LWAPP Conversion Tool generates wrong RSA Key Hash

Unanswered Question
Feb 26th, 2007

Hi Folks, i converted about 30 AP?s 1230 from Autonomous to LWAPP Mode, using Conversion Tool 2.05, 6 AP?s at a Time. I used the output file for pushing the List from WCS to Controller. About 25% of AP?s could not be authorized by the WLC, because the RSA Key Hash was wrong. Knows anybody these behaviour and is there a reason or solution? Because i have the next Customer with roundabout 80 AP?s to convert... Regards, Michael

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4 (1 ratings)
MICHAEL SCHROEDER Tue, 02/27/2007 - 11:53

Hi bjohnson5, thanks for your response. I have 2 3750 with integrated WLCs. The Problem is, that the generated RSA Key Hash is still wrong. So if i pushed it to the Controllers, the APs where not accepted. Only if i debug (debug pm pki enable) the MAC/ RSA Key pair, removed the wrong pair from SECURITY > AP Authorization List and added the right SSC Key Hash, the APs are able to authorize against both Controllers and connect to them. Regards, Michael

Thanks Michael,

Is the key missing or is it mis-entered on the WLC? Look in the Detailed Log. Does it have the correct command (and SSC hash) being entered, and does the script complete correctly? Not much that can be done in theis case, but curious as to the state of the key on the WLC. The controllers were pre-configured to allow SSCs, correct?

MICHAEL SCHROEDER Tue, 02/27/2007 - 12:53

Thanks bjohnson5, the Controllers are configured to accept SSC. Most of them are correct and accepted. ca 25% of the Key Hashes in the csv File are generated wrong by the Conversion Tool. The Log Files shows a successfull Conversion. MAC Adress, Certificate Type are OK, RSA Key not. Regards, Michael

MICHAEL SCHROEDER Wed, 02/28/2007 - 12:44

Hi bjohnson5, i tested 1 AP, then i did 6 at a time. I used the working Config with 12.3.7-JAx and the Ip File contains Username, PW and enable PW. What do you mean, should i open a TAC Case? Regards, Michael

MICHAEL SCHROEDER Wed, 02/28/2007 - 14:50

Hi bjohnson5, i contacted an SE and he gaves me the same Information. I?ll try it next Time the Problem occurs. Thank you very much, Michael

prakashj Thu, 03/01/2007 - 02:23

Hi michale,

This is saji here,This is regading the conversion of autonamus access point to lightweight access point,I am facing a probs with converting the same,Its giving error like 'FAILED Unable to Load the LWAPP Recovery Image on to the AP' at the bottom of the Update tool V2.05,I am not using any inbuilt TFTP for the same,I am trying to upgrade the same through update tool itself,But its showing upgrade process is completed save the file WCS management software.When I check the CSV file ,its blank.I am nt able to add the same to WISM.

AP and Controller reachbality is fine from the PC.Will u give some suggestion for this probelm.


Saji k.s

troberts.isu Thu, 03/01/2007 - 05:27

What selection are you using for the system time? Verify that the time is synced between both the controllers and the machine you are runing the upgrade tool from. I have used the V2.01 tool and did not have any major problems until my PC became out of sync with the time that was running on the controller. If you are using NTP on the controller and one of the default time servers on your PC they may not be on the same time, as Windows only updates every 7 days unless you change it in the registry. Just a thought.

MICHAEL SCHROEDER Thu, 03/01/2007 - 05:51

Hi Tony, thanks for your idea. All Devices are in Sync with the central Timesource, the Converting PC, WLC and AP. In the conversion tool i decided to use the controller time. Regards, Michael


This Discussion



Trending Topics - Security & Network