Announcement

Collapse
No announcement yet.

FYI: Reflashing Cisco AP1142

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

    FYI: Reflashing Cisco AP1142

    This is an AIR-LAP1142N-A-K9 powered directly from a Cisco brick (48V).
    Console cable connected to "Console" port.
    Network cable (10.0.1/24) connected to "Ethernet" port.
    Terminal (emulator) connected to console cable (9600 8N1 noflow).

    Hold MODE button depressed while applying power. Watch terminal output for "button is pressed, wait for button to be released..." message. This will appear after about 20 seconds (LED indicator will change just about that same time). Release button at this point.

    The terminal session, to this point, will be similar to:
    Code:
    using eeprom values
    
    WRDTR,CLKTR: 0x80000800 0x80000000
    RQDC ,RFDC : 0x80000033 0x000001c8
    
    ddr init done
    
    IOS Bootloader - Starting system.
    Xmodem file system is available.
    
    DDR values used from system serial eeprom.
    WRDTR,CLKTR: 0x80000800, 0x80000000
    RQDC, RFDC : 0x80000033, 0x000001c8
    
    PCIE0: link is up.
    PCIE0: VC0 is active
    PCIE1: link is up.
    PCIE1: VC0 is active
    PCIEx: initialization done
    flashfs[0]: 5 files, 2 directories
    flashfs[0]: 0 orphaned files, 0 orphaned directories
    flashfs[0]: Total bytes: 32385024
    flashfs[0]: Bytes used: 2351104
    flashfs[0]: Bytes available: 30033920
    flashfs[0]: flashfs fsck took 13 seconds.
    Reading cookie from system serial eeprom...Done
    Base Ethernet MAC address: 00:22:90:XX:XX:XX
    Ethernet speed is 1000 Mb - FULL duplex
    [I]button is pressed, wait for button to be released...[/I]
    button pressed for 27 seconds
    process_config_recovery: set IP address and config to default 10.0.0.1
    process_config_recovery: image recovery
    image_recovery: Download default IOS tar image tftp://255.255.255.255/c1140-k9w7-tar.default
    
    examining image...
    %Error opening tftp://255.255.255.255/c1140-k9w7-tar.default (connection timed out)
    
    ap:
    [Note that I have highlighted the "button is pressed" message]

    The final line -- "ap:" -- is the prompt. Enter the commands shown in italics:

    Code:
    ap: [I]set DEFAULT_ROUTER 10.0.1.99[/I]
    
    ap: [I]set IP_ADDR 10.0.1.88[/I]
    
    ap: [I]set NETMASK 255.255.255.0[/I]
    
    ap: [I]tftp_init[/I]
    
    ap: [I]ether_init[/I]
    
    ap: [I]flash_init[/I]
    Initializing Flash...
    ...The flash is already initialized.
    
    ap:
    No "=" between the variable name (e.g., IP_ADDR) and its value (e.g., 10.0.1.88)!

    Note that the 10.0.1.99/255.255.255.0, in this example, represents the IP of the TFTP server on this particular network. And, 10.0.1.88 is the IP I've chosen for the AP for the duration of this reflashing!

    Install the new flash image (tarball) onto the TFTP server. In this case, at the top level of the TFTP service (/tftpboot/c1140-k9w7-tar.153-3.JD13.tar).
    Note that external references to the TFTP server's contents will be relative to this top-level directory (/tftpboot).

    Copy the contents of the tarball onto the flash: filesystem in the AP:
    Code:
    ap: [I]tar -xtract tftp://10.0.1.99/c1140-k9w7-tar.153-3.JD13.tar flash:[/I]
    This will produce a flurry of output similar to:
    Code:
    extracting info (283 bytes)
    c1140-k9w7-mx.153-3.JD13/ (directory) 0 (bytes)
    extracting c1140-k9w7-mx.153-3.JD13/c1140-k9w7-mx.153-3.JD13 (119277 bytes).........................
    c1140-k9w7-mx.153-3.JD13/html/ (directory) 0 (bytes)
    c1140-k9w7-mx.153-3.JD13/html/level/ (directory) 0 (bytes)
    c1140-k9w7-mx.153-3.JD13/html/level/1/ (directory) 0 (bytes)
    extracting c1140-k9w7-mx.153-3.JD13/html/level/1/appsui.js (563 bytes)
    extracting c1140-k9w7-mx.153-3.JD13/html/level/1/back.shtml (512 bytes)
    
    [lots more stuff]
    
    extracting c1140-k9w7-mx.153-3.JD13/info (283 bytes)
    extracting c1140-k9w7-mx.153-3.JD13/file_hashes (32088 bytes).......
    extracting c1140-k9w7-mx.153-3.JD13/final_hash (141 bytes)
    extracting c1140-k9w7-mx.153-3.JD13/final_hash.sig (512 bytes)
    extracting c1140-k9w7-mx.153-3.JD13/img_sign_rel.cert (1375 bytes)
    extracting c1140-k9w7-mx.153-3.JD13/img_sign_rel_sha2.cert (1371 bytes)
    extracting info.ver (283 bytes)
    ap:
    Note that the "dots" indicate the transfer of about 4KB? of data. For example, the largest file -- c1140-k9w7-mx.153-3.JD13/c1140-k9w7-xx.153-3.JD13 (8219961 bytes) -- is followed by almost 2000 dots!

    Point the bootstrap at the appropriate file:
    Code:
    ap: [I]set BOOT flash:/c1140-k9w7-[U]mx[/U].153-3.JD13/c1140-k9w7-[U]mx[/U].153-3.JD13[/I]
    Note carefully the name of the file selected!

    Code:
    ap: dir flash:
    Directory of flash:/
    
    2  -rwx 110636  <date>        event.log
    3  -rwx 244    <date>        env_vars
    4  -rwx 5144   <date>        private-multiple-fs
    5  drwx 128    <date>        c1140-rcvk9w8-mx
    8  -rwx 283    <date>        info
    9  drwx 768    <date>        c1140-k9w7-mx.153-3.JD13
    214 -rwx 283    <date>        info.ver
    
    20519424 bytes available (11865600 bytes used)
    
    ap: [I]dir flash:/c1140-k9w7-mx.153-3.JD13[/I]
    Directory of flash:/c1140-k9w7-mx.153-3.JD13/
    
    10  -rwx 119277  <date>        c1140-k9w7-[U]mx[/U].153-3.JD13
    11  drwx 64    <date>        html
    204 -rwx 8219961  <date>        c1140-k9w7-[U]xx[/U].153-3.JD13
    205 -rwx 152744  <date>        8001.img
    206 -rwx 8080   <date>        T2.bin
    207 -rwx 23836   <date>        T5.bin
    208 -rwx 283    <date>        info
    209 -rwx 32088   <date>        file_hashes
    210 -rwx 141    <date>        final_hash
    211 -rwx 512    <date>        final_hash.sig
    212 -rwx 1375   <date>        img_sign_rel.cert
    213 -rwx 1371   <date>        img_sign_rel_sha2.cert
    
    20519424 bytes available (11865600 bytes used)
    Give everything a once-over:
    Code:
    ap: [I]set[/I]
    BOOT=flash:/c1140-k9w7-mx.153-3.JD13/c1140-k9w7-mx.153-3.JD13
    DEFAULT_ROUTER=10.0.1.99
    ENABLE_BREAK=no
    IOS_STATIC_DEFAULT_GATEWAY=10.0.1.99
    IP_ADDR=10.0.1.88
    MANUAL_BOOT=no
    NETMASK=255.255.255.0
    NEW_IMAGE=yes
    RELOAD_REASON=23
    TERMLINES=0
    Now, we should be ready to boot...
    Last edited by Curious.George; 09-22-2018, 06:02 AM.

    #2
    Re: FYI: Reflashing Cisco AP1142

    Kick the can! (or, as Adam said when he first encountered Eve: "Stand back, I don't know how big this thing gets..."
    Code:
    ap: [I]boot[/I]
    Loading "flash:/c1140-k9w7-[U]mx[/U].153-3.JD13/c1140-k9w7-[U]mx[/U].153-3.JD13"...############
    
    File "flash:/c1140-k9w7-mx.153-3.JD13/c1140-k9w7-mx.153-3.JD13" uncompressed and installed, entry point: 0x4000
    executing...
    enet halted
    
    Secondary Bootloader - Starting system.
    Xmodem file system is available.
    flashfs[0]: 206 files, 8 directories
    flashfs[0]: 0 orphaned files, 0 orphaned directories
    flashfs[0]: Total bytes: 32385024
    flashfs[0]: Bytes used: 11865600
    flashfs[0]: Bytes available: 20519424
    flashfs[0]: flashfs fsck took 6 seconds.
    Reading cookie from system serial eeprom...Done
    Base Ethernet MAC address: 00:22:90:XX:XX:XX
    Now, notice the next stage of the bootstrap... get this wrong in the BOOT envvar specification and you'll have a tough time spotting it!

    Code:
    Secondary bootloader Ethernet not enabled, skip ether_init
    Boot CMD: 'boot flash:/c1140-k9w7-[U]mx[/U].153-3.JD13/c1140-k9w7-[U]xx[/U].153-3.JD13;flash:/c1140-k9w7-[U]mx[/U].153-3.JD13/c1140-k9w7-[U]xx[/U].153-3.JD13'
    Loading "flash:/c1140-k9w7-mx.153-3.JD13/c1140-k9w7-xx.153-3.JD13"...####################################
    File "flash:/c1140-k9w7-mx.153-3.JD13/c1140-k9w7-xx.153-3.JD13" uncompressed and installed, entry point: 0x4000
    executing...
    
           Restricted Rights Legend
    
    Use, duplication, or disclosure by the Government is
    subject to restrictions as set forth in subparagraph
    (c) of the Commercial Computer Software - Restricted
    Rights clause at FAR sec. 52.227-19 and subparagraph
    (c) (1) (ii) of the Rights in Technical Data and Computer
    Software clause at DFARS sec. 252.227-7013.
    
          cisco Systems, Inc.
          170 West Tasman Drive
          San Jose, California 95134-1706
    
    
    
    Cisco IOS Software, C1140 Software (C1140-K9W7-M), Version 15.3(3)JD13, RELEASE SOFTWARE (fc1)
    Technical Support: http://www.cisco.com/techsupport
    Copyright (c) 1986-2018 by Cisco Systems, Inc.
    Compiled Wed 14-Feb-18 08:22 by prod_rel_team
    
    Initializing flashfs...
    
    flashfs[2]: erasing block[6]...
    flashfs[2]: erasing block[7]...
    flashfs[2]: 206 files, 8 directories
    flashfs[2]: 0 orphaned files, 0 orphaned directories
    flashfs[2]: Total bytes: 32126976
    flashfs[2]: Bytes used: 11865600
    flashfs[2]: Bytes available: 20261376
    flashfs[2]: flashfs fsck took 16 seconds.
    flashfs[2]: Initialization complete.
    flashfs[4]: 0 files, 1 directories
    flashfs[4]: 0 orphaned files, 0 orphaned directories
    flashfs[4]: Total bytes: 11999232
    flashfs[4]: Bytes used: 1024
    flashfs[4]: Bytes available: 11998208
    flashfs[4]: flashfs fsck took 1 seconds.
    flashfs[4]: Initialization complete....done Initializing flashfs.
    
    Radio0 present 8363 8000 90020000 0 90030000 B
    Rate table has 300 entries (16 legacy/64 11n/220 11ac)
    
    POWER TABLE FILENAME = flash:/c1140-k9w7-mx.153-3.JD13/T2.bin
    
    Radio1 present 8363 8000 98020000 0 98030000 0
    POWER TABLE FILENAME = flash:/c1140-k9w7-mx.153-3.JD13/T5.bin
    
    Ethernet speed is 1000 Mb - FULL duplex
    
    This product contains cryptographic features and is subject to United
    States and local country laws governing import, export, transfer and
    use. Delivery of Cisco cryptographic products does not imply
    third-party authority to import, export, distribute or use encryption.
    Importers, exporters, distributors and users are responsible for
    compliance with U.S. and local country laws. By using this product you
    agree to comply with applicable laws and regulations. If you are unable
    to comply with U.S. and local laws, return this product immediately.
    
    A summary of U.S. laws governing Cisco cryptographic products may be found at:
    http://www.cisco.com/wwl/export/crypto/tool/stqrg.html
    
    If you require further assistance please contact us by sending email to
    export@cisco.com.
    
    cisco AIR-AP1142N-A-K9 (PowerPC405ex) processor (revision A0) with 98294K/32768K bytes of memory.
    Processor board ID XXXXXXXXXXX
    PowerPC405ex CPU at 586Mhz, revision number 0x147E
    Last reset from power-on
    1 Gigabit Ethernet interface
    2 802.11 Radios
    
    32K bytes of flash-simulated non-volatile configuration memory.
    Base ethernet MAC Address: 00:22:90:XX:XX:XX
    Part Number             : 73-11451-05
    PCB Serial Number          : XXXXXXXXXXX
    Top Assembly Part Number       : 800-31273-01
    Top Assembly Serial Number      : XXXXXXXXXXXX
    Top Revision Number         : A0
    Product/Model Number         : AIR-LAP1142N-A-K9
    
    
    
    Press RETURN to get started!
    
    
    *Mar 1 00:00:18.589: %SOAP_FIPS-2-SELF_TEST_IOS_SUCCESS: IOS crypto FIPS self test passed (15)
    *Mar 1 00:00:18.591: *** CRASH_LOG = YES
    
    *Mar 1 00:00:21.073: %SOAP_FIPS-2-SELF_TEST_RAD_SUCCESS: RADIO crypto FIPS self test passed on interface Dot11Radio 0 (4)
    *Mar 1 00:00:21.250: loading Power Tables from flash:/c1140-k9w7-mx.153-3.JD13/T2.bin. Class = A
    *Mar 1 00:00:21.250: record size of 2ss: 404 read_ptr: 2392EA0
    
    *Mar 1 00:00:22.138: %SOAP_FIPS-2-SELF_TEST_RAD_SUCCESS: RADIO crypto FIPS self test passed on interface Dot11Radio 1 (4)
    *Mar 1 00:00:22.223: loading Power Tables from flash:/c1140-k9w7-mx.153-3.JD13/T5.bin. Class = A
    *Mar 1 00:00:22.223: record size of 2ss: 404 read_ptr: 2392EA0
    Base Ethernet MAC address: 00:22:90:90:C3:56
    
    *Mar 1 00:00:24.930: %LINK-6-UPDOWN: Interface GigabitEthernet0, changed state to up
    *Mar 1 00:00:26.681: Starting Ethernet promiscuous mode
    *Mar 1 00:00:26.688: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0, changed state to up
    *Mar 1 00:00:26.743: %DOT11-5-EXPECTED_RADIO_RESET: Restarting Radio interface Dot11Radio0 due to interface reset
    *Mar 1 00:00:26.754: %DOT11-5-EXPECTED_RADIO_RESET: Restarting Radio interface Dot11Radio1 due to interface reset
    *Mar 1 00:00:26.761: %DOT11-5-EXPECTED_RADIO_RESET: Restarting Radio interface Dot11Radio0 due to interface is getting down
    *Mar 1 00:00:26.763: %DOT11-5-EXPECTED_RADIO_RESET: Restarting Radio interface Dot11Radio1 due to interface is getting down
    *Mar 1 00:00:26.791: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to administratively down
    *Mar 1 00:00:26.791: %LINK-5-CHANGED: Interface Dot11Radio1, changed state to administratively down
    *Mar 1 00:00:26.800: %DOT11-5-EXPECTED_RADIO_RESET: Restarting Radio interface Dot11Radio0 due to interface reset
    *Mar 1 00:00:26.800: %DOT11-5-EXPECTED_RADIO_RESET: Restarting Radio interface Dot11Radio1 due to interface reset
    *Mar 1 00:00:26.800: %CDP_PD-4-POWER_OK: Full power - AC_ADAPTOR inline power source
    *Mar 1 00:00:26.847: No configuration in NVRAM..Auto Install initiated..
    *Mar 1 00:00:27.777: %LINEPROTO-5-UPDOWN: Line protocol on Interface BVI1, changed state to up
    *Mar 1 00:00:27.791: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to down
    *Mar 1 00:00:27.791: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio1, changed state to down
    
    
    
    ap>
    Now, turn on the (wired) network interface:

    Code:
    ap> [I]enable[/I]
    Password: [I]Cisco[/I]
    ap#configure terminal
    Enter configuration commands, one per line. End with CNTL/Z.
    ap(config)#interface bvi1
    ap(config-if)#ip address 10.0.1.88 255.255.255.0
    ap(config-if)#[I]^Z[/I]
    ap#
    Notice how the prompt changed?

    At this point, the web interface should be served on 10.0.1.88:80
    Last edited by Curious.George; 09-22-2018, 06:20 AM.

    Comment


      #3
      Re: FYI: Reflashing Cisco AP1142

      Thanks for the info....as soon as I have a little time, i'll try this on the aironet 1200 series bunch I have here.
      <--- Badcaps.net Founder

      Badcaps.net Services:

      Motherboard Repair Services

      ----------------------------------------------
      Badcaps.net Forum Members Folding Team
      http://folding.stanford.edu/
      Team : 49813
      Join in!!
      Team Stats

      Comment


        #4
        Re: FYI: Reflashing Cisco AP1142

        Originally posted by Topcat View Post
        Thanks for the info....as soon as I have a little time, i'll try this on the aironet 1200 series bunch I have here.
        I'm almost POSITIVE you haven't bricked it. Cisco has created lots of options to "recover" from various shots to the feet. If push comes to shove, you can load an image over the serial port via Kermit (though painfully slow).

        The problem with Cisco kit is that its really only easy to use if you use it a lot! <frown> So, its really easy to get confused and wonder why something that you THINK "should work", isn't!

        E.g., "delete name_of_file" will inevitably throw a permission error. It would have been so much nicer if it compained "file not found" -- because you really wanted to say "delete flash:/name_of_file".

        Or, you'll want to "set" an environment variable and discover that "set" doesn't seem to work. Or, "delete /recursive flash:/directory" asks you if you want to delete "/recursive" (no, that's not a filename, that's a SWITCH).

        Hence my comment to watch the prompts carefully because what you can do at "ap:" is different from "ap>" or "ap#".

        Comment


          #5
          Re: FYI: Reflashing Cisco AP1142

          consider doing a image reload...

          download the ios...

          rename to c1140-k9w7-tar.default
          start tftp...

          use mode... and try see if helps

          Comment


            #6
            Re: FYI: Reflashing Cisco AP1142

            Originally posted by ant3202 View Post
            consider doing a image reload...

            download the ios...

            rename to c1140-k9w7-tar.default
            start tftp...

            use mode... and try see if helps
            He'll want a different image:
            ... i'll try this on the aironet 1200 series bunch I have here...
            My post was just an example to indicate how a reflash proceeds, start to finish (but I'm using 1142's)

            Comment

            Working...
            X