Resetting Cisco CAPWAP/LWAP Access Point to Factory Defaults

Ok, we are not experts in Cisco wireless deployments (CUWN) and we’re still learning and in that learning process our evaluation of vWLC expired and we forgot credentials for our CAPWAP/LWAP access points. Not only our evaluation expired, but we removed the virtual machine from our virtual center.

So what now?

We need to restore factory defaults for those access points. To be honest, I did a lot of googling and this blog is kind of combination of many articles I came across.

First of all, we need to locate the MODE button on our access point. On the 1600 series it is depicted on the following image:

20140822_123927

It is usually marked with the “MODE” label.

Now, we power off our AP and connect to it with a console cable. This is important: we press and hold the MODE button. While the button is still pressed, we plug the power back in. We now wait for the message “button is pressed, wait for button to be released…“.

Let’s release the MODE button and wait for the code to load. Here is the process:

Boot from flash

IOS Bootloader – Starting system.
FLASH CHIP: Micronix MX25L256_35F
Xmodem file system is available.
flashfs[0]: 42 files, 9 directories
flashfs[0]: 0 orphaned files, 0 orphaned directories
flashfs[0]: Total bytes: 31936000
flashfs[0]: Bytes used: 18450432
flashfs[0]: Bytes available: 13485568
flashfs[0]: flashfs fsck took 10 seconds.
Reading cookie from SEEPROM
Base Ethernet MAC address: 78:da:6e:e0:26:55
************* loopback_mode = 0
button is pressed, wait for button to be released…
button pressed for 21 seconds
process_config_recovery: set IP address and config to default 10.0.0.1
process_config_recovery: image recovery
image_recovery: Download default IOS tar image tftp://255.255.255.255/ap1g2-k9w7-tar.default

examining image…
%Error opening tftp://255.255.255.255/ap1g2-k9w7-tar.default (connection timed out)ap:

At this point basic code is running and we can see the content of a fash: filesystem

ap: dir flash:
Directory of flash:/

2    -rwx  1048      <date>               private-multiple-fs
12   drwx  384       <date>               ap1g2-rcvk9w8-mx
4    -rwx  58258     <date>               event.log
5    -rwx  72255     <date>               event.capwap
6    drwx  832       <date>               ap1g2-k9w8-mx.152-4.JB3
48   drwx  128       <date>               configs
49   -rwx  140       <date>               env_vars

13485568 bytes available (18450432 bytes used)
ap:

We need to delete the file “flash:private-multiple-fs”:

ap: delete flash:private-multiple-fs
Are you sure you want to delete “flash:private-multiple-fs” (y/n)?y
File “flash:private-multiple-fs” deleted

Now we reset the AP:

ap: reset
Are you sure you want to reset the system (y/n)?y
System resetting…

Boot from flash

IOS Bootloader – Starting system.
FLASH CHIP: Micronix MX25L256_35F
Xmodem file system is available.
flashfs[0]: 40 files, 9 directories
flashfs[0]: 0 orphaned files, 0 orphaned directories
flashfs[0]: Total bytes: 31936000
flashfs[0]: Bytes used: 18448896
flashfs[0]: Bytes available: 13487104
flashfs[0]: flashfs fsck took 10 seconds.
Reading cookie from SEEPROM
Base Ethernet MAC address: 78:da:6e:e0:26:55
************* loopback_mode = 0
Loading “flash:/ap1g2-rcvk9w8-mx/ap1g2-rcvk9w8-mx”…#####################
File “flash:/ap1g2-rcvk9w8-mx/ap1g2-rcvk9w8-mx” uncompressed and installed, entry point: 0x100000
executing…

Restricted Rights Legend

Use, duplication, or disclosure by the Government is
subject to restrictions as set forth in subparagraph
(c) of the Commercial Computer Software – Restricted
Rights clause at FAR sec. 52.227-19 and subparagraph
(c) (1) (ii) of the Rights in Technical Data and Computer
Software clause at DFARS sec. 252.227-7013.

cisco Systems, Inc.
170 West Tasman Drive
San Jose, California 95134-1706

Cisco IOS Software, C1600 Software (AP1G2-RCVK9W8-M), Version 15.2(4)JA1, RELEASE SOFTWARE (fc2)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2013 by Cisco Systems, Inc.
Compiled Tue 30-Jul-13 23:41 by prod_rel_team

Initializing flashfs…
FLASH CHIP: Micronix MX25L256_35F

flashfs[2]: 40 files, 9 directories
flashfs[2]: 0 orphaned files, 0 orphaned directories
flashfs[2]: Total bytes: 31808000
flashfs[2]: Bytes used: 18448896
flashfs[2]: Bytes available: 13359104
flashfs[2]: flashfs fsck took 10 seconds.
flashfs[2]: Initialization complete.
flashfs[3]: 0 files, 1 directories
flashfs[3]: 0 orphaned files, 0 orphaned directories
flashfs[3]: Total bytes: 11999232
flashfs[3]: Bytes used: 1024
flashfs[3]: Bytes available: 11998208
flashfs[3]: flashfs fsck took 0 seconds.
flashfs[3]: Initialization complete….done Initializing flashfs.

This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
no ip http server
^
% Invalid input detected at ‘^’ marker.

use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.

A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html

If you require further assistance please contact us by sending email to
export@cisco.com.

cisco AIR-CAP1602I-E-K9 (PowerPC) processor (revision B0) with 98294K/32768K bytes of memory.
Processor board ID FGL1750X0P9
PowerPC CPU at 533Mhz, revision number 0x2151
Last reset from power-on
LWAPP image version 7.5.1.73
1 Gigabit Ethernet interface

32K bytes of flash-simulated non-volatile configuration memory.
Base ethernet MAC Address: 78:DA:6E:E0:26:55
Part Number                          : 73-14671-04
PCA Assembly Number                  : 000-00000-00
PCA Revision Number                  :
PCB Serial Number                    : FOC17472YR5
Top Assembly Part Number             : 800-38552-01
Top Assembly Serial Number           : FGL1750X0P9
Top Revision Number                  : A0
Product/Model Number                 : AIR-CAP1602I-E-K9
% Please define a domain-name first.
logging facility kern
^
% Invalid input detected at ‘^’ marker.

logging trap emergencies
^
% Invalid input detected at ‘^’ marker.

Press RETURN to get started!
*Mar  1 00:00:12.843: %LWAPP-3-CLIENTERRORLOG: Config load from flash failed. Initialising Cfg

*Mar  1 00:00:13.927: %LINK-6-UPDOWN: Interface GigabitEthernet0, changed state to up
*Mar  1 00:00:14.939: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0, changed state to up
*Mar  1 00:00:15.371: %SYS-5-RESTART: System restarted —
Cisco IOS Software, C1600 Software (AP1G2-RCVK9W8-M), Version 15.2(4)JA1, RELEASE SOFTWARE (fc2)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2013 by Cisco Systems, Inc.
Compiled Tue 30-Jul-13 23:41 by prod_rel_team
*Mar  1 00:00:15.455: %LWAPP-3-CLIENTERRORLOG: Config load from flash failed. Initialising Cfg

*Mar  1 00:00:15.455: %CAPWAP-3-ERRORLOG: Failed to load configuration from flash. Resetting to default config
*Mar  1 00:00:15.467: %PARSER-4-BADCFG: Unexpected end of configuration file.

*Mar  1 00:00:16.499: %LINEPROTO-5-UPDOWN: Line protocol on Interface BVI1, changed state to uplwapp_crypto_init: MIC Present and Parsed Successfully

no bridge-group 1 source-learning
^
% Invalid input detected at ‘^’ marker.
%Default route without gateway, if not a point-to-point interface, may impact performance
*Mar  1 00:00:39.971: %CDP_PD-4-POWER_OK: All radios disabled – NEGOTIATED inline power source
*Mar  1 00:00:49.803: %DHCP-6-ADDRESS_ASSIGN: Interface BVI1 assigned DHCP address 192.168.0.132, mask 255.255.255.0, hostname AP78da.6ee0.2655

Finally, we use credentials Cisco/Cisco (both with capital “c”) to log in:

AP78da.6ee0.2655 con0 is now available

Press RETURN to get started.
User Access Verification

Username: Cisco
Password: ! here we type Cisco

AP78da.6ee0.2655>
AP78da.6ee0.2655>en
Password: ! this is also Cisco
AP78da.6ee0.2655#

 

Now we can reinstall our vWLC and connect our APs back to it. On our APs we may also do:

AP78da.6ee0.2655#
AP78da.6ee0.2655#clear capwap private-config
AP78da.6ee0.2655#
AP78da.6ee0.2655#reload
Proceed with reload? [confirm]

 

Advertisements
This entry was posted in Cisco, Wireless and tagged , , , , , . Bookmark the permalink.

10 Responses to Resetting Cisco CAPWAP/LWAP Access Point to Factory Defaults

  1. Pingback: Reset to factory default | Nbctcp's Weblog

  2. Pingback: Set to Factory Default | Nbctcp's Weblog

  3. RuwanIndika says:

    I had to enter “clear lwapp private-config” as the last step, lwapp instead of capwap

  4. NghiaLQ says:

    hi guy

    i’ve problem after reset factoy with CISCO AP 1602i

    after press and hold MODE button, the console screen display and i haven’t done anything:

    help me

    thanks!

    Boot from flash

    IOS Bootloader – Starting system.
    FLASH CHIP: Micronix MX25L256_35F
    Xmodem file system is available.
    flashfs[0]: 182 files, 7 directories
    flashfs[0]: 0 orphaned files, 0 orphaned directories
    flashfs[0]: Total bytes: 31936000
    flashfs[0]: Bytes used: 10420736
    flashfs[0]: Bytes available: 21515264
    flashfs[0]: flashfs fsck took 10 seconds.
    Reading cookie from SEEPROM
    Base Ethernet MAC address: fc:5b:39:b2:e4:53
    ************* loopback_mode = 0
    button is pressed, wait for button to be released…
    button pressed for 24 seconds
    process_config_recovery: set IP address and config to default 10.0.0.1
    process_config_recovery: image recovery
    image_recovery: Download default IOS tar image tftp://255.255.255.255/ap1g2-k9w7-tar.default

    examining image…
    %Error opening tftp://255.255.255.255/ap1g2-k9w7-tar.default (no such file or directory)ap:

  5. thank you for help!!!!

  6. VPN Blogs says:

    Thanks for publishing this awesome article. I’m a long time reader
    but I’ve never been compelled to leave a comment. I subscribed to
    your blog and shared it on my Twitter. I will come back for sure to check
    your future articles!

  7. manjil says:

    Hello,
    I am not able to access console of my cisco ap 3700 ..i performed reset has stated above but it doesnot provide permission to enter commands. it get stuck in same mode: Error opening “

  8. xzatech says:

    Hello,
    I am not able to access console of my cisco ap 3700 ..i performed reset has stated above but it doesnot provide permission to enter commands. it get stuck in same mode: Error opening “

  9. thomas@hilsoe.dk says:

    Trying to reset AIR-AP1042N-E-K9
    I have tried capwap private-config and lwapp private-config, non of them worked.

    Then what?

  10. travestis sp says:

    Excellent, what a website it is! This web site presents valuable data to us, keep it up.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s