From Cisco's Kangupta
Many times we see instances where the RMA controller is shipped with an LDPE image.
(Cisco Controller) >show sysinfo
Manufacturer's Name.............................. Cisco Systems Inc.Product
Name..................................... Cisco Controller
Product Version.................................. 7.0.116.0
Bootloader Version............................... 1.0.1
Field Recovery Image Version..................... 6.0.182.0
Firmware Version................................. FPGA 1.3, Env 1.6, USB console 1.27
Build Type....................................... DATA + WPS + LDPE
An upgrade to an non LDPE code fails with this error-
"ERROR: Incompatible SW image.ERROR: Please install the Data Payload Encryption licensed image"
The LDPE image is used for Customers who are not legally allowed to use DTLS Data encryption within their regulatory domain (Russia-specific).
Conversion from LDPE to a non LDPE image
1) Upgrade WLC to 7.0.230.0 LDPE image- e.g. AIR-CT5500-LDPE-K9-7-0-230-0.aes for a 5508
2) Download and install a free DTLS license from Cisco.com (if one is not already installed):
To Obtain a Data DTLS License:
Step 1 Browse to http://cisco.com/go/license
Step 2 Under Get New, choose IPS, Crypto, Other Licenses
Step 3 Choose the controller platform, enter the product ID and serial number.
Step 4 Complete the remaining steps to generate the license file. The license will be provided online or via email.
Step 5 Copy the license file to your TFTP server.
Step 6 Install the license by browsing to the WLC Web Administration Page:
Management --> Software Activation --> Commands -->Action: Install License
3) Once the DTLS license is installed, you will be able to upgrade/downgrade to any WLC code (including Non-LDPE).
(Cisco Controller) >show license summary
License Store: Primary License Storage
StoreIndex: 0 Feature: base Version: 1.0
License Type: Permanent
License State: Active, Not in Use
License Count: Non-Counted
License Priority: MediumLicense Store: Primary License Storage
StoreIndex: 1 Feature: base-ap-count Version: 1.0
License Type: Permanent
License State: Active, In Use
License Count: 500 /1 (Active/In-use)
License Priority: Medium
License Store: Primary License Storage
StoreIndex: 2 Feature: data_encryption Version: 1.0
License Type: Permanent
License State: Active, In Use
License Count: Non-Counted
License Priority: Medium
If the controller is on 7.0.116.0 LDPE code; you installed the DTLS license and then try to migrate to non LDPE code version of 7.0.116.0, it would fail with the following error-
*Transfer: Mar 28 11:32:56.609: RESULT_STRING: Transfer failure :
Upgrade from LDPE to non LDPE software is not allowed.
So, you will need to get on to 7.0.230.0 LDPE image (e.g. AIR-CT5500-LDPE-K9-7-0-116-0.aes for a 5508) first before you can move to a non LDPE code.
This capability was introduced via CSCtw78061; meaning after installing the DTLS license you can download normal image from LDPE code just fine.
Symptom: No upgrade/downgrade is allowed from LDPE image to NON_LDPE image.
Conditions: transfer download of non-ldpe image from ldpe image
Workaround: if there is a dtls license installed and active, then upgrade/downgrade of non-ldpe image from a ldpe image is allowed.
This is addressed in 7.0.230.0 and 7.2.104.24