{"id":2248,"date":"2015-11-24T13:42:00","date_gmt":"2015-11-24T13:42:00","guid":{"rendered":"https:\/\/jay-miah.co.uk\/?p=2248"},"modified":"2024-11-18T13:48:30","modified_gmt":"2024-11-18T13:48:30","slug":"convert-a-cisco-2600-series-access-point-from-lightweight-to-autonomous-and-back-again","status":"publish","type":"post","link":"https:\/\/jay-miah.co.uk\/index.php\/convert-a-cisco-2600-series-access-point-from-lightweight-to-autonomous-and-back-again\/","title":{"rendered":"Convert a Cisco 2600 Series Access-Point from Lightweight to Autonomous and back again!"},"content":{"rendered":"<p>The Cisco 2600 series Access-point is a controller based AP, which means by default the AP is shipped with \u201cAP3G2-k9w8\u201d version of the IOS. At boot the device will try and locate a controller and try to associate itself with it. There are several methods it uses to do this which is quite\u00a0clever, these are the following:<\/p>\n<p><strong>Broadcast:<\/strong>\u00a0The AP will send out a broadcast looking for the WLC, if on the same subnet the WLC will respond, they will both exchange certificates using a capwap tunnel. the capwap tunnel is built using DTLS \u2013 Datagram Transport layer Security \u2013 \u201cencryption\u201d on top of UDP traffic.<\/p>\n<p><strong>DHCP:<\/strong>\u00a0the AP will look for option 43 which can be configured on any DHCP server for the IP address of the WLC, they will both communicate using capwap.<\/p>\n<p><strong>DNS:<\/strong>\u00a0the AP will perform a DNS lookup for\u00a0<strong>\u201cCISCO-CAPWAP-CONTROLLER\u201d<\/strong>\u00a0to resolve\u00a0the IP address of the WLC and begin communication using capwap.<\/p>\n<p>Failing the above the AP will keep trying again and again, reboot and keep looping\u2026\u2026<\/p>\n<p>At this moment we might realise\u00a0we have purchased the wrong type of AP as we have no controller to manage this AP and our wireless network is a for a small deployment? Not to worry as Cisco have though of this\u2026.. we can \u201cConvert\u201d a lightweight (Controller based) access-point to a autonomous (Standalone)\u00a0access-point and back to lightweight again.<\/p>\n<p>There are several ways of converting the AP, the two most common are:<\/p>\n<ul>\n<li>Pressing\u00a0the \u201cMode\u201d button on the device to transfer\u00a0the image into the AP using an TFTP Server, this requires the re-naming of the image to a filename the AP will look for upon boot. Normally for this method to work you would plug the AP directly into the laptop\u2019s Ethernet port and configure networking. Quick and easy if you have a power adapter for the AP.<\/li>\n<li>Manually TFTP across the image and force the access-point\u00a0to use it. This is the most successful way of converting the AP if you do not have a power adapter and need to use a POE switch.<\/li>\n<\/ul>\n<p>In this step-by-step guide we will use a 2600 Series AP, a TFTP Server, a DHCP Server and a \u00a0POE switch (for the AP) all configured in one subnet. We will perform the conversion using the second option to manually TFTP the image across, once the AP is successfully converted we will then revert the AP back to lightweight. I must advise that using a DHCP server to lease\u00a0out an IP to the AP is essential for LAP to AAP\u00a0type of conversion, otherwise the AP will forcefully change a statically assigned IP to DHCP and break the communication during the extraction process.\u00a0Lets get started!<\/p>\n<p><strong>Obtain\u00a0the correct\u00a0Autonomous\u00a0IOS image\u00a0<\/strong><\/p>\n<p><img loading=\"lazy\" decoding=\"async\" width=\"383\" height=\"41\" class=\"wp-image-2249\" src=\"https:\/\/jay-miah.co.uk\/wp-content\/uploads\/2024\/11\/word-image-2248-1.jpeg\" \/><\/p>\n<p><strong>1.<\/strong>\u00a0Download\u00a0the above named\u00a0IOS image from Cisco, and\u00a0place it into the root folder of your TFTP server. This image is only for converting the 2600 series AP from Lightweight to Autonomous\u00a0. Lightweight images will always have a \u201cw8\u201d in the filename and Autonomous Images will have a \u201cw7\u201d<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" width=\"197\" height=\"32\" class=\"wp-image-2250\" src=\"https:\/\/jay-miah.co.uk\/wp-content\/uploads\/2024\/11\/word-image-2248-2.jpeg\" \/><\/p>\n<p>&nbsp;<\/p>\n<p><strong>Configure theTFTP Server<\/strong><\/p>\n<p><strong>1.<\/strong>\u00a0Configure the TFTP server to use a valid IP address on your subnet in this case I have used the following:<\/p>\n<p><strong>IP address:\u00a0<\/strong>192.168.0.200<\/p>\n<p><strong>Subnet mask:\u00a0<\/strong>255.255.255.0<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" width=\"416\" height=\"462\" class=\"wp-image-2251\" src=\"https:\/\/jay-miah.co.uk\/wp-content\/uploads\/2024\/11\/word-image-2248-3.jpeg\" \/><\/p>\n<p><strong>2.<\/strong>\u00a0Run the TFTP server application<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" width=\"509\" height=\"251\" class=\"wp-image-2252\" src=\"https:\/\/jay-miah.co.uk\/wp-content\/uploads\/2024\/11\/word-image-2248-4.jpeg\" \/><\/p>\n<p>&nbsp;<\/p>\n<p><strong>Convert the Access-Point to Autonomous\u00a0<\/strong><\/p>\n<p><strong>1.\u00a0<\/strong>Connect to the AP using a console cable and Putty, plug in the Ethernet cable from the POE switch into the AP and wait for the device to boot. During bootstrap we can see the name of the IOS image that is being loaded \u2013 \u201cap3g2-rcvk9w8-mx\u201d<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" width=\"677\" height=\"427\" class=\"wp-image-2253\" src=\"https:\/\/jay-miah.co.uk\/wp-content\/uploads\/2024\/11\/word-image-2248-5.jpeg\" \/><\/p>\n<p><strong>2.<\/strong>\u00a0At the login prompt, login to the device using the default username\/password<\/p>\n<p><strong>Username:<\/strong>\u00a0Cisco<\/p>\n<p><strong>Password:<\/strong>\u00a0Cisco<\/p>\n<p><strong>Enable Secret:<\/strong>\u00a0Cisco<\/p>\n<p>Check what IP address the device has picked through DHCP by entering the following:<\/p>\n<p>#debug capwap console cli\u00a0\u00a0\u2013 This command is used to enter the CLI troubleshooting mode, without this command the AP will not recognise the standard IOS cmds<\/p>\n<p># ip interface brief\u00a0\u2013 Displays a list of interfaces and IP addresses<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" width=\"677\" height=\"427\" class=\"wp-image-2254\" src=\"https:\/\/jay-miah.co.uk\/wp-content\/uploads\/2024\/11\/word-image-2248-6.jpeg\" \/><\/p>\n<p>From the output we can see that DHCP has issued the device 192.168.0.199. Now we need verify\u00a0connectivity between the AP and the TFTP server to make sure they can reach each other.<\/p>\n<p>From the AP ping the TFTP server-\u00a0#ping 192.168.0.200<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" width=\"676\" height=\"152\" class=\"wp-image-2255\" src=\"https:\/\/jay-miah.co.uk\/wp-content\/uploads\/2024\/11\/word-image-2248-7.jpeg\" \/><\/p>\n<p>From the TFTP server ping the AP-\u00a0#ping 192.168.0.199<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" width=\"672\" height=\"249\" class=\"wp-image-2256\" src=\"https:\/\/jay-miah.co.uk\/wp-content\/uploads\/2024\/11\/word-image-2248-8.jpeg\" \/><\/p>\n<p><strong>3.<\/strong>\u00a0Specify the location of the image for extraction on the TFTP server and force the AP to boot the new IOS. (this can take up to 5mins to complete)<\/p>\n<p>#archive download-sw \/force-reload \/overwrite tftp:\/\/192.168.0.200\/ap3g2-k9w7-tar.152-4.JA1.tar<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" width=\"679\" height=\"427\" class=\"wp-image-2257\" src=\"https:\/\/jay-miah.co.uk\/wp-content\/uploads\/2024\/11\/word-image-2248-9.jpeg\" \/><\/p>\n<p>The archive command extracts the new IOS and deletes the default one.<\/p>\n<p><strong>4.<\/strong>\u00a0 Once the device has completed extracting files, deleting the old IOS and rebooting, it will display an \u201cAP&gt;\u201d prompt rather that the long AP host name previously displayed. At this prompt enter the following:<\/p>\n<p>#enable<\/p>\n<p>#password Cisco<\/p>\n<p>#show version<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" width=\"753\" height=\"326\" class=\"wp-image-2258\" src=\"https:\/\/jay-miah.co.uk\/wp-content\/uploads\/2024\/11\/word-image-2248-10.jpeg\" \/><\/p>\n<p>Confirm the new w7 IOS is now in use, then type:<\/p>\n<p>#show ip interface brief\u00a0\u2013 This will allow us to verify the current DHCP adddress obtained by the device, it should be the same as before but its a good idea to verify.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" width=\"678\" height=\"112\" class=\"wp-image-2259\" src=\"https:\/\/jay-miah.co.uk\/wp-content\/uploads\/2024\/11\/word-image-2248-11.jpeg\" \/><\/p>\n<p><strong>5.<\/strong>\u00a0 Open a web browser and navigate to the IP address of the AP \u2013 \u201c192.168.0.199\u201d an authentication prompt will be displayed. Login to the device using the default username\/password \u2013 Cisco\/Cisco<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" width=\"1359\" height=\"308\" class=\"wp-image-2260\" src=\"https:\/\/jay-miah.co.uk\/wp-content\/uploads\/2024\/11\/word-image-2248-12.jpeg\" \/><\/p>\n<p>Once authenticated the web GUI will be displayed for the Autonomous Access-Point \u2013 from here you can begin configuring the AP and set-up the wireless network, you can fully manage the AP either from the CLI or the web GUI.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" width=\"1361\" height=\"576\" class=\"wp-image-2261\" src=\"https:\/\/jay-miah.co.uk\/wp-content\/uploads\/2024\/11\/word-image-2248-13.jpeg\" \/><\/p>\n<p>&nbsp;<\/p>\n<p><strong>Revert the AP back to Lightweight\u00a0<\/strong><\/p>\n<p>After using the wireless access-point in autonomous mode for a while you may find that your requirements have grown and you now have the need to deploy multiple APs along with a Wireless LAN Controller to manage those APs. As the 2600 series AP is a controller based AP we can simply revert it back to work with a WLC. In this process we reset the AP back to factory default and statically configure the BVI1 interface with an IP, this will only be for the conversion process as once the AP is converted and if\u00a0no controller is found it\u00a0will forcefully change the interface mode of BVI1 into DHCP this happens automatically.\u00a0The topology will remain the same \u2013 2600 Series AP, a TFTP Server, a DHCP Server and a POE switch.<\/p>\n<p><strong>Obtain the correct Lightweight IOS image<\/strong><\/p>\n<p><img loading=\"lazy\" decoding=\"async\" width=\"383\" height=\"41\" class=\"wp-image-2262\" src=\"https:\/\/jay-miah.co.uk\/wp-content\/uploads\/2024\/11\/word-image-2248-14.jpeg\" \/><\/p>\n<p><strong>1.<\/strong>\u00a0Download\u00a0the above named\u00a0IOS image from Cisco, and\u00a0place it into the root folder of your TFTP server. This image is only for converting the 2600 series AP from Autonomous\u00a0to Lightweight. This image is also known as a recovery image as this is not the final image the\u00a0AP would use once its associated with a WLC. Normally at\u00a0WLC discovery and association process the AP downloads a new image\u00a0from the controller.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" width=\"228\" height=\"23\" class=\"wp-image-2263\" src=\"https:\/\/jay-miah.co.uk\/wp-content\/uploads\/2024\/11\/word-image-2248-15.jpeg\" \/><\/p>\n<p><strong>\u00a0<\/strong><\/p>\n<p><strong>Configure the TFTP Server<\/strong><\/p>\n<p>1. Configure the TFTP server to use the a valid IP address on your subnet, in this case I have used the following.<\/p>\n<p><strong>IP address:<\/strong>\u00a0192.168.0.200<\/p>\n<p><strong>Subnet mask:<\/strong>\u00a0255.255.255.0<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" width=\"416\" height=\"462\" class=\"wp-image-2264\" src=\"https:\/\/jay-miah.co.uk\/wp-content\/uploads\/2024\/11\/word-image-2248-16.jpeg\" \/><\/p>\n<p><strong>2.<\/strong>\u00a0Run the TFTP server application<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" width=\"509\" height=\"251\" class=\"wp-image-2265\" src=\"https:\/\/jay-miah.co.uk\/wp-content\/uploads\/2024\/11\/word-image-2248-17.jpeg\" \/><\/p>\n<p>&nbsp;<\/p>\n<p><strong>Reset, Configure and Convert the Access-Point to Lightweight<\/strong><\/p>\n<p><strong>1.<\/strong>\u00a0Connect to the AP using a console cable and Putty, plug in the Ethernet cable from the POE switch in to the AP and wait for the device to boot. At the prompt of your host name \u00a0\u2013 type \u201cEnable\u201d and login in.<\/p>\n<p>Erase the start-up config and reset the AP back to factory default, by entering the following:<\/p>\n<p>#erase startup-config<\/p>\n<p>#reload<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" width=\"676\" height=\"228\" class=\"wp-image-2266\" src=\"https:\/\/jay-miah.co.uk\/wp-content\/uploads\/2024\/11\/word-image-2248-18.jpeg\" \/><\/p>\n<p><strong>2.<\/strong>\u00a0The reload cmd will reboot the AP , once the device is back up, login and Configure the BVI1 interface with an IP address and subnet mask<\/p>\n<p>#conf t<\/p>\n<p>#int bvi1<\/p>\n<p>#ip address 192.168.0.199 255.255.255.0<\/p>\n<p>#no shut<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" width=\"669\" height=\"192\" class=\"wp-image-2267\" src=\"https:\/\/jay-miah.co.uk\/wp-content\/uploads\/2024\/11\/word-image-2248-19.jpeg\" \/><\/p>\n<p><strong>3.<\/strong>\u00a0From the AP ping the TFTP server- \u00a0to verify connectivity.<\/p>\n<p>#ping 192.168.0.200<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" width=\"640\" height=\"136\" class=\"wp-image-2268\" src=\"https:\/\/jay-miah.co.uk\/wp-content\/uploads\/2024\/11\/word-image-2248-20.jpeg\" \/><\/p>\n<p>From the TFTP server ping the AP<\/p>\n<p>#ping 192.168.0.199<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" width=\"672\" height=\"249\" class=\"wp-image-2269\" src=\"https:\/\/jay-miah.co.uk\/wp-content\/uploads\/2024\/11\/word-image-2248-21.jpeg\" \/><\/p>\n<p><strong>4.<\/strong>\u00a0Specify the location of the image for extraction on the TFTP server and force the AP to boot the new IOS. (this can take up to 5mins to complete)<\/p>\n<p>#archive download-sw \/force-reload \/overwrite tftp:\/\/10.0.0.3\/ap3g2-rcvk9w8-tar.152-4.JA1.tar<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" width=\"670\" height=\"419\" class=\"wp-image-2270\" src=\"https:\/\/jay-miah.co.uk\/wp-content\/uploads\/2024\/11\/word-image-2248-22.jpeg\" \/><\/p>\n<p>The archive command extracts the new IOS and deletes the previous\u00a0one.<\/p>\n<p><strong>5.<\/strong>\u00a0 Once the device has completed extracting files, deleting the old IOS and rebooting, we can see the w8\u00a0IOS is being loaded\u2026<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" width=\"648\" height=\"248\" class=\"wp-image-2271\" src=\"https:\/\/jay-miah.co.uk\/wp-content\/uploads\/2024\/11\/word-image-2248-23.jpeg\" \/><\/p>\n<p>&nbsp;<\/p>\n<p><strong>WLC discovery and join process<\/strong><\/p>\n<p>The AP will display a \u201cAPfc9947d97c5c&gt;\u201d rather that the \u201cAP\u201d prompt displayed previously, this hostname is usually the MAC address of the device. The device will now start looking for a WLC by using the methods mentioned earlier.<\/p>\n<p>from the output below, we can see that :<\/p>\n<ul>\n<li>The AP has failed to locate the WLC by performing a DNS lookup \u2013 this is because we dont have a DNS server configured.<\/li>\n<li>the AP has failed to locate the WLC using DHCP \u2013 we didnt setup DHCP with option 43<\/li>\n<li>the AP has successfully sent out a broadcast and located the WLC, it then sent out a DTLS request to establish a capwap tunnel and started downloading an image from the controller.<\/li>\n<\/ul>\n<p><img loading=\"lazy\" decoding=\"async\" width=\"671\" height=\"420\" class=\"wp-image-2272\" src=\"https:\/\/jay-miah.co.uk\/wp-content\/uploads\/2024\/11\/word-image-2248-24.jpeg\" \/><\/p>\n<p>Once the image is updated, the AP will reboot, during the boot\u00a0process the AP and WLC will re-connect once again.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" width=\"883\" height=\"164\" class=\"wp-image-2273\" src=\"https:\/\/jay-miah.co.uk\/wp-content\/uploads\/2024\/11\/word-image-2248-25.jpeg\" \/><\/p>\n<p>Finally the\u00a0access point will be visible in the WLC web GUI and available for central management.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" width=\"520\" height=\"166\" class=\"wp-image-2274\" src=\"https:\/\/jay-miah.co.uk\/wp-content\/uploads\/2024\/11\/word-image-2248-26.jpeg\" \/><\/p>\n<p><img loading=\"lazy\" decoding=\"async\" width=\"1125\" height=\"207\" class=\"wp-image-2275\" src=\"https:\/\/jay-miah.co.uk\/wp-content\/uploads\/2024\/11\/word-image-2248-27.jpeg\" \/><\/p>\n<p>&nbsp;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>The Cisco 2600 series Access-point is a controller based AP, which means by default the AP is shipped with \u201cAP3G2-k9w8\u201d version of the IOS. At<\/p>\n","protected":false},"author":1,"featured_media":2276,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[5,17],"tags":[142,143,144,145],"class_list":["post-2248","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-network","category-wireless","tag-access-point","tag-ap","tag-auton","tag-capwap"],"_links":{"self":[{"href":"https:\/\/jay-miah.co.uk\/index.php\/wp-json\/wp\/v2\/posts\/2248","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/jay-miah.co.uk\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/jay-miah.co.uk\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/jay-miah.co.uk\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/jay-miah.co.uk\/index.php\/wp-json\/wp\/v2\/comments?post=2248"}],"version-history":[{"count":1,"href":"https:\/\/jay-miah.co.uk\/index.php\/wp-json\/wp\/v2\/posts\/2248\/revisions"}],"predecessor-version":[{"id":2277,"href":"https:\/\/jay-miah.co.uk\/index.php\/wp-json\/wp\/v2\/posts\/2248\/revisions\/2277"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/jay-miah.co.uk\/index.php\/wp-json\/wp\/v2\/media\/2276"}],"wp:attachment":[{"href":"https:\/\/jay-miah.co.uk\/index.php\/wp-json\/wp\/v2\/media?parent=2248"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/jay-miah.co.uk\/index.php\/wp-json\/wp\/v2\/categories?post=2248"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/jay-miah.co.uk\/index.php\/wp-json\/wp\/v2\/tags?post=2248"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}