Просмотреть исходный

|| DeviceType | Wireless access controllers  |
|| DeviceName1 | WLC-15, WLC-30, WLC-3200, vWLC |
|| DeviceType2 | ESR series sevice routers |
|| DeviceName2 | ESR-15, ESR-15R, ESR-30, ESR-3200 |
|| DocTitleAdditional | Firmware verion update guide |
|| fwversion | 1.30.2 |

Introduction

Abstract

This guide provides instructions on how to update the firmware components of the WLC series controllers, considering the specific models and previous firmware versions of the device being update.

Target audience

This guide is intended for technical personnel who perform device updates through the command line interface (CLI).

Symbols

Designation

Description

[ ]

In the command line, optional parameters are shown in square brackets; when entered, they provide additional options.

{ }

In the command line, mandatory parameters are shown in curly braces. Select one of the parameters.

«,»

«-»

In the command description, these characters are used to define ranges.

«|»

In the description of the command, this sign means 'or'.

Semibold font

Notes, warnings, or information are shown in bold.

<Semibold italic>

Keyboard keys are shown in bold italic within angle brackets.

Text box

Examples and results of the commands are given within the text boxes.

Notes, warnings and information

Notes contain important information, tips or recommendations on device operation and setup.

Warnings inform users about hazardous conditions which may cause injuries or device damage and may lead to the device malfunctioning or data loss.

The information block contains information on the use of the device.

Files used for the update

Depending on the model and update component, the following files should be used later in the guide body:

WLC model	HW version	Firmware <firmware-file>	Secondary bootloader <uboot-file>	Primary bootloader <xload-file>
WLC-15	all	wlc15-1.30.2-build14.firmware	wlc15-1.30.2-build1.uboot	none
WLC-30	all	wlc30-1.30.2-build14.firmware	wlc30-1.30.2-build1.uboot	none
WLC-3200	all	wlc3200-1.30.2-build13.firmware	wlc3200-1.30.2-build1.uboot	wlc3200-1.30.2-build1.bdk
ESR-15	all	esr15-1.30.2-build15.firmware	esr15-1.30.2-build1.uboot	none
ESR-15R	all	esr15-1.30.2-build15.firmware	esr15-1.30.2-build1.uboot	none
ESR-30	all	esr3x-1.30.2-build15.firmware	esr30-1.30.2-build1.uboot	none
ESR-3200	all	esr3200-1.30.2-build14.firmware	esr3200-1.30.2-build1.uboot	esr3200-1.30.2-build1.bdk
vWLC	—	vwlc-1.30.2-build14.firmware	—	—

Creating a backup copy of the current configuration

Prior to initiating the firmware update on WLC controllers, it is necessary to create a backup of the current configuration. Copying the current configuration from the WLC controllers is possible both using remote file copying protocols and to locally connected USB/MMC media.

When migrating from a newer version of the firmware to an older one (downgrade), it is possible that the older version of the firmware will not be able to apply the configuration saved in the newer version. As a result, the configuration will be lost and the WLC controller will boot with an empty configuration.

Preparation

To create a backup copy of the current configuration of the controller using remote file copy servers, do the following:

Start the corresponding server on the PC/server in the network.
Provide the ability to save files in the server working directory.
Provide IP connectivity between the upgdated WLC controller and the remote file copy server (routing).
Ensure operation of the remote copy protocol between the WLC and the remote file copy server (intermediate firewalls).
If necessary (for ftp, sftp, scp, http protocols), find out the username and password to write the required file.

To create a backup copy of the current configuration of the service router on a locally connected USB/MMC storage:

Format USB/MMC partition as FAT32.
Connect the USB/MMC storage to the appropriate WLC slot.

Copying the configuration backup file

Using remote file copy protocols

Depending on the remote file copy protocol, one of the following commands must be executed in the CLI of the controller:

wlc# copy system:running-config tftp://<tftp-server-ip>:/<config-file-name>

wlc# copy system:running-config ftp://<ftp-username>:<ftp-userpassword>@<ftp-server-ip>:/<config-file-name>

wlc# copy system:running-config sftp://<sftp-username>:<sftp-userpassword>@<sftp-server-ip>:/<config-file-name>

wlc# copy system:running-config scp://<scp-username>:<scp-userpassword>@<scp-server-ip>:/<config-file-name>

wlc# copy system:running-config http://<http-username>:<http-userpassword>@<http-server-ip>:/<config-file-name>

<config-file-name> – file name with which the current configuration of the controller will be saved;
<tftp-server-ip> – IP address of the TFTP server in use;
<ftp-username> – user name on the FTP server;
<ftp-userpassword> – user password on the FTP server;
<ftp-server-ip> – IP address of the FTP server in use;
<sftp-username> – user name on the SFTP server;
<sftp-userpassword> – user password on the SFTP server;
<sftp-server-ip> – IP address of the SFTP server in use;
<scp-username> – user name on the SCP server;
<ftp-userpassword> – user password on the FTP server;
<scp-server-ip> – IP address of the SCP server in use;
<http-username> – user name on the HTTP server;
<http-userpassword> – user password on the HTTP server;
<http-server-ip> – IP address of the HTTP server in use.

To a locally connected USB/MMC storage

1. Define the volume label of the connected USB/MMC storage.

wlc# show storage-devices usb Name Filesystem Total, MB Used, MB Free, MB ------------------------------ ---------- ---------- ---------- ---------- <USB_DISK> vfat 7664.01 6391.69 1272.32

wlc# show storage-devices mmc Name Filesystem Total, MB Used, MB Free, MB ------------------------------ ---------- ---------- ---------- ---------- <MMC_DISK> vfat 7664.01 6391.69 1272.32

2. Copy the file to the USB/MMC storage that is currently in use.

When executing copy commands to USB/MMC media, instead of the <USB_DISK> or <MMC_DISK> fields, use the real volume labels defined in step 1.

wlc# copy system:running-config usb://<USB_DISK>:/<config-file-name>

|******************************************| 100% (576B) Success!

wlc# copy system:running-config mmc://<MMC_DISK>:/<config-file-name>

|******************************************| 100% (576B) Success!

<config-file-name> – file name with which the current configuration of the controller will be saved;
<USB_DISK> – partition name on the USB storage;
<MMC_DISK> – partition name on the MMC storage.

Restoring configuration from a backup

In case of configuration loss on the controller due to operational issues, firmware update, or rollback to a previous firmware version, the controller configuration can be restored using a previously created backup copy.

Copying a configuration backup to the WLC controllers is possible both using remote file copying protocols and to locally connected USB/MMC media.

When migrating from a newer version of the firmware to an older one (downgrade), it is possible that the older version of the firmware will not be able to apply the configuration saved in the newer version. As a result, the configuration will be lost and the WLC controller will boot with an empty configuration.

If the configuration is empty, the controller can only be connected to using a console connection and the default login/password (admin/password).

Preparation

To restore the configuration of the service router from a backup copy using remote file copy servers, do the following:

Start the corresponding server on the PC/server on the network.
Place the file with the previously created backup copy of the controller in the server working directory.
Configure the controller to establish IP connectivity with the remote file copy server.
Provide IP connectivity between the updated WLC controller and the remote file copy server (routing).
Ensure operation of the remote copy protocol between the WLC and the remote file copy server (intermediate firewalls).
If necessary (for ftp, sftp, scp, http protocols), find out the username and password to write the required file.

To restore the controller configuration from a backup copy from a locally connected USB/MMC storage, do the following:

Format USB/MMC partition as FAT32.
File with a previously created backup copy of the controller configuration must be placed on the USB/MMC media.
Connect the USB/MMC storage to the appropriate WLC slot.

Copying configuration backup file

Using remote file copy protocols

Depending on the protocol for remote file copying, run one of the following commands in the CLI of the controller:

wlc# copy tftp://<tftp-server-ip>:/<config-file-name> system:candidate-config

wlc# copy ftp://<ftp-username>:<ftp-userpassword>@<ftp-server-ip>:/<config-file-name> system:candidate-config

wlc# copy sftp://<sftp-username>:<sftp-userpassword>@<sftp-server-ip>:/<config-file-name> system:candidate-config

wlc# copy scp://<scp-username>:<scp-userpassword>@<scp-server-ip>:/<config-file-name> system:candidate-config

wlc# copy http://<http-username>:<http-userpassword>@<http-server-ip>:/<config-file-name> system:candidate-config

<config-file-name> – name of the service router configuration backup file;
<tftp-server-ip> – IP address of the TFTP server in use;
<ftp-username> – user name on the FTP server;
<ftp-userpassword> – user password on the FTP server;
<ftp-server-ip> – IP address of the FTP server in use;
<sftp-username> – user name on the SFTP server;
<sftp-userpassword> – user password on the SFTP server;
<sftp-server-ip> – IP address of the SFTP server in use;
<scp-username> – user name on the SCP server;
<ftp-userpassword> – user password on the FTP server;
<scp-server-ip> – IP address of the SCP server in use;
<http-username> – user name on the HTTP server;
<http-userpassword> – user password on the HTTP server;
<http-server-ip> – IP address of the HTTP server in use.

From locally connected USB/MMC media

1. Define the volume label of the connected USB/MMC storage.

wlc# show storage-devices usb Name Filesystem Total, MB Used, MB Free, MB ------------------------------ ---------- ---------- ---------- ---------- <USB_DISK> vfat 7664.01 6391.69 1272.32

wlc# show storage-devices mmc Name Filesystem Total, MB Used, MB Free, MB ------------------------------ ---------- ---------- ---------- ---------- <MMC_DISK> vfat 7664.01 6391.69 1272.32

2. Copy the file to the USB/MMC storage that is currently in use:

When executing copy commands to USB/MMC media, instead of the <USB_DISK> or <MMC_DISK> fields, use the real volume labels defined in step 1.

wlc# copy usb://<USB_DISK>:/<config-file-name> system:candidate-config

|******************************************| 100% (576B) Success!

wlc# copy mmc://<MMC_DISK>:/<config-file-name> system:candidate-config

|******************************************| 100% (576B) Success!

<config-file-name> – name of the controller configuration backup file;
<USB_DISK> – partition name on the USB storage;
<MMC_DISK> – partition name on the MMC storage.

Applying and confirming the loaded configuration

To apply and confirm operation of the configuration loaded earlier in the 'system:candidate-config' section, run the following commands:

wlc# commit
Configuration has been successfully applied and saved to flash. Commit timer started, changes will be.
wlc# confirm
Configuration has been confirmed. Commit timer canceled.

Checking the current firmware version and secondary bootloader (U-boot) version

Currently used secondary bootloader (U-Boot) and main firmware versions can be checked:

in the CLI of the main firmware;
in the console interface output when loading the controller.

Checking current firmware version and version of the secondary bootloader (U-boot) in the main firmware CLI

To check the current firmware version and the version of the secondary bootloader (U-boot) in the CLI of the main firmware, execute the show version command:

wlc# show version

Boot version:

1.15.3.3 (date 14/11/2022 time 13:30:27) <-- secondary bootloader (U-Boot) version

SW version:

1.15.3 build 3[a813b5c65] (date 14/11/2022 time 13:20:25) <-- active image version of the controller main firmware

HW version:

1v2 <-- hardware version of the controller

Checking the current firmware version and the version of the primary (sbi, bl1) and secondary (U-boot) bootloaders in the output of the console interface when loading the service router

To check the current firmware version and the version of the secondary bootloader (U-boot) in the output of the console interface when loading the controller, do the following:

1. Connect to the WLC controller via the Console interface on the front panel of the controller using the following parameters of the PC RS-232 interface:

Baud rate: 115200 bps;
Data bits: 8 bits;
Parity: no;
Stop bits: 1;
Flow control: no.

2. Reboot the controller using one of the following methods:

Switch the power off and then switch it back on. The interval between switching off and on must be at least 20 seconds. Briefly press the function button F on the front panel of the controller.
Execute the reload system command in the CLI of the main firmware of the controller.

WLC# reload system
Do you really want to reload system ? (y/N): y

3. During the loading, information about the versions will be displayed in the console:

Primary bootloader (sbi, bl1 depending on the controller model):
SBI:1.17.3.11 (14/11/2022 - 12:55:55)
Chip is NSP B1
Booting from SPI-NOR

NOTICE: Cold boot
NOTICE: BL1:1.15.3.2 (28/12/2022 - 15:56:46)

BRCM XLP Stage 1 Loader (X-Loader:1.17.3.11) [Big-Endian] (14/11/2022 - 13:21:58)
XLP316B2: Node 0 frequency: CPU=1400MHz, SOC=1999MHz, REF=133MHz
POWER ON RESET CFG:43F94FA8,VRM: 0x6868, PRID: 0xC1104
Secondary bootloader (U-boot):
NOTICE: BL31:1.15.3.2 (28/12/2022 - 15:56:46)
U-Boot:1.15.3.2 (28/12/2022 - 15:56:46)
Main firmware version:
[ 0.000000] Booting Linux on physical CPU 0x0
[ 0.000000] Software version: 1.15.3 build 3[2555a4e8a] date 28/12/2022 time 17:44:53

Firmware update via CLI of the WLC main firmware

Firmware update from version 1.30.0 to 1.30.2

ESR-15, ESR-30, ESR-3200, vWLC are updated using the same algorithm.

Before updating, use the show date command to verify that the correct date and time are set on the device.

If an incorrect date is set on the controller, certificate validation will prevent the configuration changes from being applied after the update.

Firmware version 1.30.2 is cumulative (it contains updated versions of the primary and secondary loaders), so it will be enough to:

Make a backup copy of the configuration.
Check that the date and time on the controller are correct.
Download the firmware for the AP to the controller.
Download the firmware for the WLC controller.
Select fimware image version 1.30.2 for the next download.

Turning off the power before the boot system {image-1|image-2} command is finished may cause the controller to malfunction.

Reboot the controller.

Minimal firmware version of AP:

WEP-1L/2L and WOP-2L — 2.5.6 or higher
WEP-30L/30L-Z/200L and WOP-20L/30L/30LI/30LS — 2.6.0 or higher
WEP-3L — 2.5.3 or higher
WEP-3ax — 1.14.0 or higher
WEP-2ac/2ac Smart, WOP-2ac/2ac rev.B/2ac rev.C — 1.25.2 or higher

The firmware for the AP must be downloaded to the controller before updating it. Then after rebooting the WLC, the AP will automatically update to the new firmware. If the firmware has been downloaded to the controller after it has been updated, then the clear wlc ap command must be executed to reconnect the APs and update the firmware.

Updating to version 1.30.2 can be done from any previous version, but the recommendations for each version described below must be followed.

When updating from version 1.15.3, the secondary bootloader must be updated at the same time as the main firmware (see section Secondary bootloader update).

Firmware update from version 1.26.1 to 1.30.0

ESR-15, ESR-30, ESR-3200, vWLC (started with 1.27.0 version) are updated using the same algorithm.

Before updating, use the show date command to verify that the correct date and time are set on the device.

If an incorrect date is set on the controller, certificate validation will prevent the configuration changes from being applied after the update.

Firmware version 1.30.2 is cumulative (it contains updated versions of the primary and secondary loaders), so it will be enough to:

Make a backup copy of the configuration.
Check that the date and time on the controller are correct.
Download the firmware for the AP to the controller.
Download the firmware for the WLC controller.
Select fimware image version 1.30.2 for the next download.

Turning off the power before the boot system {image-1|image-2} command is finished may cause the controller to malfunction.

Reboot the controller.

Minimal firmware version of AP:

WEP-1L/2L and WOP-2L — 2.5.6 or higher
WEP-30L/30L-Z/200L and WOP-20L/30L/30LI/30LS — 2.6.0 or higher
WEP-3L — 2.5.3 or higher
WEP-3ax — 1.14.0 or higher
WEP-2ac/2ac Smart, WOP-2ac/2ac rev.B/2ac rev.C — 1.25.2 or higher

The firmware for the AP must be downloaded to the controller before updating it. Then after rebooting the WLC, the AP will automatically update to the new firmware. If the firmware has been downloaded to the controller after it has been updated, then the clear wlc ap command must be executed to reconnect the APs and update the firmware.

Updating to version 1.30.0 can be done from any previous version, but the recommendations for each version described below must be followed.

When updating from version 1.15.3, the secondary bootloader must be updated at the same time as the main firmware (see section Secondary bootloader update).

After updating to version 1.30.0 it will be possible to update the controller and AP firmware via WEB interface.

Firmware update from version 1.19.2 to 1.26.1

ESR-15, ESR-15R, ESR-30, ESR-3200 are updated using the same algorithm.

Before updating, use the show date command to verify that the correct date and time are set on the device.

If an incorrect date is set on the controller, certificate validation will prevent the configuration changes from being applied after the update.

Firmware version 1.26.1 is cumulative (it contains updated versions of the primary and secondary loaders), so it will be enough to:

Make a backup copy of the configuration.
Download the firmware for the AP to the controller.
Download the firmware for the WLC controller.
Select fimware image version 1.26.1 for the next download.

Turning off the power before the boot system {image-1|image-2} command is finished may cause the controller to malfunction.

Reboot the controller.

Minimal firmware version of AP:

WEP-1L/2L/30L/30L-Z/200L and WOP-2L/20L/30L/30LS — 2.5.0 or higher
WEP-3ax — 1.12.0 or higher
WEP-2ac/2ac Smart, WOP-2ac/2ac rev.B/2ac rev.C — 1.25.0 or higher

The firmware for the AP must be downloaded to the controller before updating it. Then after rebooting the WLC, the AP will automatically update to the new firmware. If the firmware has been downloaded to the controller after it has been updated, then the clear wlc ap command must be executed to reconnect the APs and update the firmware.

Updating to version 1.26.1 can be done from any previous version, but the recommendations for each version described below must be followed.

When updating from version 1.15.3, the secondary bootloader must be updated at the same time as the main firmware (see section Secondary bootloader update).

Firmware update from version 1.19.1 to 1.19.2

ESR-15, ESR-15R, ESR-3200 are updated using the same algorithm.

Firmware version 1.19.2 is cumulative (it contains updated versions of the primary and secondary loaders), so it will be enough to:

Make a backup copy of the configuration.
Download the firmware for the AP to the controller.
Download the firmware file for the WLC controller.
Select fimware image version 1.19.2 for the next download.
Reboot the controller.
Check parameters in the configuration.

In version 1.19.2 there is a transition from personal board-profiles to universal radio-profiles, the transition will convert the configuration, board-profiles will be replaced by pre-configured radio-profiles, you should check the radio-profile configuration.

If you have customized individual profiles for access points and have redefined board-profiles (settings of radio interfaces of access points), in which auto channel selection was enabled and the list of channels in the parameter limit-channel was not set, then after the update the list of channels from the common radio-profiles will be used. If it is necessary to change channels – set the required limit-channel list in the individual profile of the required access point.

Minimal firmware version of AP:

WEP-1L/2L/30L/200L and WOP-2L/20L/30L/30LS — 2.3.2
WEP-3ax — 1.11.0

It is necessary to download the firmware for the AP to the controller. The AP will be updated automatically after connection.

Updating to version 1.19.2 can be done from any previous version, but the recommendations for each version described below must be followed.

Firmware update from version 1.19.0 to 1.19.1

After the update, you need to edit the configuration according to the changes:

In 1.19.1, selective inclusion of vlan in SoftGRE tunnels is supported. service-vlan command is added in softgre-controller section, the specified vlans will be included in tunnels after update. In 1.19.0 all created vlans were included in tunnels. Need to add used vlans for Wi-Fi to the configuration.
softgre-controller service-vlan add 3 exit

Configuration of telnet, ssh, web, snmp services on AP is supported, after update they will be disabled. They can be enabled in ap-profile.

On AP web is disabled/enabled simultaneously for HTTP/HTTPS services.

To enable, go to wlc → ap-profile default-ap → services.

wlc(config-wlc-ap-profile)# services 
wlc(config-wlc-ap-profile-services)# 
  snmp-server  Enable SNMP service

wlc(config-wlc-ap-profile-services)# ip 
  http    Configure web-configurator service
  https   Configure web-configurator service
  ssh     Configure SSH service
  telnet  Configure telnet service

Firmware update from version 1.15.3 to 1.19.0

Unlike firmware version 1.19.0 and later, earlier versions do not support cumulative updates. Therefore, in addition to the main firmware, the secondary bootloader must also be updated. As a result, the update process is as follows:

Upload the secondary bootloader (U-boot) to the WLC controller.
Upload the firmware file to the WLC controller.
Select the updated version firmware image for the next download.
Reboot the controller.

After the update it is necessary to edit the configuration according to the changes. The scheme of access point registration on the controller has been changed. Now not only port 8043 but also port 8044 is used. It is necessary to add port 8044 to object-group service sa:

object-group service sa
  port-range 8044
exit

After the WLC is updated, the APs will be listed in the provisioning service and will be waiting for authorization. To view the list of unauthorized access points, use the command:

show wlc service-activator aps

The following command is used to authorize all AP in the list:

join wlc ap

The following command is used to authorize a specific AP:

join wlc ap <MAC_AP>

It is possible to enable automatic authorization mode in the configuration:

wlc# configure 
wlc(config)# wlc
wlc(config-wlc)# service-activator 
wlc(config-wlc-service-activator)# aps join auto 
wlc(config-wlc-service-activator)# do commit
wlc(config-wlc-service-activator)# do confirm

The scheme of SoftGRE tunnels enabling has been changed:
In 1.15.3 version:
Client traffic comes from the AP to a gre-tunnel with a specified vlan tag, on the WLC side a separate subgre-tunnel is created for each vlan and included in the specified Bridges, when leaving the subgre the vlan tag is removed. With this implementation, a subgre-tunnel must be created for each vlan and included in one of the Bridges. WLC does not know vlans that are issued at the moment of radius authorization (if c-vlans with external radius server are used), and cannot raise tunnels for such clients.

In 1.19.0 version:
The logic of SoftGRE tunnels operation in wlc mode has been changed. Previously subgre was unconditionally included in Bridge by WLC configuration, in the new implementation subgre tunnels are absent. Vlan specified in SSID configuration is included in WLC without sub-tunnel termination in Bridge. The use of c-vlan in client traffic tunneling scheme is supported. For correct operation, the vlan must be created in the WLC settings and must be a member of the Bridge or interface.

To raise tunnels, the location parameter, which was previously set on Bridge and in ap-location for SSIDs, is no longer used. Instead, you must enable tunnel mode in ap-location. The vlan-id in ssid-profile must match the vlan-id in bridge users.

Firmware version 1.15.3	Firmware version 1.19.0
bridge 3 security-zone users ip address 192.168.2.1/24 location default enable exit	bridge 3 vlan 3 (=vlan-id в SSID-profile) mtu 1458 security-zone users ip address 192.168.2.1/24 enable exit
ap-location default-location description default-location board-profile WEP-1L default_wep-1l_profile board-profile WEP-20L default_wep-20l_profile board-profile WEP-2L default_wep-2l_profile board-profile WEP-3ax default_wep-3ax_profile board-profile WEP-3ax-Z default_wep-3ax-z_profile board-profile WOP-20L default_wop-20l_profile board-profile WOP-2L default_wop-2l_profile board-profile WOP-3ax default_wop-3ax_profile ssid-profile default-ssid default exit	ap-location default-location description default-location mode tunnel ap-profile default-ap board-profile WEP-1L default_wep-1l_profile board-profile WEP-200L default_wep-200l_profile board-profile WEP-20L default_wep-20l_profile board-profile WEP-2L default_wep-2l_profile board-profile WEP-30L default_wep-30l_profile board-profile WEP-3ax default_wep-3ax_profile board-profile WEP-3ax-Z default_wep-3ax-z_profile board-profile WOP-20L default_wop-20l_profile board-profile WOP-2L default_wop-2l_profile board-profile WOP-30L default_wop-30l_profile board-profile WOP-3ax default_wop-3ax_profile ssid-profile default-ssid exit
	vlan 3 force-up exit

Wireless-controller is renamed to softgre-controller:

Firmware version 1.15.3	Firmware version 1.19.0
wireless-controller nas-ip-address 127.0.0.1 data-tunnel configuration wlc aaa radius-profile default_radius keepalive-disable enable exit	softgre-controller nas-ip-address 127.0.0.1 data-tunnel configuration wlc aaa radius-profile default_radius keepalive-disable enable exit

WLC monitoring commands have been changed:

In 1.15.3 version	In 1.19.0 version	Command description
show wlc connected-ap	show wlc ap	View the list of access points monitored by the controller
show wlc connected-ap detailed	sh wlc ap detailed	View detailed information on all authorized access points
show wlc connected-ap detailed <MAC_AP>	sh wlc ap detailed <MAC_AP>	View detailed information on one of the authorized access points
show wlc connected-ap-clients <MAC_AP>	sh wlc clients ap <MAC_AP>	View information about the wireless client connections of a specific access point
show wlc connected-ap-clients <MAC_AP> detailed	sh wlc clients ap <MAC_AP> detailed	View detailed information about the wireless client connections of a specific access point
show wlc connected-client <MAC_STA>	sh wlc clients <MAC_STA>	View wireless client connection information by its MAC address
show wlc connected-client <MAC_STA> detailed	sh wlc clients <MAC_STA> detailed	View detailed connection information of a wireless client by its MAC address
show wlc connected-ap-interfaces <MAC_AP>	show wlc ap interfaces <MAC_AP>	View information and counters on access point interfaces
show wlc connected-ap-radios <MAC_AP>	show wlc ap radios <MAC_AP>	View the basic parameters of the access point's radio interfaces

Secondary bootloader update

Updating the secondary bootloader requires uploading the file to the controller and rebooting the controller. The operation can be combined with updating the main firmware.

When downloading the secondary bootloader using remote file copying servers, it is necessary to:

Start the appropriate server on the network (tftp/ftp/sftp/http/https/scp).
Copy the <uboot-file> file to the working partition of the remote file upload server.
Provide IP connectivity between the WLC controller being upgraded and the remote file copy server (routing).
Provide remote copy protocol operation between the WLC and the remote file copy server (intermediate firewall).
If necessary (for ftp, sftp, scp, http, https protocols) find out the username and password for downloading the required file.

When loading the secondary bootloader using a USB/MMC key, it is necessary to:

Format the USB/MMC key partition in FAT32 or exFAT format.
Copy the <uboot-file> file to the root partition of the USB/MMC key.
Plug the USB/MMC drive into the appropriate slot on the controller.
Determine the volume label of the connected USB/MMC drive.

Loading the secondary bootloader using one of the remote file upload protocols

wlc# copy tftp://<tftp-server-ip>:/<uboot-file> system:boot-2

|******************************************| 100% (697kB) Bootloader updated successfully.

wlc# copy ftp://<ftp-username>:<ftp-userpassword>@<ftp-server-ip>:/<uboot-file> system:boot-2

|******************************************| 100% (697kB) Bootloader updated successfully.

wlc# copy sftp://<sftp-username>:<sftp-userpassword>@<sftp-server-ip>:/<uboot-file> system:boot-2

|******************************************| 100% (697kB) Bootloader updated successfully.

wlc# copy scp://<scp-username>:<scp-userpassword>@<scp-server-ip>:/<uboot-file> system:boot-2

|******************************************| 100% (697kB) Bootloader updated successfully.

wlc# copy http://<http-username>:<http-userpassword>@<http-server-ip>:/<uboot-file> system:boot-2

|******************************************| 100% (697kB) Firmware updated successfully.

wlc# copy https://<https-username>:<https-userpassword>@<http-server-ip>:/<uboot-file> system:boot-2

|******************************************| 100% (697kB) Bootloader updated successfully.

<tftp-server-ip> – IP address of the TFTP server in use;
<ftp-username> – user name on the FTP server;
<ftp-userpassword> – user password on the FTP server;
<ftp-server-ip> – IP address of the FTP server in use;
<sftp-username> – user name on the SFTP server;
<sftp-userpassword> – user password on the SFTP server;
<sftp-server-ip> – IP address of the SFTP server in use;
<scp-username> – user name on the SCP server;
<ftp-userpassword> – user password on the FTP server;
<scp-server-ip> – IP address of the SCP server in use;
<http-username> – user name on the HTTP server;
<http-userpassword> – user password on the HTTP server;
<http-server-ip> – IP address of the HTTP server in use.

The rules for using firmware files for the different models are described in the section Files used for the update.

Secondary bootloader update using USB/MMC storage

1. Define the volume label of the connected USB/MMC storage:

wlc# show storage-devices usb Name Filesystem Total, MB Used, MB Free, MB ------------------------------ ---------- ---------- ---------- ---------- <USB_DISK> vfat 7664.01 6391.69 1272.32

wlc# show storage-devices mmc Name Filesystem Total, MB Used, MB Free, MB ------------------------------ ---------- ---------- ---------- ---------- <MMC_DISK> vfat 7664.01 6391.69 1272.32

2. Copying file from the USB/MMC storage:

When executing copy commands to USB/MMC media, instead of the <USB_DISK> or <MMC_DISK> fields, use the real volume labels defined above.

wlc# copy usb://<USB_DISK>:/<uboot-file> system:boot-2

|******************************************| 100% (697kB) Bootloader updated successfully.

wlc# copy usb://<MMC_DISK>:/<uboot-file> system:boot-2

|******************************************| 100% (697kB) Bootloader updated successfully.

<USB_DISK> – partition name on the USB storage;
<MMC_DISK> – partition name on the MMC storage.

Preparation for firmware upload

When uploading firmware using remote file copy servers:

Start the corresponding server on the network (tftp/ftp/sftp/http/https/scp).
Copy the firmware file (<firmware-file>) to the working directory of the remote file copy server. The names of the required files depending on the model and hardware version of the device are listed in the section Files used for the update.
Provide IP connectivity between the upddated WLC controller and the remote file copy server (routing).
Ensure operation of the remote copy protocol between the WLC and the remote file copy server (intermediate firewalls).
If necessary (for ftp, sftp, scp, http, https protocols), find out the username and password to write the required file.

When loading the firmware using a USB/MMC media:

Format USB/MMC media partition as FAT32 or exFAT.
Copy the firmware file (<firmware-file>) to the root of the USB/MMC drive. The names of the required files depending on the model and hardware version of the device are listed in the section Files used for the update.
Connect the USB/MMC storage to the appropriate WLC slot.
Define the volume label of the connected USB/MMC storage.

Firmware upload

Using one of the remote file upload protocols

wlc# copy tftp://<tftp-server-ip>:/<firmware-file> system:firmware
|******************************************| 100% (0B) Firmware updated successfully.

wlc# copy ftp://<ftp-username>:<ftp-userpassword>@<ftp-server-ip>:/<firmware-file> system:firmware

|******************************************| 100% (0B) Firmware updated successfully.

wlc# copy sftp://<sftp-username>:<sftp-userpassword>@<sftp-server-ip>:/<firmware-file> system:firmware

|******************************************| 100% (0B) Firmware updated successfully.

wlc# copy scp://<scp-username>:<scp-userpassword>@<scp-server-ip>:/<firmware-file> system:firmware

|******************************************| 100% (0B) Firmware updated successfully.

wlc# copy http://<http-username>:<http-userpassword>@<http-server-ip>:/<firmware-file> system:firmware

|******************************************| 100% (0B) Firmware updated successfully.

wlc# copy https://<https-username>:<https-userpassword>@<http-server-ip>:/<firmware-file> system:firmware

|******************************************| 100% (0B) Firmware updated successfully.

<tftp-server-ip> — IP address of the TFTP server in use;
<ftp-username> — user name on the FTP server;
<ftp-userpassword> — user password on the FTP server;
<ftp-server-ip> — IP address of the FTP server in use;
<sftp-username> — user name on the SFTP server;
<sftp-userpassword> — user password on the SFTP server;
<sftp-server-ip> — IP address of the SFTP server in use;
<scp-username> — user name on the SCP server;
<ftp-userpassword> — user password on the FTP server;
<scp-server-ip> — IP address of the SCP server in use;
<http-username> — user name on the HTTP server;
<http-userpassword> — user password on the HTTP server;
<http-server-ip> — IP address of the HTTP server in use.

The rules for using firmware files for the different models are described in the section Files used for the update.

Using USB/MMC media

1. Define the volume label of the connected USB/MMC storage:

wlc# show storage-devices usb Name Filesystem Total, MB Used, MB Free, MB ------------------------------ ---------- ---------- ---------- ---------- <USB_DISK> vfat 7664.01 6391.69 1272.32

wlc# show storage-devices mmc Name Filesystem Total, MB Used, MB Free, MB ------------------------------ ---------- ---------- ---------- ---------- <MMC_DISK> vfat 7664.01 6391.69 1272.32

2. Copying file from the USB/MMC storage:

When executing copy commands to USB/MMC media, instead of the <USB_DISK> or <MMC_DISK> fields, use the real volume labels defined above.

wlc# copy usb://<USB_DISK>:/<firmware-file> system:firmware

|******************************************| 100% (73786kB) Firmware updated successfully

wlc# copy mmc://<MMC_DISK>:/<firmware-file> system:firmware

|******************************************| 100% (73786kB) Firmware updated successfully.

<USB_DISK> – partition name on the USB storage;
<MMC_DISK> – partition name on the MMC storage.

Selecting version 1.30.2 firmware image for the next upload

WLC controllers store two firmware images (image-1 and image-2) at the same time.

1. Check the contents of the firmware images uploaded to the controller:

wlc# show bootvar

Image Version Date Status After reboot
----- ------------------------- -------------------- ------------ ------------

1 1.30.0 build 2024-12-18 09:24:58 Active *
16[f23466fadf]

2 1.30.2 build 2025-03-05 16:01:09 Not Active
14[a1ba88a123]

When loading a firmware file to the system:firmware partition, the upload is always made to the currently inactive partition.

2. Select the partition containing firmware version 1.30.2 as bootable:

wlc# boot system image-2
This command cannot be interrupted, do not turn off device during process.
Continue? (y/N): y

3. Check that the image containing firmware version 1.30.2 is selected for upload:

wlc# show bootvar

Image Version Date Status After reboot
----- ------------------------- -------------------- ------------ ------------

1 1.30.0 build 2024-12-18 09:24:58 Not Active
16[f23466fadf]

2 1.30.2 build 2025-03-05 16:01:09 Active *
14[a1ba88a123]

If a firmware version that was released earlier than the current firmware version is selected for subsequent download, the current configuration cannot be converted after a reboot and a empty configuration (no factory settings) will be applied. With an empty configuration, the controller can only be connected to using a console connection and the default admin/password.

Rebooting the controller

Reboot the controller using the following command:

wlc# reload system

Do you really want to reload system ? (y/N): y