06-04-2012 12:36 PM - edited 11-18-2020 02:59 AM
Many times we see instances where the RMA controller is shipped with an LDPE image.
(Cisco Controller) >show sysinfo
Manufacturer's Name.............................. Cisco Systems Inc.
Product Name..................................... Cisco Controller
Product Version.................................. 7.0.116.0
Bootloader Version............................... 1.0.1
Field Recovery Image Version..................... 6.0.182.0
Firmware Version................................. FPGA 1.3, Env 1.6, USB console 1.27
Build Type....................................... DATA + WPS + LDPE
An upgrade to an non LDPE code fails with this error-
"ERROR: Incompatible SW image.ERROR: Please install the Data Payload Encryption licensed image"
The LDPE image is used for Customers who are not legally allowed to use DTLS Data encryption within their regulatory domain (Russia-specific).
1) Upgrade WLC to 7.0.230.0 LDPE image- e.g. AIR-CT5500-LDPE-K9-7-0-230-0.aes for a 5508 OR 7.2.110.0 LDPE image AIR-CT5500-LDPE-K9-7-2-110-0.aes
2) Download and install a free DTLS license from Cisco.com (if one is not already installed):
To Obtain a Data DTLS License:
3) Once the DTLS license is installed, you will be able to upgrade/downgrade to any WLC code (including Non-LDPE).
(Cisco Controller) >show license summary
License Store: Primary License Storage
StoreIndex: 0 Feature: base Version: 1.0
License Type: Permanent
License State: Active, Not in Use
License Count: Non-Counted
License Priority: Medium
License Store: Primary License Storage
StoreIndex: 1 Feature: base-ap-count Version: 1.0
License Type: Permanent
License State: Active, In Use
License Count: 500 /1 (Active/In-use)
License Priority: Medium
License Store: Primary License Storage
StoreIndex: 2 Feature: data_encryption Version: 1.0
License Type: Permanent
License State: Active, In Use
License Count: Non-Counted
License Priority: Medium
If the controller is on 7.0.116.0 LDPE code; you installed the DTLS license and then tried to migrate to non LDPE code version of 7.0.116.0, it would fail with the following error-
*Transfer: Mar 28 11:32:56.609: RESULT_STRING: Transfer failure :
Upgrade from LDPE to non LDPE software is not allowed.
So, you will need to get on to 7.0.230.0 LDPE image (e.g. AIR-CT5500-LDPE-K9-7-0-230-0.aes for a 5508) or 7.2.110.0 LDPE code first before you can move to a non LDPE code.
This capability was introduced via CSCtw78061; meaning after installing the DTLS license you can download normal image from LDPE code just fine.
Description
If WLC is running LDPE image (License Data Plane Encryption) image, they are not allowed to download normal image and vice-versa. (This is specific to 7.2(0.18))
Shipping non LDPE image to certain countries is not allowed by regulatory and may be illegal. As part of this CDET, we allow the download of normal image from LDPE image.
Symptom: No upgrade/downgrade is allowed from LDPE image to NON_LDPE image.
Conditions: transfer download of non-ldpe image from ldpe image
Workaround: if there is a dtls license installed and active, then upgrade/downgrade of non-ldpe image from a ldpe image is allowed.
Known Affected Releases
Known Fixed Releases:
https://tools.cisco.com/bugsearch/bug/CSCtw78061/?referring_site=bugquickviewclick
Very Nice Info Kanu
Nice Job Kanu ..
Simple steps thanks for this
This method is effective.thx
Works fine thx !
Js
Note - for an HA-SKU, you can break the HA pair, follow the above procedure, then rebuild the HA pair once both WLCs are on on the same non-LDPE code version.
This procedure works for 7.4 version ? II just got a 7.4.130 release with LDPE.
Thanks.
Hi,
this procedure works fine for software version 7.4 with LDPE
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: