AP rejected on vSG "because of ACL setting"

  • 1
  • Question
  • Updated 2 months ago
  • Answered
I am unable to add multiple R600 APs at a remote site to our vSZ. I'm moving them from a local (to them) ZD to a remote (central location) vSZ, but the procedure I've used many times no longer works. I factory defaulted the AP, then "set director ip xxx.xxx.xxx.xxx" and rebooted, and it does contact the vSZ, but the controller is rejecting it with this error:

"
ZD-AP [obscured] model [R600] is not being upgraded with Virtual SmartZone AP firmware because of ACL setting."

I then tried upgrading the AP to 100.x standalone firmware, but same results... it gets rejected with that error. Any idea what is wrong? I've added APs from remote sites  with no problem, so this is a first for me.
Photo of Jim Michael

Jim Michael

  • 41 Posts
  • 11 Reply Likes

Posted 9 months ago

  • 1
Photo of Marcus Burton

Marcus Burton, Official Rep

  • 27 Posts
  • 17 Reply Likes
Hi Jim,
The ACL setting referred to here is for the lwapp2scg conversion utility that allows ZD-based APs to connect to the SZ. In the SZ CLI, you can change this setting:

vSZ# config

vSZ (config)# lwapp2scg

vSZ (config-lwapp2scg)# policy accept-all 

If the problem persists after this, try (just for confirmation) to change the policy to "accept" and then enter a rule (vSZ (config-lwapp2scg)# acl-ap...) to add an allow rule for that specific AP. 

Also, can you share what build you are working from? 

thanks,
Marcus   
Photo of Jim Michael

Jim Michael

  • 41 Posts
  • 11 Reply Likes
Thank you! This solved my problem immediately. Appreciate the help,.
Photo of Jeronimo

Jeronimo

  • 257 Posts
  • 28 Reply Likes
I have met same problem.

At that time, I did diabling  and re-enabling the command as "policy accept-all".

As a result this solved.

It may a bit bug becaue default setting is "policy accept-all".
Photo of New Life IT

New Life IT

  • 1 Post
  • 1 Reply Like
Solved our problem as well - thank you!
Photo of Greg Marcoux

Greg Marcoux

  • 1 Post
  • 0 Reply Likes
Yep, same here. Thanks!