Cisco Wireless :: WLC4402 - AP Doesn't Join After Upgrade To 7.0.116.0
Apr 25, 2011
today i upgraded our WLC4402 from 7.0.98.0 to 7.0.116.0. After the upgrade (also bootloader upgrade) the Aironet 1142 AP's do not joint the controller anymore. Error in log:*spamReceiveTask: Apr 26 11:30:46.301: %CAPWAP-3-DISC_INTF_ERR2: capwap_ac_sm.c:1468 Ignoring Primary discovery request received on a wrong VLAN (21) on interface (29) from AP ec:c8:82:ab:ed:00 Nothing changed in infrastructure. AP's are in VLAN 21, AP-Manager interface is in VLAN 21. Ap-Manager, Management Interface and Dynamic Interfaces are in PortChannel (LAG) = Interface 29.
View 8 Replies
ADVERTISEMENT
Mar 1, 2012
I have an issue with my primary WLC AIR-WLC4402-50-K9 running version 7.0.220. After a reboot of the WLC only one AP can join, all others are rejected. After waiting a few hours (about 3) all APs can join the WLC. What I have done is a software upgrade (from 6.0.199.4) on both primary wlc (wlc with the issue) and backup. Following procedure:
1. Reboot primary wlc so that APs failover to backup (succeeded with no issue).
2. Upgarde software on primary wlc
3. To failback all APs from backup to primary I reboot all APs, so that they join again their primary wlc.
A reboot of the first AP was fine, It joined the primary wlc, get new software downloaded, rebootet, joined wlc successful again. Then rebooting the next AP. But this one then does not join the primary wlc for several hours. But it is also not falling back to the backup wlc as the primary is up and reachable. I tried a reboot with the next AP, but same behavior. I was waiting then until both APs were joining the primary wlc again. This happened after around 3 hours. After that I have rebootet all other APs on the backup wlc also. All was fine they immediately joined the primary without any issue. There are no log messages during the time when the WLC does not allow APs to join.. I had similar behaviour last year with version 6 when I rebooted the device. So I dont think this is software related. Also I dont think it's a configuration issue as 1) I have another WLC that uses the same backup controller and this one has the same configuration but works fine also after a reboot. 2) why doesn't it work after a reboot for a few hours, but then all is fine without any config change. After a few hours all is fine for months (until the next reboot).
View 5 Replies
View Related
Sep 18, 2011
I have AIR-WLC4402-50-K9 WLC i that current IOS is 7.0.98.218 and i upgraded with 7.0.116.0 IOS but after upgrading and reboot the WLC from 15 access point 3 access point are not coming up and 12 are coing up and working fine (4 1142 and 11 1131 series access point) 3 which are not coimg is 1131 series access point. when i login with console to 3 access point its rebooting 2 times and coming on ap: prompt.
In between that i reloaded the WLC one more time because from 15 acess point only 4 aceess point are came up and i also cleck the show boot on wlc its output is 7.0.116.0 (default) 7.0.98.218 (active) so i reload the wlc and checked out of 15 acess point now 12 acess point are up and still 3 are not. And i also checked the output of show boot command its 7.0.116.0 (default)(active) 7.0.98.218
So i things its because of when 2nd time i reload the wlc the remaining 3 access point are getting.
View 1 Replies
View Related
Jun 19, 2012
I have an WLC with below details:
Model No:- AIR-WLC4402-50-K9
Current IOS:- 4.2.99.0
Upgrade to :- 7.0.220.0
I wants to upgade WLC with7.0.220.0 IOS. My question is that should i go for direct upgarde from 4.2.99.0 to 7.0.220.0 or is there any IOS version i have to upgarde.
View 1 Replies
View Related
Oct 1, 2012
Converted a Cisco 1231 with the Update Tool to lightweight (used c1200-rcvk9w8-tar.124-21a.JA2.tar). It worked, but now the AP issn't joining the wlc: [code]
View 8 Replies
View Related
Dec 27, 2012
My APs 1142N don't join their WLC. APs and WLC management interface are in the same vlan (WLC can ping all the APs). It is strange because it doesn't seem like they are trying to contact the WLC. What's strange is that I have other AP 1142N which joined this WLC without any problem.
(Cisco Controller) >show sysinfo
Manufacturer's Name.............................. Cisco Systems Inc.
Product Name..................................... Cisco Controller
[Code].....
View 4 Replies
View Related
Oct 14, 2012
i have configured cisco LAP1240 in H-Reap Mode for multiple branch offices with Local switching and central authentication. one of the branch's AP does not join the controller in HQ while the others are all ok. i have firewall only in HQ, i did priming first for all APs like let them join the controller and configure controller IP in high availbility, and H-Reap config and assign SSID to map with the branch local vlan. when i faced this issue first time i brought back ap and configure a static IP address for AP than recheck them again but the problem still same. since i have only one firewall in the network and also other branches joined the controller through that firewall and no issues.
View 3 Replies
View Related
Sep 10, 2012
I have a few AIR-AP1242-E-K9 AP that I have upgraded to LWAPP, after the upgrade the AP's don't join the controller. But some AIR-AP1232AG-E-K9 on the same site joins without any issues.The controller is: AIR-CT2504-K9, SW: 7.0.220.0. [code]
View 8 Replies
View Related
Mar 13, 2011
I've been trying to get it to work all day.When I open up Hamachi it shows the main screen with two buttons. Create a new network and Join an existing network.I've tried both but when I click create or join it doesn't do anything. Like it actually does nothing at all.Doesn't even close the window.Everything stays open and it doesn't either create or join any networks.
View 1 Replies
View Related
Jun 10, 2013
I wanted to upgrade our three WLC 4402 from software version 5.0.148 to 6.0.202.0. The upgrade on the first controller was working. Unfortunately he lost all the local management users and it's MAC filters, but restoring this was not the problem. After upgrading the second controller.... the device does not boot anymore! The alarm led is RED and I don't know what to do. The only way to get connected to the controller is via the console port. There I can see a "parse error" but I don't know if that is the problem. Please look at the "log" attached. I'm not sure if the red alarm led was there before upgrading the controller software because the device is located to another place. I'm really concerned about upgrading the third controller because it's the most important wlc.
View 3 Replies
View Related
Mar 8, 2012
I upgraded my computer with a new graphics card and power supply. When I turned it on everything ran fine except for the internet. I either get a connection with 1 bar, a connection but no internet acess, or no internet at all. Did I damage something on the motherboard that could cause this?
View 11 Replies
View Related
Apr 18, 2012
I try to use EAP-TTLS on one of my wireless networks and the 802.1x authentification fails at this moment:
*Dot1x_NW_MsgTask_0: Apr 19 16:04:52.800: 00:16:cb:66:29:bc Processing Access-Accept for mobile 00:16:cb:06:09:bc
*Dot1x_NW_MsgTask_0: Apr 19 16:04:52.801: %APF-6-RADIUS_OVERRIDE_DISABLED: apf_ms_radius_override.c:204 Radius overrides disabled, ignoring source 2
*Dot1x_NW_MsgTask_0: Apr 19 16:04:52.801: 00:16:cb:66:29:bc Resetting web acl from 255 to 255
*Dot1x_NW_MsgTask_0: Apr 19 16:04:52.802: 00:16:cb:66:29:bc apfMsDeleteByMscb Scheduling mobile for deletion with deleteReason 20, reasonCode 2
where I can find what are deleteReason 20 and reasonCode 2?
View 23 Replies
View Related
Oct 1, 2012
info regarding my LAP521 access points that are refusing to join the WLC4402-12.This is my first lightweight access point implementation and I have 3 LAP521's and 1 AIR-CAP3502I-E-K9 access points on my network.They are meant to pick up ip address from external dhcp server and then join the WLC but only the 3502i joins successfuly while the 521's get dhcp address but do not join the WLC. From the logs, I can see that the WLC is discovered by the 521's and even get a response message from the controller but they are still unable to join as shown in the screenshot below.My WLC is running software version 7.0.230.0 and the 521's are running an lwapp image version 4.2.61.8. [code]
View 3 Replies
View Related
Dec 6, 2012
We have 2 AIR-WLC4402-K9 devices at a remote location that will both drop their network connections some undetermined time after a reboot. We cannot reach them via telnet, SSH or HTTP. In fact, we cannot even ping them once they drop connection. The only cure we've found so far is to power-cycle the controllers. The controllers are in separate rooms and connected to separate switches. We've confirmed the links are configured as trunks and have the correct speed/duplex settings. I tried updating the IOS & boot loader on one of them but that had no effect on the problem.
View 19 Replies
View Related
Dec 5, 2011
has WiFi controller WLC4402 mac address table and can I show it somehow?
View 1 Replies
View Related
Mar 12, 2013
I have a Cisco 4402 WLC running version 4.2.112.0 controlling 20+ AIR-LAP1242AG-E-K9 access points running IOS 12.4 (10b). I'm trying to setup an additional AP as MESH. When I try to change the mode from local to bridge, on what will be the rootAP, I get a message stating that bridging is not support on this unit.
View 4 Replies
View Related
Mar 2, 2013
Is there is is any posibility to run WLC4402 and 104x family in H-REAP mode.
View 8 Replies
View Related
Feb 14, 2012
I have one WLC 4402 & arround 29 Access point (1130) in our enterprise network. Wireless users LAN segment is diffrent from wired users.Wireless users like Laptop users, Mobile users & ipad users which are connetced with this wireless & using enterprise network.
Presently we are using WEP mode for security key. This WEP key are week & can be cracked easily. so security point of view i want to put strong encription mode.Presently i do not have any radius server.I found there are some modes are available Like WPA, WPA2 with PSK etc.
will there any problem with wireless users to access application after changing the mode? Which mode will be stronger & could not be crack. Could we achieve without radius server or not?
View 24 Replies
View Related
Sep 1, 2011
Our costumers has implemented 2 AIR-WLC4402-50-K9 with Software Release 7.0.98.0, the wireless infrastructure consist in 2 Root-Mesh-LAP and 8 Mesh connect over-the-air to deploy outdoor coverage.
All the LAP are Aironet 1520 Series Mesh Access Points with equipped with 3 antennas for 2.4GHz and 1 antenna for 5GHz (backhaul).For one year all seems to be ok, yesterday after a power outage of one Mesh-Root-LAP, 5 Mesh-Lap continues reload each 10-12 minutes, on the WLC Log you can see event like a reboot from AP Console, on the LAP console i can capture this event before the reload:
Log on LAP Mesh
%DOT11-6-GEN_ERROR: Error on Dot11Radio0 - Not Beaconing for too long - Current 0 Last 0
%SYS-5-RELOAD: Reload requested by Dot11 driver. Reload Reason:
Radio Not Beaconing for too long ....
LWAPP-5-CHANGED: CAPWAP changed state to DOWN
AP1780-Mesh uptime is 11 hours, 10 minutes
System returned to ROM by power spike
%DOT11-6-GEN_ERROR: Error on Dot11Radio0 - Not Beaconing for too long - Current 0 Last 0%SYS-5-RELOAD: Reload requested by Dot11 driver. Reload Reason:Radio Not Beaconing for too long ....*Sep 1 16:05:43.399: %LWAPP-5-CHANGED: CAPWAP changed state to DOWN
What does it mean? That the beacon signal trasmitted from Root-Mesh-LAP cannot reach the Mesh-Lap and so the Mesh-LAP force a reload?Where we should search the cause? In the power instability or in a interference on the 5GHz radio interface?
On one of mesh Lap I found a strange reason for a releoad:AP1780-Mesh uptime is 11 hours, 10 minutesSystem returned to ROM by power spike
Log on WLC
Log System Time Trap
0 Thu Sep 1 17:31:11 2011 AP Disassociated. Base Radio MAC:00:22:be:41:33:00
1 Thu Sep 1 17:31:11 2011 AP's Interface:1(802.11a) Operation State Down: Base Radio MAC:00:22:be:41:33:00 Cause=Heartbeat Timeout Status:NA
2 Thu Sep 1 17:31:11 2011 AP's Interface:0(802.11b) Operation State Down: Base Radio MAC:00:22:be:41:33:00 Cause=Heartbeat Timeout Status:NA
[Code]....
View 7 Replies
View Related
Jun 6, 2012
my question regards to a pair of WLC 4402 with 7.0.98.0 software.Actual, our security policy does not really allow any peer-to-peer communication in a wireless LAN. Therefore we set the 'P2P Blocking Action' to drop, and the 'Broadcast Forwarding' feature to disabled (default).But now there is a special requirement for two mobile endpoints to communicate with each other, because one device controls the other.To test the communication, we first disabled P2P Blocking (without success) and further enabled Broadcast Forwarding to bring the communication up. Now it works, but the configuration disagrees with our policy.
1. Is there an alternative configuration as described possible, so that we do not violate the security policy? To allow only p2p connection between the two devices, ist should also be possible to drop any else by an ACL. But how to fix the problem with the broadcast, because of the needed ARP? My idea was to use a static ARP entry, but as far as i know, one of the both devices is not able for it.
2. Because, I did not find any detailed documentation:
2a. with enabled Broadcast Forwarding, the controller forwards all broadcast for any configured SSID, right?
2b. is the broadcast limited to the source VLAN/SSID?
2c. is the broadcast limited to an AP, to an WLC, or is it broadcasted to every AP on every WLC that has the relevant SSID?
we already have two new 5508 but not in an operational state now, because we plan to implement new 3600 APs.Do these WLCs offer more/another circumstances or possibilities?
View 1 Replies
View Related
Jan 2, 2013
I'm trying to connect to my wireless network using an android device with certificate but with no success.I'm using a WLC4402 7.0.235.3 SSID Security (WPA2 Auth802.1X + CCKM) [code]
View 7 Replies
View Related
Jun 21, 2007
I made a lot of tests during some days with a wlc4402 and everything was ok.
One day when I tried to reset the system I had a lot of errors (see attach) and could not go on. After changing the image the following output appeared: "RAM Disk Image Integrity Check Failed (Bad Magic Number) Hanging". Now I have no response from the controller.
View 4 Replies
View Related
Jan 29, 2013
I have a 871W router that works fine.I have 5 static ip addres's and use 2 in a nat pool. One i have mapped staticlly here is the configuration and it works fine:
! No configuration change since last restart
version 15.1
no service pad
service tcp-keepalives-in
[Code].....
View 1 Replies
View Related
Nov 19, 2012
Prior to upgrade AIR AP1142-N (Version 12.4(25d)JA1) everything worked fine! After upgrade IOS (to new Version 15.2(2)JA) without any config modification, management interface (encapsulation dot1q 33) or any IP interface with encapsulation dot1q became unreachable... If set IP on SVI (or BVI) with native VLAN (encapsulation dot1q 4094 native), this IP is reachable. Probably, there are bug in new IOS and Dot1q encapsulation? (see 'tech-support' in attached files)
View 3 Replies
View Related
May 10, 2012
We are using WLC4402 for our Aironet 1240AG access points. The clients are connecting to the access points and are authenticating to the RADIUS server. I am seeing the logs in Server 2008 but they are being rejected due to Network Policy on the NPS server.
Where do I see the Authentication Type on the WLC4400 or the 1240's? In order for the clients (authenticated via Active Directory user) I have to set the Authentication in the NPS Connection Request Policy to "Allow clients to connect without negotiating an authentication method".
I do not have a certificate on the server and my method options are MS-CHAP-v2, MS-CHAP, CHAP, PAP, SPAP, and allow without negotiating. This RADIUS server was moved from Server 2003 IAS to Server 2008 NPS and there were no issues in Server 2003 IAS. I have all authentication methods allowed and it still gives me the error below. Only when I check "Allow clients to connect without negotiating an authentication method" it allows the authentication to proceed.
Client Machine:
Security ID: NULL SID Account Name: Fully Qualified Account Name: OS-Version:
Called Station Identifier: 00-17-a2-87-54-00: SSID NAME
Calling Station Identifier: 00-41-96-b6-e3-27
NAS:
NAS IPv4 Address: 192.168.90.24
NAS IPv6 Address: -
[code]...
Reason: The user attempted to use an authentication method that is not enabled on the matching network policy.
View 2 Replies
View Related
Apr 22, 2013
Due to a problem with POE+ i have tried to upgrade the IOS to Version15.0.2SE2, from 12.2.58. unfortunatly the Switch doesn't boot up anymore. It starts to decompress and install the IOS 2 Times, after the Second try it displays "unable to boot" and the switch goes in Bootloader-mode. When i look at the version i See that bootloader is still the old version 12.2.58. It seems that the bootloader doesn't geht upgraded and that's why the Switch can't Boot the new Image.
View 8 Replies
View Related
Jun 6, 2009
I'm trying to upgrade the firmware of a BEFSX41 wired router from version 1.43.3 (apparently the first revision after the original realease) to 1.52.15 (the latest I found), but I can't get it to finish. I'm using a Mac with all the latest versions of OS, Safari, and Firefox. When I use Safari to initiate the upgrade, it get's to the point where it says "Please wait ! Setup will take a few minute _____" and nothing else happens after that, even after waiting 30 minutes or more. When I use Firefox it gets to the same "Please wait" message, then a few minutes later Firefox displays an error message "Connection Interrupted: The connection to the server was reset while the page was loading. The network link was interrupted while negotiating a connection.
View 9 Replies
View Related
Mar 14, 2012
I have one WLC AIR-WLC4402-50-K9 which is hitting some bug. So I done RMA for that devices and now i got the new WLC.Now i want to install that RMA WLC in network. So can any one tell me what is the process for installtion of WLC. I already have the old WLC in working now. Which file backup i need to take from old WLC.
View 3 Replies
View Related
Apr 8, 2010
AIR-WLC4402-25-K9 running 5.2.193.0 and I setup guest internet-only access which worked for 2 days. I change both the "User Idle Timeout (seconds)" and "Enable Session Timeout " to 10hours (36000) as guest was complaining he had to re-authenticate again. Anyways, guest was still able to pickup ip address and logs show that life "appears" fine but he had not internet guest access. He had a Windows7 box...anyways, before I can finish troubleshooting, he had to leave....My question is if there is any issues with Windows 7 that others had a problem...or is it the timers I tweaked - or both?
Thu Apr 8 15:19:06 2010User joe logged in. Client MAC:00:12:f0:99:71:ce, Client IP:192.168.55.110, AP MAC:00:00:00:00:00:00, AP Name:N/A15Thu Apr 8 15:09:28 2010User joe logged in. Client MAC:00:12:f0:99:71:ce, Client IP:192.168.55.107, AP MAC:00:00:00:00:00:00, AP Name:N/A
View 1 Replies
View Related
Feb 20, 2012
I have a WLC 4402 on my network. Recently mobile phones can connect to the wireless network and obtain a valid IP address. This IP is pingable from a workstation anywhere else on the network. However, these phones will not display web pages. They come up page cannot be displayed. I even tried putting Google's IP address in the phone's browser and it still did not display. I can connect through the same WLAN via a laptop or iPad. These devices have no problem displaying web pages. I even went ahead and created a new TESTWLAN with no encyption but to no avail. Same results: laptops connect and display web pages and smart phones connect, gain IP but do not display web pages. Comes up page cannot be displayed. This matters not whether its an iPhone or Android platform.
View 8 Replies
View Related
Mar 20, 2011
I have two sites.Main site (local) has two Vlans: Vlan1 and Vlan2. Each has its own IP address range.VLAN 1 is the default Vlan and is used for CORPorate traffic. IP range 10.33.4.*VLAN 2 is for guest access to the internet IP range 10.10.10.*I have a WLC4402 on the this site with 2 WLANs: CORP on Vlan1 and GUEST on Vlan2.
Branch site (remote) which has 2 Vlans: Vlan1 and Vlan2. Each has its own IP address range.VLAN 1 is the default Vlan and is used for CORPorate traffic. IP range 10.125.15.*VLAN 2 is for guest access to the internet IP range 10.10.11.*I have an 1141 on this site using HREAP.
Locally, if you connect to CORP, you get a CORP ip address and access to CORP network. If you connect to GUEST, you get a guest ip address and guest access to the guest network. Simple so far....
Remotely, if you connect to CORP, you get a CORP ip address 10.125.15.x and access to CORP network (great). If you connect to GUEST, you get a CORP ip address 10.125.15.x and access to CORP network (not great). This is with the HREAP native vlan ID for the access point set to 2 on the controller.If I set the native vlan ID to 1 on the controller, I can not get an IP address at all.If I do not set the native vlan ID on the controller, I can not get an IP address at all.
View 2 Replies
View Related
Dec 6, 2011
Trying to implement HREAP over WAN between main and remote site. The WLC4402 is on main site. There will be a secondary DHCP at the remote site. Does the switch at the remote site any preparation?
View 4 Replies
View Related
May 30, 2012
I am having a problem associating an AIR-LAP1142-E-K9 AP to our WLC4402 Controller (running version 7.0.230).I have connected a console cable to the device and when it boots up it picks up an IP address. I have then entered the controller IP using the command: [code] The Controller is set to 'GB' (regional code -E), and has the correct time zone (though I do notice this is GMT and not BST) but when the AP connects it shows the time an hour earlier than the time on the WLC GUI.
View 2 Replies
View Related
