• March 20, 2019, 04:36:03 PM
Welcome, Guest. Please login or register. Registration is free.
Did you miss your activation email?

Author Topic: Troubleshooting 2270 WLAN and 2231 APs  (Read 4765 times)

0 Members and 1 Guest are viewing this topic.

Offline Romeyn

  • Rookie
  • **
  • Posts: 19
    • http://linkedin.com/in/romeynprescott
Troubleshooting 2270 WLAN and 2231 APs
« on: April 07, 2014, 10:06:26 AM »
We have a pair of Nortel WLAN -- 2270 Security Switches and a fleet of Nortel 2231 (nee Airespace AP1200) LWAPs to go with them.  I've been pressing some of them back into service in places where we have "wants" for WiFi that aren't justified as a bonafide "need".  But that's internal politics and not why you're here.

We affectionately call the 2231a "Cylons" because of the way the 4 LEDs behave in POST.  Recently, a few of the 2231s have been...er..."cyloning"--in a constant state of POST.  Logs on the 2270 indicate some kind of certificate mismatch:

----------
Apr  4 14:56:47 10.137.31.230 [ERROR] File: sshpmPkiApi.c : Line: 1254 : current time outside AP cert validity interval.
Apr  4 14:56:47 10.137.31.230 [ERROR] File: spam_lrad.c : Line: 3523 : LWAPP Join-Request does not include valid certificate in CERTIFICATE_PAYLOAD from AP 00:0b:85:0b:d1:d0
Apr  4 14:56:47 10.137.31.230 [ERROR] File: spam_crypto.c : Line: 1482 : Unable to free public key for AP  00:0B:85:0B:D1:D0
Apr  4 14:56:47 10.137.31.230 [ERROR] File: spam_lrad.c : Line: 864 : spamProcessJoinRequest : spamDecodeJoinReq failed
----------

I have verified that the date and time on the 2270 are correct.  A 2231 no longer registers at all on the 2270's console (beyond the error in the log).

I have exhausted my Google-Fu on this.  All documentation seems to be for Cisco/Airespace gear, but Nortel seems to have taken certain liberties in their rebranding of this gear, such that commands and procedures don't exist for the 2270.  And there certainly is no "mode" button on the 2231!

And insight into how to correct this error--or how to perform a hard/factory reset on a 2231--would be appreciated!


Offline tbigby

  • Full Member
  • ***
  • Posts: 60
Re: Troubleshooting 2270 WLAN and 2231 APs
« Reply #1 on: April 08, 2014, 08:27:09 PM »
Wow those are old. Although we did only get rid of ours 2 years ago, but we had many failures occurring and obviously no support/updates for a long time.

From the error I'd guess that the certificate lifetime of the AP software has expired, in which case there's no way they'll connect to your controller. I guess they never expected to be still around in 10 years time since 2004, or they expected to have an update available.

My suggestion would be to set the clock on the 2270 Security Switch back a few years and see if the APs will connect then.

I don't remember a way to reset an AP to factory without it being connected to the controller.
Tony Bigby

Offline Romeyn

  • Rookie
  • **
  • Posts: 19
    • http://linkedin.com/in/romeynprescott
Re: Troubleshooting 2270 WLAN and 2231 APs
« Reply #2 on: April 15, 2014, 09:30:28 AM »
We have a fleet of these things, and TWO 2270 controllers.  They have always "just worked."

Most of the LWAPPs ARE still working.  But a handful are doing...this.

I tried deleting the NTP server and manually rolling the clock back to 2005.  No luck.

All my Googling comes up with is Cisco stuff, which assumes 1) that the LWAPP is layer 3 enabled and searches for an IP address when it comes on and 2) is running IOS (Cisco) and that I can somehow upgrade it via an interface which my LWAPPs don't have.

The lack of documentation is...aggravating.  As is the notion that just because it's old we should throw it out.  (We have pressed some of these into service because the 2230s we have don't work as advertised...and even THOSE are now EOL.  :-(  )

Anyhow, I digress.  Any Nortel geezers out there (I use the term with nothing but love!) out there with some more ideas/wisdom to share?

Thanks,
Romeyn

Offline jquickuk

  • Rookie
  • **
  • Posts: 3
Re: Troubleshooting 2270 WLAN and 2231 APs
« Reply #3 on: May 15, 2014, 09:17:03 AM »
We had this exact problem on Monday morning leaving one of our distribution centers off the air all day! Over the weekend there was some power work done on 2 of the 4 RF controllers and any AP's that were adopted to those two could not adopted elsewhere.

Monday evening we managed to get it working and thought I should share in case there is anyone else out there unfortunate enough to still have this kit lying around.

1. SWITCH > Network Time Protocol - Delete any NTP servers
2. COMMANDS > Time - Change the date to May 12th 2013

As soon as we did this the AP's were adopting, it automatically did some firmware download and were all readopted within 15 minutes. I wonder if changing the date to 2005 as Romeyn did was too far in the past and could have been before the certificate issued date?

Hope this help!

Offline Romeyn

  • Rookie
  • **
  • Posts: 19
    • http://linkedin.com/in/romeynprescott
Re: Troubleshooting 2270 WLAN and 2231 APs
« Reply #4 on: May 15, 2014, 09:46:54 AM »
I'm going to try right now!!!

Offline Romeyn

  • Rookie
  • **
  • Posts: 19
    • http://linkedin.com/in/romeynprescott
Re: Troubleshooting 2270 WLAN and 2231 APs
« Reply #5 on: May 15, 2014, 09:59:59 AM »
Holy crap, it worked.

THANKS!!!!! ;D

Offline jquickuk

  • Rookie
  • **
  • Posts: 3
Re: Troubleshooting 2270 WLAN and 2231 APs
« Reply #6 on: May 15, 2014, 10:45:45 AM »
Result!  8)

Looking through the internet it might only be the two of us still running this kit. Safe to say we intend to swap it all out in the very near future!