Cisco Wireless :: AP1252 Can't Join On WLC
			Apr 8, 2012
				WLC software 7.2.103.0
 
1. first problem: AP1252 can´t join on WLC. MAC was add on mac filter properly.
 
170Mon Apr 9 15:37:32 2012Mesh Node '2c:3f:38:be:53:ef' failed to join controller, MAC address not in MAC filter list.171Mon Apr 9 15:37:32 2012AAA Authentication Failure for UserName:2c3f38be53e0 User Type: WLAN USER172Mon Apr 9 15:37:32 2012Coverage hole pre alarm for client[1] 40:a6:d9:ef:87:68 on 802.11b/g interface of AP 2c:3f:38:bf:0c:80 (AP2c3f.38bf.0c80). Hist: 46 7 5 4 2 1 0 0 2 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0173Mon Apr 9 15:37:32 2012Coverage hole pre alarm for client[1] 8c:7b:9d:05:a0:67 on 802.11b/g interface of AP 2c:3f:38:bf:0c:80 (AP2c3f.38bf.0c80). Hist: 50 1 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0174Mon Apr 9 15:37:30 
[code]....
Several APs can´t join on WLC and all are added on MAC filter, but they are showing this messages.  
 
2 . Second problem.:  Operational Status = UNKNOWN
Some Access Point are in UNKNOWN status. I tried but I can´t do the reboot. I can access Web config the APs using WLC, but when I applied the reset, it wasn´t working properly.
	
	View 2 Replies
  
    
	ADVERTISEMENT
    	
    	
        Jan 16, 2012
        have Cisco AIR-AP1252-AG-A-K9 Access Point and 5GHZ radios are not working but interface status showing is up and running but signal is very weak I think it's working through only internal antennas when i connect external antenna even the signal is very weak and i am using external antennas air-ant5135dw-r=.  What is the exact problem of that 5ghz radios.  I have tried through external antenna gain 9,11 and 27, and all i tested but not working.
	View 7 Replies
    View Related
  
    
	
    	
    	
        May 22, 2013
        I am having problems authenticating client computers onto the wireless network using a Cisco AP1252 via radius
 
Setup:
I have a Cisco AP1252 wireless Access Point connected to a Cisco ASA5510 on subnet X.X.5.Z    The access point ip address is X.X.5.101 
The ASA on another port is also connected to the wired network on a different subnet X.X.0.Z 
 
On the wired network are two radius servers - Ubuntus servers running freeradius which are running fine and reliably authenticate wired users for ssh connections to the ASA and importantly to the AP1252 as well (The radius servers ip addresses are X.X.0.191 and X.X.0.192)
 
Problem:
When a wireless user tries to connect to the wireless network via the AP1252 after being disconnected form it for a while (or after waking from a long sleep) they are never authenticated. They just try over and over and never obtain an IP
 
Interestingly in such a case neither Ubuntu server shows any sign of receiving an authentication request from the AP  - Both ubuntu servers are running in debug mode so they show any activity - there is none
Oddly:
If i try to authenticate a user wirelessly to the AP and leave it in the usual state of trying over and over (with no visible activity on the ubuntu servers) BUT then go to a wired machine and attempt to authenticate an ssh connection to the AP1252 using a terminal command     ssh user1@X.X.5.101   THEN as soon as I hit enter on that request (and before I enter a password for the ssh connection) THE WAITING WIRELESS USER IS IMMEDIATELY AUTHENTICATED (and the ubuntu server shows the authentication activity for the wireless user
I really do not understand this and cannot use this method to facilitate wireless user authentication 
 
What might be causing this behavior - it seems like the AP sleeping and the wired ssh request wakes it up so that it sees the pending wireless user waiting and then acts on that completing the wireless user authentication request.
	View 11 Replies
    View Related
  
    
	
    	
    	
        Jul 12, 2012
        I am having connectivity/stability problems with wifi clients, using 14 accesspoints (Cisco AP1252). All wifi clients are impacted, no matter which AP they are associated with.
 
Symptoms :
------------------
- client associates to a ssid, everything runs fine
- all of a sudden, the client begins having problems contacting certain LAN servers, while others still work.
- after a little while, situation comes back to normal
 
After hours (and days..) of testing and troubleshooting, I have nailed the problem to be at the AP1252 level. When the client experiences problems, he does not receive Broadcast traffic (thus, he cannot respond to the ARP requests from the server he is trying to contact).
 
While the client was experiencing the problem, I have configured a port on same switch, to act as a monitor port for the AP he was associated to at the time :   it seems to me that the accesspoint DOES receive the broadcasts ARP at all times.  Only sometimes it prevents them from reaching the wireless clients.. I did a tcpdump on 2 different clients who were associated to the same accesspoint :  both were not getting the broadcasts from the lan.
 
Tcpdump arp from a wireless client (172.30.2.32) :
	View 2 Replies
    View Related
  
    
	
    	
    	
        Jun 8, 2011
        i have problem with my 3 new cisco AP1252AG and Radius server (windows 2000 IAS).On the 3 AP, i have two ssid :,One with Wpa pre-shared key,the other one with EAP/radius,the one with preshared key works well  but the other have some trouble, here is the error message ,i have check the shared secret in radius and ap and it's ok.The error appears randomly.
	View 1 Replies
    View Related
  
    
	
    	
    	
        May 16, 2013
        I am new to Cisco wireless solution and would like to ask how to add the AP to the WLC properly. All Cisco 1041 and Cisco 2500 WLC are new. I connect those AP and WLC to the switch without any VLAN tag and the AP can gain the IP address from our DHCP correctly. However, the AP 1041 could not join the WLC successfully.
WLC: Cisco 2500
IP Address: 192.168.1.225
version: 7.4.100.0
	View 5 Replies
    View Related
  
    
	
    	
    	
        Mar 24, 2013
        Our offcie use WLC2100 Series controller with AIR-LAP1031 and successfully join and running. Now i am trying to replace one ap with AIR-LAP1041N and join with WLC, but i can't and below  the error message generate:
 
[code]....
	View 2 Replies
    View Related
  
    
	
    	
    	
        Jul 10, 2012
        I am trying to set up a Wireless network a WLC hosted on an SRE module in a 2911 router. I think i have most of my bases covered but there is still one problem.
 
My LAP1131AG AP's won't join the controller, on the AP im am seeing this:
Translating "CISCO-LWAPP-CONTROLLER.test.local"...domain server (192.168.250.10) [OK]
[Code].....
But to my knowledge an LWAP AP schould be able to join a CAPWAP WLC
	View 2 Replies
    View Related
  
    
	
    	
    	
        Jun 10, 2013
        I'm new in installing WIFI, I have WLC 2504 using 7.4.100.0. I have AP 1600 (AIR-CAP1602E-E-K9)
 
I installed the WLC and AP in a cisco poe switch, wlc and ap are in the same subnet and can ping ap from WLC, but the AP cannot join the wlc. i have this error message
 
(Cisco Controller) >show ap join stats detailed 00:06:f6:d6:03:f0
 
Sync phase statistics
- Time at sync request received............................ Not applicable
- Time at sync completed................................... Not applicable
	View 15 Replies
    View Related
  
    
	
    	
    	
        Jan 31, 2013
        I have converted ap 1131 from autonomous to lwapp successfully by using upgrade utility tool but the AP does not join the WLC 2106. I can see it as a neighbor on the switch with no IP address.
	View 19 Replies
    View Related
  
    
	
    	
    	
        Jun 29, 2011
        My WLC running 6.0.182.0 suddenly could not accept more than 47 APs! Ihave a 1240 trying to join but failed with no obvious reason (no special errors in debugging).
I unplugged one of the joined and the first one joined!! I replugged the second one but could not join!! I unplugged the first one and replugged the second one: the second joined the controller but the first could not associate again!
	View 4 Replies
    View Related
  
    
	
    	
    	
        Jan 24, 2011
        I have a 4400 WLC for 100APs running the 7.0.98.0software version. Now, only 48 APs are joined, and the WLC dont accept new joins. The log below are from my WLC but appear for all others APs:
 
%LOG-6-Q_IND: spam_lrad.c:1440 Discarding discovery request in LWAPP from AP 00:3a:98:ae:e3:f0 supporting CAPWAP%LWAPP-6-CAPWAP_SUPP_VER: spam_lrad.c:1440 Discarding discovery request in LWAPP from AP 00:3a:98:ae:e3:f0 supporting CAPWAP%CAPWAP-3-TX_ERR: capwap_ac_sm.c:1966 Failed to transmit discovery response to AP 00:3a:98:ae:e3:f0%CAPWAP-3-ENCODE_ERR: capwap_ac_sm.c:2269 Failed to encode Discovery (code)
	View 2 Replies
    View Related
  
    
	
    	
    	
        Jun 7, 2012
        We have two cisco 1262 AP and a 4402 WLC, the AP cannot join the WLC. The AP gets the address from dchp
 
I cannot ping the AP address from the WLC, but i can ping the default gateway and other VLAN addresses. 
 
I already read the info on the this link :  [URL] Still our AP cannot join the WLC no matter what i have tried. 
  
Setup
 
- VLAN setup on a Cisco 3560 48 port poe Switch
- tunk configured btwn the Gi Interface and the Management physical port
- WLC mode is configured for Layer 3
- AP Manager and Management are in the same Subnet
- Option 43 is configured for the with the AP Manager's  IP address
- Opotion 60 is also configured with  AP Manager's  IP address
- the port connected to the APs are in the AP Manager VLAN
	View 12 Replies
    View Related
  
    
	
    	
    	
        Mar 12, 2013
        I have a problem in join my ap1130ag in my wlc 2504 i activate dhcp internel (172.19.1.50 ----> 172.19.1.60) in wlc and this wlc affected address for ap1130ag (172.19.1.51) wlc and ap1130ag is connected with switch  2960 (port 17,18) this port the switche is configured in trunk mod allowed all vlan then my wlc not detected ap1130ag?
	View 4 Replies
    View Related
  
    
	
    	
    	
        May 20, 2013
        i converted the C1310 to LAP using upgrade tool. but the AP is not able to join the controller i was not able to view SHA Key in upgrade tool, so i ran the "debug pm pki enable " on the controler to get it. i'm still not able to view SHA key.
 
here is the output of debug command
  
*spamApTask0: May 21 15:07:43.527: 88:43:e1:d1:fc:9e Received LWAPP JOIN REQUEST from AP 88:43:e1:d1:fc:9e to cc:ef:48:b3:23:ef on port '13'
*spamApTask0: May 21 15:07:43.549: sshpmGetIssuerHandles: locking ca cert table
[Code].....
	View 3 Replies
    View Related
  
    
	
    	
    	
        Jan 16, 2013
        I have some LAP1242 which by mistake were bought for Mesh. I am trying to convert them to LWAPP so what I did first was to convert them to Stand Alone then to LWAPP but I cannot get the AP to join the WLC and sends several error logs.
 
I attached some logs taken from AP and WLC so that you can figure out what's going on.
 
I wonder if I have to remove anything from flash either on SA or LWAPP mode (I know that in some cases you have to delete privete-config in order to avoid the AP taken previous configurations). By the way I think I had never seen this c1240-k9w8-mx.124-25e.JA2 on an AP IOS before, I wonder if it has to do with the mesh thing.
	View 27 Replies
    View Related
  
    
	
    	
    	
        Apr 1, 2012
        I have a cisco AIR-LAP1262N-A-K9  and AIR-LAP1142N-A-K9, and i would like to join to Cisco WLC2106 (software version 7.0.98.0)My ap 1262N have 3 antennas externals with 7dbi of ganancy,Is possible to do it?
	View 1 Replies
    View Related
  
    
	
    	
    	
        May 23, 2013
        I have WLC 2504 and AP3502I . AP can not join wireless controller .
 
*May 24 16:33:51.871: %CAPWAP-3-ERRORLOG: Go join a capwap controller
*May 24 16:33:51.000: %CAPWAP-5-DTLSREQSEND: DTLS connection request sent peer_i
p: 10.80.90.99 peer_port: 5246
[code].....
	View 9 Replies
    View Related
  
    
	
    	
    	
        Mar 16, 2013
        I have a cisco 5508 WLC and 40 cisco 360021 APs.I configured the WLC and assign the management interface IP and also configured a DHCP pool on my Cisco 4507 core switch wit option 43.But the problem that the APs connot join the WLC.
	View 31 Replies
    View Related
  
    
	
    	
    	
        Apr 2, 2013
        I'd WLC 2100 series and 9 access point LAP1142N .8 LAP1142N can work fine and join a capwap controller is ok but only one LAP1142  is can not . Part of LAP  is AIR-LAP1142N-A-K9
  
Apr  2 10:52:42.284: LWAPP_CLIENT_EVENT: spamResolveStaticGateway  - gateway found
*Apr  2 10:52:42.284: LWAPP_CLIENT_EVENT: spamResolveStaticGateway  - gateway found
*Apr  2 10:52:42.284: LWAPP_CLIENT_EVENT: Dropping discovery in LWAPP. This AP model is not supported by LWAPP WLC.
*Apr  2 10:52:42.284:  status of voice_diag_test from WLC is false
*Apr  2 10:52:52.284: %CAPWAP-3-ERRORLOG: Go join a capwap controller 
[code]....
	View 4 Replies
    View Related
  
    
	
    	
    	
        Jun 6, 2012
        We have two cisco 1262 AP and a 4402 WLC, the AP cannot join the WLC.
 
The AP gets the address from dchp
 
I cannot ping the AP address from the WLC, but i can ping the default gateway and other VLAN addresses. 
 
I already read the info on the this link :  [URL]
 
Still our AP cannot join the WLC no matter what i have tried. 
  
Setup
 
- VLAN setup on a Cisco 3560 48 port poe Switch
- tunk configured btwn the Gi Interface and the Management physical port
- WLC mode is configured for Layer 3
- AP Manager and Management are in the same Subnet
- Option 43 is configured for the with the AP Manager's  IP address
- Opotion 60 is also configured with  AP Manager's  IP address
- the port connected to the APs are in the AP Manager VLAN
	View 3 Replies
    View Related
  
    
	
    	
    	
        May 6, 2013
        I have configured a 1552, that is wired to network, as "Bridge" then "RootAP".
 
After reboot, I can see a MAP trying to join the network, in the "simple" logs of the controller :
"Mon May 6 17:29:43 2013   Mesh Node '04:da:d2:1f:4d:6f' failed to join controller, MAC address not in MAC filter list."
 
As I have done for the RAP, I enter this MAC address in the MAC Filtering area under Security tab. But this action doesn't solve the problem, I continue to see this message in the controller logs !
 
If I open a SSH session on the RAP, I can see this block of debug messages repeat all the time :
*May  6 15:29:33.163: %MESH-6-ADJ_VIDB_LINK: Mesh neighbor 04da.d21f.4d6f VIDB Virtual-Dot11Radio0 dot1x control
*May  6 15:29:33.167: %LINK-6-UPDOWN: Interface Virtual-Dot11Radio0, changed state to up
*May  6 15:29:34.167: %LINEPROTO-5-UPDOWN: Line protocol on Interface Virtual-Dot11Radio0, changed state to up
*May  6 15:29:43.223: %MESH-6-LINK_UPDOWN: Mesh station 04da.d21f.4d6f link Down
*May  6 15:29:43.423: %MESH-6-ADJ_VIDB_LINK: Mesh neighbor 04da.d21f.4d6f VIDB Virtual-Dot11Radio0 going 
 
When I take a look into detailled debug messages of the controller I can see this :
*spamReceiveTask: May 06 17:30:44.364: #LWAPP-6-RADIUS_AUTHORIZATION: spam_radius.c:242 The system could not send join reply, AP authorization failed; AP:04:da:d2:1f:4d:6f
 
I don't know why the system talks about dot1x or Radius Authorization, and if this is the source of my problems. On a other hand, I can see in the debug messages that there is a 2 hours lag time between controller (correct time) and RAP (incorrect, I suppose it synchronize with the controller?)
	View 25 Replies
    View Related
  
    
	
    	
    	
        Jul 7, 2011
        I setup a mini wireless LAN network lab with a not for resale 2106 wireless lan controller and a sales  air-lap1242ag access point. I do not have a DHCP and DNS in my lab environment. I have configured the WLC with the basic configuration using the CLI wizard, i also configured the WLC as a DHCP server for clients that will be connecting to the APs associated to the controller.
 
I powered up the AP and connect the ethernet port directly to the controller, the controller issued an IP address to the AP, the AP downloaded a new operating system from the controller but failed to join the controller.
 
I check both debug message on the controller console and the trap messages on the controller's GUI  and it say the AP could not download a configuration from the controller and it is beacuse of invalid license. Below is the trap message:
 
Configuration Phase Statistics Requests ReceivedResponses SentUnsuccessful Request ProcessedReason For Last Unsuccessful AttemptLast Successful Attempt TimeLast Unsuccessful Attempt TimeLast Error SummaryLast AP Message Decryption FailureLast AP Connection FailureLast Error Occurred Last Error Occurred ReasonLast Join Error Timestamp 
   
Also, I tried to log into the GUI of the AP using the both the username and password  ''Cisco'' but I cannot get into the device. I can only get in through the CLI. In the CLI, almost all the commands I enter gives an error the it is disabled. I don't know what to do any more, I want to know if the access point is faulty or i am not doing the right thing.
	View 4 Replies
    View Related
  
    
	
    	
    	
        Oct 18, 2012
        Network environment: (well configured and working fine)
 
2 AIR-WLC2106-K9 - Software Version 7.0.235.0
2 AIR-WLC2112-K9 - Software Version 7.0.235.0
10 AIR-LAP1252AG-T-K9 - Software Version 7.0.235.0
10 AIR-LAP1131AG-A-K9 - Software Version 7.0.235.0
 
I am adding a Cisco AP c3502-I-K9 to network.
 
It does not join any of the controllers. 
 
Led is cycling through green, red, and off - that means "discovery/join process in progress" - never ends.
 
As wireless network is doing fine, I had only added to dhcp server dhcpd-subnet.conf file the above configuration:
 
class "Cisco AP c3500" {
match if option vendor-class-identifier = "Cisco AP c3500";
option vendor-class-identifier "Cisco AP c3500";
[Code].....
	View 13 Replies
    View Related
  
    
	
    	
    	
        Nov 14, 2012
        A customer runs a 5508 WLC for quit a while. several dozens AP's are spread all over Europe an run just fine. All the AP's have a VPN based connection over an MPLS service provider, so we are using 10.x.x.x addresses only. We have upgraded to release 7.2.111.3 to support OEAP 600 and we have configured NAT in the Firewall as well a policy to support the home office AP. Everything works fine until the switch where the WLC was attached to crushed. From this moment on, all internal AP's ar no longer able to register at the WLC. A log at the console port on an AP shows that it tries to access the external (NAT) IP address. We had to remove the NAT flag to support the internal AP's.
	View 3 Replies
    View Related
  
    
	
    	
    	
        Feb 6, 2013
        i have an AIR-LAP1131AG-A-K9 fresh from the box an was trying to register it to vWLC.I have them both on the same VLAN and these logs are showing on my WLC:  [code]
 
The funny thing i have noticed is that both the WLC and the AP cannot PING each other.
	View 14 Replies
    View Related
  
    
	
    	
    	
        Oct 15, 2012
        When we were installing some new APs, were plugged in to ports that were not configured on the WLC management VLAN.
 
This is the illustration 
 
WLC management VLAN is VLAN 80 Management VLAN of infrastructure (Switches routers) is VLAN 10
 
The APs were plugged in to VLAN 10 and they were not able to associate themselves with the controllers.
 
Through research, those APs were getting a wrong IP address,
 
I did the Mode button, pressed for 30 secs, but this did not fix the problem, i thought it was going to clean the flash and bring the AP back to factory default I do not believe this happened.
 
We also added the cisco-capwap-controller.localdomain  to our DNS servers, and then I rebotted the APs and still no luck.
 
What fixed the issue is we had to go to the DHCP server, release the IP addresses and we found those based on the macs of the APs. What is we do not have the mac addresses?
 
Now that I have the DNS entry created, if I plug in an AP on the wrong VLAN port will I be able to see it?
	View 3 Replies
    View Related
  
    
	
    	
    	
        Sep 25, 2012
        I have a 3502i(AP_1) that will not join a 5508 WLC(WLC_1)(code 7.2.103). The 3502i(AP_1) will join 4402 WLC(WLC_2)(Code 7.0.230). I have another 3502i(AP_2) that will join the WLC_1 & WLC_2. I am using capwap discover through DNS and hard coding the primiary WLC to AP_1 & AP_2. When I debug capwap events and errors, I see the static capwap messages and replies. Both of the WLC are on the same subnet. I have defauted the AP_1 and it joins the CISCO-CAPWAP-CONTROLLER as expected. When I change the Primiary WLC to WLC_1 it goes back to the CISCO-CAPWAP-CONTROLLER. If i change the primiary WLC to WLC_2 it joins. If I change the primiary back to WLC_1 it joins WLC_2 even though it is not a secondary. I know the previous joined WLC are stored in NVRAM, so that might be why it is doing that. I can join other ap to WLC_1 just not this one. 
 
[code]....
	View 4 Replies
    View Related
  
    
	
    	
    	
        Jan 21, 2012
        I am trying to get one AP to join the 2106 controller, it did join once then never again!!  Now all I get is: 
*Jan 22 11:16:22.088: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to administratively down
[Code]....
	View 31 Replies
    View Related
  
    
	
    	
    	
        Aug 10, 2011
        Trying to get an lightweight AP to register with a controller, never seen this one before where the Discovery request is going out to the controller, the discovery response is coming back, but then nothing. At this point the AP should then send a JOIN request, but it just doesnt.
 
I am using L3 LWAPP, and have the AP statically configured. its a 1131, connecting to a 5.1.151.0 in a WISM. I have run a wireshark and can see the discovery going out, its response coming back, but then nothing (the debugs below also back this up). I have also jumped on the controller and can see the discovery responces are going out but it says no JOIN's are coming in. I'm aware this is an old version of controller but still..
 
I've tried many different IOS on the AP, including the one it came with in the box, other previously successful IOS and the IOS that 5.1.151.0 dishes out to its registered AP's, multiple AP hardware resets, controller reboots, tried different controllers. etc... What would cause this? Possibly something in the response? See info below:
 
AP
LWAPP Static IP Configuration
IP Address         172.18.240.244
IP netmask         255.255.255.192
Default Gateway    172.18.240.193
[Code]....
	View 8 Replies
    View Related
  
    
	
    	
    	
        Dec 5, 2012
        I have WLC 2504 with  7.2.103.0 software version , & 2 different LWAP 1262n & 1231G with "c1200-rcvk9w8-mx.124-21a.JA" Image.The 1262n is joined to the to the controller and working fine but the 1231G it can't join the controller , the controller says "Join request received from an unsupported AP" !!i will attaches the logs for this AP.
	View 3 Replies
    View Related
  
    
	
    	
    	
        Jul 31, 2012
        10 Access Pointd 1142N setup on vlan 10 and the controller management is in vlan 10.
 
They get DHCP IP addreses from the controller itself!! I do not have another DHCP server.
 
Here is what I get wich debug capwap event and debug capwap packet
 
(Cisco Controller) >*spamReceiveTask: Jul 31 12:21:41.283: <<<<  Start of CAPWAP Packet  >>>>*spamReceiveTask: Jul 31 12:21:41.283: CAPWAP Control mesg Recd from 10.128.186.104, Port 51743*spamReceiveTask: Jul 31 12:21:41.283:          HLEN 4, 
[Code].....
	View 9 Replies
    View Related
  
    
	
    	
    	
        Jan 13, 2013
        We have cisco wlc 2125 with 13 AP 1131g. All works good. But after power failure one AP can not join to controller, only reset work to recover connection AP to WLC. Additionally, we don't have access to rs-232 port on AP. In this moment on WLC we can see DISCOVERY request from AP and response from WLC to AP, but AP don't send JOIN to controller.
	View 2 Replies
    View Related