---

@Rich R wrote:
You haven't mentioned what version of IOS you're using but of course you should make sure it's up to date to eliminate known bugs which have been fixed.

---

Hello @Rich R. Unfortunately the IOS is not up to date. I cannot update because we don't have an active contract with Cisco. At least as far as I know, I cannot update IOS. We are running ap3g2-k9w7-xx.153-3.JBB version. A very old version indeed.

Thank you.

---

@Rich R wrote:
Latest is https://software.cisco.com/download/home/286281141/type/284180979/release/15.3.3-JPJ3
Try that, if you can access it then you have support.
If you don't have a contract then another option to consider is the "Customers Without Service Contracts" paragraph of https://www.cisco.com/c/en/us/support/docs/csa/cisco-sa-20171016-wpa.html
In theory TAC should be able to provide you with the latest fixed version listed on https://quickview.cloudapps.cisco.com/quickview/bug/CSCvg42682 which is 15.3(3)JPJ3.

---

Hi @Rich R. I can access it, but not download it. I receive the message "Service Contract Required".

Yes, I readed it this "Customers Without Service Contracts" paragraph before open a Discussion. After seeing that possibility I called Cisco TAC, but the attendant guaranteed that if I don´t have a Service Contract, then I can not open a case and to upgrade my firmware I would need to open a case. She might be misinformed? Which is the best method to open a TAC?

I've never needed to do it so I cannot speak from experience. I think you can only do it over the phone. I believe you'll need to be more insistent.
Ask the person to got to the web site & read that paragraph to you over the phone or you might get lucky and find somebody who understands their company policy correctly - the advisory is quite clear and that AP model is still within Vulnerability/Security Support till 29 April 2022 so they cannot claim it is out of support: https://www.cisco.com/c/en/us/products/collateral/wireless/eos-eol-notice-c51-740712.html
If they still refuse to help then ask to speak to their manager and escalate until someone takes it seriously.
Sometimes you might get a different experience in another time zone so you might want to consider calling at midday for the relevant geography as TAC moves between Americas/EMEA/APAC.

---

@Sandeep Choudhary wrote:

1. Please disable aironet extentions , 2. Make sure time & Date are correctly configured on AP and  then try again.

 

How to disbale it via CLI:

 

configure terminal
interface dot11radio { 0 | 1 }
no dot11 extension aironet
!
end
!
wr

 

Regards

Dont forget to rate helpful posts

---

Hello @Sandeep Choudhary. Thanks for your response. Aironet extensios was already disabled and Time & Date is correct also. But actually I rebooted the server that I use as DHCP server, and apparently the problem was solved. I still receive some of these error ("Interface Dot11Radio0, Deauthenticating Station ... Reason: Previous authentication no longer valid"), but that device that was experiencing this problem is no longer having this problem anymore. I'm not sure if I have to do something yet, just because I see this errors in the error log. The error log image is in attach.

---

@.Jaidev Hattiangadi. wrote:

You're most likely hitting this bug 

 

https://bst.cloudapps.cisco.com/bugsearch/bug/CSCue08313

 

If you have a Cisco account, open a TAC case to get a fixed code published which gives you special access to download if you're not entitled to download software.

---

Hi @.Jaidev Hattiangadi. Before open a Discussion, I readed somewhere the "Customers Without Service Contracts" paragraph saying that I can upgrade my firmware without a contract when has a security advisory linked with the update. After seeing that possibility I called Cisco TAC, but the attendant guaranteed that if I don´t have a Service Contract, then I can not open a case and to upgrade my firmware I would need to open a case. She might be misinformed? Which is the best method to open a TAC?

Hi @Rich R, 

Yes, the fix should ideally carry over to subsequent versions. However, i've seen this bug being brought up in quite a few cases with the exact same symptoms seen even on 15.3(3) versions, hence felt it was worth mentioning.

@rafael.mult,  it's true that if there's a Cisco advisory for a vulnerability on a specific version, you do not require a contract to obtain the fixed release. However, in this case, it's a bug you're trying to fix. You'll need a service contract to get support for the part. 

Cheers!