Access points no longer join WLC

Similar Messages

• Trying to get home shaing working on apple tv using Cisco Access points and a Cisco WLC 5508 with 7.2.110 code.  I can get devices working individually but they never see each other.  I can ping the apple tv from my laptop and ipad.

  Trying to get home sharing working on a corporate wireless network.  Cisco wireless.
  WLC5508 controller
  Cisco 3502 access points
  All apple devices on same WLAN - security WPA2-PSK
  ITunes account up to date
  All devices laterst software.
  Can ping apll tv from laptop
  can ping apple tv from ipad
  Can ping ipad from laptop
  can ping laptop from ipad.
  Apple tv never sees any other device.
  Any ideas?

  Fascinating just reading about your setup. I have a WRT350N and have noticed that it will drop its speed, sometimes down to 1Mbps. It seems to do so at about the same time every day, but usually comes back to speed in about 5 minutes. In my experience, the Apple TV will disconnect if the speed falls this low. Try monitoring the Linksys with Netstumbler, Vistumbler, or just in the Windows Network utility.
  Check the "lease obtained" and "lease expired" times for your router to see if that is when the network fails. I've just finished reading an angry thread over at the Linksys forum about the WRT330N where someone mentioned that the router wasn't renewing its lease.
  "I cannot set it run off automatic DHCP from the WRT330N, the router will not assign it an IP every time the lease expires, causing me to have to manually set an IP on the Print server. That's annoying. Having the router drop IP's to individual machines after 12-48 hours...very annoying."
  http://forums.linksys.com/linksys/board/message?board.id=Wireless_Routers&thread .id=67412
  If that is the problem, then I would consider setting up a Static IP address for your Apple TV. You can do that through the user interface -> Settings -> Network -> Configure ... (Quite intuitive as you only have change IP address and the subsequent details remain the same.)
  My router assigns IP Addresses in the ranges of 192.168.1.100 ->149. The idea here is to choose an address outside of that range but is not greater than 192.168.1.253 (and should not end in the number 1). You shouldn't have to change the linksys router as long as 50 clients are assigned in that range. You'll have to figure that out by accessing your router webpage at browser address 192.168.1.1 -> the default password is "admin" (without the quotes).
  Good luck.

• Access Point Secured Registration to WLC

  Hello
  Which option on WLC ensure that any AP registering to WLC should be first authenticated with a password and then register to a WLC
  cheers
  CP

  Hell there ...
  Take a peek at the below link.. I think this is what you are asking ?
  Lightweight Access Point (LAP) Authorization in a Cisco Unified Wireless Network Configuration Example
  http://www.cisco.com/en/US/customer/products/ps6366/products_configuration_example09186a00808c7234.shtml

• WCS displays Access Point as disassociated but WLC shows as associated

  Hi all,
  I have a WCS ver 7.0.172, a 5508 WLAN Controller with ver 7.0.116.0. At this WLC 21 Access Points (AIR-LAP1131AG-E-K9 ) were associated. As well I have one CleanAir Access Point (AIR-CAP3502E-E-K9) is associated.
  And now ... my problem:
  every time the WCS got a critical error and reports that the AP is disassociated from Controller. But if I take a look to the WLC the AP is associated and works at local mode and have two clients associated.
  I cleared the alarm - a few minutes later the alarm will be reported again. Same result if I delete the alarm.
  Could anybody give support for that issue.
  Thanks and regards
  Holger

  Hi Holgerseiler,
  Have you got any information/solution on this issue?
  I also have same kind of issue. I have a WCS with version 7.0.172.0, and around 25 WLCs (version7.0.116.0, in which i checked) and totally around 1000 APs are assiociated in wireless network.
  Some error messages are coming on my WCS device like
  "AP disassociated from Controller [ip]"
  Here AP name and WLC ip address will change randomly, but there is no impact on my network.
  Thanks in advance
  Sangeeth BS

• Access points connect to wrong WLC

  Hello everybody,
  I have a problem with some access point.
  We have two WLC's one AIR-CT5508-K9 and one AIR-WLC4404-100-K9.
  now i have 6 access points that don't register anymore to the right controller.
  in high availability i have set the right name of primary controller and also the correct ip address, but somehow they keep registering to the other controller.
  Does someone know how i can fix this problem.
  info:
  AIR-CT5508:SEDA-PM_Line_1
  WLC4404: SEDA-PM_Office_1
  6 accesspoints are connected to SEDA-PM_Line_1 but they should be connected to SEDA-PM_Office_1
  settings in AP are correct in my opinion

  here is the information,
  (Cisco Controller) >show sysinfo
  Manufacturer's Name.............................. Cisco Systems Inc.
  Product Name..................................... Cisco Controller
  Product Version.................................. 7.0.116.0
  RTOS Version..................................... 7.0.116.0
  Bootloader Version............................... 3.2.195.10
  Emergency Image Version.......................... N/A
  Build Type....................................... DATA + WPS
  System Name...................................... SEDA-PM_Office_1
  System Location.................................. Mao, Brazil
  System Contact................................... Network_Admin
  System ObjectID.................................. 1.3.6.1.4.1.14179.1.1.4.3
  IP Address....................................... 105.103.112.5
  System Up Time................................... 8 days 15 hrs 9 mins 55 secs
  System Timezone Location.........................
  Configured Country............................... US  - United States
  Operating Environment............................ Commercial (0 to 40 C)
  Internal Temp Alarm Limits....................... 0 to 65 C
  Internal Temperature............................. +38 C
  --More-- or (q)uit
  State of 802.11b Network......................... Enabled
  State of 802.11a Network......................... Disabled
  Number of WLANs.................................. 13
  Number of Active Clients......................... 132
  Burned-in MAC Address............................ 00:22:55:91:2B:C0
  Crypto Accelerator 1............................. Absent
  Crypto Accelerator 2............................. Absent
  Power Supply 1................................... Absent
  Power Supply 2................................... Present, OK
  Maximum number of APs supported.................. 100
  (Cisco Controller) >show time
  Time............................................. Thu Jan  9 07:58:29 2014
  Timezone delta................................... -4:0
  Timezone location................................
  NTP Servers
      NTP Polling Interval.........................     86400
       Index     NTP Key Index     NTP Server      NTP Msg Auth Status
         1              0        211.189.10.2       AUTH DISABLED
  AP information
  Warehouse_AP-3#sh version
  Cisco IOS Software, C1240 Software (C1240-K9W8-M), Version 12.4(23c)JA2, RELEASE SOFTWARE (fc3)
  Technical Support: http://www.cisco.com/techsupport
  Copyright (c) 1986-2011 by Cisco Systems, Inc.
  Compiled Wed 13-Apr-11 12:58 by prod_rel_team
  ROM: Bootstrap program is C1240 boot loader
  BOOTLDR: C1240 Boot Loader (C1240-BOOT-M) Version 12.4(13d)JA, RELEASE SOFTWARE (fc2)
  Warehouse_AP-3 uptime is 18 hours, 16 minutes
  System returned to ROM by power-on
  System image file is "flash:/c1240-k9w8-mx.124-23c.JA2/c1240-k9w8-mx.124-23c.JA2"
  This product contains cryptographic features and is subject to United
  States and local country laws governing import, export, transfer and
  use. Delivery of Cisco cryptographic products does not imply
  third-party authority to import, export, distribute or use encryption.
  Importers, exporters, distributors and users are responsible for
  compliance with U.S. and local country laws. By using this product you
  agree to comply with applicable laws and regulations. If you are unable
  to comply with U.S. and local laws, return this product immediately.
  A summary of U.S. laws governing Cisco cryptographic products may be found at:
  http://www.cisco.com/wwl/export/crypto/tool/stqrg.html
  If you require further assistance please contact us by sending email to
  [email protected].
  cisco AIR-LAP1242AG-A-K9   (PowerPCElvis) processor (revision A0) with 27638K/5120K bytes of memory.
  Processor board ID FTX1233B943
  PowerPCElvis CPU at 262Mhz, revision number 0x0950
  Last reset from power-on
  LWAPP image version 7.0.116.0
  1 FastEthernet interface
  2 802.11 Radio(s)
  32K bytes of flash-simulated non-volatile configuration memory.
  Base ethernet MAC Address: 00:1D:70:96:64:A0
  Part Number                          : 73-9925-07
  PCA Assembly Number                  : 800-26579-06
  PCA Revision Number                  : A0
  PCB Serial Number                    : FOC12320AKT
  Top Assembly Part Number             : 800-29151-03
  Top Assembly Serial Number           : FTX1233B943
  Top Revision Number                  : A0
  Product/Model Number                 : AIR-LAP1242AG-A-K9 
  Configuration register is 0xF
  Warehouse_AP-3#sh ip interface brief
  Interface                  IP-Address      OK? Method Status                Protocol
  Dot11Radio0                unassigned      NO  unset  up                    up     
  Dot11Radio1                unassigned      NO  unset  administratively down down   
  FastEthernet0              105.103.27.19   YES other  up                    up 
  Warehouse_AP-3#sh inventory
  NAME: "AP1240", DESCR: "Cisco Aironet 1240 Series (IEEE 802.11a/g) Access Point"
  PID: AIR-LAP1242AG-A-K9, VID: V03, SN: FTX1233B943
  there are 7 AP's that not register to the right controller some are different models:
  Warehouse_AP-1 - AIR-LAP1242G-A-K9
  Warehouse_AP-3 - AIR-LAP1242AG-A-K9
  Warehouse_AP-5 - AIR-LAP1242G-A-K9
  Warehouse_AP-6 - AIR-LAP1242G-A-K9
  Warehouse_AP-7 - AIR-CAP3502I-T-K9
  Warehouse_AP-9 - AIR-LAP1242AG-A-K9
  Warehouse_AP-10 - AIR-LAP1242G-A-K9
  Thank you for your help!!

• Wireless access point no longer working with ios7

  Upgraded to ios7 and did not change anything. Wireless access point still recognised in settings however no internet connection possible. What's wrong or different with iOS 7?

  1. Turn router or access point off for 30 seconds and on again.
  2. Settings>General>Reset>Reset Network Settings.

• Access points not registering with WLC

  Hi all,
  I have a 5508 WLC in LAG mode and have 14 1231G WAPs connected to it already. However I still have to migrate 9 more WAPs from my old 4404 controller to the new 5508 controller. I cannot get remaining 9 WAPs to register with new WLC. I found following debug message from the WLC. My WLC license is valid for 50 APs. Have any of you guys seen this? What am I doing wrong here? Any lead is much appriciated.
  I have LAG setup with 2 ports out of 8 ports. Don't understand why it's giving error of not having enough capacity.
  Any advice is much appriciated. Thanks in advance.
  *spamApTask4: May 21 18:58:29.468: 00:23:04:c9:72:00 Echo Timer Expiry: Did not receive heartbeat reply from AP 00:23:04:c9:72:00 (10:4:12:26/36602)
  *spamApTask0: May 21 18:58:50.588: 00:13:60:7e:28:30 Join Priority Processing status = 0, Incoming Ap's Priority 0, MaxLrads = 50,joined Aps =14
  *spamApTask0: May 21 18:58:50.588: 00:13:60:7e:28:30 Refusing Discovery Request from AP 00:13:60:7e:28:30 - no AP manager with available capacity
  *spamApTask0: May 21 18:58:50.588: 00:13:60:7e:28:30 Join Priority Processing status = 0, Incoming Ap's Priority 0, MaxLrads = 50,joined Aps =14
  *spamApTask0: May 21 18:58:50.588: 00:13:60:7e:28:30 Refusing Discovery Request from AP 00:13:60:7e:28:30 - no AP manager with available capacity
  *spamApTask0: May 21 18:59:00.589: Could not find BoardDataPayload
  *spamApTask0: May 21 18:59:00.636:
  *spamApTask0: May 21 18:59:05.593: Could not find BoardDataPayload
  *spamApTask0: May 21 18:59:05.639:
  *spamApTask0: May 21 18:59:53.564: 00:13:60:7e:28:30 Join Priority Processing status = 0, Incoming Ap's Priority 0, MaxLrads = 50,joined Aps =14
  *spamApTask0: May 21 18:59:53.565: 00:13:60:7e:28:30 Refusing Discovery Request from AP 00:13:60:7e:28:30 - no AP manager with available capacity
  *spamApTask0: May 21 18:59:53.565: 00:13:60:7e:28:30 Join Priority Processing status = 0, Incoming Ap's Priority 0, MaxLrads = 50,joined Aps =14
  *spamApTask0: May 21 18:59:53.565: 00:13:60:7e:28:30 Refusing Discovery Request from AP 00:13:60:7e:28:30 - no AP manager with available capacity

  Guess the SSC got corrupted..
  Run the command "debug pm pki enable" on the WLC, copy the SSC and paste it on the WLC and see if that helps.. here is the link to do the same!!
  http://www.cisco.com/en/US/products/ps6366/products_configuration_example09186a00806a426c.shtml
  Lemme know if this answered ur question and please dont forget to rate the usefull posts!!
  Regards
  Surendra

• Access point register on anchor wlc in DMZ

  Hello,
  I have an environment in which two WLC 4400 are connected to an anchor WLC 4400 in DMZ, This WLC in DMZ pass the Guest Wlan to other two WLC and terminate tunnel CAPWAP. The Ap in the remote sites, that are configure to register to WLCs in the remote sites, usually are registered on the two WLCs but sometimes they register to WLC in DMZ, how is possible if between WLC in DMZ and other WLC there is a firewall that block all the traffic except CAPWAP traffic? 
  If I reboot the APs they register on the two correct WLCs in remote sites.
  Thanks

  AP also uses CAPWAP.  you should only allow capwap connection from internal controllers only on the fw.

• Access Points at branch and WLC located at Head Quarters

  Guys,
  Please excuse these entry-level questions, but we are just starting here with Cisco wireless technologies.... Can we deploy, let's say 8 3600 APs in one branch and have the WLC deployed at another branch? Could this be possible?
  thank you in advance                  

  Guys, thank you very much for the input so far.
  You are always not one, but many steps ahead from a novice
  George Stefanick, yes, we have IPSec site-to-site tunnels with all the branches from the main site. Is via the vpn tunnels where FlexConnect limitations come to play?  What exactly are the limitations of FlexConnect that I need to be aware of??/
  As you can see, we have many branches all over the states and also overseas. The initial thought was only to deploy APs where we have warehouses (we really have over 20 branches - and growing - but only 5 of them have warehouses...) So, as I look deeper into cisco WiFi technologies, I can really see all these good features that we can certainly use. So with these features, I think it might make more sense, like rasikanayanajith advised, to really keep the WLC at the main site and deploy the APs at the warehouse with the FlexConnect feature.
  This way, all the executives, as they travel to all the 5 warehouses, will only need to be concerned with one single set of credentials (their AD credentials), is this correct????  as I assume we can setup Radius Authentication for the clients to login via the WiFi.
  please advise and thank you again

• Cisco WLC 2125 and AIR-LAP1252AG-A-K9 access points

  We are running into a little issue here and looking for some help. We have the Controller configured and it appears to be working properly the issue we are running into is that we can only get the above mentioned access points to only join the controller if they are plugged directly into the controller. I would assume that we should be able to plug these access points into any of our switches and they should be able to join the controller correct? Obviously there has to be a configuration issue somewhere and am hoping someone can point us in the right direction.

  WAP to Switch - Access port
  WLC to Switch - dot1Q trunk on the switch and tagged on the WLC side

• L3 connections between Access points and WLC

  hi,
  we have a customer asking us to configure wireless system as per attached drawing.
   WLC is in Data Center which is connected to Data Center Switch ( Cisco 3850), then this DC-Switch is connected to DC-Core ( Cisco Nexus-7K).
  this Nexus-7K is connected to many campus Networks. in all campuses there is Cisco 4507 Campus Core which is connected to Nexus-7K.
  then from Campus core many distribution switches are connected.
  all Vlans for data and wifi is created in Distribution Switches. Distribution Switches are VTP Servers and many access switches with connected APs are connected back to this Distribution Switch.
  All Access Points are registered at WLC in Data Center, but wifi clients are not getting ip address from DHCP Server, as well as even if we configured static ip address at wifi clients they are not able to communicate correctly.
  please correct me if there is a mistake in this design , or we have a solution to solve this problem please let me know.
  attached topology diagram 
  thanks,
  anvar

  Hey Anvar,
  Too much details about network, to make it simple:
  1- APs and WLC can be in separate VLANs (Not a problem)
  2- As APs have joined, these two VLANs look fine for me
  If your clients can't communicate probably with static IP address
  1- From the WLC, ping default gateway for that VLAN
  2- If the WLC can reach the gateway, its wired VLAN issue that you need to investigate in the path (maybe using wired device in the same VLAN as the clients in the switch where the APs are connected)
  Now, about why the clients are not taking IP:
  1- What is your DHCP, where its located? Is it the same one for all clients?
  2- Do you have local APs or FlexConnect ?
  3- When you run the debugs for DHCP where the process breaks?
  Cheers,
  Nour

• Access Points Joining

                     Dear sir/ma,
  I have bought a wireless LAN controller and access points of 10 qty
  Item Name
  Quantity
  AIR-CT5508-12-K9
  1
  CON-SNT-CT0812
  1
  LIC-CT5508-12
  1
  LIC-CT5508-BASE
  1
  PI-MSE-PRMO-INSRT
  1
  AIR-PWR-5500-AC
  1
  SWC5500K9-72
  1
  AIR-PWR-CORD-UK
  2
  AIR-CAP2602I-E-K9
  10
  CON-SNT-C262IE
  10
  SWLAP2600-MESH-K9
  10
  AIR-AP-BRACKET-1
  10
  AIR-AP-T-RAIL-R
  10
  but the access points are not joining the controller. please what could be the cause of this?
  please find the attached file for the configuration output.
  br
  kuku

  Hi,
  For the Mesh APs, you must enter the MAC address in the MAC filter which is found in
  Security > AAA > MAC Filtering. Note that Outdoor Mesh APs, the MAC address is the BVI mac address, for Indoor Mesh, it is the Ethernet MAC address.
  Also, if you're using DNS for controller discovery, create a pointer record in your DNS with the following:
  CISCO-CAPWAP-CONTROLLER.domainname - IP address of WLC

• AP not joining WLC 2504

  Hi all
  my customer has a 2504 WLC, and has problems to join APs (There are no aps joined to the controller at this moment).
  What are the Bold lines tell me?
  in the debug I see the following:
  *spamApTask0: Oct 10 09:20:06.019: 58:f3:9c:78:d1:10 Discovery Request from 10.37.24.116:41508
  *spamApTask0: Oct 10 09:20:06.019: 58:f3:9c:78:d1:10 ApModel: AIR-CAP3702I-N-K9
  *spamApTask0: Oct 10 09:20:06.019: 58:f3:9c:78:d1:10 Join Priority Processing status = 0, Incoming Ap's Priority 4, MaxLrads = 50, 0
  *spamApTask0: Oct 10 09:20:06.019: apModel: AIR-CAP3702I-N-K9
  *spamApTask0: Oct 10 09:20:06.020: apType = 38 apModel: AIR-CAP3702I-N-K9
  *spamApTask0: Oct 10 09:20:06.020: Unknown AP type. Using Controller Version!!!
  *spamApTask0: Oct 10 09:20:06.020: 58:f3:9c:78:d1:10 Discovery Response sent to 10.37.24.116 port 41508
  *spamApTask0: Oct 10 09:20:06.020: 58:f3:9c:78:d1:10 Discovery Response sent to 10.37.24.116:41508
  *spamApTask0: Oct 10 09:20:06.021: 58:f3:9c:78:d1:10 Discovery Request from 10.37.24.116:41508
  *spamApTask0: Oct 10 09:20:06.021: 58:f3:9c:78:d1:10 ApModel: AIR-CAP3702I-N-K9
  *spamApTask0: Oct 10 09:20:06.021: 58:f3:9c:78:d1:10 Join Priority Processing status = 0, Incoming Ap's Priority 4, MaxLrads = 50, 0
  *spamApTask0: Oct 10 09:20:06.021: apModel: AIR-CAP3702I-N-K9
  *spamApTask0: Oct 10 09:20:06.021: apType = 38 apModel: AIR-CAP3702I-N-K9
  *spamApTask0: Oct 10 09:20:06.021: Unknown AP type. Using Controller Version!!!
  *spamApTask0: Oct 10 09:20:06.021: 58:f3:9c:78:d1:10 Discovery Response sent to 10.37.24.116 port 41508
  *spamApTask0: Oct 10 09:20:06.021: 58:f3:9c:78:d1:10 Discovery Response sent to 10.37.24.116:41508
  *spamApTask0: Oct 10 09:20:16.031: 58:f3:9c:7a:22:30 DTLS connection not found, creating new connection for 10:37:24:116 (41508) 10)
  *spamApTask0: Oct 10 09:20:16.498: acDtlsPlumbControlPlaneKeys: lrad:10.37.24.116(41508) mwar:10.37.24.11(5246)
  *spamApTask0: Oct 10 09:20:16.498: 58:f3:9c:7a:22:30 Allocated index from main list, Index: 55
  *spamApTask0: Oct 10 09:20:16.498: 58:f3:9c:7a:22:30 Using CipherSuite AES128-SHA
  *spamApTask0: Oct 10 09:20:16.499: 58:f3:9c:7a:22:30 DTLS keys for Control Plane are plumbed successfully for AP 10.37.24.116. Inde6
  *spamApTask1: Oct 10 09:20:16.499: 58:f3:9c:7a:22:30 DTLS Session established server (10.37.24.11:5246), client (10.37.24.116:41508)
  *spamApTask1: Oct 10 09:20:16.499: 58:f3:9c:7a:22:30 Starting wait join timer for AP: 10.37.24.116:41508
  *spamApTask0: Oct 10 09:20:16.517: 58:f3:9c:78:d1:10 Join Request from 10.37.24.116:41508
  *spamApTask0: Oct 10 09:20:16.517: 58:f3:9c:7a:22:30 Deleting AP entry 10.37.24.116:41508 from temporary database.
  *spamApTask0: Oct 10 09:20:16.518: 58:f3:9c:7a:22:30 spamProcessJoinRequest : RAP, Check MAC filter
  *spamApTask0: Oct 10 09:20:16.518: 58:f3:9c:78:d1:10 In AAA state 'Idle' for AP 58:f3:9c:78:d1:10
  *spamApTask0: Oct 10 09:20:16.518: 58:f3:9c:7a:22:30 Mesh AP username 58f39c7a2230.
  *spamApTask0: Oct 10 09:20:16.518: 58:f3:9c:78:d1:10 Join Request failed!
  *spamApTask0: Oct 10 09:20:16.518: 58:f3:9c:78:d1:10 State machine handler: Failed to process  msg type = 3 state = 0 from 10.37.248
  *spamApTask0: Oct 10 09:20:16.518: 58:f3:9c:7a:22:30 Failed to parse CAPWAP packet from 10.37.24.116:41508
  *spamApTask0: Oct 10 09:20:16.519: XóxÑ
  *spamApTask0: Oct 10 09:20:16.519: 58:f3:9c:78:d1:10 Finding DTLS connection to delete for AP (10:37:24:116/41508)
  *spamApTask0: Oct 10 09:20:16.519: 58:f3:9c:78:d1:10 Disconnecting DTLS Capwap-Ctrl session 0x179437d8 for AP (10:37:24:116/41508)
  *spamApTask0: Oct 10 09:20:16.519: 58:f3:9c:78:d1:10 CAPWAP State: Dtls tear down
  *spamApTask0: Oct 10 09:20:16.520: acDtlsPlumbControlPlaneKeys: lrad:10.37.24.116(41508) mwar:10.37.24.11(5246)
  *spamApTask0: Oct 10 09:20:16.520: 58:f3:9c:78:d1:10 DTLS keys for Control Plane deleted successfully for AP 10.37.24.116
  *spamApTask0: Oct 10 09:20:16.526: 58:f3:9c:78:d1:10 DTLS connection closed event receivedserver (10.37.24.11/5246) client (10.37.2)
  *spamApTask0: Oct 10 09:20:16.526: 58:f3:9c:78:d1:10

  Hi all, the AP was in Mesh (Bridge) mode and could not connect to the controller
  Ok, how to find out that a AP is in bridge mode, without a join (No Access to the AP).
  go to monitor > statistics > AP Join
  you will see the AP here that tries to connect (clear the list before)
  if the ethernet MAC Address is the same as the Base radio MAC, than the AP is in bridge mode.
  normally ( in local mode) the Ethernet MAC Address reflects the APname
  To allow the AP to join, add in the Authorization list the APName mac Address!
  See: http://supertekboy.com/2014/01/13/cisco-lightweight-access-point-will-not-join-to-a-wireless-lan-controller/
  The case is solved now.

• Create a point to point link with a wlc 4402

  Hi to all,
  i have a wlc 4402 and i need to configure a point to point link with two air-lap1310g-e-k9, i have found on cisco.com this link:
  http://www.cisco.com/en/US/products/ps6366/products_configuration_example09186a00808e9c1b.shtml#zero
  but on the wlc configuration page i cannot found some configuration step.
  Someone have configured this type of behaviour or can give me some hints?!
  How can i configure on the wlc the parameter about the bridges configuration?! Or i must configure the bridges overriding the global configuration?!
  Thanks and best regards,
  Carlo Sagratella.

  The correct thing to do would be to downgrade the 1310's to autonomous (or 1242's) and set up a root bridge and non-root bridge.
  Alternately however, if you REALLY wanted one of the points to be LWAPP, in theory you could always make one of the Access Points Autonomous and join it as a workgroup bridge to the LWAPP AP. However, there really is no reason to do that since it would be cleaner to convert both to autonomous.

• Rogue Access Points

  Hi everybody,
  I have a question about Rogue Access Points.
  We have a Wlan controller (2504) and it sees rogue access points.
  I know there are some tools, if you tell it that it's a bad rogue access point, it starting to kick people of that access point. Just to be sure that no one is on that access point that can join your network for some reason.
  But with the Cisco 2504 i have some options. As you all will know.
  But i wonder what happens if i set it to malicious. I know what friendly means. I don't want that i screw up that access point of our neighbours. But now it stays there in the rogue list. I tell it's friendly and thats oke but i wonder what happens if i tell the controller that it's malicious and then i say contain.
  I get a warning message from the controller about some legal things etcetc. so i cancelled it.
  Can anyone tell me? :-)
  Thanks!
  Henk Feenstra

  No problem... So if someone contained one of my AP's, I would see it in the log and would know what AP is doing the containing.... Then I would have to walk over to the company and politely asked then to stop:)   This is what you would see:
  1
  Thu Feb 21 18:49:05 2013
  Warning: Our AP with Base Radio MAC f4:ea:67:0e:6f:80 is under attack (contained) by another AP on radio type 802.11b/g
  This is what you will see in the syslog:
  *spamApTask1: Feb 21 18:49:05.141: #LWAPP-1-AP_CONTAINED: spam_lrad.c:33698 AP AIR-CAP3602E-A-K9-MAP is being contained on slot 0
  Thanks,
  Scott
  Help out other by using the rating system and marking answered questions as "Answered"