I recently acquired a handful of Cisco LAP1142n access points. I was excited to have Cisco APs as I have been having trouble with WiFi at home and was limited to the number of clients, range, and worst of all, 2.4GHz only. The 1142n model, while quite old, supports all those things and will do it far better than the Sophos AP10 devices I was using.
There is just one problem… the L portion of the model number stands for “lightweight”. This means that it isn’t running much code on it and requires the use of a controller. While I’ve got a lot of gear at home, I’m not planning on running one of those.
While researching what I could do with these APs, I discovered that it is possible to upload the autonomous firmware (autonomous somehow meaning you manually configure them) onto a lightweight AP. Most of the information I was reading however mentioned logging into the AP and TFTPing it over to load it.
The problem is, I don’t have the credentials to get onto it. Digging a little deeper, I found an article by a blog name Reggle. It mentions it is possible to reset the AP and in doing so, it will automatically attempt a download via TFTP. The article was useful, but appeared to be missing a few key pieces, or at least spelling it out.
So I’ve laid out the steps out here I took to change over these APs to autonomous mode.
- Get the correct firmware
This part was a little difficult. Since Cisco likes your money, you have to have a Cisco account, and have the appropriate licensing for these APs. I don’t happen to have that licensing. So a little trick was to find the name of the firmware I wanted to use and then head over to Google. The firmware file I choose (autonomous version) was named c1140-k9w7-tar.153-3.JD11.tar. Do a Google search for that name, and maybe throw in FTP, and you’re sure to find someone hosting the file. I know, your first thought is what if the file is hacked. For a little piece of mind, Cisco provides the MD5SUM for their firmware, so I just checked that against the file I downloaded. - Get Putty and tftpd64
You should already have Putty. I chose tftpd64 because they have a portable version. Run tftpd64 and point the folder to where you have the firmware file download. For good luck, I made a copy of the file and named it c1140-k9w7-tar.default as this appears to be the file referenced. - Get a 48V Cisco Power Adapter
Showstopper for some I’m sure. I tried to do this through my switch, but it didn’t appear to work. Maybe VLANs got in the way. Maybe I should have just used a dumb-switch. I chose a power adapter because I just happened to come across one. - Connect the console cable and Ethernet
Connect up your console cable and your computer’s Ethernet port to the AP. It’s important that there is nothing else in the middle. The AP is going to send out a broadcast and you want your computer to respond. Go ahead and open up Putty using serial to the associated COM port of your console cable. Change the IP address on your PC to something in the 10.0.0.1/24 range, but don’t use .1. I used .10. Subnet should be 255.255.255.0, leave the rest blank. - Power up the AP
Hold down the MODE button and plug in the power (if you are trying PoE, hold the MODE button before you plug in the Ethernet cable). Keep holding it down until the light turns orange. In a few moments, you will see the AP console output default to the AP to 10.0.0.1 and then do a broadcast for TFTP. One thing I did here, based on the comments in the article, was to add a static ARP entry. I’m not 100% sure this was necessary, since I was using a direct cable, but if you need to try it, here is the command:netsh interface ipv4 add neighbors "<network adapter name>" 10.0.0.1 <mac address of ap, dashed>
- Install the Firmware
Really nothing to do here, just watch it go through it all. Takes about 10 minutes. When it is done, you’ll see a final boot sequence and some syslog type output. From here, I hit enter, and then went into enable and tested the default password of “Cisco” (case-sensitive). - Configure the AP
From here, you can now put the AP on your network (it has DHCP enabled, so I just set a MAC reservation). You can then telnet or go through the web interface. The default username and password are both Cisco.