cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
29048
Views
49
Helpful
13
Replies

Default IOS shipped on Switch - ILET-1-AUTHENTICATION_FAIL:

cursur949
Level 1
Level 1

I am getting the below error on my new switch though I can’t find out A. why I am getting the error and obviously B. how to resolve said error as I need to ensure I am operating under the letter of the law and compliance.  The switch is a WS-C3750X-48T-S running C3750E-IPBASEK9-M, per my research IP base is the correct IOS for a T-S switch, the label on the outside of the switch matches the show ver (WS-C3750X-48T-S) so I know that IPBase is the right IOS for the hardware.  Could it be that I don’t have the license file installed? Below is what I get when I do a show license.  Lastly is there a place that I can find what IOS ships default with what switches, not version but type like c3750e-ipbasek9-mz.150-1.SE vs c3750e-ipbase-mz.150-1.SE

Error
“%ILET-1-AUTHENTICATION_FAIL: This Switch may not have been manufactured by Cisco or with Cisco's authorization.  This product may contain software that was copied in violation of Cisco's license terms.  If your use of this product is the cause of a support issue, Cisco may deny operation of the product, support under your warranty or under a Cisco technical support program such as Smartnet.  Please contact Cisco's Technical Assistance Center for more information.”


Switch# Show license
Index 1 Feature: ipservices    
        Period left: 0  minute  0  second 
Index 2 Feature: ipbase        
        Period left: Life time
        License Type: Permanent
        License State: Active, In Use
        License Priority: Medium
        License Count: Non-Counted

Switch#show license detail
Index: 1        Feature: ipbase                            Version: 1.0
        License Type: Permanent
        License State: Active, In Use
        License Priority: Medium
        License Count: Non-Counted
        Store Index: 0
        Store Name: Primary License Storage

13 Replies 13

acampbell
VIP Alumni
VIP Alumni

Hi,

This is not looking good

From the error decoder tool

1.

%ILET-1-AUTHENTICATION_FAIL: ILET Platform Authentication Failure The software has detected that this switch may not be a genuine Cisco product and that software loaded on the switch may have been copied in violation of Cisco's end user license agreement. Cisco licensing, warranties and support programs only apply to genuine Cisco products. Cisco may deny operation of this product, or support under your warranty or under a Cisco support program such as SmartNet. If you receive this message, please contact your Cisco Sales Representative for assistance.

This message means that an ILET authentication failure occurred.

Recommended Action:Contact your Cisco sales representative for assistance.

Related documents- No specific documents apply to this error message.

I think you need to contact the seller or Cisco as per this advice

Regards

Alex

Regards, Alex. Please rate useful posts.

I agree, I found the same thing during my research and needless to say cisco is not being helpful at all, this is why I am posting here. 

I guess I need to know less about why and more about how to resolve.  I get the feeling that getting a better understanding of the situation is the only way I am going to solve this, I can tell you cisco is going to be no help even though the thing is new out of the box furthermore, it is racked and stacked with 48 cables plugged in to it so I really don’t want to remove it when the issue is clearly the IOS and I think it comes down to the IOS that it came with is not certified on this hardware. 

Hi ,

Based on the release notes of 15.(0)1SE IOS, it seems you should be using the Universal feature IOS and then install the license that you must've received when you purchased this box.

Here is the snippet of the language:

"If you have a service support contract and order a  software license or if you order a switch, you receive the universal  software image and a specific software license"

http://www.cisco.com/en/US/docs/switches/lan/catalyst3750x_3560x/software/release/15.0_1_se/release/notes/OL25302.html#wp432964

I would suggest that as Cisco TAC is not able to assist you then download this universal feature set on the IOS and install that file in your switch. See if that helps you in alleviating the issue.

IOS download link:

http://www.cisco.com/cisco/software/release.html?mdfid=282979364&flowid=2630&softwareid=280805680&release=15.0.1-SE2&relind=AVAILABLE&rellifecycle=ED&reltype=latest

Hope it helps

Neeraj

Nickolus Looper
Level 1
Level 1

I had this exact same error on the exact same model switch (stack of two) in December of 2012.  The only difference was that TAC was helpful and immediately replaced both switches.  In discussion with TAC, the sense was that this might be counterfeit hardware so they wanted to get it out of circulation.

The problem only presented itself when I did an IOS upgrade from 12.2(55)SE3 to 12.2(55)SE6, when the code to check a certain 'authenticity' chip was added.  Fortunately I was able to downgrade to get the switches back in service temporarily.

About 1.5 years later, here I am about to upgrade two more switches purchased at the same time. Here's hoping these ones don't have the same issue.

I had same problem with new 2960X when I upraded original 15.0(2)EX5 to 15.2(3)E from USB stick and I had same error (20 same kind of switch worked fine). I boot again with old 15.0(2) and then again with 15.2(3) and then it worked without errors.

how did you fixed?/

Follow Jaroslav's suggestion.

 

The workaround was to physically power off the switch for 5 minutes, then power it back on.

A remote reboot does not help, it has to be physical.

After power on, the message disapeared and the switch works well.

I id but still the same message, but thanks

Hello All

We had this issues too at dozens of switches from CISCO.

The problem only occured when these conditions were met:

cisco WS-C2960X-24PS-L (or 48PS)

IOS version 15.0(2)EX4

Hardware Board Revision Number  : 0x12

Authentication config (radius / dot1x)

The workaround was to physically power off the switch for 5 minutes, then power it back on.

A remote reboot does not help, it has to be physical.

After power on, the message disapeared and the switch works well.

The resolution provided by CISCO TAC was (as usual) to upgrade IOS "it's related to the IOS more than the hardware , it's need upgrade 15.0(2a)EX5 and hard power cycle the switch to resolve this issue "

Hope that helps someone having the same issues ;)

Please rate if useful.

Jaroslav has the correct answer.

I was just faced with the same issue. A 2960X that was displaying these disturbing errors so my recovery steps were:

Upgrade to 15.2(3)E1.

Perform reload (switch is at a remote site).

Grow more concerned as the errors still show in the logs even after reload.

Have remote hands perform a hard power down - wait about 5 minutes - a power up.

Now the errors are not showing in the logs.

Jaroslav gets full points.

The workaround have been very helpful after today one have upgraded the IOS and faced with that Auth_Fail msg.

Jaroslav is right even after 2 years.

Here is what I experienced.

 

1- Stack of 4 WS-C2960X-48FPS-L

2- Old IOS was c2960x-universalk9-mz.150-2.EX5.bin

3- New IOS that gave the ILET error - c2960x-universalk9-mz.152-2.E7.bin. Then we reloaded the stack remotely.

4- Because of this the the logs we got - Cannot read pid from Flexstack module. ILET-1-DEVICE_AUTHENTICATION_FAIL: The FlexStack Module inserted in this switch may not have been manufactured by Cisco or with Cisco's authorization.

And so every switch was acting as Master & no stacking was coming up.

5- Then we physically powered-down all the switches in the stack & powered them up after 5 minutes. This thing worked & we are on the safe harbour code from Cisco :)

 

Thanks again Jaroslav.

haryaniaroon
Level 1
Level 1

Faced same issue on one Cisco 2960x switch and after physically powering off device for 10 minutes and restarting it again resolved the issue.

However all switches coonnected to it were not accessible before, and arp for default gateway was not resolving too, but after powering on/off the switch, it all worked.

 

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco