03-11-2013 02:04 AM
Dear Cisco Developers,
we are facing a problem with your design choice of not to support Telnet/SSH on the Wap321. We bought this Product because it was one of the only Access Points with SSH and Telnet Support.
We need the SSH Support for a script that changes the WPA-psk key of the interface wlan0 on more then 20AP's every Week. Everything was good until we got hold of a new charge which came with firmware version 1.0.1.10.
Changelog:
"Due to security concerns, Telnet and SSH access options are removed in firmware version 1.0.1.10."
So I talked with the German Cisco Small Business Support and he said he will investigate and try to get it to the Second Support tier. Well it never came to that, he called us two days later and said that is was a BUG to Support SSH and Telnet on the WAP321 and it was never designed to be a Feature.
So i guess we have following options:
1.Bring back the SSH Support for the Wap321 in the next Firmware update
2.Provide Firmware version 1.0.0.3
3.Give me a Workaround for my task
So any help would be appreciated and i hope we are not the only ones that would like to see a comeback of this feature.
In hope for comments
Best wish
Fabian Schwarz
(PTA-Support)
PS: Support Ticket was
624972937
03-11-2013 07:11 AM
Hi, My name is Eric Moyers. I am a Network Support Engineer in the Cisco Small Business Support Center. Thank you for using the Cisco Community Post Forums.
While it is not something I would recommend, the firmware 1.0.0.3 is located here on the Cisco website.
From 1.0.0.3, there have been many fixes and improvements. Please read through the release notes carefully, to make sure that you are not loosing something more important than gaining the ability to change passwords with a script.
With clustering you would have the ability to change the password on one device and it propagate out to the rest in a cluster.
Thanks
Eric Moyers .:|:.:|:.
Cisco Small Business US STAC Advanced Support Engineer
CCNA, CCNA-Wireless
866-606-1866 ext 601027
Mon - Fri 09:00 - 18:00 (UTC - 05:00)
*Please rate the Post so other will know when an answer has been found.
03-11-2013 07:16 AM
Hi and thank you for your response,
but you are mistaken, its the .mib files (SNMP) for the Firmware. If you click the Firmware Button there is no 1.0.0.3 to download.
if you look under firmware
you can only select the last 2 versions.
Best Wish
Fabian Schwarz
03-11-2013 07:55 AM
Sorry for a double Post, but Single Point Setup is not present in firmware 1.0.1.0
In firmware 1.0.0.3 it was defenitly....
Or did you guys hide it somewhere?
03-11-2013 08:25 AM
My apologies you are correct. I did not realize that link took me to the MIB.
I am looking at the version 1.0.2.3 on mine here in the lab. In the navigation pane at the bottom, you would select Single point setup and then Access Point
Eric Moyers
03-11-2013 08:49 AM
I see, they removed it in 1.0.1.0 and re-enabled it in 1.0.2.3 ...
Will look into it tomorrow. But it would be really great if you would have a fix for the ssh Problem. The SSH Feature is still in the firmware but it cannot be used and im not a Hardware specialist who can extract or rewrite the Firmware.
Also im not convinced that the clustering will work, we dont have Physical nor LAN Access to every AP, they are in other Offices and it was easy to reroute the ssh port but its more complex for web interfacess.
Do you see any chance for opening a case? Or do you think the answer " No SSH Support ever" is not changeable.
I mean the feature was advertised and we bought them just for that. We dont need Captivel Center, Multi SSID network splitting and so on...
Fabian Schwarz
03-11-2013 09:21 AM
No Sir I do not.
According to the response from L2:
SSH is only enabled for customer to use it on switches.
Developers normally do not allow SSH (enable or protect with password) for end
user on any Wireless device. Management is done by web interface.
In this particular case SSH was enabled only due to some bugs which were
monitored during first release so it is not meant to be for end user.
Because of particular security risks, SSH is for troubleshooting by developers.
Currently there is no chance that they would issue any official firmware for this as
well as there is a little chance they would create special firmware for just a few
customers.
I am sorry for any inconvenience that this has caused.
Eric Moyers
If you like you can roll the mouse over my picture and get my actual email address and contact me directly.
03-12-2013 03:24 AM
I sent you an email.
03-12-2013 06:49 AM
I have sent you an email back.
Thank you, Have a great day.
Eric Moyers
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide