- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-13-2022 08:55 AM - edited 05-13-2022 09:04 AM
Hi Trying to setup c9800 as normal procedure. We can login the WLC via cli but not gui with saying "Wrong Credential .." The below link is bug on it.
Is this issue resolved? Thank you
https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvd82988
Symptom: "Wrong Credentials. Please Login again." error when accessing the switch via GUI. Conditions: SHIVA#show run | i username username ww password 0 ww username cisco password 0 cisco username test password 0 test SHIVA#show run | i aaa aaa new-model aaa session-id common Problem is not always seen right after reboot, after day or two problem appears consistently. With above configuration try to access the GUI of the switch. Workaround: Power cycle of the switch. Further Problem Description:
Solved! Go to Solution.
- Labels:
-
Catalyst Wireless Controllers
Accepted Solutions
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-13-2022 09:41 AM
- Wouldn't do that , apparently the bug report is already two years old ,avoid using usernames as being mentioned in the Conditions of the bug report.
M.
-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-13-2022 10:02 AM
- Yes , don't use those usernames or passwords.
M.
-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-13-2022 10:23 AM
- Issue (CLI) command "show tech wireless" : have the output analyzed by , https://cway.cisco.com/tools/WirelessAnalyzer/ , look for critical advisories (red) , and correct accordingly.
M.
-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-13-2022 09:22 AM
- Use one of the Known Fixed Releases , as mentioned in the bug report.
M.
-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-13-2022 09:33 AM
Thank you for your reply! now its version is 17.3.4c. The options are about 16.-- Do you mean we need to downgrade its ios?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-13-2022 09:41 AM
- Wouldn't do that , apparently the bug report is already two years old ,avoid using usernames as being mentioned in the Conditions of the bug report.
M.
-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-13-2022 09:55 AM
It means that username and password are too simple?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-13-2022 10:02 AM
- Yes , don't use those usernames or passwords.
M.
-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-13-2022 10:04 AM - edited 05-13-2022 10:32 AM
We have changed to complicated username and password. but the issue is still there.
and i also want to change the number from "0" to "7" . but it does not work. Do you think we need to change it?
V(config)#username asqwert privilege 15 password 7 ?
WORD The HIDDEN user password string
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-13-2022 10:23 AM
- Issue (CLI) command "show tech wireless" : have the output analyzed by , https://cway.cisco.com/tools/WirelessAnalyzer/ , look for critical advisories (red) , and correct accordingly.
M.
-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-15-2022 05:48 AM
You should not be using type 7 password encryption or md5 hash secret anymore - both very insecure and unsafe.
You should be using type 9 (scrypt) which is now the most secure option available (type 8 also acceptable but consensus that 9 is better):
username test privilege 15 algorithm-type scrypt secret plaintextsecret
That will appear in the config as:
username test privilege 15 secret 9 $9$XDxtW9Ixseuak.$kMOej8hDPlSueAY6NsEMvwSCa51qmm11JBvdPjrF8Ec
FYI: you can't just 'change the number from "0" to "7".' - what follows 7 is the reversibly encrypted version of your plaintext password. It's very easy to decrypt using numerous websites and tools because the encryption algorithm is very basic and well known.
If you enable "service password-encryption" then IOS will encrypt plaintext passwords by default and which encryption type it uses depends on whether you have also enabled aes encryption with master key:
password encryption aes
key config-key password-encrypt <masterencryptionkey>
The master key is stored in secure NVRAM and can never be viewed. If you lose the master key then the passwords can never be decrypted.
Please click Helpful if this post helped you and Select as Solution (drop down menu at top right of this reply) if this answered your query.
------------------------------
TAC recommended codes for AireOS WLC's and TAC recommended codes for 9800 WLC's
Best Practices for AireOS WLC's, Best Practices for 9800 WLC's and Cisco Wireless compatibility matrix
Check your 9800 WLC config with Wireless Config Analyzer using "show tech wireless" output or "config paging disable" then "show run-config" output on AireOS and use Wireless Debug Analyzer to analyze your WLC client debugs
Field Notice: FN63942 APs and WLCs Fail to Create CAPWAP Connections Due to Certificate Expiration
Field Notice: FN72424 Later Versions of WiFi 6 APs Fail to Join WLC - Software Upgrade Required
Field Notice: FN72524 IOS APs stuck in downloading state after 4 Dec 2022 due to Certificate Expired
- Fixed in 8.10.196.0, latest 9800 releases, 8.5.182.12 (8.5.182.13 for 3504) and 8.5.182.109 (IRCM, 8.5.182.111 for 3504)
Field Notice: FN70479 AP Fails to Join or Joins with 1 Radio due to Country Mismatch, RMA needed
How to avoid boot loop due to corrupted image on Wave 2 and Catalyst 11ax Access Points (CSCvx32806)
Field Notice: FN74035 - Wave2 APs DFS May Not Detect Radar After Channel Availability Check Time
Leo's list of bugs affecting 2800/3800/4800/1560 APs
Default AP console baud rate from 17.12.x is 115200 - introduced by CSCwe88390
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-13-2022 02:02 PM
Resolved, Thank you!
