5508 HA and DTLS

Hello,
i have a 5508 HA cluster with different software.
Primary AIR-CT5500-K9-7-6-110-0.aes
Secondary AIR-CT5500-LDPE-K9-7-6-110-0.aes and a 6.x FUS
is it possible to change the secondary to AIR-CT5500-K9-7-6-110-0.aes and FUS 1.9.0.0 ?
Regards Sven

Hello Scotty,
sorry for my very late answer, rebooting after disable AP SSO was the reason.
After rebooting it was still impossible to install the license because the lack of the gui "install license" command on secondary (stupit, i forgot to try it over cli)
I cleared the config ( no HA) installed the license, FUS and Firmware (without LDPE).
After rebooting I started with a new secondary installation and everything works fine, now.
Thanks for your help
Sven

Similar Messages

WLC 5508 LAG and CAt 3750 cross stack

Hello,
I would like to use the LAG feature on my 5508 WLCs and connect each of them to two different port of a 3750 stack using cross stack. Do you think it will work?
Cisco suggests not to connect different LAG ports of a WLC to different CAT3750 but it's not clear if it was referred to different standalone 3750s or to a stackwise of 3750s.
Tnks all
Johnny

The HA kicks in when the primary looses gateway, do a small test, keep a continuous ping to WLC from its gateway as source and break one of the link in the LAG and see if you drop any packet ?

Minimum connection speeds 5508 controller and 2602E APs

We have an applicaiton that is sensitive to network speeds. Is there a way to guarantee a minimum wireless network speed such as 100 MBs utilizing a 5508 controller and 2602e APs?

We have an applicaiton that is sensitive to network speeds. Is there a way to guarantee a minimum wireless network speed such as 100 MBs utilizing a 5508 controller and 2602e APs?
Not easy. Wireless is a shared medium. This means if one client talks, everyone else has to stop and wait for their turn.
It's like doing video. Video is time-sensitive. If you put a single AP in a room (granted you've got full 1Gbps ethernet access all the way), and you get 25 people continuously streaming videos, then you'll see some impact. Bring the number down to say, 8 to 10 and you'll see improvements.
What kind of application are we talking about here?

Connection between 5508 WLC and 3750-24PS switch

I have to realize a connection between an 5508 WLC and 3750 switch using one SFP cable. I found on Cisco documentation some reference about two different SFP cables.
The first one is CAB-SFP-50CM, but this is used to interconnect two 3560 switches.
The second is SFP-H10GB-CU1M. This one has SFP+ transceivers on both ends which I don’t know if are compatible with the standard SFP ports that can be found both on WLC and switch.
My question is if I can use one of these cables in order to connect my devices, or if you know other one piece SFP cables.
Many thanks

I know that you can use those SFP transceivers, but I want to know if someone tried to use the SFP-H10GB cables for this kind of connection. Because I saw on another vendor website that the SFP+ cables are compatible with standard SFP ports, and I wanted to see if it is the same for Cisco cables too.
Regards

Office extend 1142 and dtls keepalive failure

Hi
I am setting up office extend with 1142 APs on a 5508 controller. All seems ok and I see my SSIDs on the remote AP. However when I try to connect I don't get a dhcp address and the connection fails. When I look at logs and some debugs I see dtls keepalive failures and the AP is actually disconnecting and re-associating with the controller.
As a troubleshooting step I decided to disable Data encryption through the AP advanced tab and after the AP resets all is now working.
Would anyone have an idea why data encryption would cause the issue ? I have opened the standard 5246 and 5247 UDP ports on my firewall. Have I missed out some other port that may need opened ?
Many thanks, St.

Scott
The AP is changed from Local mode to H-REAP mode.
In the H-REAP tab we have Enable Office Extend ticked.
In the Advanced tab to get this to work the Data Encryption box is unticked and the text below says Current Dta Encryption Status is plain text. I can't think of any other settings related to office extend other than the NAT stuff on the management interface and allowing 5246 and 5247 through the firewall.
So if these settings are being correctly reported the question is why do I then see Data and ctrl being encrypted when I do "Show dtls connections" If I have unticked Data encryption I expect to see only ctrl connections being encrypted.
I can't see any other config issue that would allow dhcp and a connection to work with Data encryption disabled and cause it to fail with Data encryption enabled.
The AP always joins the controller no matter what the Data encryption setting is. However with it unticked the AP retains its connection to the controller and I can get an IP and pass data normally. With the data encryption box ticked the AP joins the controller then soon afterwards drops off reporting a DTLS keepalive issue. No IP address and no data passed. In fact with data encryption ticked I see a message of the form "DTLS plumbed in" or something similar. Then soon after I get the keepalive error and the AP drops off.
Thanks, St.

2 Cisco WLC 5508 controllers and software upgrade 7.6.130 + FUS 1.9

Hi
I have two WLC 5508 controllers that need 7.6.130 and FUS 1.9 installed. (Current version 7.3 and FUS 1.7)
Configuration: One controller is at Site A and the other controller is at Site B (two different states..)
They're configured so that if Site A goes down, Site A AP's will failover to Site B and vice versa ..
- What would be the recommended approach for upgrading the software to 7.6.130.0 (from 7.3) and also upgrading FUS 1.9 (from 1.7)?
My plan was to download 7.6.130.0 to both controllers and pre-download the software to all AP's (about 100 total between both sites) and then reboot the controllers at night at the same time? Or one before the other?
Step 2. Install FUS 1.9 to each controller.
I'm concerned over what might happen during the upgrade and AP failover etc..
Thanks

This is what I would do:
Upload v7.6.130.0 to all WLCs and then use the pre image download to push the image to all access points.
Dont reboot the wlc
Image swap in the access points so that v7.6.130.0 is primary
Move all access point to one of the WLCs (A)
Enable ap AAA authentication on the WLC that has no access points and the one you will work on first. This prevents access points from joining
Reboot the WLC (A)
Upload the FUS 1.9.0.0
Reboot WLC (A) this takes up to 45 minutes
When the WLC (A) comes back online, uncheck ap AAA authentication
Move access points from WLC (B) to WLC (A)
Enable ap AAA authentication on WLC (B)
Perform all the other task you did earlier on WLC (A)
That's it.
-Scott

Format WLC-5508 Flash and IOS recovery guide

Dear Support Cummunity,
i have a WLC-5508 where by i am unable to join any kind of AIR-LAP1x00 Access-Points.
They can't join in the local management ip of the controller within same L2 or via routed network thereby using the APs CLi by
"lwapp ap controller ip addr xx.xx.xx.xx".
I upgraded from: 6.0.188.0 to
AIR-CT5500-K9-6-0-199-0.aes
AIR-CT5500-K9-7-0-98-0.aes
thereby catching the same logs every time.
The main error message from the WLCs log i catched first is:
"maximum number of downloads (0) exceeded"
*sntpReceiveTask: Jul 16 07:40:58.827: %LOG-3-Q_IND: capwap_ac_sm.c:1683 Ignoring discovery request from AP 00:26:99:86:c9:b9 - maximum number of downloads (0) exceeded
*spamApTask1: Jul 16 07:40:58.343: %CAPWAP-3-DISC_MAX_DOWNLOAD: capwap_ac_sm.c:1683 Ignoring discovery request from AP 00:26:99:86:c9:b9 - maximum number of downloads (0) exceeded
*sntpReceiveTask: Jul 16 07:40:48.822: %LOG-3-Q_IND: capwap_ac_sm.c:1683 Ignoring discovery request from AP 00:26:99:86:c9:b9 - maximum number of downloads (0) exceeded
*spamApTask1: Jul 16 07:40:48.342: %CAPWAP-3-DISC_MAX_DOWNLOAD: capwap_ac_sm.c:1683 Ignoring discovery request from AP 00:26:99:86:c9:b9 - maximum number of downloads (0) exceeded
Later on i found some more logging infos:
*Aug 16 04:12:07.188: %SYSTEM-3-FILE_READ_FAIL: nvstore.c:422 Failed to read configuration file 'cliWebInitParms.cfg'
*Aug 16 04:12:07.188: %CNFGR-3-INV_COMP_ID: cnfgr.c:2080 Invalid Component Id : Unrecognized (81) in cfgConfiguratorInit.
*Aug 16 04:12:07.139: %SYSTEM-3-FILE_READ_FAIL: nvstore.c:422 Failed to read configuration file 'rfidInitParms.cfg'
*Aug 16 04:12:07.126: %SYSTEM-3-FILE_READ_FAIL: nvstore.c:422 Failed to read configuration file 'dhcpParms.cfg'
*Aug 16 04:12:07.113: %SYSTEM-3-FILE_READ_FAIL: nvstore.c:422 Failed to read configuration file 'bcastInitParms.cfg'
*Aug 16 04:12:07.047: %SYSTEM-3-FILE_READ_FAIL: nvstore.c:422 Failed to read configuration file 'rrmInitParms.cfg'
*Aug 16 04:12:06.906: %SYSTEM-3-FILE_READ_FAIL: nvstore.c:422 Failed to read configuration file 'apfInitParms.cfg'
*Aug 16 04:12:06.801: %MM-3-MEMBER_ADD_FAILED: mm_dir.c:860 Could not add Mobility Member. Reason: IP already assigned, Member-Count:1,MAC: 00:00:00:00:00:00, IP: 0.0.0.0
*Aug 16 04:12:06.599: %SYSTEM-3-FILE_READ_FAIL: nvstore.c:422 Failed to read configuration file 'mmInitParms.cfg'
*Aug 16 04:12:06.589: %SYSTEM-3-FILE_READ_FAIL: nvstore.c:422 Failed to read configuration file 'aaaapiInitParms.cfg'
*Aug 16 04:12:06.587: %SYSTEM-3-FILE_READ_FAIL: nvstore.c:422 Failed to read configuration file 'pemInitParms.cfg'
*Aug 16 04:12:06.474: %SYSTEM-3-FILE_READ_FAIL: nvstore.c:422 Failed to read configuration file 'dot1xInitParms.cfg'
*Aug 16 04:12:06.446: %SYSTEM-3-FILE_READ_FAIL: nvstore.c:422 Failed to read configuration file 'capwapInitParms.cfg'
*Aug 16 04:12:06.301: %SYSTEM-3-FILE_READ_FAIL: nvstore.c:422 Failed to read configuration file 'spamInitParms.cfg'
*Aug 16 04:12:06.298: %LICENSE-1-REQUEST_FAILED: license_syslog_notify:564 License request for feature base-ap-count 1.0 failed in this device, UDI=AIR-CT5508-K9:FCW1341L530
*Aug 16 04:12:05.221: %SSHPM-3-FREAD_FAILED: sshpmlscscep.c:1268 Error reading file /mnt/application/lscca_pem.crt
*Aug 16 04:11:46.121: %SYSTEM-3-FILE_READ_FAIL: nvstore.c:422 Failed to read configuration file 'sshpmInitParms.cfg'
as for me it looks like my filesystem is kind of corrupted since several files can not be read.
now at power up one can choose 5 in order to format flash/disk. unfortuanitly i have not found some documentation about formatting flash procedures.
please guide me to the appropriate documentation.
============================================================
Boot Loader Menu
============================================================
1. Run primary image (7.0.98.0) - Active
2. Run backup image (6.0.199.0)
3. Change active boot image
4. Clear configuration
5. Format FLASH Drive
6. Manually update images
Enter selection: 5
Launching...
WARNING! Choose this option may render the device warranty invalid
and/or make the device unusable.
what are my next steps going to be from here in order to format/restore?
thank you
colin

(Cisco Controller) >show sys
Incorrect usage. Use the '?' or key to list commands.
(Cisco Controller) >show sysinfo
Manufacturer's Name.............................. Cisco Systems Inc.
Product Name..................................... Cisco Controller
Product Version.................................. 7.0.98.0
Bootloader Version............................... 1.0.1
Field Recovery Image Version..................... N/A
Firmware Version................................. FPGA 1.3, Env 1.6, USB console 1.27
Build Type....................................... DATA + WPS
System Name...................................... WLC
System Location..................................
System Contact...................................
System ObjectID.................................. 1.3.6.1.4.1.9.1.1069
IP Address....................................... 192.168.11.16
Last Reset....................................... Software reset
System Up Time................................... 0 days 0 hrs 4 mins 41 secs
System Timezone Location......................... (GMT +1:00) Amsterdam, Berlin, Rome, Vienna
Current Boot License Level....................... base
Current Boot License Type........................ Permanent
Next Boot License Level.......................... base
Next Boot License Type........................... Permanent
Configured Country............................... CH - Switzerland
--More-- or (q)uit
Operating Environment............................ Commercial (0 to 40 C)
Internal Temp Alarm Limits....................... 0 to 65 C
Internal Temperature............................. +39 C
External Temperature............................. +25 C
Fan Status....................................... OK
State of 802.11b Network......................... Enabled
State of 802.11a Network......................... Enabled
Number of WLANs.................................. 1
Number of Active Clients......................... 0
Burned-in MAC Address............................ 00:24:97:CE:E0:40
Power Supply 1................................... Present, OK
Power Supply 2................................... Absent
Maximum number of APs supported.................. 0 ç ???
why is it that it tells me i've got 0 APs supported on a permanent base license witch ships per default?
i tried to install a evaluation License but without success..

5508-250 and 5508-500 Port to AP ratio

Hello all,
I'm looking into upgrading our 4400 series controller to 5508's. Currently we have a few sites that have 8-9 4404 100AP controllers and I'm looking to condense these down to either 3 5508-500 or 5 5508-250 depending on cost. I'm wondering what a good port to AP ratio is for controllers with licenses that can handle over 100 AP's. I know the general rule of thumb is 25 AP's per port, but that seems to me to be 4400 way of thinking. I'm trying to also reduce the controllers overall footprint, i.e. ports on the uplink switch, power consumption, rack space etc. Is there anyone that has experience with this? Any help on the matter would be great!!
Thanks
Dave

David,
First welcome to CSC.
Yes, that was mentioned 25 aps per port in one of the cisco documents. I will share with you how I look at this question. How much traffic do you plan to generate on the WLAN? Knowing that all traffic will come back to the WLC.
I manage a large network and we generate about 50-200 meg of traffic in a regular basis. So in theory one port should do it .. But of course, we are network warriors and there is never enough bandwidth!

Trying to separate mst and dtl data while extracting from xml

Any help is greatly appreciated.
What I try to get done is as follows:
My external xml file structure has a header and 2 sub-sections with eachsub-section having multiple nodes.
<BOM>
<Header>
<Article>123</Article>
<Description></Description>
<Language>E</Language>
<Plant>QUO</Plant>
<ValidFrom>20120424</ValidFrom>
<ValidTo></ValidTo>
<BaseQty>1000</BaseQty>
<BaseUoM>kg</BaseUoM>
<Price>212.51</Price>
<LCFfound>Yes</LCFfound>
<Ingredients>
<Ingredient>
<Counter>1</Counter>
<Component>G52000</Component>
<CompDescr>AGRICULTURAL SALT</CompDescr>
<Quantity>557.941</Quantity>
<UoM>kg</UoM>
<Percentage>55.794</Percentage>
<Available>Yes</Available>
<MinQty></MinQty>
<MaxQty></MaxQty>
</Ingredient>
<Ingredient>
<Counter>2</Counter>
<Component>G51000</Component>
<CompDescr>SYLVINITE</CompDescr>
<Quantity>273.501</Quantity>
<UoM>kg</UoM>
<Percentage>27.350</Percentage>
<Available>Yes</Available>
<MinQty></MinQty>
<MaxQty></MaxQty>
</Ingredient>
<Nutrients>
<Nutrient>
<Counter>1</Counter>
<CharDescr>WEIGHT</CharDescr>
<Description>WEIGHT</Description>
<Value>553.985</Value>
<Usage>3</Usage>
</Nutrient>
<Nutrient>
<Counter>2</Counter>
<CharDescr>PRICE</CharDescr>
<Description>PRICE</Description>
<Value>212.509</Value>
<Usage>4</Usage>
</Nutrient>
</Nutrients>
</Header>
</BOM>
I can't get the Ingredients/Ingredient and the Nutrients/Nutrient section separated out without loosing the relationship to the Header.
I use the following code to insert into my header table and that works fine:
insert into X_FM_HDR_IMP( ID
,PRODUCT
,DESCRIPTION
,LANG
,ORG
,FROM_DATE
,TO_DATE
,QTY
,UOM
,PRICE
,LCF_FOUND)
select x.*
from xmltable (XMLNAMESPACES(DEFAULT 'http://www.anysite.com/xmltable'),
'/BOM/Header'
passing xmltype(bfilename('XML_IMP_DIR', "testing.xml'), nls_charset_id('CHAR_CS'))
columns ID FOR ORDINALITY
,PRODUCT VARCHAR2(40) path 'Article'
,DESCRIPTION VARCHAR2(254) path 'Description'
,LANG VARCHAR2(5) path 'Language'
,ORG VARCHAR2(3) path 'Plant'
,FROM_DATE VARCHAR2(8) path 'ValidFrom'
,TO_DATE VARCHAR2(8) path 'ValidTo'
,QTY NUMBER path 'BaseQty'
,UOM VARCHAR2(3) path 'BaseUoM'
,PRICE NUMBER path 'Price'
,LCF_FOUND VARCHAR2(1) path 'LCFfound'
) as x;
I need to be able to either load the xml record into one table or preferably into 3 tables such that
<BOM>
<Header>
= record
and
<BOM>
<Header>
<Ingredients>
<Ingredient>
= record with 'Article' and 'Org' from <Header> as columns
and
<BOM>
<Header>
<Nutrients>
<Nutrient>
= record with 'Article' and 'Org' from <Header> as columns
The xml file structure cannot be changed because it is generated by a 3rd party.
Thanks again in advance for any insight on how to get this accomplished.

Using the following simplified structure :
create table header_imp (
ID number
, PRODUCT     VARCHAR2(40)
, DESCRIPTION VARCHAR2(254)
, LANG        VARCHAR2(5)
, ORG         VARCHAR2(3)
create table ingredient_imp (
Product      varchar2(40)
, org          VARCHAR2(3)
, Counter      number
, Component    varchar2(30)
, CompDescr    varchar2(254)
, Quantity     number
, UoM          varchar2(5)
create table nutrient_imp (
Product      varchar2(40)
, org          VARCHAR2(3)
, Counter      number
, CharDescr    varchar2(254)
, Description varchar2(254)
, Value        number
, Usage        number
);This multitable insert works for me :
insert all
when hrn = 1 then into header_imp
           (id, product, description, lang, org)
    values (id, product, description, lang, org)
when irn = 1 then into ingredient_imp
           (product, org, counter, component, compdescr, quantity, uom)
    values (product, org, i_counter, component, compdescr, quantity, uom)
when nrn = 1 then into nutrient_imp
           (product, org, counter, chardescr, description, value, usage)
    values (product, org, n_counter, chardescr, n_description, value, usage)
select -- header info
       h.id
     , h.product
     , h.description
     , h.lang
     , h.org
     , rownum hrn
     -- ingredient info
     , i.counter i_counter
     , i.component
     , i.compdescr
     , i.quantity
     , i.uom
     , row_number() over(partition by irn order by null) irn
     -- nutrient info
     , n.counter n_counter
     , n.chardescr
     , n.description n_description
     , n.value
     , n.usage
     , row_number() over(partition by nrn order by null) nrn
from xmltable (
       '/BOM/Header'
       passing xmltype(bfilename('TEST_DIR', 'testing.xml'), nls_charset_id('CHAR_CS'))
       columns
         ID FOR ORDINALITY
       , PRODUCT     VARCHAR2(40) path 'Article'
       , DESCRIPTION VARCHAR2(254) path 'Description'
       , LANG        VARCHAR2(5)   path 'Language'
       , ORG         VARCHAR2(3)   path 'Plant'
       , INGREDIENTS XMLType       path 'Ingredients'
       , NUTRIENTS   XMLType       path 'Nutrients'
     ) as h
, xmltable(
      '/Ingredients/Ingredient'
      passing h.ingredients
      columns
        Counter      number        path 'Counter'
      , Component    varchar2(30) path 'Component'
      , CompDescr    varchar2(254) path 'CompDescr'
      , Quantity     number        path 'Quantity'
      , UoM          varchar2(5)   path 'UoM'
      , irn          for ordinality
    ) i
, xmltable(
      '/Nutrients/Nutrient'
      passing h.nutrients
      columns
        Counter      number        path 'Counter'
      , CharDescr    varchar2(254) path 'CharDescr'
      , Description varchar2(254) path 'Description'
      , Value        number        path 'Value'
      , Usage        number        path 'Usage'
      , nrn          for ordinality
    ) n
SQL> select * from header_imp;
        ID PRODUCT         DESCRIPTION         LANG ORG
         1 123                                 E     QUO
SQL> select * from ingredient_imp;
PRODUCT         ORG    COUNTER COMPONENT                      COMPDESCR                     QUANTITY UOM
123             QUO          1 G52000                         AGRICULTURAL SALT              557,941 kg
123             QUO          2 G51000                         SYLVINITE                      273,501 kg
SQL> select * from nutrient_imp;
PRODUCT         ORG    COUNTER CHARDESCR                      DESCRIPTION                 VALUE      USAGE
123             QUO          1 WEIGHT                         WEIGHT                    553,985          3
123             QUO          2 PRICE                          PRICE                     212,509          4

ISE and WLC 5508 IP and MAc address

Hi!
Is it possible that we recibe IP address and Mac address Client at the same time in ISE ?
The wlc permits choose radius Call station ip type MAC or IP, but not both.
Thanks you,

If you are using dot1x then no, the mac address is sent since the client does not receive an ip address till authetication succeeds.
Sent from Cisco Technical Support Android App

5508 WLC and 1532 Outdoor AP's

Is it possible to set up an outdoor mesh using AP1532's connected to the 5508 WLC running latest code (7.6.110.0)?

The deployment guide is here
http://www.cisco.com/c/en/us/td/docs/wireless/technology/mesh/7-6/design/guide/mesh76/mesh76_chapter_01.html#ID543

AIR-CAP3702I booting up in mesh mode and not joining our 5508 WLC

I have a batch of 30+ AIR-CAP3702I-A-K9 APs that I need to setup but none of them are joining to the 5508 WLC and when I connect a console cable and view the output from the AP it shows that it is trying to initiate in mesh mode. I have read other forums that are showing that I need to put in the APs MAC address to a filter list on the WLC for it to show up and then I will be able to change it from mesh mode to local mode. The only issue I'm having with that solution is not knowing how it will affect my current production environment off of that 5508 WLC. I have 69 active production APs with clients working off them and there are no MAC filters currently in place on the WLC. By adding a MAC filter entry for the new APs would the WLC create an implicit deny for all other clients that don't have their MAC addresses entered?? If so is there another work around? Can the mode be changed via the CLI on the AP itself to make it local instead of mesh?

sh capwap client rcb
AdminState : ADMIN_ENABLED
SwVer : 7.6.1.118
NumFilledSlots : 2
Name : AP88f0.4290.7184
Location : default location
MwarName : xxxxx
MwarApMgrIp : x.x.x.x !<it has the correct name and IP of the WLC>
MwarHwVer : 0.0.0.0
ApMode : Bridge
ApSubMode : Not Configured
OperationState : JOIN
CAPWAP Path MTU : 576
LinkAuditing : disabled
ApRole : MeshAP
ApBackhaul : 802.11a
ApBackhaulChannel : 0
ApBackhaulSlot : 2
ApBackhaul11gEnabled : 0
ApBackhaulTxRate : 24000
Ethernet Bridging State : 0
Public Safety State : disabled
AP Rogue Detection Mode : Enabled
AP Tcp Mss Adjust : Disabled
AP IPv6 TCP MSS Adjust : Disabled
Predownload Status : None
Auto Immune Status : Disabled
RA Guard Status : Disabled
Efficient Upgrade State : Disabled
Efficient Upgrade Role : None
TFTP Server : Disabled
Antenna Band Mode : Unknown
802.11bg(0) Radio
ADMIN State = ENABLE [1]
OPER State = DOWN [1]
CONFIG State = UP [2]
HW State = UP [4]
Radio Mode : Bridge
GPR Period : 0
Beacon Period : 0
DTIM Period : 0
World Mode : 1
VoceraFix : 0
Dfs peakdetect : 1
Fragmentation Threshold : 2346
Current Tx Power Level : 0
Current Channel : 11
Current Bandwidth : 20
802.11a(1) Radio
ADMIN State = ENABLE [1]
OPER State = DOWN [1]
CONFIG State = UP [2]
HW State = UP [4]
Radio Mode : Bridge
GPR Period : 0
Beacon Period : 0
DTIM Period : 0
World Mode : 1
VoceraFix : 0
Dfs peakdetect : 1
Fragmentation Threshold : 2346
Current Tx Power Level : 1
Current Channel : 165
Current Bandwidth : 20
It is showing the following error on our WLC in the log file:
Tue Jul 15 14:01:26 2014
AAA Authentication Failure for UserName:88f042907184 User Type: WLAN USER
And here are some of the errors it's showing on the AP after bootup:
*Jul 15 17:47:30.471: %CAPWAP-5-SENDJOIN: sending Join Request to x.x.x.x
*Jul 15 17:47:31.003: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to down
*Jul 15 17:47:31.031: %LINK-6-UPDOWN: Interface Dot11Radio0, changed state to up
*Jul 15 17:47:31.039: %LINK-6-UPDOWN: Interface Dot11Radio0, changed state to down
*Jul 15 17:47:31.047: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to reset
*Jul 15 17:47:32.067: %LINK-6-UPDOWN: Interface Dot11Radio0, changed state to up
*Jul 15 17:47:33.067: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to up
*Jul 15 17:47:35.471: %CAPWAP-5-SENDJOIN: sending Join Request to x.x.x.x
*Jul 15 17:47:35.471: %DTLS-5-ALERT: Received WARNING : Close notify alert from x.x.x.x
*Jul 15 17:47:35.475: %LINK-6-UPDOWN: Interface Dot11Radio0, changed state to down
*Jul 15 17:47:35.483: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to reset
*Jul 15 17:47:36.475: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to down
*Jul 15 17:47:36.503: %LINK-6-UPDOWN: Interface Dot11Radio0, changed state to up
*Jul 15 17:47:37.503: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to up
*Jul 15 17:48:15.007: %MESH-3-TIMER_EXPIRED: Mesh Lwapp join timer expired
*Jul 15 17:48:15.007: %MESH-3-TIMER_EXPIRED: Mesh Lwapp join failed expired
*Jul 15 17:48:15.007: %MESH-6-LINK_UPDOWN: Mesh station 88f0.4290.7184 link Down
*Jul 15 17:48:17.007: %LINK-6-UPDOWN: Interface BVI1, changed state to down
*Jul 15 17:48:22.507: %LINEPROTO-5-UPDOWN: Line protocol on Interface BVI1, changed state to down
*Jul 15 17:59:10.099: %CAPWAP-3-ERRORLOG: Invalid event 31 & state 4 combination
*Jul 15 17:59:10.099: %CAPWAP-3-ERRORLOG: SM handler: Failed to process timer message. Event 31, state 4

Best practices for network design on WLC 2504 and 5508

Dear all:
I'm looking for some recommendations on WLC 2504 and 5508 about the the following:
Maximum amount of AP per port
The scenario when to use all ports in both WLC
Maximum number of clients(users) per port
Bandwidth comsumption of management vs data in order to assign one port for management
I've just found this:
Cisco 5508 controllers have eight Gigabit Ethernet distribution system ports, through which the controller can manage multiple access points. The 5508-12, 5508-25, 5508-50, 5508-100, and 5508-250 models allow a total of 12, 25, 50, 100, or 250 access points to join the controller. Cisco 5508 controllers have no restrictions on the number of access points per port. However, Cisco recommends using link aggregation (LAG) or configuring dynamic AP-manager interfaces on each Gigabit Ethernet port to automatically balance the load. If more than 100 access points are connected to the 5500 series controller, make sure that more than one gigabit Ethernet interface is connected to the upstream switch.
http://www.cisco.com/c/en/us/td/docs/wireless/controller/6-0/configuration/guide/Controller60CG/c60mint.html
Thanks for your help.

The 5508-12, 5508-25, 5508-50, 5508-100, and 5508-250 models allow a total of 12, 25, 50, 100, or 250 access points to join the controller.
This is an old document. 5508 can now support up to 500 APs if you run firmware 7.X. 2504 can support up to 75 APs if you run firmware 7.4.X.
I'm looking for some recommendations on WLC 2504 and 5508 about the the following:
Best practice and recommendation is to LAG all ports so you will be able to form a link redundancy. If one link goes down, you have other link to push traffic.

WLC 5508 - AP 1600 serie's are conecting with WLC but unable to regester with WLC and country is US no matter what I do, i can't change it

Hello everyone!
I have a controller of the 5508 series and Ap 1602.
Ap manage to obtain IP addresses from the DHCP server that is the 5508 controller.
but the Rev fail to register, please I really vesoin help.
Below are some show:
1. AP: sh version
AP0006.f6d5.ea9c#sh version
Cisco IOS Software, C1600 Software (AP1G2-RCVK9W8-M), Version 15.2(2)JB, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2012 by Cisco Systems, Inc.
Compiled Tue 11-Dec-12 04:52 by prod_rel_team
ROM: Bootstrap program is C1600 boot loader
BOOTLDR: C1600 Boot Loader (AP1G2-BOOT-M) LoaderVersion 15.2(2)JAX, RELEASE SOFTWARE (fc1)
AP0006.f6d5.ea9c uptime is 38 minutes
System returned to ROM by power-on
System image file is "flash:/ap1g2-rcvk9w8-mx/ap1g2-rcvk9w8-mx"
Last reload reason:
This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.
A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html
If you require further assistance please contact us by sending email to
[email protected].
cisco AIR-CAP1602E-E-K9    (PowerPC) processor (revision A0) with 98294K/32768K bytes of memory.
Processor board ID FGL1709Z6PC
PowerPC CPU at 533Mhz, revision number 0x2151
Last reset from power-on
LWAPP image version 7.4.1.37
1 Gigabit Ethernet interface
32K bytes of flash-simulated non-volatile configuration memory.
Base ethernet MAC Address: 00:06:F6:D5:EA:9C
Part Number                          : 73-14508-04
PCA Assembly Number                  : 000-00000-00
PCA Revision Number                  :
PCB Serial Number                    : FOC17020MTR
Top Assembly Part Number             : 800-38553-01
Top Assembly Serial Number           : FGL1709Z6PC
Top Revision Number                  : A0
Product/Model Number                 : AIR-CAP1602E-E-K9
Configuration register is 0xF
2. AP: sh ip interface brief
Interface                  IP-Address      OK? Method Status                Protocol
BVI1                       unassigned      YES DHCP   up                    up
GigabitEthernet0           unassigned      NO unset up                    up
GigabitEthernet0.1         unassigned      YES unset up                    up
3. AP: sh inventory
---nothing---
4. WLC: sh sysinfo
(Cisco Controller) >show sysinfo
Manufacturer's Name.............................. Cisco Systems Inc.
Product Name..................................... Cisco Controller
Product Version.................................. 7.3.101.0
Bootloader Version............................... 1.0.1
Field Recovery Image Version..................... 6.0.182.0
Firmware Version................................. FPGA 1.3, Env 1.6, USB console 1.27
Build Type....................................... DATA + WPS
System Name...................................... WLC-EEML
System Location..................................
System Contact...................................
System ObjectID.................................. 1.3.6.1.4.1.9.1.1069
Redundancy Mode.................................. Disabled
IP Address....................................... 10.10.10.1
Last Reset....................................... Software reset
System Up Time................................... 1 days 1 hrs 13 mins 37 secs
System Timezone Location.........................
Configured Country............................... US - United States
Operating Environment............................ Commercial (0 to 40 C)
Internal Temp Alarm Limits....................... 0 to 65 C
Internal Temperature............................. +39 C
--More-- or (q)uit
External Temperature............................. +25 C
Fan Status....................................... OK
State of 802.11b Network......................... Enabled
State of 802.11a Network......................... Enabled
Number of WLANs.................................. 1
Number of Active Clients......................... 0
Burned-in MAC Address............................ E0:2F:6D:5D:7D:C0
Power Supply 1................................... Present, OK
Power Supply 2................................... Absent
Maximum number of APs supported.................. 25
5. WLC: sh time
Time............................................. Fri Jan 3 12:21:37 2014
Timezone delta................................... 0:0
Timezone location................................
NTP Servers
    NTP Polling Interval.........................     86400
     Index     NTP Key Index     NTP Server      NTP Msg Auth Status
also, I'm in africa but
I can not change the country or the time zone
thank you in advance for your help

Hi,
By CLI:
Before change the country code on wlc , You must disable
WLC > config 802.11a disable network
WLC >config 802.11b disable network
WLC >config country SA (...or wtever country u are in)
And then enable both network again.
WLC >config 802.11a enable network
WLC >config 802.11b enable network
By GUI:
First disable both network 802.11a and 802.11b
Follow these steps to disable the 802.11a and 802.11b/g networks as follows:
a.          Choose Wireless> 802.11a/n > Network.
b.          Unselect the 802.11a Network Status check box.
c.          Click Apply to commit your changes.
d.          Choose Wireless > 802.11b/g/n > Network.
e.          Unselect the 802.11b/g Network Status check box.
f.          Click Apply to commit your changes.
Change country code on WLC now:
Choose Wireless > Country
after changing the country code please enable both networks(802.11a and 802.11b)
Hope it helps.
Regards
Dont forget to rate helpful posts.

WLC 5508 and 5760 Compatibility

Hi,
We have 5508 WLC and adding a new 5760..
is it possible for this 2 to be in the N+1 model?
If the 5508 WLC goest down, does the AP previously associated to 5508 need to re-download the image to join 5760?
Or as long as it's running within the following compatibility matrix, The AP wouldn't need to re-download?
Table 4 Software Compatibility Matrix
Cisco 5700 WLC
Catalyst 3850
Catalyst 3650
Cisco 5508 WLC or WiSM2
MSE
ISE
ACS
Cisco PI
03.03.01SE
03.03.01SE
03.03.01SE
7.6
7.5
7.5
1.2
5.2, 5.3
2.0
03.03.00SE
03.03.00SE
03.03.00SE
7.6
7.5
7.5
1.2
5.2, 5.3
2.0
Thanks for all the answers

Yes, you can put them in same mobility group.
To do this you have to enable "New Mobility" feature of your 5508 & configure the mobility between each others.
Since 7.5.x is deffered only 7.6.x is the option for this. (7.4.x is not supporting this feature). This will enable CAPWAP inter-controller communication instead of EoIP (used by legacy controllers 5508,2504, WiSM)
HTH
Rasika
**** Pls rate all useful responses ****

5508 HA and DTLS

Similar Messages

Maybe you are looking for