Well here is the compatibility matrix:
  http://www.cisco.com/en/US/docs/wireless/controller/5500/tech_notes/Wireless_Software_Compatibility_Matrix.html
  As far as the MSE, I would probably downgrade it to 7.0.230.0 and then import the backup and then upgrade.  I guess you can just try it at first if you want, it won't hurt.  You can always clear it and then downgrade if you want.
  Thanks,
  Scott
  Help out other by using the rating system and marking answered questions as "Answered"

• WLC 5508 Software 7.2.103.0 to 6.0.199.4 is possible to degrade

    Hi i got my first WLC 5508 with software 6.0.199.4 and i deployed in site and the branches i have started registring AP's HREAP mode.
  And its working fine .
  The second WLC came with software 7.2.103.0 so i doubt if i connect this WLC IN one of the site so it will be a issue .
  So whats the best practice. is it possible to Downgrade the second WLC to 6.0 version

  You better upgrade both WLCs to the latest version. Besides the bug fixes that you get, there are many new features in 7.0 than 6.0. also, 7.2 is having more features than 7.0.
  If you want anyway to downgrade, that is possible. But you may lose your configuratoin. so you need to take the precautions and get a backup before the downgrade.
  HTH
  Amjad
  You want to say "Thank you"? Don't. Just rate the useful answers, that is more useful than "Thank you".

• Converted 1140 AP can't join the WLC 5508

  Hello! Please, help me to sort my problem out.
  We have bought autonomous APs   AIR-AP1141N-E-K9 and converted them to the lightweight mode, but they cannot join the WLC 5508. The errors are below. There were NO problems with the LAPs that were bought before, together with the WLC.
  AP's IP: 172.22.90.27   IOS version  12.4
  WLC's IP: 172.22.90.20   IOS version 6.0.188.0
  ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
  This Discussion has been converted into document:- https://supportforums.cisco.com/docs/DOC-23054
  +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
  logs from the AP:
  Translating "CISCO-LWAPP-CONTROLLER"...domain server (255.255.255.255)
  *Oct 13 21:37:06.044: %CAPWAP-5-CHANGED: CAPWAP changed state to DISCOVERY
  *Oct 13 21:37:06.045: %CAPWAP-5-CHANGED: CAPWAP changed state to DISCOVERY
  *Oct 13 21:37:06.046: bsnInitRcbSlot: slot 1 has NO radio
  *Oct 13 21:37:06.056: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to a
  dministratively down
  *Oct 13 21:37:06.066: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to r
  eset
  *Oct 13 21:37:06.098: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to up
  Translating "CISCO-CAPWAP-CONTROLLER"...domain server (255.255.255.255)
  *Oct 13 21:37:15.060: %CAPWAP-3-ERRORLOG: Could Not resolve CISCO-LWAPP-CONTROLL
  ER
  *Oct 13 21:37:24.060: %CAPWAP-3-ERRORLOG: Could Not resolve CISCO-CAPWAP-CONTROL
  LER
  *Oct 13 21:37:34.060: %CAPWAP-3-ERRORLOG: Go join a capwap controller
  *Oct 13 21:38:34.000: %CAPWAP-5-DTLSREQSEND: DTLS connection request sent peer_i
  p: 172.22.90.20 peer_port: 5246
  *Oct 13 21:38:34.000: %CAPWAP-5-CHANGED: CAPWAP changed state to
  *Oct 13 21:38:34.822: %CAPWAP-5-DTLSREQSUCC: DTLS connection created sucessfully
  peer_ip: 172.22.90.20 peer_port: 5246
  *Oct 13 21:38:34.823: %CAPWAP-5-SENDJOIN: sending Join Request to 172.22.90.20
  *Oct 13 21:38:34.823: %CAPWAP-5-CHANGED: CAPWAP changed state to JOIN
  *Oct 13 21:38:34.825: %CAPWAP-3-ERRORLOG: Unencrypted non-discovery CAPWAP Contr
  ol Message from 172.22.90.20
  *Oct 13 21:38:34.825: %CAPWAP-3-ERRORLOG: Invalid AC Message Type 4.
  *Oct 13 21:38:34.825: %CAPWAP-3-ERRORLOG: Failed to handle capwap control messag
  e from controller
  *Oct 13 21:38:39.823: %CAPWAP-5-SENDJOIN: sending Join Request to 172.22.90.20
  *Oct 13 21:38:39.823: %CAPWAP-3-ERRORLOG: Unencrypted non-discovery CAPWAP Contr
  ol Message from 172.22.90.20
  *Oct 13 21:38:39.823: %CAPWAP-3-ERRORLOG: Invalid AC Message Type 4.
  *Oct 13 21:38:39.823: %CAPWAP-3-ERRORLOG: Failed to handle capwap control messag
  e from controller
  *Oct 13 21:38:39.824: %CAPWAP-3-ERRORLOG: Failed to process unencrypted capwap p
  acket from 172.22.90.20
  *Oct 13 21:39:33.999: %DTLS-5-SEND_ALERT: Send WARNING : Close notify Alert to 1
  72.22.90.20:5246
  *Oct 13 21:39:34.000: %CAPWAP-3-ERRORLOG: Go join a capwap controller
  *Oct 13 21:38:34.000: %CAPWAP-5-DTLSREQSEND: DTLS connection request sent peer_i
  p: 172.22.90.20 peer_port: 5246
  *Oct 13 21:38:34.000: %CAPWAP-5-CHANGED: CAPWAP changed state to
  *Oct 13 21:38:34.001: %DTLS-5-PEER_DISCONNECT: Peer 172.22.90.20 has closed conn
  ection.
  *Oct 13 21:38:34.001: %DTLS-5-SEND_ALERT: Send WARNING : Close notify Alert to 1
  72.22.90.20:5246
  *Oct 13 21:38:34.001: %CAPWAP-3-ERRORLOG: Invalid event 38 & state 3 combination
  *Oct 13 21:38:34.125: %CAPWAP-3-ERRORLOG: Dropping dtls packet since session is
  not established.
  logs from the WLC:
  debug capwap events enable
  *Dec 21 15:02:06.244: 68:bc:0c:63:3d:a0 DTLS keys for Control Plane deleted successfully for AP 172.22.90.27
    *Dec 21 15:02:06.246: 68:bc:0c:63:3d:a0 DTLS connection closed event receivedserver (172:22:90:20/5246) client (172:22:90:27/21077)
  *Dec 21 15:02:06.246: 68:bc:0c:63:3d:a0 Entry exists for AP (172:22:90:27/21077)
  *Dec 21 15:02:06.246: 68:bc:0c:63:3d:a0 apfSpamProcessStateChangeInSpamContext: Deregister LWAPP event for AP 68:bc:0c:63:3d:a0 slot 0
  *Dec 21 15:02:06.246: 68:bc:0c:63:3d:a0 Deregister LWAPP event for AP 68:bc:0c:63:3d:a0 slot 0
  *Dec 21 15:02:06.246: 68:bc:0c:63:3d:a0 apfSpamProcessStateChangeInSpamContext: Deregister LWAPP event for AP 68:bc:0c:63:3d:a0 slot 1
  *Dec 21 15:02:06.246: 68:bc:0c:63:3d:a0 Deregister LWAPP event for AP 68:bc:0c:63:3d:a0 slot 1
  Ble
  *Dec 21 15:04:03.194: 68:bc:0c:63:3d:a0 capwap_ac_platform.c:1223 - Operation State 0 ===> 4
  *Dec 21 15:04:03.194: 68:bc:0c:63:3d:a0 Register LWAPP event for AP 68:bc:0c:63:3d:a0 slot 0
    *Dec 21 15:05:36.253: 68:bc:0c:63:3d:a0 Join Version: = 100711424
  *Dec 21 15:05:36.253: 68:bc:0c:63:3d:a0 Join resp: CAPWAP Maximum Msg element len = 93
  debug capwap errors enable
  *Dec 21 16:16:51.879: 68:bc:0c:63:3d:a0 DTLS connection was closed
  *Dec 21 16:17:09.940: 68:bc:0c:63:3d:a0 Join Priority Processing status = 0, Incoming Ap's Priority 1, MaxLrads = 12, joined Aps =5
  debug capwap detail enable
  *Dec 21 16:21:49.961: 68:bc:0c:63:3d:a0 CAPWAP Control Msg Received from 172.22.90.27:21078
  *Dec 21 16:21:49.961: 68:bc:0c:63:3d:a0 packet received of length 281 from 172.22.90.27:21078
  *Dec 21 16:21:49.961: 68:bc:0c:63:3d:a0 Msg Type = 3 Capwap state = 5
  *Dec 21 16:21:49.961: 68:bc:0c:63:3d:a0 Join resp: Result Code message element len = 8
  *Dec 21 16:21:49.961: 68:bc:0c:63:3d:a0 1. 47 0
  *Dec 21 16:21:49.961: 68:bc:0c:63:3d:a0 2. 232 3
  *Dec 21 16:21:49.961: 68:bc:0c:63:3d:a0 3. 6 0
  *Dec 21 16:21:49.961: 68:bc:0c:63:3d:a0 4. 12 0
  *Dec 21 16:21:49.961: 68:bc:0c:63:3d:a0 Join resp: AC Descriptor message element len = 48
  *Dec 21 16:21:49.961: 68:bc:0c:63:3d:a0 acName = Wi-Fi_Controller
  *Dec 21 16:21:49.961: 68:bc:0c:63:3d:a0 Join resp: AC Name message element len = 68
  *Dec 21 16:21:49.961: 68:bc:0c:63:3d:a0 Join resp: WTP Radio Information message element len = 77
  *Dec 21 16:21:49.961: 68:bc:0c:63:3d:a0 Join resp: CAPWAP Control IPV4 Address len = 87
  *Dec 21 16:21:49.961: 68:bc:0c:63:3d:a0 Sending encrypted packet to AP 172:22:90:27 (21078)
  *Dec 21 16:21:49.961: 68:bc:0c:63:3d:a0 Releasing WTP
  *Dec 21 16:24:12.212: 68:bc:0c:63:3d:a0 CAPWAP Control Msg Received from 172.22.90.27:21077
  *Dec 21 16:24:12.212: 68:bc:0c:63:3d:a0 DTLS connection 0x167c8b20 closed by controller
  *Dec 21 16:24:12.212: DTL Deleting AP 9 - 0.0.0.0
  *Dec 21 16:24:12.214: CAPWAP DTLS connection closed msg
  *Dec 21 16:24:12.216: 68:bc:0c:63:3d:a0 Sending LWAPP Event DeReg to 'mfpSendEventReport+168' for AP 68:bc:0c:63:3d:a0(0)
  *Dec 21 16:24:12.216: Received SPAM_MFP_RADIO_DOWN message
  *Dec 21 16:24:12.218: 68:bc:0c:63:3d:a0 Sending LWAPP Event DeReg to 'l2roamInit+560' for AP 68:bc:0c:63:3d:a0(0)
  *Dec 21 16:24:12.220: 68:bc:0c:63:3d:a0 Sending LWAPP Event DeReg to 'apfSpamCallbackInSpamContext+1224' for AP 68:bc:0c:63:3d:a0(0)
  *Dec 21 16:24:12.222: 68:bc:0c:63:3d:a0 Sending LWAPP Event DeReg to 'apfSpamSendBlackListTable+376' for AP 68:bc:0c:63:3d:a0(0)
  *Dec 21 16:24:12.224: 68:bc:0c:63:3d:a0 Sending LWAPP Event DeReg to 'rrmIappSendChdPacket+2320' for AP 68:bc:0c:63:3d:a0(0)
  *Dec 21 16:24:12.226: 68:bc:0c:63:3d:a0 Sending LWAPP Event DeReg to 'asTrackInitTask+19360' for AP 68:bc:0c:63:3d:a0(0)
  *Dec 21 16:24:12.228: 68:bc:0c:63:3d:a0 Sending LWAPP Event DeReg to 'mfpSendEventReport+168' for AP 68:bc:0c:63:3d:a0(1)
  *Dec 21 16:24:12.228: Received SPAM_MFP_RADIO_DOWN message
  *Dec 21 16:24:12.230: 68:bc:0c:63:3d:a0 Sending LWAPP Event DeReg to 'l2roamInit+560' for AP 68:bc:0c:63:3d:a0(1)
  *Dec 21 16:24:12.232: 68:bc:0c:63:3d:a0 Sending LWAPP Event DeReg to 'apfSpamCallbackInSpamContext+1224' for AP 68:bc:0c:63:3d:a0(1)
  *Dec 21 16:24:12.234: 68:bc:0c:63:3d:a0 Sending LWAPP Event DeReg to 'apfSpamSendBlackListTable+376' for AP 68:bc:0c:63:3d:a0(1)
  *Dec 21 16:24:12.236: 68:bc:0c:63:3d:a0 Sending LWAPP Event DeReg to 'rrmIappSendChdPacket+2320' for AP 68:bc:0c:63:3d:a0(1)
  *Dec 21 16:24:12.238: 68:bc:0c:63:3d:a0 Sending LWAPP Event DeReg to 'asTrackInitTask+19360' for AP 68:bc:0c:63:3d:a0(1)
  *Dec 21 16:24:12.238: 68:bc:0c:63:3d:a0 Deleting and removing AP 68:bc:0c:63:3d:a0 from fast path
  P.S. The time is set to the WLC with the NTP
  P.P.S. Don't lookup at the time the logs were made - they were made not during the same day/time

  I have solved this as soon as published my problem!!!
  the answer is published here:
  https://supportforums.cisco.com/thread/2004491
  especially in the post of Matthew Fowler
  Hi,
  Please take a look at CSCte01087.
  I see that your WLC is 10.0.13.5 and your AP is 10.0.13.28/24 so they are on the same subnet. I also see your AP MAC address does not begin with 00. This is why I believe it is relevant.
  Please try the workaround or open a TAC case if you need a fix.
  -Matt
  Symptom:
  An access point running 6.0.188.0 code may be unable to join a WLC5508.
  Messages similar to the following will be seen on the AP.
     %CAPWAP-3-ERRORLOG: Invalid AC Message Type 4.
     %CAPWAP-3-ERRORLOG: Unencrypted non-discovery CAPWAP Control Message
  Conditions:
  At least one of the following conditions pertains:
  - The high order byte of the AP's MAC address is nonzero, and the AP is in
  the same subnet as the WLC5508's management (or AP manager) interface
  - The WLC's management (or AP manager) interface's default gateway's
  MAC address' high order byte is nonzero.
  Workaround:
  If the MAC address of the WLC's default gateway does not begin with 00,
  and if all of the APs' MAC addresses begin with 00, then: you can put
  the APs into the same subnet as the WLC's management (or AP manager)
  interface.
  In the general case, for the situation where the WLC's default gateway's
  MAC does not begin with 00, you can address this by changing it to begin
  with 00. Some methods for doing this include:
  -- use the "mac-address" command on the gateway, to set a MAC address
  that begins with 00
  -- then enable HSRP on the gateway (standby ip ww.xx.yy.zz) and use this
  IP as the WLC's gateway.
  For the case where the APs' MAC addresses do not begin with 00, then make
  sure that they are *not* in the same subnet as the WLC's management
  (AP manager) interface, but are behind a router.
  Another workaround is to downgrade to 6.0.182.0.  However, after
  downgrading the WLC to 6.0.182.0, any APs that have 6.0.188.0 IOS
  (i.e. 12.4(21a)JA2) still installed on them will be unable to join.
  Therefore, after downgrading the WLC, the APs will need to have a
  pre-12.4(21a)JA2 rcvk9w8 or k9w8 image installed on them.
  different vlan!!!! yes! thank you Matthew Fowler sooooo much!!!!