"downgrade" an LWAP into  a full standalone wap
You may come across Cisco  wireless access points whilst dumpster diving biulding refurb sites or at the flea market.
These days most larger corporates run these waps in LWAP  or "capwap" mode  where the access point is completely dumb, all the wireless smarts are in a central wireless lan controller.  In capwap mode, the access point is completely at sea and  useless, unless it can connect to its wlan controller to which it has be licensced.  This means your flee market bargain is basically junk. Here is how to return it to autonomous mode.  You will require the autonomous firmware,  which unfortuneatley I am not permitted to provide on this web site due to legal peril.  You may search  for the binary filenames and you will discover them available on dodgy Russian websites, or you might know a friendly CCIE.  This article is how to use that firmware once you have got it !  Do not browse dodgy Russian websites with a windows pc !  use a standalone cd linux boot cd so that you are not pnnwed/0wned .  Sadly , Cisco  will not permit you to download firmware  without a relevant maintenance contract and a valid CCO login. (for perfectly understandable commercial reasons, thats the way of the world)

you will  require a linux box to follow this recipe.

You require a working TFTP server  that can have any address
between 10.0.0.[2 - 30].  
You require a CISCO 1200/1130 running LWAP code, that
(a) works
(b)  wish to convert to full standalone operation.
(c)  working serial console connection for you to monitor the success or otherwise 
(d)  your tftp server must be able to respond to requests from address some special config may be required

please note that the LWAP IOS lets you look at a few things, but, will not permit you
to modify any setting whatsoever. Its absolutely read only. Early LWAP codes would not let you  reflash firmware from the
serial console interface, however I have discovered that you may download the ios bin file (which you must manually extract from the tar archive)
which you boot and then use to download the full ios tar archive archive.


first get the full wap firmware image which will look something like

c1200-k9w7-tar.122-15.JA.tar   for 1231 wap

c1130-k9w7-tar.default              for 1130 wap

then rename/copy  it to c1200-k9w7-tar.default  for 1200 model wap
 then rename/copy it to   c1130-k9w7-tar.default  for 1130 model

follow this table
cisco tar binary archive target wappagerename file totftp server settingsnote
c1200-k9w7-tar.122-15.JA.tarmodel  1231 c1200-k9w7-tar.defaultmust have ip add 10.0.0.[2 - 30]tested
c1130-k9w7-mx.123-7.JA2.tarmodel 1130c1130-k9w7-tar.defaultmust have ip add 10.0.0.[2 - 30]tested
c1250-k9w7-tar-1.124-25d.JA1.tarmodel 1250c1250-k9w7-tar.defaultmust have ip add 10.0.0.[2 - 30]tested
ap3g1-k9w7-tar.124-25d.JA1.tarmodel 3502c3500-k9w7-tar.defaulttbanot tested
ap3g2-k9w7-tar.152-4.JB3a.tarmodel  3602ap3g2-k9w7-tar.defaultmust have ip add 10.0.0.[2 - 30]
respond to client src addr  
copy  the firmware to the tftp server directory and mark its permissions to be world readable at the interface panel of the WAP there is a tiny push button labelled "mode" whilst holding the push button down power up the WAP.  The LWAP firmware checks this button for only an instant and thats immediately on power up and otherwise completely ignores this button.

Hold the button until one of the front panel LEDS blinks red.  As soon as it turns red, release the button . Observe the serial console output. It should note something like "BUTTON DETECTED" as one of the first  things the IOS says, if not you have to power cycle it again and again until you catch it.

At this point the LWAP firmware will actively hunt for a tftp server at 10.0.0.[2 - 30] and once found will request the file c1200-k9w7-tar.default.  or c1130-k9w7-tar.default  as required, see table above

Keep watch on the console, once the download begins no further action is required. Let it complete in about ten minutes and when it reboots it will be a full WAP again.  It may have no password set but the default will be cisco or Cisco or c1sco.  assign a static ip address for the ethernet interface and then config it from the web interface.

If it does not work the first time, just keep doing it untill it does. The MODE button is only scanned for about 2 seconds. If you can, watch the download with wireshark, it is tftp, to ensure something is actually happening. The process takes about 10 minutes once the download starts.

When the wappage eventually reboots , its default config is to dhcp.  Use the serial console to set an known ip address on the interface BVI1 . and use the web page or cli to configure to suite your requirements.

Not all cisco waps will have an autonomous firmware image available.  Most recent models are now produced to be used with a wireless lan controller engine of some kind and no autonomous images were produced.  There are , however, capwap/lwap server programs available for linux.

Alternative methods.
Plug in to the the serial console. You will get a prompt.  Boot the wap and as it begins booting send a terminal break sequence to the console. Refer to the documentation on your terminal emulator about how to do this. If you get it right , the wap will drop to rommon.  Set up the network config with ip address and tftp in the binary  image firmware file extracted from  another autonomous wap. If that loads in,  boot the binary.  The binary image will boot and present many distressing  messages about this, that and the other module missing, never mind. At this point there is enough functionality to do a complete software download of the complete tar package file.  Download and install this and reboot.  The wap will now be running the autonomous image package with all features, liabilities and bugs that you know and love.  This is a very frustrating process because there is a very tiny window where the firmware will respect the BREAK and drop to rommon.  You will have to fluke it.  Persistance is what is required here.  The more modern waps have fast processors and take very little time to boot and transfer execution to the the capwap code.

If by some lucky chance the former network admin lets you have the password, login to the capwap and start the upgrade commands to point to your image server and the autonomous firmware.  You only have a few seconds to get the parameters in and the download underway before watchdog timers in the capwap trigger and the thing reboots. ( the capwap code is trying to find its controller, when it cannot, it reboots)

Remember that this process is annoying and frustrating for a reason.  Cisco really do want you to buy a new wap and discard the old one.  Probably not a bad idea as old firmware code will contain security vulnerabilities which you will have to live with.

tftp server settings
the standard tftp server settings will work on most linux distros, however some special requirements of late, need special settings.   The default directory for tftp downloads  used to be /tftpboot.  It now often appears as /var/run/tftp .  files should be chmod 666  world read writable  and chown nobody  chgrp nobody for security.
Your server will require the ability to listen and respond to hosts  on 10.0.0.[2 to 30]. easiest way on linux ( you must first terminate the useless annoying  P.O.S that is NetworkManagerd somehow.  It will interfere with your custom settings )

/sbin/ifconfig  eth0:13 netmask up     # this line creates a secondary inferface on interface eth0

(nothing speical about "13", its just my lucky number it could be allmost anything. You may create an unlimited number of secondary interfaces each must have a unique non overlapping network address/mask )

the tftp server requires xinetd  to run, so install the tftpserver and xinetd packages
in the /etc/xinetd.d directory, there is a set of files that configures various small servers
edit the file tftp to look somehing like this

[ralphk@NEW-CORPORATE-PENGUIN xinetd.d]$ cat tftp
# default: off
# description: The tftp server serves files using the trivial file transfer \
#       protocol.  The tftp protocol is often used to boot diskless \
#       workstations, download configuration files to network-aware printers, \
#       and to start the installation process for some operating systems.
service tftp
        socket_type          = dgram
        protocol               = udp
        wait                    = yes
        user                    = root
        server                  = /usr/sbin/in.tftpd   <<<points to where server binary lives
        server_args          = -s /tftpboot  -a <<< permits response to broadcast IP
#     server_args          = -s /tftpboot
        disable                 = no    <<< by default it is disabled on all standard distros, you must enable
        per_source          = 11
        cps                     = 100 2
        flags                   = IPv4

[ralphk@NEW-CORPORATE-PENGUIN xinetd.d]$ pwd

getting firmware.  I regret that for legal reasons I cannot and will not provide you with firmware. You will require a valid Cisco maintenance contract or a friendly CCIE . I have heard that if you search for the filenames they might  be found on various Russian sites. Beware, you may be getting more than you anticipated if you use these dodgy .ru/.cn  sites. Do use a standalone CD boot linux cd distro before surfing  dodgy websites so you do not get 0wned.


AIR-CAP3502I-E-K9 as autonomous access point

hi there,

I have a air-cap3502i-e-k9 access point which I would like to use as a atonomous access point.

I have read that you can use IOS ap3g1-k9w7-tar.124-25d.JA1.tar (for aironet 1260) on the aironet 3500 and it should work as a autonomous access point.