cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
13777
Views
20
Helpful
20
Replies

2960x - 15.2.4E6 Error - POST ACT2 Test Failed

Marinos Makris
Level 1
Level 1

Today we upgraded 8 WS-C2960X-48FPD-L switches to 15.2.4E6 using c2960x-universalk9-tar.152-4.E6.tar

 

For 3 of them the upgrade was completed with no errors. The rest 5 all had the same issue;

After the reboot we got the error message

 

%ILET-1-AUTHENTICATION_FAIL: This Switch may not have been manufactured by Cisco or with Cisco's authorization. This product may contain software that was copied in violation of Cisco's license terms. If your use of this product is the cause of a support issue, Cisco may deny operation of the product, support under your warranty or under a Cisco technical support program such as Smartnet. Please contact Cisco's Technical Assistance Center for more information.

 

The fiber module would not work and the faulty ones that were in stack would not recognize each other.

 

Switch# Role Mac Address Priority Version State
----------------------------------------------------------
*1 Master 0059.dc7b.b080 1 4 Ready
2 Member 0000.0000.0000 0 0 Provisioned

 

After some research on the issue I came upon

https://community.cisco.com/t5/switching/ilet-1-authentication-fail-on-2960x-after-ios-update/m-p/3682974

https://www.cisco.com/c/en/us/support/docs/field-notices/639/fn63972.html

 

I removed the power for 10 minutes on all affected switches with no success.

 

I removed all stack modules and sfp+ cards and I also tried

c2960x-universalk9-tar.150-2a.EX5

c2960x-universalk9-tar.152-2.E4.tar

c2960x-universalk9-tar.152-2.E7.tar

c2960x-universalk9-tar.152-2a.E1.tar

c2960x-universalk9-tar.152-6.E1.tar

 

After each install I would remove power (cold reboot) the sw

 

and the error persists...

 

Do you have any suggestion, before I start the hardware replacement procedure?

 

20 Replies 20

As far as I know replacement is the ONLY way to fix it is to RMA the switch.  But it would be nice to know what switches have the defective hardware prior to attemtping an upgrade.  I currently have a pile of 7 defective switches.

Sounds not good. Which IOS can i choose then? Or should i stay on 152-2.E6?

IOS upgrade is not going to fix the issue.

jedavis
Level 4
Level 4

I have seen this issue in all its various forms, whether relating to the SFPs, the stacking modules or the switch itself.  I was recently upgrading all 2960X stacks to remediate a security vulnerability.  I successfully upgraded 49 stacks at various sites without incident.  I am unsure how many switches that represents but at least 150.  Then I moved on to a site in Europe with 22 switches in very small stacks of 1 - 3 switches.  I loaded them all with 15.2(4)E7 and before my maintenance window came one of the stacks of 2 switches reloaded due to a power failure.  I received the POST: ACT2 Authentication : End, Status Failed boot message followed by the %ILET-1-AUTHENTICATION_FAIL: This Switch may not have been manufactured by Cisco IOS message on one of them while the other one upgraded successfully.  So they grabbed a brand new spare off the shelf and I did an IOS upgrade on that before adding to the stack.  It also failed with the same error.  A second spare upgraded successfully.

I tried everything I could think of to resurrect the 2 switches.  Tried the published power cycle trick with no success.  Tried factore reset, various IOS images including the original one with no success.  Finally called TAC and had the 2 failed switches RMA'ed.  Through some mixup they sent 4 switches.  One of the switches was DOA.  

 

Since then I have upgraded 10 additional switches one stack at a time and have had 2 more failures.  I have 10 more to go but we need to RMA some more switches first.  I need to be sure that I have enough switches on hand to cover a failure of every stack member.  Luckily at this site the most switches in any one stack is 3.  My biggest fear is an extended power outage at the plant and they will all reload.  How many will survive is anyone's guess.

 

It would appear that once this occurs there is no software remedy so by definition this is a hardware failure of some sort.  I have to believe Cisco knows what causes the failure and what serial numbers might be affected.  But I have never seen this published.  My theory is that there is such a huge number of possibly defective switches that they are just not willing to proactively replace them all.  So that means I have to slog through these upgrades one at a time and hope for the best.

-Jeff

 

Jeff;

 

Thank you for your detailed response, I am working with my Cisco Account manager and the SE on the ones I had recently do this.

I agree I think Cisco knows what is going on and is not saying anything due to the financial impact, as such I am currently starting to deploy a different switch than the 2960X due to this issue, and may go as far as looking at other vendors for access switches as I can not have this happen when I am trying to remedy a security issue just as you were doing.

Brad Roberts
Level 1
Level 1

Posting this for a third time as this problem has irritated me for a long time.  It might answer a few people's questions who are nervous about upgrading any CISCO 2960X devices because of breakages in the past.

I have been dancing through a minefield of 2960X switches which would see several of them fail in the way which has been described.  After putting together a mortuary of these devices and comparing them with ones that would update, the 3 metrics which you need to lookout for can be spotted when you do a "show version".  They are as follows:

Model revision numberM0
Motherboard revision numberA0
Hardware Board Revision Number0x18

So, if you do a "show version" and see the see the unholy trinity of M0, A0 and 0x18 appear together in the above metrics, be wary around updating the IOS, this is regardless of the version number of the switch or wherever it was manufactured.

Raising a TAC and RMAing is the only way forward known with regards to this issue.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: