APs joined wrong Controller...

Just plugged in 5 3602i APs and instead of joining the controller for this building they joing a controller for a different building. Not sure what to look for on the controllers or what to post...but why would this happen? How can I get them off the wrong controller and onto the right controller?
Thanks

Just to add.... Since you already have WLC's and AP's that are up, most likely you also have option 43 or DNS configured which is pointing to that WLC that these new AP's are joining. Like Raskia mentioned, if you change the high availability, the AP should join that WLC you pointed to. The hostname is case sensitive!!!! If the AP fails to join the WLC, then maybe the WLC time is off or something is blocking udp 5246 and udp 5247.
The best thing you can do is put the AP on the same vlan as the WLC management, the AP needs to get a dhcp address or you need to configure a static address, but if the AP is on the same vlan, it should find the WLC and join using layer 2 broadcast. Once the AP joins, you can move that AP to another vlan since the AP already knows of the WLC.
Thanks,
Scott
Help out other by using the rating system and marking answered questions as "Answered"

Similar Messages

APs join the wrong controller

When I set up access points , for some reason some of them want to join the wrong controller. I have set the dhcpd option 43 as well as have the dns name in our server. We are running the 4.0.179.11 version of the software. Also, two access points that were on the correct switch, are now on the wrong one. Anyone have any ideas what I am missing?
Thanks in advance.
konrad

Hi Konrad,
Have a look at the methods the AP uses to determine which of the WLC's to register to;
WLCs embed this important information in the LWAPP discovery response:
The controller sysName
The controller type
The controller AP capacity and its current AP load
The Master Controller flag
An AP-manager IP address
The LAP uses this information to make a controller selection, with use of these precedence rules:
If the LAP has previously been configured with a primary, secondary, and/or tertiary controller, the LAP examines the controller sysName field (from the LWAPP discovery responses) in an attempt to find the WLC that is configured as primary. If the LAP finds a matching sysName for the primary controller, the LAP sends an LWAPP join request to that WLC. If the LAP cannot find its primary controller or if the LWAPP join fails, the LAP tries to match the secondary controller sysName to the LWAPP discovery responses. If the LAP finds a match, it then sends an LWAPP join to the secondary controller. If the secondary WLC cannot be found or the LWAPP join fails, the LAP repeats the process for its tertiary controller.
The LAP looks at the Master Controller flag field in the LWAPP discovery responses from the candidate WLCs if one of these items is true:
No primary, secondary, and/or tertiary controllers have been configured for an AP.
These controllers cannot be found in the candidate list.
The LWAPP joins to those controllers have failed.
If a WLC is configured as a Master Controller, the LAP selects that WLC and send it an LWAPP join request.
If the LAP cannot successfully join a WLC on the basis of the criteria in step 1 and step 2, the LAP attempts to join the WLC that has the greatest excess capacity.
From this good doc;
http://www.cisco.com/en/US/tech/tk722/tk809/technologies_tech_note09186a00806c9e51.shtml
Hope this helps!
Rob

APs randomly will not join the controller

Hi all,
In short, APs will join the controller immediately using the recovery image, but once it downloads 7.6.100 and reboots, it either cannot join the controller or will take up to 40 minutes.
The AP is in local mode. The AP 1040 eventually joined the controller, 40 minutes after we deleted all the files off the flash which is unacceptable.
*Apr 9 15:38:15.842: %CAPWAP-5-SENDJOIN: sending Join Request to 10.10.10.10
*Apr 9 15:38:15.851: %CAPWAP-3-ERRORLOG: Invalid event 10 & state 5 combination.
*Apr 9 15:38:15.851: %CAPWAP-3-ERRORLOG: CAPWAP SM handler: Failed to process message type 10 state 5.
*Apr 9 15:38:15.851: %CAPWAP-3-ERRORLOG: Failed to handle capwap control message from controller
*Apr 9 15:38:15.851: %CAPWAP-3-ERRORLOG: Failed to process encrypted capwap packet from 10.10.10.10
*Apr 9 15:38:16.304: %LINK-6-UPDOWN: Interface Dot11Radio0, changed state to down
*Apr 9 15:38:16.362: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to reset
*Apr 9 15:38:16.427: %CAPWAP-5-JOINEDCONTROLLER: AP has joined controller CONTROLLER-DC
I also had our technician console into a 2602 and we were seeing exact same errors.
SUMMARY OF THIS CASE:
--AP is 1042 and wlc is on 7.6.100.0
--using dhcp option 43 but the AP has static ip
--checked the private config on the AP and it was not sending the discovery request to the desired WLC
--cleared the private config
--primed the AP to desired WLC
--AP sending join request but receiving the following errors:
Apr 4 14:37:47.000: CAPWAP-3-ERRORLOG Go join a capwap controller
*Apr 4 14:36:47.000: CAPWAP-5-DTLSREQSEND DTLS connection request sent peer_ip: 10.10.10.11 peer_port: 5246
*Apr 4 14:36:47.169: DTLS_CLIENT_ERROR: ../capwap/base_capwap/dtls/base_capwap_dtls_handshake.c:90 First fragment for seq 2 is missing
*Apr 4 14:37:17.205: DTLS_CLIENT_ERROR: ../capwap/base_capwap/dtls/base_capwap_dtls_connection_db.c:2176 Max retransmission count reached!
--cleared the flash except rcv
--ap started downloading the image from the wlc but once it reboots the same errors appear again
--research made on the error message and apparently we are hitting a bug:
https://tools.cisco.com/bugsearch/bug/CSCul08933/?reffering_site=dumpcr

Hi Leo,
Next the information, I omitted some serial number and descriptions due to confidentiality matters.
(Cisco Controller) >show sysinfo
Manufacturer's Name.............................. Cisco Systems Inc.
Product Name..................................... Cisco Controller Product Version.................................. 7.6.100.0 Bootloader Version............................... 1.0.1 Field Recovery Image Version..................... 6.0.182.0 Firmware Version................................. FPGA 1.3, Env 1.6, USB console 1.27 Build Type....................................... DATA + WPS
System Name...................................... ABCDEF System Location..................................
System Contact...................................
System ObjectID.................................. 1.3.6.1.4.1.9.1.1069 Redundancy Mode.................................. Disabled IP Address....................................... XXXXXXX Last Reset....................................... Software reset System Up Time................................... 32 days 14 hrs 1 mins 41 secs System Timezone Location......................... (GMT -5:00) Eastern Time (US and Canada) System Stats Realtime Interval................... 5 System Stats Normal Interval..................... 180
Configured Country............................... CA - Canada Operating Environment............................ Commercial (0 to 40 C)
Internal Temp Alarm Limits....................... 0 to 65 C Internal Temperature............................. +40 C External Temperature............................. +21 C Fan Status....................................... OK
State of 802.11b Network......................... Enabled State of 802.11a Network......................... Enabled Number of WLANs.................................. 5 Number of Active Clients......................... 2215
Burned-in MAC Address............................ F0:F7:55:2B:4A:80 Power Supply 1................................... Present, OK Power Supply 2................................... Absent Maximum number of APs supported.................. 500
(Cisco Controller) >show time
Time............................................. Mon Apr 14 08:40:08 2014
Timezone delta................................... 0:0 Timezone location................................ (GMT -5:00) Eastern Time (US and Canada)
NTP Servers
    NTP Polling Interval.........................     36000
Index     NTP Key Index                  NTP Server                  NTP Msg Auth Status
       1             0                                              A.B.C.D                        AUTH DISABLED
AP>sh ver
Cisco IOS Software, C3500 Software (AP3G1-K9W8-M), Version 15.2(4)JB3, RELEASE SOFTWARE (fc1) Technical Support: http://www.cisco.com/techsupport Copyright (c) 1986-2013 by Cisco Systems, Inc.
Compiled Wed 18-Dec-13 21:36 by prod_rel_team
ROM: Bootstrap program is C3500 boot loader
BOOTLDR: C3500 Boot Loader (AP3G1-BOOT-M), Version 15.2 [chayan-apn-0411 116]
AP uptime is 2 days, 17 hours, 15 minutes System returned to ROM by reload System image file is "flash:/ap3g1-k9w8-mx.152-4.JB3/ap3g1-k9w8-xx.152-4.JB3"
Last reload reason:
cisco AIR-CAP3502I-A-K9 (PowerPC460exr) processor (revision A0) with 98294K/32768K bytes of memory.
Processor board ID XXXXXXXX
PowerPC460exr CPU at 666Mhz, revision number 0x18A8 Last reset from reload LWAPP image version 7.6.100.0
1 Gigabit Ethernet interface
2 802.11 Radios
32K bytes of flash-simulated non-volatile configuration memory.
Base ethernet MAC Address: 70:81:05:9E:F7:36
Part Number                          : 73-12175-05
PCA Assembly Number                  : 800-32268-05
PCA Revision Number                  : A0
PCB Serial Number                    : XXXXXXX
Top Assembly Part Number             : 800-32891-01
Top Assembly Serial Number           : FGL1534S7LP
Top Revision Number                  : A0
Product/Model Number                 : AIR-CAP3502I-A-K9
Configuration register is 0xF
AP>sh ip int br
Interface                  IP-Address      OK? Method Status                Protocol
BVI1 X.Y.W.Z YES TFTP   up                    up
Dot11Radio0                unassigned      NO unset up                    up
Dot11Radio1                unassigned      NO unset up                    up
GigabitEthernet0           unassigned      NO unset up                    up
GigabitEthernet0.1         unassigned      YES unset up                    up
AP>sh inventory
NAME: "AP3500", DESCR: "Cisco Aironet 3500 Series (IEEE 802.11n) Access Point"
PID: AIR-CAP3502I-A-K9 , VID: V01, SN: XXXXXXX

AP name is not consistent in APs Join Stats.

hi all,
i have strange issue in my controller (WISM2) AP name is not consistent in APs Join Stats page while the naming is consistent in Wireless status page.as shown below.

Thanks,
The problem solved after i cleared the access point from join AP stats. then restart it after that will join with normal name.

How do i ensure the new access point is joined the controller or not

How do i ensure the new access point is joined the controller or not

To Verifying that Access Points Join the Controller or not there are two ways as below.
Please go through the step by step to find the APs joined state
When replacing a controller, you need to make sure that access points join the new controller.
Using the GUI to Verify that Access Points Join the Controller
Follow these steps to ensure that access points join the new controller.
Step 1 Follow these steps to configure the new controller as a master controller.
a. Click Controller > Advanced > Master Controller Mode to open the Master Controller Configuration page.
b. Check the Master Controller Mode check box.
c. Click Apply to commit your changes.
d. Click Save Configuration to save your changes.
Step 2 (Optional) Flush the ARP and MAC address tables within the network infrastructure. Ask your network administrator for more information about this step.
Step 3 Restart the access points.
Step 4 Once all the access points have joined the new controller, configure the controller not to be a master controller by unchecking the Master Controller Mode check box on the Master Controller Configuration page.
Using the CLI to Verify that Access Points Join the Controller
Follow these steps to ensure that access points join the new controller.
Step 1 To configure the new controller as a master controller, enter this command:
config network master-base enable
Step 2 (Optional) Flush the ARP and MAC address tables within the network infrastructure. Ask your network administrator for more information about this step.
Step 3 Restart the access points.

How to filter AP to join a controller?

Dear all,
I've been trying to filter AP from joining the controller using the AP Policies (Security>Ap policies) but it's seems I've missed something cuz it's not working.
I've got 2 APs, that register with my controller. To check filtering, I've entered the mac of the first AP in the AP policies, apply and then reloaded both AP.
I was expecting to see only the first AP to join but both joined the controller.
Is there any further configuration reqired to apply the filtering?
Cheers
Alex

Hi,
I would like the first AP to join the controller and the second AP not to be able to join the controller.
This is to secure an environement where only APs from a list ( macaddresses) could register to the controler.
(Cisco Controller) >show sysinfo
Manufacturer's Name.............................. Cisco Systems Inc.
Product Name..................................... Cisco Controller
Product Version.................................. 7.0.116.0
Bootloader Version............................... 1.0.1
Field Recovery Image Version..................... 6.0.182.0
Firmware Version................................. FPGA 1.3, Env 1.6, USB console 1.27
Build Type....................................... DATA + WPS
System Name...................................... 5508-2
System Location..................................
System Contact...................................
System ObjectID.................................. 1.3.6.1.4.1.9.1.1069
IP Address....................................... 10.20.1.10
Last Reset....................................... Software reset
System Up Time................................... 3 days 17 hrs 12 mins 27 secs
System Timezone Location.........................
Current Boot License Level....................... base
Current Boot License Type........................ Permanent
Next Boot License Level.......................... base
Next Boot License Type........................... Permanent
Configured Country............................... DE - Germany
Operating Environment............................ Commercial (0 to 40 C)
Internal Temp Alarm Limits....................... 0 to 65 C
Internal Temperature............................. +30 C
External Temperature............................. +14 C
Fan Status....................................... 1 fan stopped, 3 fans OK
State of 802.11b Network......................... Enabled
State of 802.11a Network......................... Enabled
Number of WLANs.................................. 5
Number of Active Clients......................... 0
Burned-in MAC Address............................ CC:EF:48:B3:37:00
Power Supply 1................................... Present, OK
Power Supply 2................................... Absent
Maximum number of APs supported.................. 12
AP1#sh inventory
NAME: "AP1140", DESCR: "Cisco Aironet 1140 Series (IEEE 802.11n) Access Point"
PID: AIR-AP1142N-E-K9 , VID: V05, SN: FCZ1546W4E5

Only 47 APs join to WLC-4402-50

Why only 47 APs join to the controller 4402-50, the debug capwap errors enable show this:
(Cisco Controller) >
*Sep 07 11:52:33.700: 00:3a:98:f0:f0:f0 Join Priority Processing status = 0, Incoming Ap's Priority 1, MaxLrads = 50, joined Aps =47
*Sep 07 11:52:46.100: 00:3a:98:f0:f0:f0 Join resp: Unable to encode CAPWAP Control IPV4 Address
*Sep 07 11:52:46.100: 00:3a:98:f0:f0:f0 Failed to encode Join response to 192.168.15.10:10738
*Sep 07 11:52:46.101: 00:3a:98:f0:f0:f0 Config Response Failure: Unable to send Join response to 192.168.15.10:10738
*Sep 07 11:52:46.103: 00:3a:98:f0:f0:f0 State machine handler: Failed to process msg type = 3 state = 0 from 192.168.15.10:10738
*Sep 07 11:52:46.103: 00:3a:98:f0:f0:f0 Failed to parse CAPWAP packet from 192.168.15.10:10738
*Sep 07 11:52:46.105: 00:3a:98:f0:f0:f0 Discarding non-ClientHello Handshake OR DTLS encrypted packet from 192.168.15.10:10738)since DTLS session is not established
Can anybody help me with this? When I disconect another AP the AP join succesfully and when i connect the disconnected AP not join, alway only 47 join, doesn't matter what AP, the first 47 in arrive join to the controller.
Any idea?

The limit Stephen is discussing was put into place to eliminate over subscription of a single sfp port utilizing only one AP manager interface. Enabling LAG equally distributes the traffic out one IP address using BOTH sfp ports from the physical layer perspective. You can also achieve this by adding a second AP manager interface and tying it to the second physical port. You must do one of these two to enable support for the additional 2 APs. When creating a new interface for the AP manager2 make sure that you allow it to dynamically manage the APs. If not, you will still have the same problem.

Cisco LWAPP 2602e can't join the controller

i have a problem with a 2602e access point that he wouldn't join the controller (wlc 8510)
i gave him the image --> p3g2-k9w8-tar.152-2.JB.tar
we have a lot of capwap ap's but ive never had this problem before
*Jul 19 07:53:59.999: %DTLS-5-SEND_ALERT: Send FATAL : Close notify Alert to 10.45.29.101:5246
*Jul 19 07:54:00.059: %LWAPP-3-CLIENTERRORLOG: LWAPP LED Init: incorrect led state 255
*Jul 19 07:54:00.067: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to administratively down
*Jul 19 07:54:00.095: %LINK-6-UPDOWN: Interface Dot11Radio0, changed state to up
*Jul 19 07:54:01.067: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to down
*Jul 19 07:54:01.099: %LINK-6-UPDOWN: Interface Dot11Radio0, changed state to down
*Jul 19 07:54:01.107: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to reset
*Jul 19 07:54:02.127: %LINK-6-UPDOWN: Interface Dot11Radio0, changed state to up
*Jul 19 07:54:03.127: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to up
*Jul 19 07:54:10.095: %CAPWAP-3-ERRORLOG: Selected MWAR 'WLC041D1M120101'(index 0).
*Jul 19 07:54:10.095: %CAPWAP-3-ERRORLOG: Go join a capwap controller
*Jul 19 07:54:10.000: %CAPWAP-5-DTLSREQSEND: DTLS connection request sent peer_ip: 10.45.29.101 peer_port: 5246
*Jul 19 07:54:10.003: %LINK-6-UPDOWN: Interface Dot11Radio0, changed state to down
*Jul 19 07:54:10.187: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to reset
*Jul 19 07:54:10.199: %CAPWAP-5-DTLSREQSUCC: DTLS connection created sucessfully peer_ip: 10.45.29.101 peer_port: 5246
*Jul 19 07:54:10.199: %CAPWAP-5-SENDJOIN: sending Join Request to 10.45.29.101
*Jul 19 07:54:10.199: %CAPWAP-3-ERRORLOG: Invalid event 10 & state 5 combination.
*Jul 19 07:54:10.199: %CAPWAP-3-ERRORLOG: CAPWAP SM handler: Failed to process message type 10 state 5.
*Jul 19 07:54:11.003: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to down
*Jul 19 07:54:11.031: %LINK-6-UPDOWN: Interface Dot11Radio0, changed state to up
*Jul 19 07:54:11.039: %LINK-6-UPDOWN: Interface Dot11Radio0, changed state to down
*Jul 19 07:54:11.047: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to reset
*Jul 19 07:54:12.067: %LINK-6-UPDOWN: Interface Dot11Radio0, changed state to up
*Jul 19 07:54:13.067: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to up
*Jul 19 07:54:15.199: %CAPWAP-5-SENDJOIN: sending Join Request to 10.45.29.101
*Jul 19 07:54:15.203: %LINK-6-UPDOWN: Interface Dot11Radio0, changed state to down
*Jul 19 07:54:15.211: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to reset
*Jul 19 07:54:16.203: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to down
*Jul 19 07:54:16.231: %LINK-6-UPDOWN: Interface Dot11Radio0, changed state to up
*Jul 19 07:54:17.231: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to up
*Jul 19 07:55:00.155: %MESH-3-TIMER_EXPIRED: Mesh Lwapp join timer expired
*Jul 19 07:55:00.155: %MESH-3-TIMER_EXPIRED: Mesh Lwapp join failed expired
*Jul 19 07:55:00.155: %MESH-6-LINK_UPDOWN: Mesh station 4c4e.3563.a6bc link Down
*Jul 19 07:55:02.155: %LINK-6-UPDOWN: Interface BVI1, changed state to down
*Jul 19 07:55:07.655: %LINEPROTO-5-UPDOWN: Line protocol on Interface BVI1, changed state to down
*Jul 19 07:55:09.999: %DTLS-5-SEND_ALERT: Send FATAL : Close notify Alert to 10.45.29.101:5246
*Jul 19 07:55:13.071: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to administratively down
*Jul 19 07:55:13.087: %LINK-6-UPDOWN: Interface Dot11Radio0, changed state to up
*Jul 19 07:55:14.071: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to down
*Jul 19 07:55:14.111: %LINK-6-UPDOWN: Interface Dot11Radio0, changed state to down
*Jul 19 07:55:14.119: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to reset
*Jul 19 07:55:15.139: %LINK-6-UPDOWN: Interface Dot11Radio0, changed state to up
*Jul 19 07:55:16.139: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to up
*Jul 19 07:55:23.091: %LINK-6-UPDOWN: Interface Dot11Radio0, changed state to down
*Jul 19 07:55:23.099: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to reset
*Jul 19 07:55:24.091: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to down
*Jul 19 07:55:24.119: %LINK-6-UPDOWN: Interface Dot11Radio0, changed state to up
*Jul 19 07:55:25.119: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to up
*Jul 19 07:55:33.091: %LINK-6-UPDOWN: Interface Dot11Radio0, changed state to down
*Jul 19 07:55:33.099: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to reset
*Jul 19 07:55:34.091: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to down
*Jul 19 07:55:34.119: %LINK-6-UPDOWN: Interface Dot11Radio0, changed state to up
*Jul 19 07:55:35.119: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to up
*Jul 19 07:55:40.539: %MESH-6-CAPWAP_RESTART: Mesh Capwap re-started
*Jul 19 07:55:42.539: %LINK-6-UPDOWN: Interface BVI1, changed state to up
*Jul 19 07:55:43.087: %CAPWAP-3-ERRORLOG: Invalid event 29 & state 4 combination.
*Jul 19 07:55:43.087: %CAPWAP-3-ERRORLOG: SM handler: Failed to process timer message. Event 29, state 4
*Jul 19 07:55:43.087: %CAPWAP-3-ERRORLOG: Failed to handle timer message.
*Jul 19 07:55:43.087: %CAPWAP-3-ERRORLOG: Failed to process timer message.
*Jul 19 07:55:43.539: %LINEPROTO-5-UPDOWN: Line protocol on Interface BVI1, changed state to up
*Jul 19 07:55:45.607: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to administratively down
*Jul 19 07:55:46.607: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to down

One is mesh the other is non mesh. So changing the code or setting up the ap as mesh would fix your issue. Either could of been the wrong ap purchased or the wrong image placed on the ap. the thing now is that you have to put the ap in local mode and delete the mesh files in flash. This will prevent the ap from still thinking its mesh.
Sent from Cisco Technical Support iPhone App

LWAPP cannot join WLC2504 controller

Hello.
I have WLC5204 controller and AIR-CAP1602 access points.
I have the latest software version on the wlc.
I connect the wlc to a trunk port. i have internal dhcp server enabled in wlc.
when i connect the ap to access port same vlan as management interface vlan, the ap cannot join the controller.
the ap is assigned an ip address from the dhcp server but the following error logs are displayed:
did not get log server setting from dhcp
invalid event 10 and state 5 combination
failed to process message type 10 state 5
failed to handle capwap control message form controller
failed to process encrypted capwap packet from 192.168.1.10
I would really appreciate your help in this matter.
Regards.

1. WLC sh sysinfo
Manufacturer's Name.............................. Cisco Systems Inc.
Product Name..................................... Cisco Controller
Product Version.................................. 7.6.130.0
Bootloader Version............................... 1.0.20
Field Recovery Image Version..................... 7.6.101.1
Firmware Version................................. PIC 16.0
Build Type....................................... DATA + WPS
System Name...................................... GDNE test
System Location..................................
System Contact...................................
System ObjectID.................................. 1.3.6.1.4.1.9.1.1279
IP Address....................................... 20.20.20.10
Last Reset....................................... Power on reset
System Up Time................................... 0 days 0 hrs 38 mins 46 secs
System Timezone Location......................... (GMT +2:00) Jerusalem
System Stats Realtime Interval................... 5
System Stats Normal Interval..................... 180
--More-- or (q)uit
Configured Country............................... US - United States
Operating Environment............................ Commercial (0 to 40 C)
Internal Temp Alarm Limits....................... 0 to 65 C
Internal Temperature............................. +27 C
External Temperature............................. +31 C
Fan Status....................................... 3700 rpm
State of 802.11b Network......................... Enabled
State of 802.11a Network......................... Enabled
Number of WLANs.................................. 1
Number of Active Clients......................... 0
Burned-in MAC Address............................ 1C:DE:A7:06:A5:40
Maximum number of APs supported.................. 10
2. WLC sh time
Time............................................. Thu Dec 4 13:26:30 2014
Timezone delta................................... 0:0
Timezone location................................ (GMT +2:00) Jerusalem
NTP Servers
NTP Polling Interval......................... 86400
Index NTP Key Index NTP Server NTP Msg Auth Status
1 0 AUTH DISABLED
3. AP show version
Cisco IOS Software, C1600 Software (AP1G2-K9W8-M), Version 15.2(4)JB6, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2014 by Cisco Systems, Inc.
Compiled Fri 22-Aug-14 10:56 by prod_rel_team
ROM: Bootstrap program is C1600 boot loader
BOOTLDR: C1600 Boot Loader (AP1G2-BOOT-M) LoaderVersion 15.2(2)JAX, RELEASE SOFTWARE (fc1)
AP7c0e.ce85.5e74 uptime is 1 minute
System returned to ROM by power-on
System image file is "flash:/ap1g2-k9w8-mx.152-4.JB6/ap1g2-k9w8-mx.152-4.JB6"
Last reload reason:
This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.
A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html
If you require further assistance please contact us by sending email to
[email protected].
cisco AIR-CAP1602I-E-K9 (PowerPC) processor (revision B0) with 229366K/32768K bytes of memory.
Processor board ID FGL1833X71G
PowerPC CPU at 533MHz, revision number 0x2151
Last reset from power-on
LWAPP image version 7.6.130.0
1 Gigabit Ethernet interface
2 802.11 Radios
32K bytes of flash-simulated non-volatile configuration memory.
Base ethernet MAC Address: 7C:0E:CE:85:5E:74
Part Number : 73-14671-04
PCA Assembly Number : 000-00000-00
PCA Revision Number :
PCB Serial Number : FOC1832800C
Top Assembly Part Number : 800-38552-01
Top Assembly Serial Number : FGL1833X71G
Top Revision Number : A0
Product/Model Number : AIR-CAP1602I-E-K9
Configuration register is 0xF
4. AP show ip interface brief
Interface IP-Address OK? Method Status Protocol
BVI1 20.20.20.101 YES DHCP up up
Dot11Radio0 unassigned NO unset up up
Dot11Radio1 unassigned NO unset up up
GigabitEthernet0 unassigned NO unset up up
GigabitEthernet0.1 unassigned YES unset up up

LWAPP 1231 does not join the controller

I have LWAPP AIR-AP1231G-A-K9 that was moved from one site to the other one. It has now a different IP address taken from DHCP and its former controller does not exist any more.
I am trying to join it to the same kind of controller which is AIR-WLC4402-12-K9 with 7.0.98.0.
However the AP cannot join the controller, first I got these on the controller
0 Wed Jul 3 14:12:56 2013 AAA Authentication Failure for UserName:0014694b3ab2 User Type: WLAN USER
1 Wed Jul 3 14:12:56 2013 Failed to authorize AP with Base Radio MAC 00:14:69:4b:3a:b2. Authorization entry does not exist in Controller's AP Authorization List.
I added the MAC address of the AP into MAC filtering, and now getting these
AAA Authentication Failure for UserName:0014694b3ab2 User Type: WLAN USER
I am reading several discussions, but they seem to be related to mesh OS mismatch.
My AP is for sure not with mesh OS as it was connected to the controller before the move.
System image file is "flash:/c1200-k9w8-mx.124-23c.JA/c1200-k9w8-mx.124-23c.JA"
#sh capwap client config
swVer 7.0.98.0
Does anyone know what to do to get the AP joined to the controller ?
I had another AP where I tried to reset the LWAPP config - clear lwapp private-config, but this did not help and this AP is now constantly rebooting without allowing me to login. It looks like the only way how to wake it up would be to convert to autonomous and then back to LWAPP which is something I cannot do as I am too far from it.
Thanks,
Vlad

Hello George,
Many thanks. I have not converted the AP from autonomous to lwapp, it has been lwapp since the very beginning. We just moved this AP from one site where it was successfully joined the controller as lwapp to other site where I am trying to join the same kind of controller with the same OS, same general settings but different IPs.
I do not understand what could happen to the AP as for sure it was just shipped and not touched IT wise.
Anyway, I will try the excersise described in the link above.
Thanks,
Vlad

Accesspoint not joining correct controller

Hi,
I am trying to setup a 2504 Wireless Controller with a few AIR-AP1262N-E-K9 Access Points. But i'm having trouble getting the access points to connect to the controller.
The controller and AP's are setup at a local network at one of my customers. They are part of a quite large organization and are therefore connected to some of their other divisions in different contries via MPLS. The DHCP and DNS servers are therefore on a different subnet.
I have confirmed that the Access Points do get a correct IP from the DHCP server and that i am able to ping from the controller to the AP. When looking at the controller it does not receive any join requests from the AP's.
I have setup a console connection to the controller and 1 AP, so i can view debug information.
Most guides mention that you can run different LWAPP commands from the CLI on the AP like show lwapp for example. But i am not able to run any of these LWAPP commands on my AP.
I was hinted that this could be due to the fact that the AP was actually connected to a controller. Is there any way to confirm this from the CLI on the AP? I have run the following command: ap#show controller which gave the following output:
interface Dot11Radio0
Radio Dortmunder 2.4
I was wondering if this could actually mean that the AP had joined another controller?
When looking at the LED it is constant green which should mean that it up and running, but no clients is associated to it yet.
Any ideas would be greatly appreciated.

ap#show version
Cisco IOS Software, C1260 Software (AP3G1-K9W7-M), Version 12.4(25d)JA1, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2011 by Cisco Systems, Inc.
Compiled Thu 11-Aug-11 02:07 by prod_rel_team
ROM: Bootstrap program is C1260 boot loader
BOOTLDR: C1260 Boot Loader (AP3G1-BOOT-M) Version 12.4(23c)JA5, RELEASE SOFTWARE (fc1)
ap uptime is 1 hour, 34 minutes
System returned to ROM by reload
System image file is "flash:/ap3g1-k9w7-mx.124-25d.JA1/ap3g1-k9w7-mx.124-25d.JA1"
This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.
A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html
If you require further assistance please contact us by sending email to
[email protected].
cisco AIR-AP1262N-E-K9     (PowerPC460exr) processor (revision A0) with 81910K/49152K bytes of memory.
Processor board ID FCZ1631Z058
PowerPC460exr CPU at 666Mhz, revision number 0x18A8
Last reset from reload
1 Gigabit Ethernet interface
2 802.11 Radio(s)
32K bytes of flash-simulated non-volatile configuration memory.
Base ethernet MAC Address: 30:F7:0D:13:02:C9
Part Number                          : 73-12175-06
PCA Assembly Number                  : 800-32268-06
PCA Revision Number                  : A0
PCB Serial Number                    : FOC16274Y8E
Top Assembly Part Number             : 800-33866-02
Top Assembly Serial Number           : FCZ1631Z058
Top Revision Number                  : A0
Product/Model Number                 : AIR-AP1262N-E-K9
Configuration register is 0xF

LAP not joining the controller

Gents
I have 1 AP out of ten not joining the controller. I connected the access point to the network and I checked its boot. the access point reaches LWAPP Discovery" and then give me console input. I hard reset the access point and I hard coded an IP address for the AP the AP joins the controller, but when I reset it to assign it to another controller it did not join again.
why the discovery process is not showing the DHCP option 43 configured and DNS for CISCO-LWAPP-CONTROLLER configured on the DNS. All the access point is operating normally except this one. it has many certificate inside, why a hard reset did not work to solve the problem?
Please advise
Thanks,

Does the LAP have a valid IP address?
Can the LAP ping the WLC managment IP address?
Console into the LAP and in enable mode, type the command "lwapp ap controller ".

AP1242 Not joining 4404 controller

Hi all
Can anyone please help, my 1242 access points will not join my controller, I have done a debug and can see the Access point sending a discovery request, then the controller says discovery request sent, but then nothing happens, any ideas what this could be? I can ping the AP fine.
cheers
Carl

There are a number of things that could cause the join request to not show up. If there are no other controllers that the AP could be sending its join request to check to make sure there isn't a duplicate IP with your AP manager interface. Next if you are running LAG make sure the port-channel load-balancing on the switch that the controller is connected to is set to src-dst-ip.

Limit APs associate to controller

Hi guys,
I have 10 Cisco 1000 series APs and 2 controllers in the same VLAN. How can I register 6 APs associate to controller 1, but the other 4 APs associate to the controller 2?
Thanks,
yytellmey

Hi yytellmey,
This is most possible. There are really 2 ways of doing this;
1. Dynamic Load Balanacing (also called the Salt and Pepper design)
2. Deterministic Redundancy with Primary, Secondary, and Tertiary WLCs
For what you have described you would want to use method number 2.Have a look;
Due to some of the characteristics of dynamic load balancing and redundancy, many customers choose to override the dynamic behavior of LWAPP by assigning access points to specific controllers to balance the load by assigning access points a primary, secondary, and/or tertiary controller. By doing this, WLC redundancy behavior is deterministic. Furthermore, it has an additional benefit that when an access point has a primary, secondary and/or tertiary WLC configured, the access point failover occurs more quickly.
Deterministic Redundancy with Primary, Secondary, and Tertiary WLCs
From this doc;
http://www.cisco.com/en/US/products/ps6366/prod_technical_reference09186a00806cfa96.html#wp1170102
Hope this helps!
Rob
Please remember to rate helpful posts........

LAP join the wrong controller

Hello everybody,
I have an issue with my LAP and my two WLC. I have one WLC in production and another one in test, and I want to associate the LAP with the one in test but I can't, and my LAP join the WLC in production with this messages on the LAP :
*May 13 13:17:07.999: %CAPWAP-3-ERRORLOG: Selected MWAR 'TESTWLC'(index 0).
*May 13 13:17:07.999: %CAPWAP-3-ERRORLOG: Go join a capwap controller
*May 13 13:16:03.000: %CAPWAP-5-DTLSREQSEND: DTLS connection request sent peer_ip: 172.30.117.10 peer_port: 5246
*May 13 13:16:03.036: %CAPWAP-3-ERRORLOG: Failed to authorize controller using trust config.
*May 13 13:16:03.036: %CAPWAP-1-SSC_CERT_AUTH_FAILED: Failed to authorize controller, SSC certificate validation failed.Peer certificate verification failed FFFFFFFF
*May 13 13:16:03.040: %CAPWAP-3-ERRORLOG: Certificate verification failed!
*May 13 13:16:03.040: DTLS_CLIENT_ERROR: ../capwap/base_capwap/capwap/base_capwap_wtp_dtls.c:447 Certificate verified failed!
*May 13 13:16:03.040: %DTLS-5-SEND_ALERT: Send FATAL : Bad certificate Alert to 172.30.117.10:5246
*May 13 13:16:03.041: %DTLS-5-SEND_ALERT: Send FATAL : Close notify Alert to 172.30.117.10:5246
*May 13 13:16:03.042: %CAPWAP-3-ERRORLOG: Invalid event 38 & state 3 combination.
I have disabled certificate checking, regulatory domain are the same between WLC and LAP, my LAP(1041), my WLC are updated with the good software version and the both WLC are "Virtual" WLC.
If you have any idea to resolve this problem, I will be happy to know it :)
Thanks

(Cisco Controller) >show sysinfo
Manufacturer's Name.............................. Cisco Systems Inc.
Product Name..................................... Cisco Controller
Product Version.................................. 7.6.110.0
RTOS Version..................................... 7.6.110.0
Bootloader Version............................... 7.6.110.0
Emergency Image Version.......................... 7.6.110.0
Build Type....................................... DATA + WPS
System Name...................................... TESTWLC
System Location..................................
System Contact...................................
System ObjectID.................................. 1.3.6.1.4.1.9.1.1631
IP Address....................................... 172.30.117.10
System Up Time................................... 1 days 15 hrs 40 mins 5 secs
System Timezone Location......................... (GMT +1:00) Amsterdam, Berlin, Rome, Vienna
System Stats Realtime Interval................... 5
System Stats Normal Interval..................... 180
Configured Country............................... LU - Luxembourg
State of 802.11b Network......................... Enabled
State of 802.11a Network......................... Enabled
Number of WLANs.................................. 1
Number of Active Clients......................... 0
Burned-in MAC Address............................ 00:50:56:94:0E:12
Maximum number of APs supported.................. 200
TESTLAP#sh version
Cisco IOS Software, C1600 Software (AP1G2-K9W8-M), Version 15.2(2)JB, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2012 by Cisco Systems, Inc.
Compiled Tue 11-Dec-12 04:45 by prod_rel_team
ROM: Bootstrap program is C1600 boot loader
BOOTLDR: C1600 Boot Loader (AP1G2-BOOT-M) LoaderVersion 15.2(2)JAX, RELEASE SOFTWARE (fc1)
TESTLAP uptime is 15 hours, 36 minutes
System returned to ROM by power-on
System image file is "flash:/ap1g2-k9w8-mx.152-2.JB/ap1g2-k9w8-mx.152-2.JB"
Last reload reason:
This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.
A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html
If you require further assistance please contact us by sending email to
[email protected].
cisco AIR-CAP1602I-E-K9    (PowerPC) processor (revision B0) with 98294K/32768K bytes of memory.
Processor board ID FGL1807S09R
PowerPC CPU at 533Mhz, revision number 0x2151
Last reset from power-on
LWAPP image version 7.4.100.0
1 Gigabit Ethernet interface
2 802.11 Radios
32K bytes of flash-simulated non-volatile configuration memory.
Base ethernet MAC Address: 18:E7:28:1A:3B:1B
Part Number                          : 73-14671-04
PCA Assembly Number                  : 000-00000-00
PCA Revision Number                  :
PCB Serial Number                    : FOC18045ZD1
Top Assembly Part Number             : 800-38552-01
Top Assembly Serial Number           : FGL1807S09R
Top Revision Number                  : A0
Product/Model Number                 : AIR-CAP1602I-E-K9
Configuration register is 0xF
As you can see, I use the LU country code, maybe it can be a mismatch between the WLC version and the LAP version?
Thanks.

APs joined wrong Controller...

Similar Messages

Maybe you are looking for