Revised October 17, 2006
October 06, 2005
THIS FIELD NOTICE IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTY OF MERCHANTABILITY. YOUR USE OF THE INFORMATION ON THE FIELD NOTICE OR MATERIALS LINKED FROM THE FIELD NOTICE IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS FIELD NOTICE AT ANY TIME.
4400 Series WLAN Controller for up to 12 1000 Series APs
4400 Series WLAN Controller for up to 25 1000 Series APs
4400 Series WLAN Controller for up to 50 1000 Series APs
4400 Series WLAN Controller for up to 100 1000 Series APs
Cisco has discovered an issue with the real time clock circuitry on the Cisco 4400 series wireless LAN controller. While all Cisco 4400 series wireless LAN controllers shipped prior to September 23, 2005 are susceptible to the issue, only a subset of the installed base is actually impacted. A simple workaround is available to ensure minimal disruption to the wireless network in the event a controller has this issue. In addition, customers can reduce their risk of encountering this issue by leveraging several of the redundancy features built into the Cisco wireless LAN controller architecture and utilizing common network design practices.
The real time clock (RTC) on some 4400 Wireless LAN Controllers is not maintaining the current date/time across power cycles. This problem only occurs if power is turned off to the system; it does not occur if the system is restarted via the reset command. When power is turned off, power to the RTC IC on some systems is ramping down faster than the IC can handle. The IC can not switch over to battery power fast enough and the time is lost.
All 4400 Series Wireless LAN controllers shipped prior to 23 Sep 05 are susceptible to this issue. The affected serial number ranges are:
- AIR-WLC4402-12-K9: FLS0926007D to FLS0938H01G
- AIR-WLC4402-25-K9: FLS09260039 to FLS0938H008
- AIR-WLC4402-50-K9: FLS0926003B to FLS0938H03B
- AIR-WLC4404-100-K9: FLS0923003D to FLS0938H01P
- Manufacturing tolerances for the Real Time Clock IC.
- Manufacturing tolerances for the 4400 power supply .
- Voltage of the Real Time Clock battery.
While all of these units are susceptible to this issue, not all units will have it. Factors that determine whether a unit will have this issue include:
The only way to verify if a system has this issue is to perform the following test:
- Manually set the time on the controller to the current time. (Make sure NTP is disabled so the unit does not automatically get the correct time.)
- Power cycle the system, leaving it off for 5 minutes.
- Check the time on the system when it comes back up and see if it is correct.
BackgroundA number of customers reported issues with APs being unable to join the controller. This would occur during initial installation of the controller or after a power failure. Investigation of the issue revealed that the unit did not have the correct date/time even though it had been set prior to turning power off to the unit. Initial assessment of the issue indicated that the battery used to power the real-time clock IC was defective in these units. However, replacing the battery did not always correct the issue and further investigation revealed that there is an issue with how quickly power is ramped down to the real time clock IC. A hardware design change has been implemented to correct this issue and the issue has been resolved in all controllers shipped after September 23, 2005.
Problem SymptomsAPs are not able to join the controller and the system logs indicate that the X.509 certificate is invalid. When an AP attempts to join the controller, the X.509 certificate is seen as invalid because the system clock is not within the valid date range for the AP certificate. Also, the system does not display the correct date/time.
Configure the controller to automatically synchronize the date/time with an NTP server or manually set the correct date/time on the controller. This will allow the APs to join the controller.
Customers can also reduce their exposure to this issue by taking the following steps:
- Configure the controller to automatically synchronize the time with an NTP server.
- Protect against a power failure by using an Uninterruptible Power Supply (UPS) to supply power to the system.
- Install a redundant power supply in the 4400 Controller and connect to a separate power circuit.
- Deploy the controllers in an N+1 redundant configuration to enable the APs to find a backup controller if they are unable to connect to the primary controller.
Customers that have verified that their controllers have this issue (see procedure above), or are concerned that their controller might have this issue, may request that their units be replaced with a Return Material Authorization (RMA), through the normal TAC RMA process.
For More Information
If you require further assistance, or if you have any further questions regarding this field notice, please contact the Cisco Systems Technical Assistance Center (TAC) by one of the following methods:
Receive Email Notification For New Field Notices
Product Alert Tool - Set up a profile to receive email updates about reliability, safety, network security, and end-of-sale issues for the Cisco products you specify.