Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Create a new article
3890
Views
0
Helpful
0
Comments

LDPE image on Wireless Lan Controller

Rajan Parmar
Cisco Employee
Cisco Employee

‎08-18-2015 10:37 AM - edited ‎11-18-2020 03:11 AM 

There can be an LDPE image or a Non-LDPE (normal) image.

When we upgrade, a Controller with an LDPE image on it, we need another LDPE image.
When we upgrade, a Controller with a non-LDPE image on it, we need another non-LDPE image.

7.0.116.0 was the first WLC image , where we had a normal(non-LDPE)image and an LDPE image.

Question: When is required the LDPE image?
Answer  : The LDPE image is developed by Cisco for those countries where, for the data that travels between the Access Point and the WLC, the 

Government of the concerned country, if wants the data to be encrypted. 

Since it is the DTLS tunnel , that is etablished between the AP and WLC, this tunnel's data traffic, if needs to be encrypted, or in other words, if 

needs to be DTLS encrypted, then the LDPE image is required. This is because, normally the data traffic exchanged in the DTLS tunnel is not enrypted. 

Hence, for the encryption of the data payload carried by the DTLS tunnel, the LDPE image is developed. Russia is an example, where we have such said 

requirements.


Thus, till the point of time, you are not in such a specific country, you do not 
need LDPE image , as then one can use the Normal (non - LDPE )image.

Now, if you do have to use LDPE image, you also need to install a DTLS license (which is free of cost) .

The issue may arise, when we get a WLC with 'LDPE' image on it and on top if it, we try to peform an upgrade to a -non-LDPE' code on it.
Thus, it fails with this error - "ERROR: Incompatible SW image.ERROR: Please install the Data Payload Encryption licensed image"

To figure out, if this is the case, we can figure it out by getting the output from the CLI of the WLC, from the command:
(Cisco Controller) >show sysinfo . If the WLC would be using LDPE image, the output will have the info:

Build Type....................................... DATA + WPS + LDPE

if, we have LDPE image and we are trying to upgrade to a 'non-LDPE' image, then we need to perform three steps:
Step 1. Ensure that we have the DTLS license.
Step 2. Downgrade the existing version of the WLC to AIR-CT5500-LDPE-K9-7-0-220-0.aes, which is available at http://tinyurl.com/q6z4lhl 
Step 3. Now, you upgrade the WLC, back to the original version , which you had, before implementing Step 1.

Step 1 is documented at https://supportforums.cisco.com/document/102681/converting-ldpe-controller-image-non-

ldpe#Conversion_from_LDPE_to_a_non_LDPE_image - 2).


For references you may like to visit :
sc-wifi.com/2011/04/30/cisco-wlc-ldpe-images/			
https://tools.cisco.com/bugsearch/bug/CSCtw78061/?referring_site=bugquickviewclick 


Now, if this was an RMA (that caused the issue,) then we can now transfer the license file of the old unit of the WLC, into the new unit of the WLC, of the RMA process.
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents