I have a cisco 5508 WLC and 40 cisco 360021 APs.I configured the WLC and assign the management interface IP and also configured a DHCP pool on my Cisco 4507 core switch wit option 43.But the problem that the APs connot join the WLC.
A customer runs a 5508 WLC for quit a while. several dozens AP's are spread all over Europe an run just fine. All the AP's have a VPN based connection over an MPLS service provider, so we are using 10.x.x.x addresses only. We have upgraded to release 188.8.131.52 to support OEAP 600 and we have configured NAT in the Firewall as well a policy to support the home office AP. Everything works fine until the switch where the WLC was attached to crushed. From this moment on, all internal AP's ar no longer able to register at the WLC. A log at the console port on an AP shows that it tries to access the external (NAT) IP address. We had to remove the NAT flag to support the internal AP's.
I have a 3502i(AP_1) that will not join a 5508 WLC(WLC_1)(code 7.2.103). The 3502i(AP_1) will join 4402 WLC(WLC_2)(Code 7.0.230). I have another 3502i(AP_2) that will join the WLC_1 & WLC_2. I am using capwap discover through DNS and hard coding the primiary WLC to AP_1 & AP_2. When I debug capwap events and errors, I see the static capwap messages and replies. Both of the WLC are on the same subnet. I have defauted the AP_1 and it joins the CISCO-CAPWAP-CONTROLLER as expected. When I change the Primiary WLC to WLC_1 it goes back to the CISCO-CAPWAP-CONTROLLER. If i change the primiary WLC to WLC_2 it joins. If I change the primiary back to WLC_1 it joins WLC_2 even though it is not a secondary. I know the previous joined WLC are stored in NVRAM, so that might be why it is doing that. I can join other ap to WLC_1 just not this one.
I have a facility, where all the access points almost 250 of them are connected to two WisM's (One in each core switch ) . They are running in 6.0.199 firmware . These two WisM's are managed by WCS , which is running 6.0.188.
As i need to add more access points and to make fully redundant , 5500 controller was ordered and it has with firmware 7.0 installed. Couple of queries related with it .
1. Can 5500 be added in the WLC group, so that existing Access Points can be configured to use primary controller as 5500 and secondary / tertiary controller as WISM ?
2. Will 5500 be able to be detected by WCS , as the version of 5500 is 7.0 and WCS version is 6.0.188 ?
3. As WCS was already deployed and live, is it possible to upgrade, if the client has support contract like SUSA ?
We have bought autonomous APs AIR-AP1141N-E-K9 and converted them to the lightweight mode, but they cannot join the WLC 5508. The errors are below. There were NO problems with the LAPs that were bought before, together with the
WLC.AP's IP: 172.22.90.27 IOS version 12.4 WLC's IP: 172.22.90.20 IOS version 184.108.40.206 logs from the AP: Translating "CISCO-LWAPP-CONTROLLER"...domain server (255.255.255.255) *Oct 13 21:37:06.044: %CAPWAP-5-CHANGED: CAPWAP changed state to DISCOVERY *Oct 13 21:37:06.045: %CAPWAP-5-CHANGED: CAPWAP changed state to DISCOVERY *Oct 13 21:37:06.046: bsnInitRcbSlot: slot 1 has NO radio [Code] .....
The time is set to the WLC with the NTP. Don't lookup at the time the logs were made - they were made not during the same day/time
My APs 1142N don't join their WLC. APs and WLC management interface are in the same vlan (WLC can ping all the APs). It is strange because it doesn't seem like they are trying to contact the WLC. What's strange is that I have other AP 1142N which joined this WLC without any problem.
(Cisco Controller) >show sysinfo Manufacturer's Name.............................. Cisco Systems Inc. Product Name..................................... Cisco Controller
I have problems with an AP AIR-CAP1552C-E-K9 (MAC: 2c:36:f8:73:e8:a0 )this AP cannot join to WLC 5508 software version 220.127.116.11.The AP ever gets associated to WLC.
I saw timeout messages and this error message:
%CAPWAP-3-ECHO_ERR: capwap_ac_sm.c:5656 Did not receive heartbeat reply; AP: 2c:36:f8:73:e8:a0
I don´t see any connectivity issues between the AP and WLC thorugh HFC network.One time the AP join to WLC and I saw this messages in debug CAPWAP:
*spamApTask1: Nov 27 09:01:06.316: 2c:36:f8:73:e8:a0 Change State Event Response sent to 10.64.128.165:16012 *spamApTask1: Nov 27 09:01:06.316: 2c:36:f8:73:e8:a0 CAPWAP State: Run *spamApTask1: Nov 27 09:01:06.316: 2c:36:f8:73:e8:a0 Sending the remaining config to AP 10.64.128.165:16012
I have a WLC 5508, AIR-LAP1142N APs and a SSID for students to connect to who bring their own device. I am still testing this and it has not been rolled out but I am running into some serious issues with joining the network. I am authenticating them through a RADIUS server (2008 R2). Problem: many of them cannot connect because they are lacking the certificate.
1. What is a good setup for authentication in a BYOD environment
2. If my setup is good what can I do to allow kids to use their computers on the wireless either without the certificate (which I know is unlikely) or what do I need to have them do to connect. I am hoping it does not involve hard wiring and getting the certificate from the server.
I am new to Cisco wireless solution and would like to ask how to add the AP to the WLC properly. All Cisco 1041 and Cisco 2500 WLC are new. I connect those AP and WLC to the switch without any VLAN tag and the AP can gain the IP address from our DHCP correctly. However, the AP 1041 could not join the WLC successfully.
WLC: Cisco 2500 IP Address: 192.168.1.225 version: 18.104.22.168
Our offcie use WLC2100 Series controller with AIR-LAP1031 and successfully join and running. Now i am trying to replace one ap with AIR-LAP1041N and join with WLC, but i can't and below the error message generate:
My WLC running 22.214.171.124 suddenly could not accept more than 47 APs! Ihave a 1240 trying to join but failed with no obvious reason (no special errors in debugging).
I unplugged one of the joined and the first one joined!! I replugged the second one but could not join!! I unplugged the first one and replugged the second one: the second joined the controller but the first could not associate again!
I have a 4400 WLC for 100APs running the 126.96.36.199software version. Now, only 48 APs are joined, and the WLC dont accept new joins. The log below are from my WLC but appear for all others APs:
%LOG-6-Q_IND: spam_lrad.c:1440 Discarding discovery request in LWAPP from AP 00:3a:98:ae:e3:f0 supporting CAPWAP%LWAPP-6-CAPWAP_SUPP_VER: spam_lrad.c:1440 Discarding discovery request in LWAPP from AP 00:3a:98:ae:e3:f0 supporting CAPWAP%CAPWAP-3-TX_ERR: capwap_ac_sm.c:1966 Failed to transmit discovery response to AP 00:3a:98:ae:e3:f0%CAPWAP-3-ENCODE_ERR: capwap_ac_sm.c:2269 Failed to encode Discovery (code)
We have two cisco 1262 AP and a 4402 WLC, the AP cannot join the WLC. The AP gets the address from dchp
I cannot ping the AP address from the WLC, but i can ping the default gateway and other VLAN addresses.
I already read the info on the this link : [URL] Still our AP cannot join the WLC no matter what i have tried.
- VLAN setup on a Cisco 3560 48 port poe Switch - tunk configured btwn the Gi Interface and the Management physical port - WLC mode is configured for Layer 3 - AP Manager and Management are in the same Subnet - Option 43 is configured for the with the AP Manager's IP address - Opotion 60 is also configured with AP Manager's IP address - the port connected to the APs are in the AP Manager VLAN
I have a problem in join my ap1130ag in my wlc 2504 i activate dhcp internel (172.19.1.50 ----> 172.19.1.60) in wlc and this wlc affected address for ap1130ag (172.19.1.51) wlc and ap1130ag is connected with switch 2960 (port 17,18) this port the switche is configured in trunk mod allowed all vlan then my wlc not detected ap1130ag?
i converted the C1310 to LAP using upgrade tool. but the AP is not able to join the controller i was not able to view SHA Key in upgrade tool, so i ran the "debug pm pki enable " on the controler to get it. i'm still not able to view SHA key.
here is the output of debug command
*spamApTask0: May 21 15:07:43.527: 88:43:e1:d1:fc:9e Received LWAPP JOIN REQUEST from AP 88:43:e1:d1:fc:9e to cc:ef:48:b3:23:ef on port '13' *spamApTask0: May 21 15:07:43.549: sshpmGetIssuerHandles: locking ca cert table
I have some LAP1242 which by mistake were bought for Mesh. I am trying to convert them to LWAPP so what I did first was to convert them to Stand Alone then to LWAPP but I cannot get the AP to join the WLC and sends several error logs.
I attached some logs taken from AP and WLC so that you can figure out what's going on.
I wonder if I have to remove anything from flash either on SA or LWAPP mode (I know that in some cases you have to delete privete-config in order to avoid the AP taken previous configurations). By the way I think I had never seen this c1240-k9w8-mx.124-25e.JA2 on an AP IOS before, I wonder if it has to do with the mesh thing.
I have a cisco AIR-LAP1262N-A-K9 and AIR-LAP1142N-A-K9, and i would like to join to Cisco WLC2106 (software version 188.8.131.52)My ap 1262N have 3 antennas externals with 7dbi of ganancy,Is possible to do it?
I'd WLC 2100 series and 9 access point LAP1142N .8 LAP1142N can work fine and join a capwap controller is ok but only one LAP1142 is can not . Part of LAP is AIR-LAP1142N-A-K9
Apr 2 10:52:42.284: LWAPP_CLIENT_EVENT: spamResolveStaticGateway - gateway found *Apr 2 10:52:42.284: LWAPP_CLIENT_EVENT: spamResolveStaticGateway - gateway found *Apr 2 10:52:42.284: LWAPP_CLIENT_EVENT: Dropping discovery in LWAPP. This AP model is not supported by LWAPP WLC. *Apr 2 10:52:42.284: status of voice_diag_test from WLC is false *Apr 2 10:52:52.284: %CAPWAP-3-ERRORLOG: Go join a capwap controller
I have configured a 1552, that is wired to network, as "Bridge" then "RootAP".
After reboot, I can see a MAP trying to join the network, in the "simple" logs of the controller : "Mon May 6 17:29:43 2013 Mesh Node '04:da:d2:1f:4d:6f' failed to join controller, MAC address not in MAC filter list."
As I have done for the RAP, I enter this MAC address in the MAC Filtering area under Security tab. But this action doesn't solve the problem, I continue to see this message in the controller logs !
If I open a SSH session on the RAP, I can see this block of debug messages repeat all the time : *May 6 15:29:33.163: %MESH-6-ADJ_VIDB_LINK: Mesh neighbor 04da.d21f.4d6f VIDB Virtual-Dot11Radio0 dot1x control *May 6 15:29:33.167: %LINK-6-UPDOWN: Interface Virtual-Dot11Radio0, changed state to up *May 6 15:29:34.167: %LINEPROTO-5-UPDOWN: Line protocol on Interface Virtual-Dot11Radio0, changed state to up *May 6 15:29:43.223: %MESH-6-LINK_UPDOWN: Mesh station 04da.d21f.4d6f link Down *May 6 15:29:43.423: %MESH-6-ADJ_VIDB_LINK: Mesh neighbor 04da.d21f.4d6f VIDB Virtual-Dot11Radio0 going
When I take a look into detailled debug messages of the controller I can see this : *spamReceiveTask: May 06 17:30:44.364: #LWAPP-6-RADIUS_AUTHORIZATION: spam_radius.c:242 The system could not send join reply, AP authorization failed; AP:04:da:d2:1f:4d:6f
I don't know why the system talks about dot1x or Radius Authorization, and if this is the source of my problems. On a other hand, I can see in the debug messages that there is a 2 hours lag time between controller (correct time) and RAP (incorrect, I suppose it synchronize with the controller?)
I setup a mini wireless LAN network lab with a not for resale 2106 wireless lan controller and a sales air-lap1242ag access point. I do not have a DHCP and DNS in my lab environment. I have configured the WLC with the basic configuration using the CLI wizard, i also configured the WLC as a DHCP server for clients that will be connecting to the APs associated to the controller.
I powered up the AP and connect the ethernet port directly to the controller, the controller issued an IP address to the AP, the AP downloaded a new operating system from the controller but failed to join the controller.
I check both debug message on the controller console and the trap messages on the controller's GUI and it say the AP could not download a configuration from the controller and it is beacuse of invalid license. Below is the trap message:
Configuration Phase Statistics Requests ReceivedResponses SentUnsuccessful Request ProcessedReason For Last Unsuccessful AttemptLast Successful Attempt TimeLast Unsuccessful Attempt TimeLast Error SummaryLast AP Message Decryption FailureLast AP Connection FailureLast Error Occurred Last Error Occurred ReasonLast Join Error Timestamp
Also, I tried to log into the GUI of the AP using the both the username and password ''Cisco'' but I cannot get into the device. I can only get in through the CLI. In the CLI, almost all the commands I enter gives an error the it is disabled. I don't know what to do any more, I want to know if the access point is faulty or i am not doing the right thing.