The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
When you upgrade the controller software, the software on the access points associated with the controller is also automatically upgraded. When an access point is loading software, each of its LEDs blinks in succession.
The following are some of the general restrictions that are applicable when upgrading the Cisco WLC software. For any release-specific restrictions, see the relevant release notes.
Before upgrading or downgrading the controller image, you must close all open web pages and clear the browser cache.
If you require a downgrade from one release to another, you might lose the configuration from your current release. The workaround is to reload the previous controller configuration files saved on the backup server or to reconfigure the controller.
You can upgrade or downgrade the controller software only between certain releases. In some instances, you must first install an intermediate release prior to upgrading to the latest software release.
When you upgrade the controller to an intermediate software release, you must wait until all of the access points that are associated with the controller are upgraded to the intermediate release before you install the latest controller software. In large networks, it can take some time to download the software on each access point.
When you upgrade to the latest software release, the software on the access points associated with the controller is also automatically upgraded. When an access point is loading software, each of its LEDs blinks in succession.
We recommend that you access the Cisco WLC GUI using Microsoft Internet Explorer 11 or a later version, or Mozilla Firefox 32 or a later version.
Cisco WLCs support standard SNMP Management Information Base (MIB) files. MIBs can be downloaded from the Download Software area in Cisco.com.
The Cisco WLC software is factory installed on your Cisco WLC and automatically downloaded to the access points after a release upgrade and whenever an access point joins a Cisco WLC. We recommend that you install the latest software version available for maximum operational benefit.
We recommend that you install Wireless LAN Controller Field Upgrade Software for Release 1.7.0.0-FUS, which is a special AES package that contains several system-related component upgrades. These include the bootloader, field recovery image, and FPGA/MCU firmware. Installing the FUS image requires special attention because it installs some critical firmware. The FUS image is independent of the runtime image. For more information, see http://www.cisco.com/c/en/us/td/docs/wireless/controller/release/notes/fus_rn_1_7_0_0.html.
Ensure that you have a TFTP or FTP server available for the software upgrade. Follow these guidelines when setting up a TFTP or FTP server:
Ensure that your TFTP server supports files that are larger than the size of the controller software release. Some TFTP servers that support files of this size are tftpd32 and the TFTP server within the Cisco Prime Infrastructure. If you attempt to download the controller software and your TFTP server does not support files of this size, the following error message appears: “TFTP failure while storing in flash.”
If you are upgrading through the distribution system network port, the TFTP or FTP server can be on the same or a different subnet because the distribution system port is routable
When you plug a Cisco WLC into an AC power source, the bootup script and power-on self-test run to initialize the system. During this time, you can press Esc to display the bootloader Boot Options Menu. The menu options for the Cisco 5508 and Flex 7510 WLCs are different than for other controller platforms.
Bootloader menu for Cisco 5508 WLC:
Boot Options Please choose an option from below: 1. Run primary image 2. Run backup image 3. Change active boot image 4. Clear Configuration 5. Format FLASH Drive 6. Manually update images Please enter your choice:Bootloader menu for other controller platforms:
Boot Options Please choose an option from below: 1. Run primary image 2. Run backup image 3. Manually update images 4. Change active boot image 5. Clear Configuration Please enter your choice:
Enter 1 to run the current software, enter 2 to run the previous software, enter 4 (on a Cisco 5508 WLC), or enter 5 (on another controller platform) to run the current software and set the controller configuration to factory defaults. Do not choose the other options unless directed to do so.
Note | See the Installation Guide or the Quick Start Guide for your controller for more details on running the bootup script and power-on self-test. |
Control which address(es) are sent in CAPWAP discovery responses when NAT is enabled on the Management Interface using the following command:
config network ap-discovery nat-ip-only {enable | disable}
where
enable—Enables use of NAT IP only in Discovery response. This is the default. Use this command if all APs are outside of the NAT gateway.
disable—Enables use of both NAT IP and non-NAT IP in discovery response. Use this command if APs are on the inside and outside of the NAT gateway; for example, Local Mode and OfficeExtend APs on the same controller.
Note | To avoid stranding APs, you must disable AP link-latency (if enabled) before you use the disable option for the config network ap-discovery nat-ip-only command. To disable AP link-latency, use the config ap link-latency disable all command. |
You can configure 802.1p tagging by using the config qos dot1p-tag {bronze | silver | gold | platinum} tag. For the 7.2.103.0 and later releases, if you tag 802.1p packets, the tagging has impact only on wired packets. Wireless packets are impacted only by the maximum priority level set for QoS.
You can reduce the network downtime using the following options:
Do not power down the controller or any access point during the upgrade process; otherwise, you might corrupt the software image. Upgrading a controller with a large number of access points can take as long as 30 minutes, depending on the size of your network. However, with the increased number of concurrent access point upgrades supported, the upgrade time should be significantly reduced. The access points must remain powered, and the controller must not be reset during this time.
If you want to downgrade to a previous release, do either of the following:
After you perform these functions on the controller, you must reboot the controller for the changes to take effect:
The controller bootloader stores a copy of the active primary image and the backup image. If the primary image becomes corrupted, you can use the bootloader to boot with the backup image.
With the backup image stored before rebooting, be sure to choose Option 2: Run Backup Image from the boot menu to boot from the backup image. Then, upgrade with a known working image and reboot the controller.
The recovery image provides a backup image that can be used if an access point power-cycles during an image upgrade. The best way to avoid the need for access point recovery is to prevent an access point from power-cycling during a system upgrade. If a power-cycle occurs during an upgrade to an oversized access point image, you can recover the access point using the TFTP recovery procedure.
To recover the access point using the TFTP recovery procedure, follow these steps:
Download the required recovery image from Cisco.com and install it in the root directory of your TFTP server.
Connect the TFTP server to the same subnet as the target access point and power-cycle the access point. The access point boots from the TFTP image and then joins the controller to download the oversized access point image and complete the upgrade procedure.
After the access point has been recovered, you can remove the TFTP server.
You can upgrade to a new release of the controller software or downgrade to an older release even if Federal Information Processing Standard (FIPS) is enabled.
Ensure that the configuration file that you back up does not contain < or > special character. If either of the special characters is present, then the download of the backed up configuration file fails.
Step 1 | Upload your controller
configuration files to a server to back them up.
| ||||
Step 2 | Get the controller software
image by following these steps:
| ||||
Step 3 | Copy the controller software
image (filename.aes) to the
default directory on your TFTP or FTP server.
| ||||
Step 4 | (Optional) Disable the 802.11
networks.
| ||||
Step 5 | Log onto the controller CLI. | ||||
Step 6 | Enter the ping server-ip-address command to verify that the controller can contact the TFTP or FTP server. | ||||
Step 7 | View current download settings by entering the transfer download start command. Answer n to the prompt to view the current download settings. | ||||
Step 8 | Change the download settings,
if necessary by entering these commands:
If you are using a TFTP server, also enter these commands:
| ||||
Step 9 | View the current updated settings by entering the transfer download start command. Answer y to the prompt to confirm the current download settings and start the software download. | ||||
Step 10 | Save the code update to nonvolatile NVRAM and reboot the controller by entering this command: reset system | ||||
Step 11 | After the controller reboots, repeat Steps 6 through 11 to install the remaining file. | ||||
Step 12 | For Cisco WiSM2, re-enable the controller port channel on the Catalyst switch. | ||||
Step 13 | If you have disabled the 802.11 networks in Step 4, renable them. | ||||
Step 14 | To verify the controller software that is installed, enter the show sysinfo command and see Product Version. | ||||
Step 15 | To verify the
Cisco Unified Wireless Network Controller Boot Software file that is installed
on the controller, enter the
show sysinfo
command on the controller CLI and see Recovery Image Version or Emergency Image
Version.
|
To minimize network outages, you can download an upgrade image to the access point from the Cisco WLC without resetting the access point or losing network connectivity. Previously, you would download an upgrade image to the controller and reset it, which causes the access point to go into discovery mode. After the access point discovers the Cisco WLC with the new image, the access point downloads the new image, resets, goes into discovery mode, and rejoins the Cisco WLC.
You can now download the upgrade image to the Cisco WLC and then download the image to the access point while the network is still operational. You can also schedule a reboot of the Cisco WLC and access points, either after a specified amount of time or at a specific date and time. When both devices are up, the access point discovers and rejoins the Cisco WLC.
This table lists the Cisco WLCs and their maximum concurrent AP image download support.
Cisco WLC |
Maximum Number of Concurrent AP Image Download Supported |
---|---|
Cisco 2504 WLC |
75 |
Cisco 5508 WLC |
500 |
Cisco 5520 WLC |
1000 |
Cisco Flex 7510 WLC |
1000 |
Cisco 8510 WLC |
1000 |
Cisco 8540 WLC |
1000 |
Cisco WiSM2 |
500 |
Cisco vWLC |
1000 |
This table lists the Cisco AP models and the minimum amount of free flash memory required for the predownload process to work:
Cisco AP |
Minimum Free Flash Memory Required |
---|---|
3700(I/E) |
16 MB |
3600(I/E) |
14 MB |
3502(I/E) |
14 MB |
2700(I/E) |
16 MB |
2602(I/E) |
14 MB |
1700(I/E) |
16 MB |
1602(I/E) |
12 MB |
1262 |
14 MB |
1142 |
12 MB |
Note |
|
The access point predownload feature works as follows:
The controller image is downloaded.
The primary image becomes the backup image of the controller and the downloaded image becomes the new primary image. Change the current boot image as the backup image by using the config boot backup command to ensure that if a system failure occurs, the controller boots with the last working image of the controller.
To switch over to the new downloaded image, start predownload of the upgraded image using the config ap image predownload primary all command.
The upgrade image is downloaded as the backup image on the access points. You can verify this by using the show ap image all command.
Change the boot image to primary image manually using the config boot primary command and reboot the controller for the upgrade image to be activated.
You issue a scheduled reboot with the swap keyword. The swap keyword has the following importance: The swapping occurs to the primary and backup images on the access point and the currently active image on controller with the backup image.
When the controller reboots, the access points are disassociated and eventually come up with an upgraded image. Once the controller responds to the discovery request sent by an access point with its discovery response packet, the access point sends a join request.
The actual upgrade of the images occur. The following sequence of actions occur:
The controller responds with the join response with the image version that the controller is running.
The access point compares its running image with the running image on the controller. If the versions match, the access point joins the controller.
If the versions do not match, the access point compares the version of the backup image and if they match, the access point swaps the primary and backup images and reloads and subsequently joins the controller.
If the primary image of the access point is the same as the controller image, the access point reloads and joins the controller.
If none of the above conditions are true, the access point sends an image data request to the controller, downloads the latest image, reloads, and joins the controller.
The 2600, 3500, and 3600 AP models can store only a single image in the flash. When you reboot the AP (without rebooting the controller after a pre-download), it will download the current image from the controller as the current image will be overwritten by the pre-downloaded image in the flash.
The maximum number of concurrent predownloads is limited to half the number of concurrent normal image downloads. This limitation allows new access points to join the controller during image downloading.
If you reach the predownload limit, then the access points that cannot get an image sleep for a time between 180 to 600 seconds and then reattempt the predownload.
Before you predownload, you should change the active controller boot image to the backup image to ensure that if the controller reboots for some reason, it comes back up with the earlier running image, not the partially downloaded upgrade image.
This predownload feature is not supported on 1242 and 1131 Cisco AP models.
When the system time is changed by using the config time command, the time set for a scheduled reset is not valid and the scheduled system reset is canceled. You are given an option either to cancel the scheduled reset before configuring the time or retain the scheduled reset and not configure the time.
All the primary, secondary, and tertiary controllers should run the same images as the primary and backup images. That is, the primary image of all three controllers should be X and the secondary image of all three controllers should be Y or the feature is not effective.
At the time of the reset, if any AP is downloading the controller image, the scheduled reset is canceled. The following message appears with the reason why the scheduled reset was canceled:
%OSAPI-3-RESETSYSTEM_FAILED: osapi_task.c:4458 System will not reset as software is being upgraded.
If you upgrade from a release that is prior to Release 7.5 directly to Release 7.6.X or a later release, the predownload process on Cisco AP2600 and AP3600 fails. After the Cisco WLC is upgraded to Release 7.6.X or a later release, the new image is loaded on Cisco AP2600 and AP3600. After the upgrade to a Release 7.6.X image, the predownload functionality works as expected. The predownload failure is only a one-time failure.
If you upgrade from 8.2 to 8.4 release, the predownload process on Cisco AP1700, AP2700, or AP3700 fails with the following error message:
Not enough free space to download.
After the Cisco WLC is reloaded with 8.4, the backup image version still shows up as 3.0.
Step 1 | Upload your controller
configuration files to a server to back them up.
| ||
Step 2 | Follow these steps to obtain
the controller software:
| ||
Step 3 | Copy the controller software file (filename.aes) to the default directory on your TFTP or FTP server. | ||
Step 4 | (Optional) Disable the
controller 802.11X networks.
| ||
Step 5 | Choose Commands > Download File to open the Download File to Controller page. | ||
Step 6 | From the File Type drop-down list, choose Code. | ||
Step 7 | From the Transfer Mode drop-down list, choose from the following options: | ||
Step 8 | In the
IP
Address text box, enter the IP address of the server.
If you are using a TFTP server, the default values of 10 retries and 6 seconds for the Maximum Retries and Timeout text boxes should work correctly without any adjustment. However, you can change these values. | ||
Step 9 | Enter the maximum number of times that the TFTP server attempts to download the software in the Maximum Retries text box and the amount of time (in seconds) that the TFTP server attempts to download the software in the Timeout text box. | ||
Step 10 | In the File Path text box, enter the directory path of the software. | ||
Step 11 | In the File Name text box, enter the name of the controller software file (filename.aes). | ||
Step 12 | If you are using an FTP
server, follow these steps:
| ||
Step 13 | Click Download to download the software to the controller. A message appears indicating the status of the download. | ||
Step 14 | To configure the predownloading of access point images globally, choose Wireless > Access Points > Global Configuration to open the Global Configuration page. | ||
Step 15 | In the AP Image Pre-download
section, perform one of the following:
| ||
Step 16 | Click OK. | ||
Step 17 | Click Apply. |
Using the CLI, you can predownload an image to a specific access point or to all access points.
Step 1 | Follow these steps to obtain the controller software: | ||||||
Step 2 | Copy the controller software file (filename.aes) to the default directory on your TFTP or FTP server. | ||||||
Step 3 | (Optional) Disable the 802.11 networks.
| ||||||
Step 4 | For Cisco WiSM2, shut down the controller port channel on the Catalyst switch to allow the controller to reboot before the access points start downloading the software. | ||||||
Step 5 | Disable any WLANs on the controller using the config wlan disable wlan_id command. | ||||||
Step 6 | Specify access points that will receive the predownload image. Use one of these commands to specify access points for predownload:
The output lists access points that are specified for predownloading and provides for each access point, primary and secondary image versions, the version of the predownload image, the predownload retry time (if necessary), and the number of predownload attempts. The output also includes the predownload status for each device. The status of the access points is as follows: | ||||||
Step 7 | Set a reboot time for the controller and the access points. Use one of these commands to schedule a reboot of the controller and access points:
Use the show reset command to display scheduled resets. Information similar to the following appears: System reset is scheduled for Apr 08 01:01:01 2010. Current local time and date is Apr 07 02:57:44 2010. A trap will be generated 10 minutes before each scheduled system reset. Use 'reset system cancel' to cancel the reset. Configuration will be saved before the system reset. |