02-13-2020 10:56 PM - edited 02-13-2020 10:57 PM
Hi all members! Actually, the problem is as follows: after updating the stack (4 switches) WS-C2960X-48LPD-L from the working, but very old c2960x-universalk9-mz.150-2.EX1.bin, to version c2960x-universalk9-mz.152- 7.E1.bin I got a lot of problems ... Namely:
1. The stack of four switches did not return to normal operation;
2. Two switches stopped seeing the stack of modules;
3. One switch lost licensing and after a successful license recovery continues to report an error in the logs: "% ILET-1-AUTHENTICATION_FAIL: This Switch may not have been manufactured by Cisco or with Cisco's authorization. This product may contain software that was copied in violation of Cisco's license terms .... ". Also at the boot stage of this switch is present: "POST: ACT2 Authentication: Begin
POST: ACT2 Authentication: End, Status Failed
extracting front_end / front_end_ucode_info (43 bytes) "
How I upgraded to version c2960x-universalk9-mz.152-7.E1.bin: I have a few more stacks from the WS-C2960X-48LPD-L switches. I pre-selected one stack with the least number of hosts, uploaded the firmware over the network to flash1 and flash2, checked the md5 hashes and sent the stack at night to update. The stack accepted firmware c2960x-universalk9-mz.152-7.E1.bin without problems and showed normal loading and working capacity for 12-14 days. Later, I distributed the firmware c2960x-universalk9-mz.152-7.E1.bin to another 2 stacks (WS-C2960X-48LPD-L) and it still went without problems. After making sure that everything is fine, I downloaded the firmware onto the stack of 4 WS-C2960X-48LPD-L switches, checked the firmware hashes on each md5 flash memory, rebooted the stack and got the problems described above.
What I tried to do in this situation with the switch that lost the license still does not work and is lit with the orange SYST diode:
1. Removed the stacking module and started the switch;
2. Turn off completely the power for this switch for several hours;
3. Formatted the flash of the switch and downgraded the firmware version to c2960x-universalk9-mz.152-2.E6.bin and to c2960x-universalk9-mz.150-2.EX1.bin;
4. I tried to run it with firmware on usbflash;
None of the above actions return the switch to normal operation ... I understand that the problem is most likely hardware (maybe SmartChip), but maybe there are still ways to bring the switch back to life? And I'm not even talking about restoring the entire stack.
And my trust in Cisco is seriously undermined ...
06-05-2021 07:23 PM
You will need to open a TAC case for the AUTHENTICATION_FAIL.
++ Try removing all stack cables and boot switches in stack as standalone
++ If some switches still throw AUTH. error remove them from stack
++ Add switches which are not throwing the error to stack and it would work.
## Make sure to mark post as helpful, If it resolved your issue. ##
06-05-2021 08:07 PM
Its looks like a bug please reach cisco TAC.
The software defects in Cisco bug IDs CSCul88801, CSCur56395, and CSCut53599 can result in one or more of these symptoms:
False "%ILET-1-DEVICE_AUTHENTICATION_FAIL:" messages for the 2960X switch itself or for the FlexStack Plus module (C2960X-STACK=) .
SFP/SFP+ (Small Form-Factor Pluggable) uplinks do not link up or are not displayed in the show command output. This typically occurs after a switch reload or after an SFP or FlexStack module Online Insertion or Removal (OIR).
SFP error messages: hulc_sfp_iic_intf_read_eeprom sfp _index 1 yeti_iic_read_retry fail POST: ACT2 Authentication : End, Status Failed.
Redundant Power System (RPS) error message: %PLATFORM_ENV-1-RPS_ACCESS: RPS is not responding.
Field Notice 64175 can be referenced for this issue as well.
Else you are using cisco unauthorized sfp or stack cable, thank you.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide