I'm using to WLC 4402, one running on 5.1.151 and one running on 5.2.157.
I have an AP previously connected on 5.2.157 WLC controller and I try to move this on other site where the controller is running 5.1.151. The problem is this AP is not able to attach the 5.1.151.
I can see in log, the AP started with CAPWAP protocol and after try LWAPP but on the controller I have this kind of message below:
(Cisco Controller) >*Feb 19 12:54:20.646: Received a packet which is a (type = DISCOVERY_REQUEST) with session id 0
*Feb 19 12:54:25.900: Send AP Timesync of 1235044465 source SERVER
*Feb 19 12:54:28.548: Send AP Timesync of 1235044468 source SERVER
*Feb 19 12:54:30.647: Received a packet which is a (type = DISCOVERY_REQUEST) with session id 0
*Feb 19 12:54:32.172: Send AP Timesync of 1235044472 source SERVER
*Feb 19 12:54:40.648: Received a packet which is a (type = DISCOVERY_REQUEST) with session id 0
*Feb 19 12:54:40.964: Send AP Timesync of 1235044480 source SERVER
*Feb 19 12:54:47.987: Send AP Timesync of 1235044487 source SERVER
Don't know if messages are in relation with this problem.
So, my question is how to downgrade from 5.2 AP to 5.1 AP ?
Thanks in advance for you help
According to Cisco the APs should be able to boot on either controller. Insure the date and time on both controllers is correct for certificate issues. Now, the bad news, I ran into this same issue a while back. I had to go to the 5.2 controller and reset the AP to factory defaults, disconnect before it could reboot, then attach to the LWAPP controller.
The reason is that the older code is LWAPP and the new code is CAPWAP. The APs are flipping back and forth on the different code versions.
I had the same isse. The AP on the 4.2 version had a primary, secondary configuration.
To force an old AP to the new controller, the primary-base it set to the 5.2 controller. The bad thing was, that after AP firmware upgrade, the primary, secondary-base config was gone. So there is a slightly chance, that the AP connects to the old controller again and do a downgrade. And so on .......
Just for migration purposes (until both controllers are migrated to 5.2), I used the "Master Controller Mode" on the 5.2 controller. APs without primary and secondary-base config prefer the "Master Controller"
Hope that helps.
It's none of my business but I'm just curious, but why are you running two different codes? When an AP goes from from one WLC with 5.1 code to another WLC with 5.2 code (or vice versa), the AP will upgrade/downgrade the firmware and reboot.
How is the time synchronized on both WLC?
How are you you trying to get the AP to swing from one controller to another?
How many AP's can the WLC with 5.1 codes support and how many are currently joined?
Regarding your question "how to downgrade from 5.2 AP to 5.1 AP": Let the AP join the WLC with 5.1 and the WLC (5.1) will push the codes to this AP automatically.
Hope this helps?
After some tests, here more informations about.
a AIR-LAP1242AG-E-K9 moving from 5.1 to 5.2 and 5.2 to 5.1, no problem
a AIR-AP1242AG-E-K9 (transformed to LAP) moving from 5.1 to 5.2 OK, moving from 5.2 to 5.1, there is a issue.
My main problem is the AIR-AP1242AG-E-K9 which has this problem is not in my site, so, I'm not able to connect with CONSOLE to "clear lwapp private-config".
My idea now, is to move this AP to Autonomous AP remotely (if possible, never done), clear private-config and rechange to LAP.
I will keep you inform about.
The problem is the certificate if I was betting. The converted APs have a self signed certificate that the hash is put on the original controller it connects to. This certificate is critical to the forming of the LWAPP tunnel for control packets between the AP and the controller. 5.2 uses CAPWAP as the protocol. CAPWAP uses a different methodolgy of communicating to the AP from the controller called dtls encrytption. I am betting that the certificate is the issue. The reconversion you speak of should take care of your problem as the controller it attaches to will get the hash from the self signed certificate for LWAPP that is installed on the AP at time of conversion. When the AP reverted from CAPWAP 5.2 to LWAPP 5.1 it probably corrupted or didnt reinstall the self signed cert.
AP's shipped after July 18, 2005 had Cisco MIC instead of SSC. Seems like the 1242 were MIC from the start. You can downgrade to IOS and then back to LWAPP recovery image with TFTP. If the AP is connected to the WLC, you can execute "config ap tftp-downgrade" from the WLC CLI and remote downgrade to IOS. The AP should reload to IOS and get a DHCP address. Telnet to the AP IP address and "archive-download" the LWAPP recovery image. Reload and you should be back in business for 5.1.
I did exactly as mentioned without success. each time, AP goes on the 5.2 controller although DHCP 43 and CISCO-LWAPP-CONTROLLER Entry in DNS are set to the 5.1 controller.