April 18, 2007
NOTICE:
THIS FIELD NOTICE IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTY OF MERCHANTABILITY. YOUR USE OF THE INFORMATION ON THE FIELD NOTICE OR MATERIALS LINKED FROM THE FIELD NOTICE IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS FIELD NOTICE AT ANY TIME.
Products Affected
|
Product |
|---|
|
AIRINFR - AIR-N-WLC2006-K9 |
|
AIRINFR - AIR-N-WLC4136-K9 |
|
AIRINFR - AIR-N-WLC440212K9 |
|
AIRINFR - AIR-N-WLC440225K9 |
|
AIRINFR - AIR-N-WLC440250K9 |
|
AIRINFR - AIR-N-WLC4404100K9 |
|
AIRINFR - AIR-O-WLC4112-K9 |
|
AIRINFR - AIR-O-WLC4124-K9 |
|
AIRINFR - AIR-O-WLC4136-K9 |
|
AIRINFR - AIR-WLC2006-A-K9 |
|
AIRINFR - AIR-WLC2006-E-K9 |
|
AIRINFR - AIR-WLC2006-J-K9 |
|
AIRINFR - AIR-WLC2006-K9 |
|
AIRINFR - AIR-WLC4404-100-K9 |
|
AIRINFU - WS-SVC-WISM-1-K9 |
Problem Description
After upgrading from software release 3.2.193.5 to 3.2.195.10, SSC enable becomes disabled and SSC Access Points are no longer joining the controller.
Background
WLAN Controllers upgrading from Software Release 3.2.193.5 to 3.2.195.10 supporting Self Signed Certificate (SSC) Access Points.
Problem Symptoms
SSC Access Points no longer join controllers.
Workaround/Solution
After upgrade if SSC is disabled, re-enable the SSC configuration through the suggested steps below.
Through the Controller Graphical User Interface:
1a. Go to security, access point policies and enable the Accept Self Signed Certificate check box.
Through Controller CLI:
1b. Type config auth-list access point-policy ssc enable .
If the SSC ACCESS POINT entries are lost, then the entries will need to be restored through the suggested steps below.
Through the Controller Graphical User Interface:
1a. Go to security, access point policies and enable the Accept Self Signed Certificate check box.
2a. Type the MAC address of the SSC access point, choose certificate type as ssc, and then type SHA1 Key Hash and then click add.
This needs to be done for all the SSC access points.
Through the Wireless Control Software (WCS):
Here is the procedure to upload the SSC config via WCS Template.
1a. Configure ACCESS POINT Authorization Template > New Template Choose Configure > Controller Templates > Security> ACCESS POINT Authorization
2b. Then from the Select a command drop-down list choose Add Template, and click GO to access this page.
This page enables you to add a new ACCESS POINT Authorization template.
1a .Import From File: Select this check box if you want to import a file containing MAC addresses and Key Hash.
Note: You can only import a .csv file. Any other file formats are not supported.
File Path: The location from where you import the file. Click On Save. And then choose the controllers to which the template should applied to and Save.
Other
Special Note: The CT3500 is not affected from this problem.
DDTS
To follow the bug ID link below and see detailed bug information, you must be a registered user and you must be logged in.
|
DDTS |
Description |
|---|---|
|
CSCsh91578 (registered customers only) |
Self Signed Certificate unchecked after upgrade |
Revision History
|
Revision |
Date |
Comment |
|---|---|---|
|
1.0 |
18-APR-2007 |
Initial Public Release |
For More Information
If you require further assistance, or if you have any further questions regarding this field notice, please contact the Cisco Systems Technical Assistance Center (TAC) by one of the following methods:
Receive Email Notification For New Field Notices
Product Alert Tool - Set up a profile to receive email updates about reliability, safety, network security, and end-of-sale issues for the Cisco products you specify.