I am tryign to join my first AP to the 5508 and am gettign this error int he logs.
*Dec 07 10:42:31.067: %DTL-3-NPUARP_ADD_FAILED: dtl_arp.c:2280 Unable to add an ARP entry for 0:0.0.0 to the network processor. entry does not exist
The management Interface is on the the same vlan as the AP , both untagged ports. the AP gets an ip address from my dhcp server.
I am facing problem with an outdoor access point AIR-1522-K-E series which is unable to join a wirless lan controller 5508. The wireless AP is able to get IP address from dhcp server and discover the Wireless controller IP address. After this i see following status messeges on the console of AP.
*Aug 27 11:04:19.767: %CAPWAP-3-ERRORLOG: Go join a capwap controller
*Aug 27 11:04:21.000: %CAPWAP-5-DTLSREQSEND: DTLS connection request sent peer_ip: 10.2.64.50 peer_port: 5246
*Aug 27 11:04:21.000: %CAPWAP-5-CHANGED: CAPWAP changed state to
*Aug 27 11:04:21.707: %CAPWAP-5-DTLSREQSUCC: DTLS connection created successfully peer_ip: 10.2.64.50 peer_port: 5246
[Code]...
I upgraded a controller yesterday 5508 it went from a low code version 6.x to 6.0.196.0 then to 7.0.116.0. However although all the access points joined code 6.0.196.0 they refused to join 7.0.116.0. The aps are all 1242s.
The country codes etc were all fine so I do not understand what was going on.
*spamApTask0: Jun 26 16:07:44.734: 00:3a:99:db:f3:20 Discovery Request from 10.0.0.183:55065
*spamApTask0: Jun 26 16:07:44.734: 00:3a:99:db:f3:20 Join Priority Processing status = 0, Incoming Ap's Priority 1, MaxLrads = 25, joined Aps =0*spamApTask0: Jun 26 16:07:44.735: 00:3a:99:db:f3:20 Discovery Response sent to 10.0.0.183:55065
[code] ......
We have 3 5508 WLCs (A, B, & C) and several LAPs (1140, 3500, 3600). The APs learn the controllers IP addresses through DHCP Option 43. When we setup a new site we put the IP address of the controller we want the AP to join first. Lately, I've noticed that regardless of which WLC IP I put first when I setup Option 43 the LAPs are always joining a particular controller.
View 6 Replies View RelatedI am trying to configure new 5508wireless controller, AP 1042N model access points are able to receive DHCP IP address from Controller, but not able to join them.
View 11 Replies View RelatedI have Cisco 5508 WLAN controller v7.4 and i have lap 1310 and it is not joining to this lan controller. What to do? How to join this lap to this lan controller? or how to convert it to autonomous because i dont find mode button on this access point?
View 6 Replies View Relatedi have a problem with our new 5508 wireless controller (7.0.116.0).
Port 1 is the system default "management" (Port 2 is backup). Dynamic AP Management is disabled. Port 3 is a new dynamic interface "ap-manager 2" with Dynamic AP Management enabled and has a ip in a seperated VLAN which is not routed.
When i am connecting the AP (1260 series) to the "ap-manager 2" interface, then it will not join and i get an error message on the WLC:
*spamApTask1: Mar 05 14:52:12.783: %CAPWAP- -DISC_INTF_ERR1:capwap_ac_sm.c:1453 Ignoring discovery request received on non-managementinterface (3) from AP
When i am connecting the AP to the "management2 interface, then it is working fine. But i don't want the APs in the Management LAN. I want them in the separated no routed LAN explicit for the APs.
I have Cisco AIR-LAP1310G-E-K9 access point and 5508 wlan controller with version 7.0.220 and it is joining to the WLAN controller. I have enabled dhcp in the lan controller and i dont have external dns server. How to fix this issue? Can this LAN controller version will support this access point? My Lan Controller Management IP Address is 10.10.10.5 find the below configuration of 1300 access point.
AP001d.4513.dd68#reloadProceed with reload? [confirm]
%SYS-5-RELOAD: Reload requested by console. Reload Reason: Reload Command.%LWAPP-5-CHANGED: LWAPP changed state to DOWNXmodem file system is available.flashfs[0]: 4 files, 2 directoriesflashfs[0]: 0 orphaned files, 0 orphaned directoriesflashfs[0]: Total bytes: 7741440flashfs[0]: Bytes used: 2052608flashfs[0]: Bytes available: 5688832flashfs[0]: flashfs fsck took 14 seconds.Base ethernet MAC Address: 00:1d:45:13:dd:68Initializing ethernet port 0...Reset ethernet port 0...Reset done!ethernet link up, 100 mbps,
[code].....
recently migrated APs from a 4400 to 5508 which had the 7.4 code and encountered an issue that I haven't see before, in short the APs would never join the 5508 even when the selction rules said it should.The AP would get a discovery response from both controllers and even though the 4400 had 98 APs attached and the 5508 just 1 and a factory reset was made on the AP, it would always join the 4400.
A packet capture showed that the first CAPWAP address from the 5508 was always an IPv6 whilst the 4400 always sent IPv4 CAPWAP control adressess, disabling the global IPv6 option on the 5508 ensured that the the first CAPWAP control address was now an IPv4 and the AP then happily joined the controller, IPv6 addresses were still showing up in the discovery responses but since it was no longer the first one in the packet the AP didn't mind.
this is what happens when I try to join an acs 5.3 to the domain. On two other acs appliances, it works.
View 1 Replies View Relatedwe recently updated all of our WLC's to 7.098 and it all went smoothly, controllers rebooted and AP's updated their firmware and rebooted OK.One WLC (4402) which was working fine since the update now has no AP's associated. The AP's were all configured to run in HREAP mode and are on remote sites within our WAN. I have checked that all policies and ports are still open (none have changed anyway) but the AP's can not join with the contoller.The log from an AP trying to join with the WLC.
[Code] .....
The logs on WLC show as below.
*emWeb:
Jan 12 13:14:13.629: %AAA-5-AAA_AUTH_ADMIN_USER: aaa.c:1289 Authentication succeeded for admin user 'adann'*spamReceiveTask:
Jan 12 13:14:12.919: %LWAPP-6-CAPWAP_SUPP_VER: spam_lrad.c:1440 Discarding discovery request in LWAPP from AP 00:21:a0:81:a4:10 supporting CAPWAP*spamReceiveTask:
Jan 12 13:14:11.543: %LWAPP-6-CAPWAP_SUPP_VER: spam_lrad.c:1440 Discarding discovery request in LWAPP from AP 00:21:a0:81:8f:a0 supporting CAPWAP*spamReceiveTask:
[Code] ......
I have a 5508 wireless lan controller we have two SSID configured Profile Name : Corporate and Guest When I go look at the Most Recent Traps all I see is Client with Mac address blah has joined your corporate, this goes on for sometime. But I am unable to see any of the Guest logs joining the network, I have since then grabbed my laptop and connected to the guest log. I still dont see any logs in Most Recent Traps for the Guest SSID WLAN configuration, I then blocked my Mac address and tried to connect again, No logs. I need to also montior the guest network is there some special tick box I need to apply for this to work? Once the guest is connected I can view them in the clients list but it never shows them on MOST RECENT TRAPS but I want to see the guests account connecting or failing to connect as we currently have a rogue device annoying me.
View 3 Replies View RelatedWe are using almost 10 Nexus 5k in our DC currently we are getting same error logs in all Nexus 5k." ntpd[4746]: ntp:time reset +0.279670 s " ,Is it major error or just for reset time?
View 1 Replies View RelatedOn a RV220W (1.0.3.5) I keep seeing the following error in the logs multiple times:
[Kernel][KERNEL] ERROR:endChantRecv: protocol PNAC returned !OK
What this error is all about and how to fix it?
I have problem with ACS 5.0 on reporting. On "Monitoring and Report" page in Faverite Reports when i clicking on "Authentications - RADIUS - Today", My browser displays error "Error while reading skin-access.config. Please make sure the file exists and conforms to the schema specified"
I must also mention that I never upgraded the version of ACS from 5.0 also from command line all the acs services are running. It is running on CISCO 1120 Secure Access Controll Server apliance.
My second question is can I upgrade the version of ACS to 5.4 with Cisco Secure ACS 5 Base License?
%SYSTEM_CONTROLLER-SP-3-ERROR: Error condition detected: TM_DATA_PARITY_ERROR Feb 2 10:57:09.602 EST: %SYSTEM_CONTROLLER-SP-3-EXCESSIVE_RESET: System Controller is getting reset so frequently
Cisco Internetwork Operating System Software
IOS (tm) s222_rp Software (s222_rp-IPSERVICES_WAN-M), Version 12.2(18)SXF15a, RELEASE SOFTWARE (fc1)
Technical Support: [URL]
Copyright (c) 1986-2008 by cisco Systems, Inc.
Compiled Mon 20-Oct-08 19:20 by kellythw
Image text-base: 0x40101040, data-base: 0x42951080
[code]....
We are getting some error logs on Nexus VDC,as follows:2012 Nov 23 08:49:11 N7K_B-Network_Center_B %$ VDC-3 %$ last message repeated 6 times 2012 Nov 23 08:50:21 N7K_B-Network_Center_B %$ VDC-3 %$ last message repeated 7 times 2012 Nov 23 08:49:11 N7K_B-Network_Center_B %$ VDC-3 %$ last message repeated 6 times2012 Nov 23 08:50:21 N7K_B-Network_Center_B %$ VDC-3 %$ last message repeated 7 times.
View 1 Replies View RelatedWe use C2950G switches with IOS 12.1(22)EA12 . Switches are set up to send logs to a server (informationnal level). On this server, we receive many of logs from those switches, but none about interfaces errors (even if interfaces statistics show interfaces errors). On C3548 switches it's work fine.How should I be sure the set up of switches is correct ? Why do I never receive messages as %LINK-4-ERROR:[char] is experiencing errors ?
View 2 Replies View RelatedI m getting below error messages in show logs -
Aug 12 15:30:57.127 IST: %ENVIRONMENT-3-RPS_FAILED: Faulty internal power supply detected
Aug 12 15:31:02.175 IST: %ENVIRONMENT-3-RPS_FAILED: Faulty internal power supply detected
Aug 12 15:31:08.219 IST: %ENVIRONMENT-3-RPS_FAILED: Faulty internal power supply detected
Aug 12 15:31:10.239 IST: %ENVIRONMENT-3-RPS_FAILED: Faulty internal power supply detected
there is no error messages related to PSU in "show env all " log .
here is show version -
------------------ show version ------------------
Cisco Internetwork Operating System Software
IOS (tm) C2950 Software (C2950-I6K2L2Q4-M), Version 12.1(22)EA13, RELEASE SOFTWARE (fc2)
Technical Support: [URL]
Copyright (c) 1986-2009 by cisco Systems, Inc.
[Code] ....
We are getting some error logs on Nexus switch 7K.
Loggs:
----------
2012 Oct 30 22:36:07 SWITCH %CMPPROXY-STANDBY-2-LOG_CMP_UP: Connectivity Management processor(on module 6) is now UP
2012 Oct 30 22:36:40 SWITCH %SYSMGR-2-GSYNC_SNAPSHOT_SRVFAILED: Service "ipqosmgr" on active supervisor failed to sto
re its snapshot (error-id 0x40480005).
2012 Oct 30 22:36:40 SWITCH %SYSMGR-2-STANDBY_BOOT_FAILED: Standby supervisor failed to boot up.
2012 Oct 30 22:36:42 SWITCH %PLATFORM-2-MOD_REMOVE: Module 6 removed (Serial number JAF1550ATBR)
2012 Oct 30 22:42:08 SWITCH %BOOTVAR-5-NEIGHBOR_UPDATE_AUTOCOPY: auto-copy supported by neighbor supervisor, starting
[code]....
I am trying to apply WLAN template from NCS to two WLCs 5508 and I receive this message."Another WLAN with same SSID and either WPA1/ WPA2/ WPA1+WPA2 is enabled. Please change the Layer 2 security policy."The template has layer 2 security with WPA+WPA2 enable and 802.1x.I have other WLAN template with other name and other SSID with the same security policies with no problem to apply.
View 2 Replies View Relatedone of our customers wants to update the firmware of a 5508 wlc, but always gets the following error message:
Error Message %UPDATE-3-INV_FILE_SIGN: Error! Invalid image signature!. Image may be corrupt.
but the same image works fine on another 5508.the update was downloaded via a smartnet for the wlc, on which the update works fine. does the customer has to download another image for the second controller, or should the image work on both wlc?
I have a device manufacture there are requesting the following change on a customer's WLC 5508.
-config advanced eap identity-request-timeout 60
-config advanced eap request-timeout 60
I have studied many guides but I can't find out if there is a down-side to setting the timeout this high.Could it result in slow roaming or re-authentication if there is a connection error? The customer have large areas with high client density and some outdoor areas with low client density.
i have a problem with 1552E to register with 5508 WLC, and always got "AAA authentication error” in the WLC log, while AAA is not enabled. so my question is , do i need to add the MAC address to the WLC MAC filter list even if i not enable the AAA server in the WLC.
View 9 Replies View RelatedAfter reboot WLC , the switch port was err-disable , the cause is link flap after we reboot 3 times , the switch port link flap err-disable every time? We don't know why the WLC rebboot will cause it , it just normal action on device the WLC version is 7.4.100.0 link switch with access port , no port channel , no portfast.
View 11 Replies View RelatedI have a new fresh 5508 release 7.0.98.0 When I try to download (I mean upload to the controller) a customized Webauth bundle in .tar format I have the following message error in the syslog :*TransferTask: Oct 29 12:56:08.894: %UPDATE-3-UNTAR_CMD_FAIL: updcode.c:2832 Error during untar of webauth bundle. Tar returned 256.
View 17 Replies View Relatedi am getting an error during the Upload of Login page for WLC 5508 customized.After the upload is completed i receveid the error "Error extracting webauth files."I tried to create the file *.tar with different program (winrar, 7zip, gnu tar, etc)
View 3 Replies View RelatedGetting a lot of the following errors on our 5508 form the same subnet: 10.20.0.1 255.255.248.0 . I tried researching and not getting much.
broffu_SocketReceive: Jul 17 10:11:10.068: %DATAPLANE-3-DP_MSG: broffu_fp_dapi_cmd.c:2891 FP0.09:(7089389)[cmdAddIpv4:2921]failed to find ipv4 10.20.6.58
[code]....
I installed NGS 2.0.2 for wireless guest user management and authentication. I implement webauth via webauth page on wlc deployed.One Branch with a WLC5508 version 7.0 wireless anchor controller is working on the NGS.But now I integrate next branch with WLC4402 version 6.0.188 and the authentication of users at the new branch gets an error, wrong user/password.
I double checked configuration and user/password but I can't find any configuration error. Also stopping and starting of radius service and reboot of NGS still does not work. I tried to debug the radius via web interface and watched for the loggfile and there is still a reject.I also tried the freeradius command radiusd -X but I got an error when starting the radiusd -X.
1.) How can I figure out, if I will get the correct password from my WLC ? Are there any debug options to see more ? e.g. some cli commands, radiustest utilities or how to get the received password from the chap challenge of the debug ?
2.) I have appended a part from my radius loggfile. How can I find the detailed error in the radius log file? Is it correct that the password in the debug file is empty ? raiuds logg line "[radius-user-auth] expand: %{User-Password} -> "
Customer has got a 2 x 1552AP that wont join a WLC.
This is the debugs from the WLC. Customer cant console to AP to capture as its up in the roof so not easily accessible. why the AP wont join? Date/Time are fine on the WLC as is the region.
*spamReceiveTask: Jun 28 13:45:26.612: 2c:3f:38:be:23:c0 DTLS connection not found, creating new connection for 172:16:2:1 (57918) 172:16:0:1 (5246)
*spamReceiveTask: Jun 28 13:45:27.243: 2c:3f:38:be:23:c0 DTLS Session established server (172.16.0.1:5246), client (172.16.2.1:57918)
[Code]....
There are a total of 25 Cisco 3502 APs installed. 24 APs were discovered except for 1 AP. I run SH CDP NE on the switch and the AP was discovered by the switch but it does not have an IP address. On the output of the SH CDP NE DE, I noticed that on the AP that is not joining, the Platform is "cisco AIR-SAP3502E-E-K9" while the APs that joined the WLC, the Platform is "cisco AIR-CAP3502E-E-K9". The software versions are also different but this could be because the WLC already upgraded the IOS when the APs joined.Why is the Platform "SAP3502E" for the AP that did not join.
View 9 Replies View RelatedI had problems joining a 1131AG AP to a "new" 5508 WLC with 7.4.100.0 running. This AP has been connected to a, for me unknown controller for years. Now the customer wants to move this AP to a newer 5508 controller with 7.4.100.0 We [URL] could not get this AP to the controller connected. Now I have this AP on my desk. I have a 5508 (7.4.100.0) as well. I connected the AP to the same network as the WLC Management -> AP did not connect, tried to download the "new" IOS but didn't seem to work, same as already in the old tread. So I tried to login to the AP, but it seemed to have a for me unknown Account / Password.
-> I did a reset of the AP by pressing the mode button (about 2-3 sec.) during Power on (not connected to the network). Now I could log on to the AP. I deleted six crashinfos and connected the AP back to the network.
Now the AP joined the controller.
Does a "unknown" Password prevent the AP to join to a other WLC?
The AP hat 15740928 bytes total (6409728 bytes free) space on the Flash: was this enough for the new image? 15740928 bytes total (7798272 bytes free) after deleting the crashinfos
The customer has more AP's that has to join the new controller, would be nice that we don't have to reset all APs.
After a wireless network interruption, one of MAP 1522 it's not joining to WLC .
(Cisco Controller) >show ap join stats detailed 00:08:30:bb:53:20
Discovery phase statistics
- Discovery requests received.............................. 7
- Successful discovery responses sent...................... 5
[Code]....
