Cisco WLAN access point AIR-LAP1142N and CAP2602I for SoHo use


back-to-topPreamble


Renewals of commercial WiFi enterprise networks cause of new standards and hence new required hardware (additional 6 GHz band etc.) result in the fact that a lot of professional and premium APs can be found for bargain prices at resellers or on auction platforms like eBay and Co.
These AP models are made for the enterprise market which can be seen from a manufacturing perspective with heavy metal cases, low loss antennas on ceramic based pcb's etc. A huge difference in comparison to cheap mass production consumer equipment in thin plastic housings.
Their WiFi technique is based on the 802.11n (max. 600 Mbit/s with WiFi 4) standard and still widely in use. A dual radio AP with a simultaneous support of both 2,4 GHz and 5 GHz bands, MSSID/VLAN function, fast 802.11r roaming, band steering to preferr the less congested 5 GHz band as well as MIMO 2x3 is still a good choice for small WiFi infrastructures for a cheap price. A configuration webGUI, guestnet segmentation and on top a radius server are completing the feature set which can not be seen on typical mass production APs. They still provide a good performance and a reliable WiFi network for small SoHo environments with very little budgets like schools, cafes and smaller hotels etc.

back-to-topWhy this hardware ?


Cisco has designed the LAP1142N and CAP2602I accesspoints to work primarily with a central WLAN controller (e.g. Cisco AIR-CT2504-5-K9). Hence most of them come with a so called "lightweight" firmware image working in "lightweight mode" and which did not allow any standalone operation. Standalone is more or less the typical operation mode in SoHo networks.
Cisco offers also a firmware image for standalone operation. So these APs simply need do be flashed with a new firmware image to bring them into standalone to get rid of a mandatory controller.
After the firmware change the APs can be configured with a classical web GUI and be used like classical, of the shelf APs without any controller. For For Cisco trained network admins they provide the classical Cisco CLI as well. Either on a serial port or via telnet / SSH.
The following tutorial describes the easy and simple flashing process to change the APs firmware into standalone mode.

back-to-topHow to do


What is needed is a TFTP server which provides the firmware image for TFTP download in the network. Helpful is also a USB-serial adaptor to monitor the Cisco serial CLI console port (9600 baud N81). These adaptors can easily be found online or at local pc shops like HERE.
Most network components have serial interfaces as well and require those adapters for initial setup. So its a good investment in this tool.
The terminal programm used here under Windows is the all time classic PuTTY or as an alternative TeraTerm. MacOS users have ZOC and under Linux its the well known minicom.
Serial interface settings
  • 9600 baud
  • 8 bits, no parity, 1 stopbit
  • No hardware or software flow control
As mentioned before: The serial interface is not necessarily mandatory and the flashing works even without the serial console.

After booting into the flashing mode the AP automatically gets a default IP addresse of 10.0.0.1 /8 and is automatically looking for a TFTP server in the connected network by broadcast. If present he starts booting a default firmware image named c1140-k9w7-tar.default (1142N) or ap3g2-k9w7-tar.default (2602I).
After flashing this default image the AP reboots into standalone mode and is ready to use.
The AP then looks via DHCP for a management IP address like a standard AP. If provided successfully he can easily be managed over this IP Adresse with a standard HTML browser GUI or via telnet / ssh terminal.
This example uses the well known TFTP server TFTP32_or_TFTP64 or Pumpkin as an alternative. Apple MacOS users can use TFTP_Server and Linux users the onboard provided TFTP server tftpd-hpa.

back-to-topSet static IP address


The PC which provides the TFTP server has to be set manually into the same IP network with his address as the default IP address of the AP. The following example shows this with a Windows PC (here 10.0.02).
stat-ip

back-to-topTFTP server installation and startup


Important is here to set the TFTP root directory "Current Directory" to the same directory which contains the firmware image files c1140-k9w7-tar.default (1142N) or ap3g2-k9w7-tar.default (2602I).
Putting the original file names like "c1140-k9w7-tar.153-3.JD16.tar" or "c1140-k9w7-tar.153- 3.JD17.tar" as well as ap3g2-k9w7-tar.153-3 for the 2602I model into a search engine will show a download option. These original names have to be renamed into:
  • c1140-k9w7-tar.default for Cisco LAP1142N
  • ap3g2-k9w7-tar.default for Cisco CAP2602I
A check if the firmware image name contains a "7" ..k9w7 makes sure it is the standalone image ! (Lightweight controller image contains an "8" instead)
tftp
Windows users should also make sure that TFTP traffic can pass the local firewall ! If not, TFTP traffic will be blocked and the TFTP update will fail and result in a timeout error. Under Windows its a typical error for failed update.
win-fw
(Some 2602 images (and ONLY 2602 !) will probably show a "404 Error" in the GUI if config saving is clicked. Thats a know GUI only error but did NOT happen on the CLI where config saving work just fine with the write command. Small hint: .JAB suffixes in the 2602 firmware image name do not show this GUI error)

back-to-topCisco 1142N and 2602I AP network connection


Primarily these access points usually work with PoE (power via network cable) following the 802.3af or 802.3at standard. This is also valid for the 1142N and 2602I APs. Both APs are additionally equipped with an external power connector for an external power supply. (+ on the middle pin).
Hence the AP can also be easily operated in environments without PoE switches. Simple and standard 48 volt power supplies can be used here or, as a much better alternative, a cheap, standard PoE_Injector.
port-ovw

Instructions for booting the AP into flash mode:
For automatic booting and flashing the firmware image keep the Mode button pressed BEFORE connecting either the power supply or PoE !! So first keep the button pressed and then connect power and hold the button pressed.
Still keep the Mode button pressed until the status LED on the AP front changes the color from blue flashing to red. After that change release the button. This lasts almost around 20 seconds.
The AP then contacts automatically the running TFTP server in the network and installs the image. The whole flashing process lasts around 3-4 minutes and should NOT be interrupted !
The flashing process can also be observed with the increasing timebar on the tftp server or as well with the terminal messages on the APs serial console if connected to a terminal.
tftp-bar
See here the serial console output (slightly shortend):
...
IOS Bootloader - Starting system.
Xmodem file system is available.

DDR values used from system serial eeprom.
Reading cookie from system serial eeprom...Done
Base Ethernet MAC address: f8:66:f2:44:5a:e4
Ethernet speed is 1000 Mb - FULL duplex
button is pressed, wait for button to be released...
button pressed for 27 seconds

process_config_recovery: set IP address and config to default 10.0.0.1
process_config_recovery: image recovery
image_recovery: Download default IOS tar image tftp:/ /255.255.255.255/c1140-k9w7-tar.default

examining image...
extracting info (283 bytes)
Image info: ...


In some cases its possible that the console shows the following error after the boot- and flashing process:
Not enough free space to download image first w/o extracting
deleting existing version(s)...
Deleting current version: flash:/ap3g2-k9w8-mx.153-x.JXy...done.

This shows that there is not enough space in the flash rom anymore and that the system has automatically erased the old image.
This is NOT a problem and a following second attempt will finish the flashing process without any errors.

back-to-topBasic configuration as WiFi access point


The setup as a standard AP after rebooting the new image can be quickly done via the GUI:
  • Default Passwort: "Cisco" (capital "C" !)
  • Setup SSID and if in MSSID mode map to a certain VLAN ID
  • WPA-2 passwort setting
  • Attention: Universal Admin Mode has to be deactivated !
ap-gui
Further informationen of Cisco AP configurations in a MSSID design, can be found in the basic VLAN_tutorial and in the following advanced links.


back-to-topAdvanced links


The wall mounting plate can be found und the search pattern Cisco 69-2160-03 Access Point Mounting Bracket. eBay and Co. show them sometimes in connection with the APs.

Cisco dataseet for 1140er und 2602I APs:
https://www.cisco.com/c/dam/global/de_de/assets/portal-content/produkte- ...
https://www.cisco.com/c/de_de/support/wireless/aironet-2600i-access-poin ...

Cisco configuration guide for autonomous APs:
https://www.cisco.com/c/en/us/td/docs/wireless/access_point/atnms-ap-8x/ ...

Internet related link to this topic:
http://exchange2013pikasuoh.blogspot.com/2015/08/convert-cisco-air-lap1 ...

Avoid beginner problems with a MSSID setup (multiple WLANs over one single AP):
https://administrator.de/content/detail.php?id=663236&token=607

MSSID/VLAN tutorial:
https://administrator.de/tutorial/vlan-installation-routing-pfsense-mikr ...
Praxisbeispiel Gast WLAN mit Cisco AP:
https://administrator.de/tutorial/vlan-installation-routing-pfsense-mikr ...

Connect 2 IP networks over WiFi:
https://administrator.de/tutorial/wlan-zwei-lan-ip-netzwerke-verbinden-1 ...

WLAN with dynamic VLAN association:
https://administrator.de/tutorial/dynamische-vlan-zuweisung-wlan-u-lan-c ...

Content-Key: 901293552

Url: https://administrator.pro/contentid/901293552

Printed on: July 28, 2021 at 09:07 o'clock