Can a MAC address of lightweight AP be changed?

Unanswered Question
Feb 15th, 2010
User Badges:

Does anyone know, can a MAC address of lightweight AP be changed?
I am trying, this works
conf t
int f0
mac-address A.A.A
but cannot store the config. The MAC address returns to its original valu after reload of AP.

My guess is the MAC address cannot be changed on lightweight AP, I guess the certificate and maybe some other settings are linked with the MAC  address and it is not possible to change the MAC address, but not 100% sure.

I am asking because of the bug, see below. It would be nice if one can just change the MAC address of AP so that it begins with 00




An access point running code may be unable to join a WLC5508.
Messages similar to the following will be seen on the AP.

   %CAPWAP-3-ERRORLOG: Invalid AC Message Type 4.
   %CAPWAP-3-ERRORLOG: Unencrypted non-discovery CAPWAP Control Message
At least one of the following conditions pertains:

- The high order byte of the AP's MAC address is nonzero, and the AP is in
the same subnet as the WLC5508's management (or AP manager) interface

- The WLC's management (or AP manager) interface's default gateway's
MAC address' high order byte is nonzero.

If the MAC address of the WLC's default gateway does not begin with 00,
and if all of the APs' MAC addresses begin with 00, then: you can put
the APs into the same subnet as the WLC's management (or AP manager)

In the general case, for the situation where the WLC's default gateway's
MAC does not begin with 00, you can address this by changing it to begin
with 00. Some methods for doing this include:

-- use the "mac-address" command on the gateway, to set a MAC address
that begins with 00

-- then enable HSRP on the gateway (standby ip ww.xx.yy.zz) and use this
IP as the WLC's gateway.

For the case where the APs' MAC addresses do not begin with 00, then make
sure that they are *not* in the same subnet as the WLC's management
(AP manager) interface, but are behind a router.
Another workaround is to downgrade to  However, after
downgrading the WLC to, any APs that have IOS
(i.e. 12.4(21a)JA2) still installed on them will be unable to join.
Therefore, after downgrading the WLC, the APs will need to have a
pre-12.4(21a)JA2 rcvk9w8 or k9w8 image installed on them.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
ericgarnel Fri, 02/19/2010 - 10:37
User Badges:
  • Gold, 750 points or more

If you have a WLC ver that supports telnet/ssh to APs then you can go into the AP and set it

PEC-MR-AP#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
PEC-MR-AP(config)#int gi
PEC-MR-AP(config)#int gigabitEthernet 0

PEC-MR-AP(config-if)#mac-address ?
H.H.H  MAC address


1252 used as an example

I haven't tried that approach do not know how effective it is; too many APs to configure so

I used the second subnet/hsrp as a work-around and it works fine.

It is fixed in and 7.x (whenever it comes out)


This Discussion



Trending Topics: Other Wireless Mobility

client could not be authenticated
Network Analysis Module (NAM) Products
Cisco 6500 nam
reason 440 driver failure
Cisco password cracker
Cisco Wireless mode