Cannot add WLC 5508 v7.6.120.0 into Prime Infrastructure 2.1
Hi everyone
Hope you can help us with this issue.
We already configure the WLC using this guide: http://mrncciew.com/2013/02/14/configuring-snmp-on-wlc/
snmp v2: enable
snmp v1: enable
default port values
community: incaenic with ip and mask 0.0.0.0 to allow access from any network or ip
traps receiver: community: incaenic ip: 10.100.100.15
when we try to discover the WLC with the PI it gave the error "SNMP Connectivity Fail"
WLC is on subnet 10.100.102.0/24 and PI in 10.100.100.0/24; there is a Catalyst 3850 between then with no access list on then.
Did someone can guide us with this?
Best Regards.
Alvaro Rugama
Hi,
Which version of SNMP are you using?
If you are using v1/v2 you should be using community string rather than local database credentials?
Regarding the service port what is the ip address assigned on the service port. From the configuration guide "Prime Infrastructure uses the preferred management IP address from the loop back interface. If the device does not have a loopback interface, Prime Infrastructure uses similar logic to the OSPF algorithm to select the router’s preferred management IP address."
Hope that helps.
Regards
Najaf
Similar Messages
-
Cannot add WLC 5508 to Prime Infrastructure 2.1
Regards,
I've been migrating / implementing a WCS to PI 2.1. I had several problems at first to add the 11 WLC we have to PI which I could be solving by trying and testing as I have not found many references by Cisco when it comes to troubleshooting when deploying PI.
I have several queries:
1. The WCS was added 11 WLC using different SNMP communities are configured on each of them. At first when trying to add the WLC had PI SNMP communication problems. I performed the test to eliminate any of the WLC added to WCS and add it again with some communities already existing R / W without any problem. At the end, I could not add the WLC so I had to create an SNMP community with the IP of Prime in the WLC so that they can be added. Does anyone know what is the cause of this?
2. I could not add a WLC 5508 IOS 7.3 using this method, even creating an SNMP community and IP mask 0.0.0.0 / 0. No access list or FW in between the WLC These WLC are spread over several countries but i was able to add the other WLC adding a community in each WLC pointing to the IP of Prime. It is similar to this case:
https://supportforums.cisco.com/discussion/12232506/cannot-add-wlc-5508-v761200-prime-infrastructure-21
Thanks for the help.It turns out that this situation was caused by a bug in 7.6.120.0 (CSCuo73572).
TAC handed me an escalation image (7.6.120.16) that fixed this.
Added the controllers sucessfully on the first try.
Phill -
CANNOT ADD WLC 5508 HA MODE IN PRIME INFRASTRUCTURE 2
I have two 5508 7.5.102 in HA mode and i am trying to add theme in cisco prime infrastructure 2 but i am taking back unreachable. Controller can ping the prime. I adding the controller using the management ip address of controller. Have anyone meat thise issue ? I also have problem when adding switches in stack mode (WS-C2960S-48TD-L)
Hello!
Check, that the service-port of the wlc is not in the same subnet, as Prime ip address -
Cannot add WLC 5508 7.2.111.3 to Cisco Prime Infrastructure 2.0
Though the Cisco Prime Infrastructure Compatibility Matrix list out that 7.2.111.3 is supported for PI 2.0
I am not able to add the controller to the PI 2.0.
The Reachability Status always shown "Unknow" and SNMP Status always shown "No response for SNMP Get".
There is no firewall between the WLC and PI.
And ping test shows it is reachable.
If I try to add controller by non-management port (I know it is not work but I want to try the reachability), the Reachability Status shown "Reachable" but the SNMP Status always shown error.
And if I use some SNMP testing software to test the SNMP port. SNMP can be quoted.
I have try to lower down the "Maximum VarBinds per Get PDU" but no luck.
Any thing I can do to troubleshoot the problem?Yes, I follow the procedure but it does not work.
Another update:
I add another WLC with version 7.0.98.0. It is fine.
And I setup another new PI 2.0 and new temporary WLC5508 with 7.2.111.3 to test. It work fine also......
So, I am wondering the existing 7.2 WLC have problem in responsing the SNMP Get. But I dont have any idea to test....
Do anyone have idea to test the snmp connection between PI and WLC? -
WCS cannot add WLC over slow link
I have a WCS running at our main data center. We recently added a WLAN Controller (4402)in a remote office that is located over a VPN tunnel.
The WCS can PING the WLC (but it is slow at about 250ms), and I can access the controller's web interface from the WCS server. I just cannot add the controller, it gives me the error "No response from device, check SNMP communities, version or network for issues."
Any thoughts on what I can try?
I have also verified the SNMP communities and removed and re-added them on both the WCS and WLC, and I've tried both the RO and RW strings. No difference.
Thanks.Here is what appears in the log when I try to connect via SNMP v2c.
*Oct 13 13:26:19.552: %SIM-3-MACADDR_GET_FAIL: sim.c:1147 Interface 1 source MAC address is not found.
*Oct 13 13:26:03.546: %SIM-3-MACADDR_GET_FAIL: sim.c:1147 Interface 1 source MAC address is not found.
*Oct 13 13:25:55.548: %SIM-3-MACADDR_GET_FAIL: sim.c:1147 Interface 1 source MAC address is not found.
*Oct 13 13:25:51.560: %SIM-3-MACADDR_GET_FAIL: sim.c:1147 Interface 1 source MAC address is not found.
*Oct 13 13:25:44.483: %USMDB-4-MSGTAG027: usmdb_wcp.c:221 usmDbWcpGetParentRouterName(): Non-Doberman platform.
*Oct 13 13:25:44.483: %USMDB-4-MSGTAG022: usmdb_wcp.c:95 usmDbWcpGetControllerSlotPort(): Non-Doberman platform.
*Oct 13 13:25:44.482: %USMDB-4-MSGTAG023: usmdb_wcp.c:119 usmDbWcpGetPeersPortAndIp(): Non-Doberman platform.
*Oct 13 13:25:44.481: %USMDB-4-MSGTAG022: usmdb_wcp.c:95 usmDbWcpGetControllerSlotPort(): Non-Doberman platform.
*Oct 13 13:25:44.480: %USMDB-4-MSGTAG023: usmdb_wcp.c:119 usmDbWcpGetPeersPortAndIp(): Non-Doberman platform.
I tried an extended ping from the WCS's default gateway and if I increase the datagram size to 1500, I get the âMâ = could not fragment reply. However a size of 1300 works fine. -
AP 360021 cannot join WLC 5508
Dears,
I have a cisco 5508 WLC and 40 cisco 360021 APs.
I configured the WLC and assign the management interface IP and also configured a DHCP pool on my Cisco 4507 core switch wit option 43.
But the problem that the APs connot join the WLC.
The below message appears:-
Nov 7 09:08:28.953: %CAPWAP-5-CHANGED: CAPWAP changed state to DISCOVERY
*Nov 7 09:08:28.954: %CAPWAP-5-CHANGED: CAPWAP changed state to DISCOVERY
*Nov 7 09:08:38.968: %CAPWAP-3-ERRORLOG: Go join a capwap controller
*Nov 7 09:08:39.000: %CAPWAP-5-DTLSREQSEND: DTLS connection request sent peer_ip: x.x.x.x pe6
*Nov 7 09:08:39.000: %CAPWAP-5-CHANGED: CAPWAP changed state to
Please support me to solve this issue.
Regards,Dears,
Also find the attched debug and the requirements that you asked for.
AP cisco debug:
*Oct 13 01:33:32.691: %MESH-6-CAPWAP_RESTART: Mesh Capwap re-started
*Oct 13 01:33:34.691: %LINK-3-UPDOWN: Interface BVI1, changed state to up
*Oct 13 01:33:35.691: %LINEPROTO-5-UPDOWN: Line protocol on Interface BVI1, changed state to up
*Oct 13 01:33:35.691: %SYS-6-LOGGINGHOST_STARTSTOP: Logging to host 255.255.255.255 started - CLI initiated
*Oct 13 01:33:37.815: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to administratively down
*Oct 13 01:33:37.903: status of voice_diag_test from WLC is false
*Oct 13 01:33:37.907: %CAPWAP-3-ERRORLOG: Not sending discovery request AP does not have an Ip !!
*Oct 13 01:33:37.907: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to up
*Oct 13 01:33:38.815: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to down
*Oct 13 01:33:38.867: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to down
*Oct 13 01:33:38.875: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to reset
*Oct 13 01:33:39.191: %MESH-6-CAPWAP_RESTART: Mesh Capwap re-started
*Oct 13 01:33:39.223: %DHCP-6-ADDRESS_ASSIGN: Interface GigabitEthernet0 assigned DHCP address 10.10.107.58, mask 255.255.255.0, hostname APfc99.47a2.2ef7
*Oct 13 01:33:39.223: %MESH-6-CAPWAP_RESTART: Mesh Capwap re-started
*Oct 13 01:33:39.899: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to up
*Oct 13 01:33:40.899: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to up
*Oct 13 01:33:43.191: %MESH-6-CAPWAP_RESTART: Mesh Capwap re-started
*Oct 13 01:33:43.259: %DHCP-6-ADDRESS_ASSIGN: Interface BVI1 assigned DHCP address 10.10.107.58, mask 255.255.255.0, hostname APfc99.47a2.2ef7
*Oct 13 01:33:43.259: %MESH-6-CAPWAP_RESTART: Mesh Capwap re-started
*Oct 13 01:33:47.907: %CAPWAP-3-ERRORLOG: Invalid event 29 & state 4 combination.
*Oct 13 01:33:47.907: %CAPWAP-3-ERRORLOG: SM handler: Failed to process timer message. Event 29, state 4
*Oct 13 01:33:47.907: %CAPWAP-3-ERRORLOG: Failed to handle timer message.
*Oct 13 01:33:47.907: %CAPWAP-3-ERRORLOG: Failed to process timer message.
*Oct 13 01:33:48.315: %LWAPP-3-CLIENTERRORLOG: LWAPP LED Init: incorrect led state 255
*Oct 13 01:33:48.379: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to ad
Translating "CISCO-CAPWAP-CONTROLLER"...domain server (10.10.18.1) (10.10.18.100)
ministratively down
*Oct 13 01:33:48.467: status of voice_diag_test from WLC is false
*Oct 13 01:33:48.471: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to up
*Oct 13 01:33:49.379: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to down
*Oct 13 01:33:49.431: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to down
*Oct 13 01:33:49.439: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to reset
*Oct 13 01:33:49.471: %CAPWAP-3-ERRORLOG: Did not get log server settings from DHCP.
*Oct 13 01:33:49.471: %CAPWAP-3-ERRORLOG: Could Not resolve CISCO-CAPWAP-CONTROLLER
*Oct 13 01:33:50.463: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to up
*Oct 13 01:33:51.463: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to up
*Oct 13 01:33:52.475: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to down
*Oct 13 01:33:52.483: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to reset
*Oct 13 01:33:53.475: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to down
*Oct 13 01:33:53.507: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to up
*Oct 13 01:33:54.507: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to up
*Mar 23 23:47:46.583: %MESH-3-TIMER_EXPIRED: Mesh Lwapp join timer expired
*Mar 23 23:47:46.583: %MESH-3-TIMER_EXPIRED: Mesh Lwapp join failed expired
*Mar 23 23:47:46.583: %MESH-6-LINK_UPDOWN: Mesh station fc99.47a2.2ef7 link Down
*Mar 23 23:47:47.999: %DTLS-5-SEND_ALERT: Send FATAL : Close notify Alert to 10.10.107.5:5246
*Mar 23 23:47:48.055: %LWAPP-3-CLIENTERRORLOG: LWAPP LED Init: incorrect led state 255
*Mar 23 23:47:48.119: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to administratively down
*Mar 23 23:47:48.211: status of voice_diag_test from WLC is false
*Mar 23 23:47:48.211: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to up
*Mar 23 23:47:49.119: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to down
*Mar 23 23:47:49.171: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to down
*Mar 23 23:47:49.179: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to reset
*Mar 23 23:47:50.207: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to up
*Mar 23 23:47:51.207: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to up
*Mar 23 23:47:51.215: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to down
*Mar 23 23:47:51.223: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to reset
*Mar 23 23:47:52.215: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to down
*Mar 23 23:47:52.247: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to up
*Mar 23 23:47:53.247: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to up
CAPWAP-3-ERRORLOG: Failed to process encrypted capwap packet from 10.10.107.5
*Mar 24 00:25:36.579: %MESH-3-TIMER_EXPIRED: Mesh Lwapp join timer expired
*Mar 24 00:25:36.579: %MESH-3-TIMER_EXPIRED: Mesh Lwapp join failed expired
*Mar 24 00:25:36.579: %MESH-6-LINK_UPDOWN: Mesh station fc99.47a2.2ef7 link Down
APfc99.47a2.2ef7#
%CAPWAP-3-ERRORLOG: CAPWAP SM handler: Failed to process message type 10 state 5.
*Mar 24 00:33:27.519: %CAPWAP-3-ERRORLOG: Failed to handle capwap control message from controller
*Mar 24 00:33:28.003: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to down
*Mar 24 00:33:28.035: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to up
*Mar 24 00:33:28.043: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to down
*Mar 24 00:33:28.051: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to reset
*Mar 24 00:33:29.079: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to up
*Mar 24 00:33:30.079: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to up
*Mar 24 00:33:32.519: %CAPWAP-5-SENDJOIN: sending Join Request to 10.10.107.5
*Mar 24 00:33:32.523: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to down
*Mar 24 00:33:32.531: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to reset
*Mar 24 00:33:33.523: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to down
*Mar 24 00:33:33.555: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to up
*Mar 24 00:33:34.555: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radi
The Time on AP is not same time on the WLC
Oct 13 01:34:13.411: %CAPWAP-3-ERRORLOG: Go join a capwap controller
*Mar 24 02:02:36.000: %CAPWAP-5-DTLSREQSEND: DTLS connection request sent peer_ip: 10.10.107.5 peer_port: 5246
*Mar 24 02:02:36.003: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to down
User Access Verification
Username:
*Mar 24 02:02:36.011: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to reset
*Mar 24 02:02:37.003: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to down
*Mar 24 02:02:37.035: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to up
*Mar 24 02:02:38.035: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to up
Username:
*Mar 24 02:03:05.999: DTLS_CLIENT_ERROR: ../capwap/base_capwap/dtls/base_capwap_dtls_connection_db.c:2051 Max retransmission count reached!
Username: Cisco
Password:
APfc99.47a2.2ef7>
*Oct 13 01:34:13.411: %CAPWAP-3-ERRORLOG: Go join a capwap controller
*Mar 24 02:02:36.000: %CAPWAP-5-DTLSREQSEND: DTLS connection request sent peer_ip: 10.10.107.5 peer_port: 5246
*Mar 24 02:02:36.003: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to down
User Access Verification
Username:
*Mar 24 02:02:36.011: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to reset
*Mar 24 02:02:37.003: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to down
*Mar 24 02:02:37.035: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to up
*Mar 24 02:02:38.035: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to up
Username:
*Mar 24 02:03:05.999: DTLS_CLIENT_ERROR: ../capwap/base_capwap/dtls/base_capwap_dtls_connection_db.c:2051 Max retransmission count reached!
Username: Cisco
Password:
APfc99.47a2.2ef7>
*Mar 24 02:04:31.603: %IP-4-DUPADDR: Duplicate address 10.10.107.5 on BVI1, sourced by 0006.f661.d880?
memory set memory parameters
APfc99.47a2.2ef7#set
*Mar 24 02:04:33.103: %MESH-6-CAPWAP_RESTART: Mesh Capwap re-start
*Mar 24 02:04:33.207: %CAPWAP-3-ERRORLOG: Invalid event 29 & state 4 combination.
*Mar 24 02:04:33.207: %CAPWAP-3-ERRORLOG: SM handler: Failed to process timer message. Event 29, state 4
*Mar 24 02:04:33.207: %CAPWAP-3-ERRORLOG: Failed to handle timer message.
*Mar 24 02:04:33.207: %CAPWAP-3-ERRORLOG: Failed to process timer messag
APfc99.47a2.2ef7#
*Mar 24 02:04:38.159: %LWAPP-3-CLIENTERRORLOG: LWAPP LED Init: incorrect led state 255
*Mar 24 02:04:38.223: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to administratively down
*Mar 24 02:04:38.315: status of voice_diag_test from WLC is false
Translating "CISCO-CAPWAP-CONTROLLER"...domain server (255.255.255.255)
*Mar 24 02:04:38.315: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to up
*Mar 24 02:04:39.223: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to down
*Mar 24 02:04:39.275: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to down
*Mar 24 02:04:39.283: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to reset
%DTLS-5-SEND_ALERT: Send FATAL : Close notify Alert to 10.10.107.5:5246
*Mar 24 02:06:58.999: %CAPWAP-3-ERRORLOG: Go join a capwap controller
*Mar 24 02:05:59.000: %CAPWAP-5-DTLSREQSEND: DTLS connection request sent peer_ip: 10.10.107.5 peer_port: 5246
*Mar 24 02:05:59.003: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to down
*Mar 24 02:05:59.011: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to reset
*Mar 24 02:06:00.003: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to down
*Mar 24 02:06:00.039: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to up
*Mar 24 02:06:01.039: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to up
APfc99.47a2.2ef7#
APfc99.47a2.2ef7#
*Mar 24 02:09:50.999: DTLS_CLIENT_ERROR: ../capwap/base_capwap/dtls/base_capwap_dtls_connection_db.c:2051 Max retransmission count reached!
APfc99.47a2.2ef7#
APfc99.47a2.2ef7#
APfc99.47a2.2ef7#
Translating "CISCO-CAPWAP-CONTROLLER"...domain server (255.255.255.255)
*Mar 24 02:10:20.999: %DTLS-5-SEND_ALERT: Send FATAL : Close notify Alert to 10.10.107.5:5246
*Mar 24 02:10:21.055: %LWAPP-3-CLIENTERRORLOG: LWAPP LED Init: incorrect led state 255
*Mar 24 02:10:21.123: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to administratively down
*Mar 24 02:10:21.207: status of voice_diag_test from WLC is false
*Mar 24 02:10:21.211: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to up
*Mar 24 02:10:22.123: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to down
*Mar 24 02:10:22.175: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to down
*Mar 24 02:10:22.183: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to reset
*Mar 24 02:10:23.211: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to up
*Mar 24 02:10:24.211: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to up
*Mar 24 02:10:25.787: %MESH-3-TIMER_EXPIRED: Mesh Lwapp join timer expired
*Mar 24 02:10:25.787: %MESH-3-TIMER_EXPIRED: Mesh Lwapp join failed expired
*Mar 24 02:10:25.787: %MESH-6-LINK_UPDOWN: Mesh station fc99.47a2.2ef7 link Down
*Mar 24 02:10:30.211: %CAPWAP-3-ERRORLOG: Could Not resolve CISCO-CAPWAP-CONTROLLER
*Mar 24 02:10:30.215: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to down
*Mar 24 02:10:30.223: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to reset
*Mar 24 02:10:31.215: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to down
*Mar 24 02:10:31.251: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to up
*Mar 24 02:10:32.251: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to up
Translating "CISCO-CAPWAP-CONTROLLER"...domain server (255.255.255.255)
*Mar 24 02:10:49.211: %CAPWAP-3-ERRORLOG: Could Not resolve CISCO-CAPWAP-CONTROLLER
*Mar 24 02:10:49.215: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to down
*Mar 24 02:10:49.223: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to reset
*Mar 24 02:10:50.215: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to down
*Mar 24 02:10:50.251: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to up
*Mar 24 02:10:51.251: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to up
Translating "CISCO-CAPWAP-CONTROLLER"...domain server (255.255.255.255)
*Mar 24 02:11:08.211: %CAPWAP-3-ERRORLOG: Could Not resolve CISCO-CAPWAP-CONTROLLER
*Mar 24 02:11:08.215: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to down
*Mar 24 02:11:08.223: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to reset
*Mar 24 02:11:09.215: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to down
*Mar 24 02:11:09.247: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to up
*Mar 24 02:11:10.247: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to up
*Mar 24 02:11:16.607: %IP-4-DUPADDR: Duplicate address 10.10.107.5 on BVI1, sourced by 0006.f661.d880
*Mar 24 02:11:18.107: %MESH-6-CAPWAP_RESTART: Mesh Capwap re-started
*Mar 24 02:11:18.211: %CAPWAP-3-ERRORLOG: Invalid event 29 & state 4 combination.
*Mar 24 02:11:18.211: %CAPWAP-3-ERRORLOG: SM handler: Failed to process timer message. Event 29, state 4
*Mar 24 02:11:18.211: %CAPWAP-3-ERRORLOG: Failed to handle timer message.
*Mar 24 02:11:18.211: %CAPWAP-3-ERRORLOG: Failed to process timer message.
*Mar 24 02:11:23.163: %LWAPP-3-CLIENTERRORLOG: LWAPP LED Init: incorrect led state 255
*Mar 24 02:11:23.227: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to administratively down
*Mar 24 02:11:23.319: status of voice_diag_test from WLC is false
Translating "CISCO-CAPWAP-CONTROLLER"...domain server (255.255.255.255)
*Mar 24 02:11:23.319: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to up
*Mar 24 02:11:24.227: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to down
*Mar 24 02:11:24.275: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to down
*Mar 24 02:11:24.283: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to reset
*Mar 24 02:11:25.311: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to up
*Mar 24 02:11:26.311: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to up
*Mar 24 02:11:33.319: %CAPWAP-3-ERRORLOG: Could Not resolve CISCO-CAPWAP-CONTROLLER
*Mar 24 02:11:33.323: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to down
*Mar 24 02:11:33.331: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to reset
*Mar 24 02:11:34.323: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to down
*Mar 24 02:11:34.355: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to up
*Mar 24 02:11:35.355: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to up
*Mar 24 02:11:43.319: %CAPWAP-3-ERRORLOG: Go join a capwap controller
*Mar 24 02:12:43.000: %CAPWAP-5-DTLSREQSEND: DTLS connection request sent peer_ip: 10.10.107.5 peer_port: 5246
*Mar 24 02:12:43.003: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to down
*Mar 24 02:12:43.011: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to reset
*Mar 24 02:12:44.003: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to down
*Mar 24 02:12:44.035: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to up
*Mar 24 02:12:45.035: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to up
Translating "CISCO-CAPWAP-CONTROLLER"...domain server (255.255.255.255)
*Mar 24 02:17:05.999: %DTLS-5-SEND_ALERT: Send FATAL : Close notify Alert to 10.10.107.5:5246
*Mar 24 02:17:06.055: %LWAPP-3-CLIENTERRORLOG: LWAPP LED Init: incorrect led state 255
*Mar 24 02:17:06.119: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to administratively down
*Mar 24 02:17:06.203: status of voice_diag_test from WLC is false
*Mar 24 02:17:06.207: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to up
*Mar 24 02:17:07.119: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to down
*Mar 24 02:17:07.171: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to down
*Mar 24 02:17:07.179: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to reset
*Mar 24 02:17:08.203: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to up
*Mar 24 02:17:09.203: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to up
*Mar 24 02:17:10.787: %MESH-3-TIMER_EXPIRED: Mesh Lwapp join timer expired
*Mar 24 02:17:10.787: %MESH-3-TIMER_EXPIRED: Mesh Lwapp join failed expired
*Mar 24 02:17:10.787: %MESH-6-LINK_UPDOWN: Mesh station fc99.47a2.2ef7 link Down
*Mar 24 02:17:15.207: %CAPWAP-3-ERRORLOG: Could Not resolve CISCO-CAPWAP-CONTROLLER
*Mar 24 02:17:15.211: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to down
*Mar 24 02:17:15.219: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to reset
*Mar 24 02:17:16.211: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to down
*Mar 24 02:17:16.247: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to up
*Mar 24 02:17:17.247: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to up
*Mar 24 02:17:53.207: %CAPWAP-3-ERRORLOG: Could Not resolve CISCO-CAPWAP-CONTROLLER
*Mar 24 02:17:53.211: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to down
*Mar 24 02:17:53.219: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to reset
*Mar 24 02:17:54.211: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to down
*Mar 24 02:17:54.247: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to up
*Mar 24 02:17:55.247: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to up
*Mar 24 02:18:01.607: %IP-4-DUPADDR: Duplicate address 10.10.107.5 on BVI1, sourced by 0006.f661.d880
*Mar 24 02:18:03.107: %MESH-6-CAPWAP_RESTART: Mesh Capwap re-started
*Mar 24 02:18:03.207: %CAPWAP-3-ERRORLOG: Invalid event 29 & state 4 combination.
*Mar 24 02:18:03.207: %CAPWAP-3-ERRORLOG: SM handler: Failed to process timer message. Even
Show requirement for AP:-
APfc99.47a2.2ef7#show version
Cisco IOS Software, C3600 Software (AP3G2-K9W8-M), Version 12.4(25e)JA, RELEASE SOFTWARE (fc2)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2012 by Cisco Systems, Inc.
Compiled Fri 27-Jan-12 21:27 by prod_rel_team
ROM: Bootstrap program is C3600 boot loader
BOOTLDR: C3600 Boot Loader (AP3G2-BOOT-M) LoaderVersion 12.4(23c)JY, RELEASE SOFTWARE (fc1)
APfc99.47a2.2ef7 uptime is 7 minutes
System returned to ROM by power-on
System image file is "flash:/ap3g2-k9w8-mx.124-25e.JA/ap3g2-k9w8-mx.124-25e.JA"
This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.
A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html
If you require further assistance please contact us by sending email to
[email protected].
cisco AIR-CAP3602I-A-K9 (PowerPC) processor (revision A0) with 167926K/81920K bytes of memory.
Processor board ID FGL1644Z15P
PowerPC CPU at 800Mhz, revision number 0x2151
Last reset from power-on
LWAPP image version 7.2.1.72
1 Gigabit Ethernet interface
2 802.11 Radio(s)
32K bytes of flash-simulated non-volatile configuration memory.
Base ethernet MAC Address: FC:99:47:A2:2E:F7
Part Number : 73-14521-02
PCA Assembly Number : 800-37501-02
PCA Revision Number : A0
PCB Serial Number : FOC16414A83
Top Assembly Part Number : 800-35852-02
Top Assembly Serial Number : FGL1644Z15P
Top Revision Number : C0
Product/Model Number : AIR-CAP3602I-A-K9
Configuration register is 0xF
show inventry
NAME: "AP3600", DESCR: "Cisco Aironet 3600 Series (IEEE 802.11n) Access Point"
PID: AIR-CAP3602I-A-K9 , VID: V01, SN: FGL1644Z15P
show requirement on WLC
(Cisco Controller) >show sysinfo
Manufacturer's Name.............................. Cisco Systems Inc.
Product Name..................................... Cisco Controller
Product Version.................................. 7.4.100.0
Bootloader Version............................... 1.0.1
Field Recovery Image Version..................... 6.0.182.0
Firmware Version................................. FPGA 1.3, Env 1.6, USB console 1.27
Build Type....................................... DATA + WPS
System Name...................................... Cisco_61:d8:84
System Location..................................
System Contact...................................
System ObjectID.................................. 1.3.6.1.4.1.9.1.1069
Redundancy Mode.................................. Disabled
IP Address....................................... 10.10.107.5
Last Reset....................................... Software reset
System Up Time................................... 0 days 1 hrs 4 mins 25 secs
System Timezone Location......................... (GMT +3:00) Baghdad
System Stats Realtime Interval................... 5
System Stats Normal Interval..................... 180
Configured Country............................... IQ - Iraq
Operating Environment............................ Commercial (0 to 40 C)
--More-- or (q)uit
Internal Temp Alarm Limits....................... 0 to 65 C
Internal Temperature............................. +40 C
External Temperature............................. +24 C
Fan Status....................................... OK
State of 802.11b Network......................... Enabled
State of 802.11a Network......................... Enabled
Number of WLANs.................................. 1
Number of Active Clients......................... 0
Memory Current Usage............................. Unknown
Memory Average Usage............................. Unknown
CPU Current Usage................................ Unknown
CPU Average Usage................................ Unknown
Burned-in MAC Address............................ 00:06:F6:61:D8:80
Power Supply 1................................... Present, OK
Power Supply 2................................... Absent
Maximum number of APs supported.................. 100
WLC after debug enable
*spamApTask6: Mar 24 04:56:19.133: 54:78:1a:43:ca:d0 Discovery resp:AC Name message element length = 58
*spamApTask6: Mar 24 04:56:19.133: 54:78:1a:43:ca:d0 Discovery resp: WTP Radio Information msg length = 67
*spamApTask6: Mar 24 04:56:19.133: 54:78:1a:43:ca:d0 Discovery resp: CAPWAP Control IPV4 Address len = 77
*spamApTask6: Mar 24 04:56:19.133: 54:78:1a:43:ca:d0 Discovery resp: CAPWAP Control IPV6 Address len = 99
*spamApTask6: Mar 24 04:56:19.133: 54:78:1a:43:ca:d0 Discovery resp: Mwar type payload len = 110
*spamApTask6: Mar 24 04:56:19.133: 54:78:1a:43:ca:d0 Discovery resp: Time sync payload len = 125
*spamApTask6: Mar 24 04:56:19.133: 54:78:1a:43:ca:d0 Discovery Response sent to 10.10.107.60:8944
*spamApTask6: Mar 24 04:56:19.133: 54:78:1a:43:ca:d0 Discovery Response sent to 10.10.107.60:8944
*spamApTask6: Mar 24 04:56:19.133: 54:78:1a:43:ca:d0 WTP already released
*spamApTask2: Mar 24 04:56:19.133: fc:99:47:a2:2e:f7 CAPWAP Control Msg Received from 10.10.107.5:8944
*spamApTask2: Mar 24 04:56:19.133: 54:78:1a:43:ca:d0 packet received of length 123 from 10.10.107.5:8944
*spamApTask2: Mar 24 04:56:19.133: 54:78:1a:43:ca:d0 Msg Type = 1 Capwap state = 0
*spamApTask2: Mar 24 04:56:19.133: 54:78:1a:43:ca:d0 Discovery Request from 10.10.107.5:8944
*spamApTask2: Mar 24 04:56:19.133: 54:78:1a:43:ca:d0 msgEleLength = 1 msgEleType = 20
*spamApTask2: Mar 24 04:56:19.133: 54:78:1a:43:ca:d0 Total msgEleLen = 94
*spamApTask2: Mar 24 04:56:19.133: 54:78:1a:43:ca:d0 msgEleLength = 40 msgEleType = 39
*spamApTask2: Mar 24 04:56:19.133: 54:78:1a:43:ca:d0 Total msgEleLen = 50
*spamApTask2: Mar 24 04:56:19.133: 54:78:1a:43:ca:d0 msgEleLength = 1 msgEleType = 41
*spamApTask2: Mar 24 04:56:19.133: 54:78:1a:43:ca:d0 Total msgEleLen = 45
*spamApTask2: Mar 24 04:56:19.133: 54:78:1a:43:ca:d0 msgEleLength = 1 msgEleType = 44
*spamApTask2: Mar 24 04:56:19.133: 54:78:1a:43:ca:d0 Total msgEleLen = 40
*spamApTask2: Mar 24 04:56:19.133: 54:78:1a:43:ca:d0 msgEleLength = 10 msgEleType = 37
*spamApTask2: Mar 24 04:56:19.133: 54:78:1a:43:ca:d0 Vendor specific payload from AP 54:78:1A:43:CA:D0 validated
*spamApTask2: Mar 24 04:56:19.133: 54:78:1a:43:ca:d0 Total msgEleLen = 26
(Cisco Controller) >*sshpmLscTask: Mar 24 05:02:01.461: sshpmLscTask: LSC Task received a message 4
*Oct 13 01:33:48.191: %MESH-6-CAPWAP_RESTART: Mesh Capwap re-started
User Access Verification
Username:
Username:
Username:
*Oct 13 01:33:50.191: %LINK-3-UPDOWN: Interface BVI1, changed state to up
*Oct 13 01:33:50.191: %IP-4-DUPADDR: Duplicate address 10.10.107.5 on BVI1, sourced by 0006.f661.d880
*Oct 13 01:33:51.191: %LINEPROTO-5-UPDOWN: Line protocol on Interface BVI1, changed state to up
*Oct 13 01:33:52.019: %CAPWAP-3-ERRORLOG: Invalid event 29 & state 4 combination.
*Oct 13 01:33:52.019: %CAPWAP-3-ERRORLOG: SM handler: Failed to process timer message. Event 29, state 4
*Oct 13 01:33:52.019: %CAPWAP-3-ERRORLOG: Failed to handle timer message.
*Oct 13 01:33:52.019: %CAPWAP-3-ERRORLOG: Failed to process timer message.
*Oct 13 01:33:53.251: %LWAPP-3-CLIENTERRORLOG: LWAPP LED Init: incorrect led state 255
*Oct 13 01:33:53.315: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to ad
Translating "CISCO-CAPWAP-CONTROLLER"...domain server (255.255.255.255)ministratively down
*Oct 13 01:33:53.407: status of voice_diag_test from WLC is false
*Oct 13 01:33:53.411: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to up
*Oct 13 01:33:54.315: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to down
*Oct 13 01:33:54.367: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to down
*Oct 13 01:33:54.375: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to reset
*Oct 13 01:33:55.399: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to up
*Oct 13 01:33:56.399: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to up
*spamApTask2: Mar 24 04:56:19.133: 54:78:1a:43:ca:d0 msgEleLength = 22 msgEleType = 37
nable
(Cisco Controller) >*spamApTask2: Mar 24 04:56:19.133: 54:78:1a:43:ca:d0 Vendor specific payload from AP 54:78:1A:43:CA:D0 validated
*spamApTask2: Mar 24 04:56:19.134: 54:78:1a:43:ca:d0 Total msgEleLen = 0
*spamApTask2: Mar 24 04:56:19.134: 54:78:1a:43:ca:d0 Join Priority Processing status = 0, Incoming Ap's Priority 4, MaxLrads = 100, joined Aps =0
*spamApTask2: Mar 24 04:56:19.134: 54:78:1a:43:ca:d0 1. 0 0
*spamApTask2: Mar 24 04:56:19.134: 54:78:1a:43:ca:d0 2. 232 3
*spamApTask2: Mar 24 04:56:19.134: 54:78:1a:43:ca:d0 3. 0 0
*spamApTask2: Mar 24 04:56:19.134: 54:78:1a:43:ca:d0 4. 100 0
*spamApTask2: Mar 24 04:56:19.134: 54:78:1a:43:ca:d0 Discovery resp: AC Descriptor message element len = 40
*spamApTask2: Mar 24 04:56:19.134: 54:78:1a:43:ca:d0 acName = Cisco_61:d8:84
*spamApTask2: Mar 24 04:56:19.134: 54:78:1a:43:ca:d0 Discovery resp:AC Name message element length = 58
*spamApTask2: Mar 24 04:56:19.134: 54:78:1a:43:ca:d0 Discovery resp: WTP Radio Information msg length = 67
*spamApTask2: Mar 24 04:56:19.134: 54:78:1a:43:ca:d0 Discovery resp: CAPWAP Control IPV4 Address len = 77
*spamApTask2: Mar 24 04:56:19.134: 54:78:1a:43:ca:d0 Discovery resp: CAPWAP Control IPV6 Address len = 99
*spamApTask2: Mar 24 04:56:19.134: 54:78:1a:43:ca:d0 Discovery resp: Mwar type payload len = 110
*spamApTask2: Mar 24 04:56:19.134: 54:78:1a:43:ca:d0 Discovery resp: Time sync payload len = 125
*spamApTask2: Mar 24 04:56:19.134: 54:78:1a:43:ca:d0 Discovery Response sent to 10.10.107.5:8944
*spamApTask2: Mar 24 04:56:19.134: 54:78:1a:43:ca:d0 Discovery Response sent to 10.10.107.5:8944
*spamApTask2: Mar 24 04:56:19.134: 54:78:1a:43:ca:d0 WTP already released
*spamApTask6: Mar 24 04:56:28.440: fc:99:47:a2:2e:f7 CAPWAP Control Msg Received from 10.10.107.60:8945
*spamApTask6: Mar 24 04:56:28.440: 54:78:1a:43:ca:d0 packet received of length 123 from 10.10.107.60:8945
*spamApTask6: Mar 24 04:56:28.441: 54:78:1a:43:ca:d0 Msg Type = 1 Capwap state = 0
*spamApTask6: Mar 24 04:56:28.441: 54:78:1a:43:ca:d0 Discovery Request from 10.10.107.60:8945
*spamApTask6: Mar 24 04:56:28.441: 54:78:1a:43:ca:d0 msgEleLength = 1 msgEleType = 20
*spamApTask6: Mar 24 04:56:28.441: 54:78:1a:43:ca:d0 Total msgEleLen = 94
*spamApTask6: Mar 24 04:56:28.441: 54:78:1a:43:ca:d0 msgEleLength = 40 msgEleType = 39
*spamApTask6: Mar 24 04:56:28.441: 54:78:1a:43:ca:d0 Total msgEleLen = 50
*spamApTask6: Mar 24 04:56:28.441: 54:78:1a:43:ca:d0 msgEleLength = 1 msgEleType = 41
*spamApTask6: Mar 24 04:56:28.441: 54:78:1a:43:ca:d0 Total msgEleLen = 45
*spamApTask6: Mar 24 04:56:28.441: 54:78:1a:43:ca:d0 msgEleLength = 1 msgEleType = 44
*spamApTask6: Mar 24 04:56:28.441: 54:78:1a:43:ca:d0 Total msgEleLen = 40
*spamApTask7: Mar 24 04:56:28.441: fc:99:47:a2:2e:f7 CAPWAP Control Msg Received from 10.10.107.61:8945
*spamApTask6: Mar 24 04:56:28.441: 54:78:1a:43:ca:d0 msgEleLength = 10 msgEleType = 37
*spamApTask7: Mar 24 04:56:28.441: 54:78:1a:43:ca:d0 packet received of length 123 from 10.10.107.61:8945
*spamApTask6: Mar 24 04:56:28.441: 54:78:1a:43:ca:d0 Vendor specific payload from AP 54:78:1A:43:CA:D0 validated
*spamApTask7: Mar 24 04:56:28.441: 54:78:1a:43:ca:d0 Msg Type = 1 Capwap state = 0
*spamApTask6: Mar 24 04:56:28.441: 54:78:1a:43:ca:d0 Total msgEleLen = 26
*spamApTask6: Mar 24 04:56:28.441: 54:78:1a:43:ca:d0 msgEleLength = 22 msgEleType = 37
*spamApTask7: Mar 24 04:56:28.441: 54:78:1a:43:ca:d0 Discovery Request from 10.10.107.61:8945
*spamApTask7: Mar 24 04:56:28.441: 54:78:1a:43:ca:d0 msgEleLength = 1 msgEleType = 20
*spamApTask6: Mar 24 04:56:28.441: 54:78:1a:43:ca:d0 Vendor specific payload from AP 54:78:1A:43:CA:D0 validated
*spamApTask7: Mar 24 04:56:28.441: 54:78:1a:43:ca:d0 Total msgEleLen = 94
*spamApTask7: Mar 24 04:56:28.441: 54:78:1a:43:ca:d0 msgEleLength = 40 msgEleType = 39
*spamApTask6: Mar 24 04:56:28.441: 54:78:1a:43:ca:d0 Total msgEleLen = 0
*spamApTask7: Mar 24 04:56:28.441: 54:78:1a:43:ca:d0 Total msgEleLen = 50
*spamApTask7: Mar 24 04:56:28.441: 54:78:1a:43:ca:d0 msgEleLength = 1 msgEleType = 41
*spamApTask6: Mar 24 04:56:28.441: 54:78:1a:43:ca:d0 Join Priority Processing status = 0, Incoming Ap's Priority 4, MaxLrads = 100, joined Aps =0
*spamApTask7: Mar 24 04:56:28.441: 54:78:1a:43:ca:d0 Total msgEleLen = 45
*spamApTask7: Mar 24 04:56:28.441: 54:78:1a:43:ca:d0 msgEleLength = 1 msgEleType = 44
*spamApTask6: Mar 24 04:56:28.441: 54:78:1a:43:ca:d0 1. 0 0
*spamApTask7: Mar 24 04:56:28.441: 54:78:1a:43:ca:d0 Total msgEleLen = 40
*spamApTask6: Mar 24 04:56:28.441: 54:78:1a:43:ca:d0 2. 232 3
*spamApTask7: Mar 24 04:56:28.441: 54:78:1a:43:ca:d0 msgEleLength = 10 msgEleType = 37
*spamApTask6: Mar 24 04:56:28.441: 54:78:1a:43:ca:d0 3. 0 0
*spamApTask7: Mar 24 04:56:28.441: 54:78:1a:43:ca:d0 Vendor specific payload from AP 54:78:1A:43:CA:D0 validated
*spamApTask6: Mar 24 04:56:28.441: 54:78:1a:43:ca:d0 4. 100 0
*spamApTask7: Mar 24 04:56:28.441: 54:78:1a:43:ca:d0 Total msgEleLen = 26
*spamApTask7: Mar 24 04:56:28.441: 54:78:1a:43:ca:d0 msgEleLength = 22 msgEleType = 37
*spamApTask6: Mar 24 04:56:28.441: 54:78:1a:43:ca:d0 Discovery resp: AC Descriptor message element len = 40
*spamApTask7: Mar 24 04:56:28.441: 54:78:1a:43:ca:d0 Vendor specific payload from AP 54:78:1A:43:CA:D0 validated
*spamApTask6: Mar 24 04:56:28.441: 54:78:1a:43:ca:d0 acName = Cisco_61:d8:84
*spamApTask7: Mar 24 04:56:28.441: 54:78:1a:43:ca:d0 Total msgEleLen = 0
*spamApTask6: Mar 24 04:56:28.441: 54:78:1a:43:ca:d0 Discovery resp:AC Name message element length = 58
*spamApTask6: Mar 24 04:56:28.441: 54:78:1a:43:ca:d0 Discovery resp: WTP Radio Information msg length = 67
*spamApTask7: Mar 24 04:56:28.441: 54:78:1a:43:ca:d0 Join Priority Processing status = 0, Incoming Ap's Priority 4, MaxLrads = 100, joined Aps =0
*spamApTask7: Mar 24 04:56:28.441: 54:78:1a:43:ca:d0 1. 0 0
*spamApTask7: Mar 24 04:56:28.441: 54:78:1a:43:ca:d0 2. 232 3
*spamApTask6: Mar 24 04:56:28.441: 54:78:1a:43:ca:d0 Discovery resp: CAPWAP Control IPV4 Address len = 77
*spamApTask7: Mar 24 04:56:28.441: 54:78:1a:43:ca:d0 3. 0 0 -
SNMP TRAP ON Secondary WLC 5508
Hi I'm Louis,
I work on 2 WLC 5508 with version 7.4 and Prime Infrastructure 1.3
We have activate AP SSO to work with a primary and secondary controller.
We have added the controller to Prime infrastructure and activated SNMP.
We receive correctly the alarms on Prime.
But when we work on Primary WLC, and the secondary crash we haven't got information about that. No SNMP received.
That is normal ?
Thx for your reply
RegardsI find this, in Monitoring and Troubleshooting the Redundancy States
http://www.cisco.com/en/US/docs/net_mgmt/prime/infrastructure/1.2/user/guide/chgdevconfig.html
On my primary controller, in SNMP => Trap Log , I can see :
RF failure notification ErrorType: 34 Reason :Lost Peer, Moving to Active-No-Peer State! => When I unplug RP link
RF progress notification unitId: -1407319963 peerUnitId :14 unitState: -1407319863 peerUnitState :5
RF progress notification unitId: -1407319963 peerUnitId :14 unitState: -1407319863 peerUnitState :9 => When I plug the RP link.
So I can see the trap on my controller but there is nothing in Prime ... -
7925 Phones voice quality issues with wlc 5508 version 7.6
Hi all,
I have a mix environment with 1 WLC 5508 and more or less 6 sites with several Access Points ( all AIR-LAP1242AG and all in FlexConnect mode Hreap ) and several wireless phones (all CP7925G) . My Ap's have antennas 2.4GHz in all sites except 1 site ( the one i'm talking for now) with 2.4GHz and 5GHz , because of the problems we suggest to have all phone in A BAND (5Ghz) . In this site we force the phones just to A (802.11a only) , power safe NONE , Continuous scan mode , i fallow all in http://www.cisco.com/en/US/docs/voice_ip_comm/cuipph/7925g/7_0/english/deployment/guide/7925dply.pdf , one thing i didn’t do it was apply QoS because I can’t apply several ios commands in that 2960 with lan lite ios.
So I have 3 SSID for data and 2 for VOICE ( one is common to all environment and supports 2.4 and 5Ghz , and other just to test one site , with only 5Ghz with “[WPA2][Auth(802.1X + CCKM)][Auth(FT 802.1X)]”, because I read that problem can be phone rooming , and in FlexConnect only have fast-roaming in a CCKM or a PKM key-management solution , but even like this the problem still exist) .
I have another sites with phones in 2.4GHz running well and others with problems.
i read here in forums lots and lots of people with similar problems , i tried several solutions ( WLC upgrades versions and phones firmware's , …. ) tried all my best of solving the problems mas now I’m running without any ideas , i did also some site surveys and detect some interferers that why I change phones to 5Ghz , and I run also WLC Config analyser to help me , but all without good success. Some changes solve temporarily problems , but after some time , people reclaim about problems.
I can open a TAC case but first I want be sure if did all already.
Can someone try to help me?
ip phone 7925G firmware : CP7925G-1.4.5SR1.3
CUCM 8.6.2
WLC 5508 : 7.6.120.0
AP : AIR-LAP1242AG-E-K9 7.6.120.0 (flexconnect)
Best RegardsHi Serge,
Thanks for the suggestions. I have taken care of all the settings. Problem is , the user is seated in his office cabin and using the 7925 and there is around 50db signal strength in his room from an AP which is just outside the cabin. And this doesnt occur often, when we go to check and make calls, everything is fine whereas the user says it happens sometimes in the morning, evening etc... randomly... where the fone goes blank while in a call.... since the problem never happens when we go to troubleshoot the issue, we really dont know what is going on. This is happening when calling PSTN.
AP's are not restarting and there is no logs indicating that. Wireless infrastructure looks very much OK cos there are other users who are not experiencing this problem and there is ample coverage all over the floor. I am baffled why only one user has this problem even when he is seated in his office cabin.
Tried changing phones also, but still remains.
Question : i tried to do a linktest from WLC to his phone, but it failed, while linktest to laptops are working fine. Does wlc linktest not working for wireless phones ?
regards
Joe -
Prime Infrastructure 2.1 updating 5508 controllers in HA mode
I'm having the same issue from PI 2.1 trying to import 7.6.130 for my 5508 controllers and it saying "Image not Applicable for this Device" even though I know that image is applicable.
Also, has anyone ever updated 5508 controllers in HA mode from Prime Infrastructure?Your combination of PI (are you sure it's 2.1? not 1.2?), WLC and MSE is not supported.
You may want to have a look at this matrix:
http://www.cisco.com/en/US/docs/wireless/controller/5500/tech_notes/Wireless_Software_Compatibility_Matrix.html
Regards
Stefan
PS: Today PI 1.3 and MSE 7.4 have been released - these support WLC code 7.4 -
Cisco Prime Infrastructure 2.0 add antenna?
Hi!,
I Have installed a cisco infrastructure 2.0 application. during the configuration phase of the heatmaps I notice that my antenna model is not in the list; there is a "generic antenna" option but this antenna is a "directional" antenna but my model is AIR-ANT2430V-R an omni-directional antenna. how can i ADD my exact model of antenna to the Prime Infrastructure app?Just to be more specific, i need to know if is possible add more antennas on this option marked on the picture... this is to avoid use the "other" option or other equivalent model (which is what i have configured now based on the dBi value)... thanks in advance for any idea...
-
AIR-CAP1602i cannot join a WLC 5508 controller
Hello,
I'm managing a large number of access points on a Cisco wlc 5508 controller.
We've recently purchased a bunch of new AIR-CAP1602I-E-K9.
note that we already have AIR-CAP1602I-E-K9 and other models in production.
These A.P are not able to join the controller for some reason, I've tried a lot of different things but I am now at a loss.
I have checked the regulatory domain, upgraded the FUS, manually upgraded the software version of the LAP to match the version on the other A.P.
I even downgraded/upgraded the WLC code (version 7.4.x and 8.0)
I use the dhcp option 43 to to send the controller IP.
Here are the info that can help:
errors:
#on A.P
*Dec 12 09:24:49.659: %CAPWAP-3-ERRORLOG: Invalid event 10 & state 5 combination.
*Dec 12 09:24:49.659: %CAPWAP-3-ERRORLOG: CAPWAP SM handler: Failed to process message type 10 state 5.
*Dec 12 09:24:49.659: %CAPWAP-3-ERRORLOG: Failed to handle capwap control message from controller
#on WLC
Lwapp join request rejected (WLC version 7.6.130.0)
Failed to add database entry (WLC version 8.0)
WLC sysinfo
Manufacturer's Name.............................. Cisco Systems Inc.
Product Name..................................... Cisco Controller
Product Version.................................. 7.6.130.0
Bootloader Version............................... 1.0.20
Field Recovery Image Version..................... 7.6.101.1
Firmware Version................................. FPGA 1.7, Env 1.8, USB console 2.2
Build Type....................................... DATA + WPS
System Name...................................... XXX
System Location..................................
System Contact...................................
System ObjectID.................................. 1.3.6.1.4.1.9.1.1069
Redundancy Mode.................................. Disabled
IP Address....................................... XXX
Last Reset....................................... Software reset
System Up Time................................... 6 days 4 hrs 16 mins 27 secs
System Timezone Location.........................
System Stats Realtime Interval................... 5
System Stats Normal Interval..................... 180
Configured Country............................... Multiple Countries:CA,FR
Operating Environment............................ Commercial (0 to 40 C)
Internal Temp Alarm Limits....................... 0 to 65 C
Internal Temperature............................. +41 C
External Temperature............................. +22 C
Fan Status....................................... OK
State of 802.11b Network......................... Enabled
State of 802.11a Network......................... Enabled
Number of WLANs.................................. 7
Number of Active Clients......................... 1977
Burned-in MAC Address............................ A4:93:4C:B0:E4:C0
Power Supply 1................................... Present, OK
Power Supply 2................................... Present, OK
Maximum number of APs supported.................. 250
AP sh version
AP58f3.9cb8.3701#sh version
Cisco IOS Software, C1600 Software (AP1G2-K9W8-M), Version 15.2(4)JB6, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2014 by Cisco Systems, Inc.
Compiled Fri 22-Aug-14 10:56 by prod_rel_team
ROM: Bootstrap program is C1600 boot loader
BOOTLDR: C1600 Boot Loader (AP1G2-BOOT-M) LoaderVersion 15.2(2)JAX, RELEASE SOFTWARE (fc1)
AP58f3.9cb8.3701 uptime is 31 minutes
System returned to ROM by power-on
System image file is "flash:/ap1g2-k9w8-mx.152-4.JB6/ap1g2-k9w8-mx.152-4.JB6"
Last reload reason:
This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.
A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html
If you require further assistance please contact us by sending email to
[email protected].
cisco AIR-CAP1602I-E-K9 (PowerPC) processor (revision B0) with 229366K/32768K bytes of memory.
Processor board ID FGL1832X5QU
PowerPC CPU at 533MHz, revision number 0x2151
Last reset from power-on
LWAPP image version 7.6.100.0
1 Gigabit Ethernet interface
2 802.11 Radios
32K bytes of flash-simulated non-volatile configuration memory.
Base ethernet MAC Address: 58:F3:9C:B8:37:01
Part Number : 73-14671-04
PCA Assembly Number : 000-00000-00
PCA Revision Number :
PCB Serial Number : FOC183171L4
Top Assembly Part Number : 800-38552-01
Top Assembly Serial Number : FGL1832X5QU
Top Revision Number : A0
Product/Model Number : AIR-CAP1602I-E-K9
AP sh inventory
NAME: "AP1600", DESCR: "Cisco Aironet 1600 Series (IEEE 802.11n) Access Point"
PID: AIR-CAP1602I-E-K9 , VID: V01, SN: FGL1832X5QU
Thanks for your help !Hi Olivier,
The error messages that you have on the debugs:
*Dec 12 09:24:49.659: %CAPWAP-3-ERRORLOG: Invalid event 10 & state 5 combination.
*Dec 12 09:24:49.659: %CAPWAP-3-ERRORLOG: CAPWAP SM handler: Failed to process message type 10 state 5.
*Dec 12 09:24:49.659: %CAPWAP-3-ERRORLOG: Failed to handle capwap control message from controller
It is related to the bug: CSCuh46442
https://tools.cisco.com/bugsearch/bug/CSCuh46442/?referring_site=ss
This bug is resolved in version : 8.0.100.0
http://www.cisco.com/c/en/us/td/docs/wireless/controller/release/notes/crn80.html#pgfId-1163951
Can you please paste here "show ap auth-list" from the controller CLI?
I suggest to enable MIC if it is not enabled, and then check if the AP's will join or not.
Kind Regards
Mohammad Setan -
Cisco ISE 1.2 & Cisco WLC 5508 v7.6
Hi all,
we are planning to upgrade our WLC to 7.6 to fix a bug with FlexConnect Client ACLs but I have just seen on the Cisco ISE Compatibility table that the it only recommends up to v7.5 of the WLC 5508...
Cisco have told me to steer clear of 7.5 as it is in a defferred status, so does anyone know, or have running in a lab or production, ISE1.2 with a 5508 WLC v7.6 NAD ?
I would much rather know of any issues people are experiencing before hand than to have to go through a software upgrade and then rollback.
Thanks all
Mario De RosaHi Neno,
right I have this almost working now.
I have simplified the setup. I am not going to do any client provisioning at the moment.
So I can connect to the corporate SSID using EAP-TLS and I can successfully push the branch data VLAN upon successful authorisation.
Now I am trying to introduce the posture element & per user ACLs.
I have defined the redirect ACL & Flex ACL on the vWLC however the NAC agent will not pop-up. The client is in the right VLAN and the redirect ACL seems to be getting applied as the client does get an IP through DHCP. However, the client cannot ping the ISE or access the guest portal when I open the browser.
DNS resolution seems to be working fine.
VLAN220 is my datacentre VLAN which the Management Interface on the controller is plugged in to.
VLAN10 is the branch DATA VLAN.
below is some output to give you some more details...
(Cisco Controller) >show client detail 00:24:d6:97:b3:be
Client MAC Address............................... 00:24:d6:97:b3:be
Client Username ................................. [email protected]
AP MAC Address................................... 18:33:9d:f0:21:80
AP Name.......................................... test-flex-ap
AP radio slot Id................................. 0
Client State..................................... Associated
Client NAC OOB State............................. Access
Wireless LAN Id.................................. 2
Hotspot (802.11u)................................ Not Supported
BSSID............................................ 18:33:9d:f0:21:81
Connected For ................................... 128 secs
Channel.......................................... 6
IP Address....................................... 10.130.130.120
Gateway Address.................................. 10.130.130.1
Netmask.......................................... 255.255.255.0
IPv6 Address..................................... fe80::f524:1910:69f0:9482
Association Id................................... 1
Authentication Algorithm......................... Open System
Reason Code...................................... 1
Status Code...................................... 0
Client CCX version............................... 4
Client E2E version............................... 1
--More-- or (q)uit
Re-Authentication Timeout........................ 1651
QoS Level........................................ Silver
Avg data Rate.................................... 0
Burst data Rate.................................. 0
Avg Real time data Rate.......................... 0
Burst Real Time data Rate........................ 0
802.1P Priority Tag.............................. disabled
CTS Security Group Tag........................... Not Applicable
KTS CAC Capability............................... No
WMM Support...................................... Enabled
APSD ACs....................................... BK BE VI VO
Power Save....................................... OFF
Current Rate..................................... m13
Supported Rates.................................. 1.0,2.0,5.5,11.0,6.0,9.0,
............................................. 12.0,18.0,24.0,36.0,48.0,
............................................. 54.0
Mobility State................................... Local
Mobility Move Count.............................. 0
Security Policy Completed........................ No
Policy Manager State............................. POSTURE_REQD
Policy Manager Rule Created...................... Yes
AAA Override ACL Name............................ POSTURE_REDIRECT_ACL
AAA Override ACL Applied Status.................. Yes
--More-- or (q)uit
AAA Override Flex ACL Name....................... POSTURE_REDIRECT_ACL
AAA Override Flex ACL Applied Status............. Yes
AAA URL redirect................................. https://pdc-ise-man01.kier.group:8443/guestportal/gateway?sessionId=c8dc800a00000005b3e7e953&action=cpp
Audit Session ID................................. c8dc800a00000005b3e7e953
AAA Role Type.................................... none
Local Policy Applied............................. none
IPv4 ACL Name.................................... none
FlexConnect ACL Applied Status................... Yes
IPv4 ACL Applied Status.......................... Unavailable
IPv6 ACL Name.................................... none
IPv6 ACL Applied Status.......................... Unavailable
Layer2 ACL Name.................................. none
Layer2 ACL Applied Status........................ Unavailable
mDNS Status...................................... Disabled
mDNS Profile Name................................ none
No. of mDNS Services Advertised.................. 0
Policy Type...................................... WPA2
Authentication Key Management.................... 802.1x
Encryption Cipher................................ CCMP (AES)
Protected Management Frame ...................... No
Management Frame Protection...................... No
EAP Type......................................... EAP-TLS
FlexConnect Data Switching....................... Local
--More-- or (q)uit
FlexConnect Dhcp Status.......................... Local
FlexConnect Vlan Based Central Switching......... No
FlexConnect Authentication....................... Central
Quarantine VLAN.................................. 0
Access VLAN...................................... 220
Client Capabilities:
CF Pollable................................ Not implemented
CF Poll Request............................ Not implemented
Short Preamble............................. Implemented
PBCC....................................... Not implemented
Channel Agility............................ Not implemented
Listen Interval............................ 10
Fast BSS Transition........................ Not implemented
Client Wifi Direct Capabilities:
WFD capable................................ No
Manged WFD capable......................... No
Cross Connection Capable................... No
Support Concurrent Operation............... No
Fast BSS Transition Details:
Client Statistics:
Number of Bytes Received................... 33698
Number of Bytes Sent....................... 19397
Total Number of Bytes Sent................. 19397
--More-- or (q)uit
Total Number of Bytes Recv................. 33698
Number of Bytes Sent (last 90s)............ 19397
Number of Bytes Recv (last 90s)............ 33698
Number of Packets Received................. 283
Number of Packets Sent..................... 147
Number of Interim-Update Sent.............. 0
Number of EAP Id Request Msg Timeouts...... 0
Number of EAP Id Request Msg Failures...... 0
Number of EAP Request Msg Timeouts......... 0
Number of EAP Request Msg Failures......... 0
Number of EAP Key Msg Timeouts............. 0
Number of EAP Key Msg Failures............. 0
Number of Data Retries..................... 53
Number of RTS Retries...................... 0
Number of Duplicate Received Packets....... 2
Number of Decrypt Failed Packets........... 0
Number of Mic Failured Packets............. 0
Number of Mic Missing Packets.............. 0
Number of RA Packets Dropped............... 0
Number of Policy Errors.................... 0
Radio Signal Strength Indicator............ -42 dBm
Signal to Noise Ratio...................... 41 dB
Client Rate Limiting Statistics:
--More-- or (q)uit
Number of Data Packets Recieved............ 0
Number of Data Rx Packets Dropped.......... 0
Number of Data Bytes Recieved.............. 0
Number of Data Rx Bytes Dropped............ 0
Number of Realtime Packets Recieved........ 0
Number of Realtime Rx Packets Dropped...... 0
Number of Realtime Bytes Recieved.......... 0
Number of Realtime Rx Bytes Dropped........ 0
Number of Data Packets Sent................ 0
Number of Data Tx Packets Dropped.......... 0
Number of Data Bytes Sent.................. 0
Number of Data Tx Bytes Dropped............ 0
Number of Realtime Packets Sent............ 0
Number of Realtime Tx Packets Dropped...... 0
Number of Realtime Bytes Sent.............. 0
Number of Realtime Tx Bytes Dropped........ 0
Nearby AP Statistics:
test-flex-ap(slot 0)
antenna0: 14 secs ago.................... -51 dBm
antenna1: 14 secs ago.................... -37 dBm
test-flex-ap(slot 1)
antenna0: 14 secs ago.................... -51 dBm
antenna1: 14 secs ago.................... -54 dBm
--More-- or (q)uit
DNS Server details:
DNS server IP ............................. 10.0.17.31
DNS server IP ............................. 10.0.17.43
Assisted Roaming Prediction List details:
Client Dhcp Required: False
Allowed (URL)IP Addresses
(Cisco Controller) >
(Cisco Controller) >show wlan 2
WLAN Identifier.................................. 2
Profile Name..................................... Demo1x
Network Name (SSID).............................. Demo1x
Status........................................... Enabled
MAC Filtering.................................... Disabled
Broadcast SSID................................... Enabled
AAA Policy Override.............................. Enabled
Network Admission Control
Client Profiling Status
Radius Profiling ............................ Disabled
DHCP ....................................... Disabled
HTTP ....................................... Disabled
Local Profiling ............................. Disabled
DHCP ....................................... Disabled
HTTP ....................................... Disabled
Radius-NAC State............................... Enabled
SNMP-NAC State................................. Disabled
Quarantine VLAN................................ 0
Maximum number of Associated Clients............. 0
Maximum number of Clients per AP Radio........... 200
--More-- or (q)uit
Number of Active Clients......................... 1
Exclusionlist Timeout............................ 60 seconds
Session Timeout.................................. 1800 seconds
User Idle Timeout................................ Disabled
Sleep Client..................................... disable
Sleep Client Timeout............................. 12 hours
User Idle Threshold.............................. 0 Bytes
NAS-identifier................................... mario-test-flex-vwlc
CHD per WLAN..................................... Enabled
Webauth DHCP exclusion........................... Disabled
Interface........................................ management
Multicast Interface.............................. Not Configured
WLAN IPv4 ACL.................................... unconfigured
WLAN IPv6 ACL.................................... unconfigured
WLAN Layer2 ACL.................................. unconfigured
mDNS Status...................................... Disabled
mDNS Profile Name................................ unconfigured
DHCP Server...................................... Default
DHCP Address Assignment Required................. Disabled
Static IP client tunneling....................... Disabled
Quality of Service............................... Silver
Per-SSID Rate Limits............................. Upstream Downstream
Average Data Rate................................ 0 0
--More-- or (q)uit
Average Realtime Data Rate....................... 0 0
Burst Data Rate.................................. 0 0
Burst Realtime Data Rate......................... 0 0
Per-Client Rate Limits........................... Upstream Downstream
Average Data Rate................................ 0 0
Average Realtime Data Rate....................... 0 0
Burst Data Rate.................................. 0 0
Burst Realtime Data Rate......................... 0 0
Scan Defer Priority.............................. 4,5,6
Scan Defer Time.................................. 100 milliseconds
WMM.............................................. Allowed
WMM UAPSD Compliant Client Support............... Disabled
Media Stream Multicast-direct.................... Disabled
CCX - AironetIe Support.......................... Enabled
CCX - Gratuitous ProbeResponse (GPR)............. Disabled
CCX - Diagnostics Channel Capability............. Disabled
Dot11-Phone Mode (7920).......................... Disabled
Wired Protocol................................... None
Passive Client Feature........................... Disabled
Peer-to-Peer Blocking Action..................... Disabled
Radio Policy..................................... All
DTIM period for 802.11a radio.................... 1
DTIM period for 802.11b radio.................... 1
--More-- or (q)uit
Radius Servers
Authentication................................ 10.0.16.111 1812
Accounting.................................... 10.131.16.111 1813
Interim Update............................. Disabled
Framed IPv6 Acct AVP ...................... Prefix
Dynamic Interface............................. Disabled
Dynamic Interface Priority.................... wlan
Local EAP Authentication......................... Disabled
Security
802.11 Authentication:........................ Open System
FT Support.................................... Disabled
Static WEP Keys............................... Disabled
802.1X........................................ Disabled
Wi-Fi Protected Access (WPA/WPA2)............. Enabled
WPA (SSN IE)............................... Disabled
WPA2 (RSN IE).............................. Enabled
TKIP Cipher............................. Disabled
AES Cipher.............................. Enabled
Auth Key Management
802.1x.................................. Enabled
PSK..................................... Disabled
CCKM.................................... Disabled
--More-- or (q)uit
FT-1X(802.11r).......................... Disabled
FT-PSK(802.11r)......................... Disabled
PMF-1X(802.11w)......................... Disabled
PMF-PSK(802.11w)........................ Disabled
FT Reassociation Timeout................... 20
FT Over-The-DS mode........................ Enabled
GTK Randomization.......................... Disabled
SKC Cache Support.......................... Disabled
CCKM TSF Tolerance......................... 1000
WAPI.......................................... Disabled
Wi-Fi Direct policy configured................ Disabled
EAP-Passthrough............................... Disabled
CKIP ......................................... Disabled
Web Based Authentication...................... Disabled
Web-Passthrough............................... Disabled
Conditional Web Redirect...................... Disabled
Splash-Page Web Redirect...................... Disabled
Auto Anchor................................... Disabled
FlexConnect Local Switching................... Enabled
flexconnect Central Dhcp Flag................. Disabled
flexconnect nat-pat Flag...................... Disabled
flexconnect Dns Override Flag................. Disabled
flexconnect PPPoE pass-through................ Disabled
--More-- or (q)uit
flexconnect local-switching IP-source-guar.... Disabled
FlexConnect Vlan based Central Switching ..... Disabled
FlexConnect Local Authentication.............. Disabled
FlexConnect Learn IP Address.................. Enabled
Client MFP.................................... Optional
PMF........................................... Disabled
PMF Association Comeback Time................. 1
PMF SA Query RetryTimeout..................... 200
Tkip MIC Countermeasure Hold-down Timer....... 60
Eap-params.................................... Disabled
AVC Visibilty.................................... Disabled
AVC Profile Name................................. None
Flow Monitor Name................................ None
Split Tunnel (Printers).......................... Disabled
Call Snooping.................................... Disabled
Roamed Call Re-Anchor Policy..................... Disabled
SIP CAC Fail Send-486-Busy Policy................ Disabled
SIP CAC Fail Send Dis-Association Policy......... Disabled
KTS based CAC Policy............................. Disabled
Assisted Roaming Prediction Optimization......... Disabled
802.11k Neighbor List............................ Disabled
802.11k Neighbor List Dual Band.................. Disabled
Band Select...................................... Disabled
--More-- or (q)uit
Load Balancing................................... Disabled
Multicast Buffer................................. Disabled
Mobility Anchor List
WLAN ID IP Address Status
802.11u........................................ Disabled
MSAP Services.................................. Disabled
Local Policy
Priority Policy Name
(Cisco Controller) >
when debugging the client during redirect, this is the output and I cannot spot anything wrong here...
(Cisco Controller) >*apfMsConnTask_7: Aug 12 10:58:24.013: 00:24:d6:97:b3:be Adding mobile on LWAPP AP 18:33:9d:f0:21:80(1)
*apfMsConnTask_7: Aug 12 10:58:24.013: 00:24:d6:97:b3:be Association received from mobile on BSSID 18:33:9d:f0:21:8e
*apfMsConnTask_7: Aug 12 10:58:24.013: 00:24:d6:97:b3:be Global 200 Clients are allowed to AP radio
*apfMsConnTask_7: Aug 12 10:58:24.013: 00:24:d6:97:b3:be Max Client Trap Threshold: 0 cur: 0
*apfMsConnTask_7: Aug 12 10:58:24.013: 00:24:d6:97:b3:be Rf profile 600 Clients are allowed to AP wlan
*apfMsConnTask_7: Aug 12 10:58:24.013: 00:24:d6:97:b3:be override for default ap group, marking intgrp NULL
*apfMsConnTask_7: Aug 12 10:58:24.013: 00:24:d6:97:b3:be Applying Interface policy on Mobile, role Unassociated. Ms NAC State 0 Quarantine Vlan 0 Access Vlan 0
*apfMsConnTask_7: Aug 12 10:58:24.013: 00:24:d6:97:b3:be Re-applying interface policy for client
*apfMsConnTask_7: Aug 12 10:58:24.013: 00:24:d6:97:b3:be 0.0.0.0 START (0) Changing IPv4 ACL 'none' (ACL ID 255) ===> 'none' (ACL ID 255) --- (caller apf_policy.c:2219)
*apfMsConnTask_7: Aug 12 10:58:24.013: 00:24:d6:97:b3:be 0.0.0.0 START (0) Changing IPv6 ACL 'none' (ACL ID 255) ===> 'none' (ACL ID 255) --- (caller apf_policy.c:2240)
*apfMsConnTask_7: Aug 12 10:58:24.013: 00:24:d6:97:b3:be apfApplyWlanPolicy: Retaining the ACL recieved in AAA attributes 255 on mobile
*apfMsConnTask_7: Aug 12 10:58:24.013: 00:24:d6:97:b3:be apfApplyWlanPolicy: Apply WLAN Policy over PMIPv6 Client Mobility Type
*apfMsConnTask_7: Aug 12 10:58:24.013: 00:24:d6:97:b3:be In processSsidIE:4850 setting Central switched to FALSE
*apfMsConnTask_7: Aug 12 10:58:24.013: 00:24:d6:97:b3:be Applying site-specific Local Bridging override for station 00:24:d6:97:b3:be - vapId 2, site 'default-group', interface 'management'
*apfMsConnTask_7: Aug 12 10:58:24.013: 00:24:d6:97:b3:be Applying Local Bridging Interface Policy for station 00:24:d6:97:b3:be - vlan 220, interface id 0, interface 'management'
*apfMsConnTask_7: Aug 12 10:58:24.013: 00:24:d6:97:b3:be processSsidIE statusCode is 0 and status is 0
*apfMsConnTask_7: Aug 12 10:58:24.013: 00:24:d6:97:b3:be processSsidIE ssid_done_flag is 0 finish_flag is 0
*apfMsConnTask_7: Aug 12 10:58:24.013: 00:24:d6:97:b3:be STA - rates (8): 140 18 152 36 176 72 96 108 0 0 0 0 0 0 0 0
*apfMsConnTask_7: Aug 12 10:58:24.013: 00:24:d6:97:b3:be suppRates statusCode is 0 and gotSuppRatesElement is 1
*apfMsConnTask_7: Aug 12 10:58:24.013: 00:24:d6:97:b3:be Processing RSN IE type 48, length 22 for mobile 00:24:d6:97:b3:be
*apfMsConnTask_7: Aug 12 10:58:24.013: 00:24:d6:97:b3:be Received RSN IE with 0 PMKIDs from mobile 00:24:d6:97:b3:be
*apfMsConnTask_7: Aug 12 10:58:24.013: 00:24:d6:97:b3:be Setting active key cache index 8 ---> 8
*apfMsConnTask_7: Aug 12 10:58:24.013: 00:24:d6:97:b3:be unsetting PmkIdValidatedByAp
*apfMsConnTask_7: Aug 12 10:58:24.013: 00:24:d6:97:b3:be Updating AID for REAP AP Client 18:33:9d:f0:21:80 - AID ===> 1
*apfMsConnTask_7: Aug 12 10:58:24.013: 00:24:d6:97:b3:be 0.0.0.0 START (0) Initializing policy
*apfMsConnTask_7: Aug 12 10:58:24.013: 00:24:d6:97:b3:be 0.0.0.0 START (0) Change state to AUTHCHECK (2) last state START (0)
*apfMsConnTask_7: Aug 12 10:58:24.013: 00:24:d6:97:b3:be 0.0.0.0 AUTHCHECK (2) Change state to 8021X_REQD (3) last state AUTHCHECK (2)
*apfMsConnTask_7: Aug 12 10:58:24.013: 00:24:d6:97:b3:be Central switch is FALSE
*apfMsConnTask_7: Aug 12 10:58:24.013: 00:24:d6:97:b3:be 0.0.0.0 8021X_REQD (3) DHCP required on AP 18:33:9d:f0:21:80 vapId 2 apVapId 2for this client
*apfMsConnTask_7: Aug 12 10:58:24.013: 00:24:d6:97:b3:be Not Using WMM Compliance code qosCap 00
*apfMsConnTask_7: Aug 12 10:58:24.013: 00:24:d6:97:b3:be 0.0.0.0 8021X_REQD (3) Plumbed mobile LWAPP rule on AP 18:33:9d:f0:21:80 vapId 2 apVapId 2 flex-acl-name:
*apfMsConnTask_7: Aug 12 10:58:24.013: 00:24:d6:97:b3:be apfMsAssoStateInc
*apfMsConnTask_7: Aug 12 10:58:24.013: 00:24:d6:97:b3:be apfPemAddUser2 (apf_policy.c:333) Changing state for mobile 00:24:d6:97:b3:be on AP 18:33:9d:f0:21:80 from Idle to Associated
*apfMsConnTask_7: Aug 12 10:58:24.013: 00:24:d6:97:b3:be apfPemAddUser2:session timeout forstation 00:24:d6:97:b3:be - Session Tout 0, apfMsTimeOut '0' and sessionTimerRunning flag is 0
*apfMsConnTask_7: Aug 12 10:58:24.013: 00:24:d6:97:b3:be Stopping deletion of Mobile Station: (callerId: 48)
*apfMsConnTask_7: Aug 12 10:58:24.013: 00:24:d6:97:b3:be Func: apfPemAddUser2, Ms Timeout = 0, Session Timeout = 0
*apfMsConnTask_7: Aug 12 10:58:24.013: 00:24:d6:97:b3:be Sending Assoc Response to station on BSSID 18:33:9d:f0:21:8e (status 0) ApVapId 2 Slot 1
*apfMsConnTask_7: Aug 12 10:58:24.013: 00:24:d6:97:b3:be apfProcessAssocReq (apf_80211.c:8294) Changing state for mobile 00:24:d6:97:b3:be on AP 18:33:9d:f0:21:80 from Associated to Associated
*spamApTask6: Aug 12 10:58:24.016: 00:24:d6:97:b3:be Sent 1x initiate message to multi thread task for mobile 00:24:d6:97:b3:be
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.016: 00:24:d6:97:b3:be EAP-PARAM Debug - eap-params for Wlan-Id :2 is disabled - applying Global eap timers and retries
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.016: 00:24:d6:97:b3:be Station 00:24:d6:97:b3:be setting dot1x reauth timeout = 1800
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.016: 00:24:d6:97:b3:be dot1x - moving mobile 00:24:d6:97:b3:be into Connecting state
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.016: 00:24:d6:97:b3:be Sending EAP-Request/Identity to mobile 00:24:d6:97:b3:be (EAP Id 1)
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.016: 00:24:d6:97:b3:be mscb->apfMsLwappLradNhMac = 00:00:0c:07:ac:dc mscb->apfMsLradSlotId = 1 mscb->apfMsLradJumbo = 0 mscb->apfMsintIfNum = 1
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.016: 00:24:d6:97:b3:be mscb->apfMsBssid = 18:33:9d:f0:21:80 mscb->apfMsAddress = 00:24:d6:97:b3:be mscb->apfMsApVapId = 2
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.016: 00:24:d6:97:b3:be dot1xcb->snapOrg = 00 00 00 dot1xcb->eapolWepBit = 0 mscb->apfMsLwappLradVlanId = 220 mscb->apfMsLwappMwarInet.ipv4.addr = 176217288
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.016: 00:24:d6:97:b3:be mscb->apfMsLwappMwarPort = 5246 mscb->apfMsLwappLradInet.ipv4.addr = 176325157 mscb->apfMsLwappLradPort = 9385
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.083: 00:24:d6:97:b3:be Received EAPOL EAPPKT from mobile 00:24:d6:97:b3:be
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.083: 00:24:d6:97:b3:be Received Identity Response (count=1) from mobile 00:24:d6:97:b3:be
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.083: 00:24:d6:97:b3:be Resetting reauth count 1 to 0 for mobile 00:24:d6:97:b3:be
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.083: 00:24:d6:97:b3:be EAP State update from Connecting to Authenticating for mobile 00:24:d6:97:b3:be
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.083: 00:24:d6:97:b3:be dot1x - moving mobile 00:24:d6:97:b3:be into Authenticating state
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.083: 00:24:d6:97:b3:be Entering Backend Auth Response state for mobile 00:24:d6:97:b3:be
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.086: 00:24:d6:97:b3:be Processing Access-Challenge for mobile 00:24:d6:97:b3:be
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.086: 00:24:d6:97:b3:be Entering Backend Auth Req state (id=214) for mobile 00:24:d6:97:b3:be
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.086: 00:24:d6:97:b3:be WARNING: updated EAP-Identifier 1 ===> 214 for STA 00:24:d6:97:b3:be
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.086: 00:24:d6:97:b3:be Sending EAP Request from AAA to mobile 00:24:d6:97:b3:be (EAP Id 214)
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.086: 00:24:d6:97:b3:be Allocating EAP Pkt for retransmission to mobile 00:24:d6:97:b3:be
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.086: 00:24:d6:97:b3:be mscb->apfMsLwappLradNhMac = 00:00:0c:07:ac:dc mscb->apfMsLradSlotId = 1 mscb->apfMsLradJumbo = 0 mscb->apfMsintIfNum = 1
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.086: 00:24:d6:97:b3:be mscb->apfMsBssid = 18:33:9d:f0:21:80 mscb->apfMsAddress = 00:24:d6:97:b3:be mscb->apfMsApVapId = 2
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.086: 00:24:d6:97:b3:be dot1xcb->snapOrg = 00 00 00 dot1xcb->eapolWepBit = 0 mscb->apfMsLwappLradVlanId = 220 mscb->apfMsLwappMwarInet.ipv4.addr = 176217288
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.086: 00:24:d6:97:b3:be mscb->apfMsLwappMwarPort = 5246 mscb->apfMsLwappLradInet.ipv4.addr = 176325157 mscb->apfMsLwappLradPort = 9385
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.090: 00:24:d6:97:b3:be Received EAPOL EAPPKT from mobile 00:24:d6:97:b3:be
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.090: 00:24:d6:97:b3:be Received EAP Response from mobile 00:24:d6:97:b3:be (EAP Id 214, EAP Type 13)
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.090: 00:24:d6:97:b3:be Resetting reauth count 0 to 0 for mobile 00:24:d6:97:b3:be
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.090: 00:24:d6:97:b3:be Entering Backend Auth Response state for mobile 00:24:d6:97:b3:be
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.091: 00:24:d6:97:b3:be Processing Access-Challenge for mobile 00:24:d6:97:b3:be
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.091: 00:24:d6:97:b3:be Entering Backend Auth Req state (id=215) for mobile 00:24:d6:97:b3:be
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.091: 00:24:d6:97:b3:be Sending EAP Request from AAA to mobile 00:24:d6:97:b3:be (EAP Id 215)
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.091: 00:24:d6:97:b3:be Reusing allocated memory for EAP Pkt for retransmission to mobile 00:24:d6:97:b3:be
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.091: 00:24:d6:97:b3:be mscb->apfMsLwappLradNhMac = 00:00:0c:07:ac:dc mscb->apfMsLradSlotId = 1 mscb->apfMsLradJumbo = 0 mscb->apfMsintIfNum = 1
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.091: 00:24:d6:97:b3:be mscb->apfMsBssid = 18:33:9d:f0:21:80 mscb->apfMsAddress = 00:24:d6:97:b3:be mscb->apfMsApVapId = 2
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.091: 00:24:d6:97:b3:be dot1xcb->snapOrg = 00 00 00 dot1xcb->eapolWepBit = 0 mscb->apfMsLwappLradVlanId = 220 mscb->apfMsLwappMwarInet.ipv4.addr = 176217288
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.091: 00:24:d6:97:b3:be mscb->apfMsLwappMwarPort = 5246 mscb->apfMsLwappLradInet.ipv4.addr = 176325157 mscb->apfMsLwappLradPort = 9385
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.095: 00:24:d6:97:b3:be Received EAPOL EAPPKT from mobile 00:24:d6:97:b3:be
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.095: 00:24:d6:97:b3:be Received EAP Response from mobile 00:24:d6:97:b3:be (EAP Id 215, EAP Type 13)
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.095: 00:24:d6:97:b3:be Resetting reauth count 0 to 0 for mobile 00:24:d6:97:b3:be
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.095: 00:24:d6:97:b3:be Entering Backend Auth Response state for mobile 00:24:d6:97:b3:be
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.096: 00:24:d6:97:b3:be Processing Access-Challenge for mobile 00:24:d6:97:b3:be
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.096: 00:24:d6:97:b3:be Entering Backend Auth Req state (id=216) for mobile 00:24:d6:97:b3:be
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.096: 00:24:d6:97:b3:be Sending EAP Request from AAA to mobile 00:24:d6:97:b3:be (EAP Id 216)
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.096: 00:24:d6:97:b3:be Reusing allocated memory for EAP Pkt for retransmission to mobile 00:24:d6:97:b3:be
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.096: 00:24:d6:97:b3:be mscb->apfMsLwappLradNhMac = 00:00:0c:07:ac:dc mscb->apfMsLradSlotId = 1 mscb->apfMsLradJumbo = 0 mscb->apfMsintIfNum = 1
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.096: 00:24:d6:97:b3:be mscb->apfMsBssid = 18:33:9d:f0:21:80 mscb->apfMsAddress = 00:24:d6:97:b3:be mscb->apfMsApVapId = 2
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.096: 00:24:d6:97:b3:be dot1xcb->snapOrg = 00 00 00 dot1xcb->eapolWepBit = 0 mscb->apfMsLwappLradVlanId = 220 mscb->apfMsLwappMwarInet.ipv4.addr = 176217288
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.096: 00:24:d6:97:b3:be mscb->apfMsLwappMwarPort = 5246 mscb->apfMsLwappLradInet.ipv4.addr = 176325157 mscb->apfMsLwappLradPort = 9385
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.100: 00:24:d6:97:b3:be Received EAPOL EAPPKT from mobile 00:24:d6:97:b3:be
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.100: 00:24:d6:97:b3:be Received EAP Response from mobile 00:24:d6:97:b3:be (EAP Id 216, EAP Type 13)
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.100: 00:24:d6:97:b3:be Resetting reauth count 0 to 0 for mobile 00:24:d6:97:b3:be
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.100: 00:24:d6:97:b3:be Entering Backend Auth Response state for mobile 00:24:d6:97:b3:be
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.101: 00:24:d6:97:b3:be Processing Access-Challenge for mobile 00:24:d6:97:b3:be
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.101: 00:24:d6:97:b3:be Entering Backend Auth Req state (id=217) for mobile 00:24:d6:97:b3:be
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.101: 00:24:d6:97:b3:be Sending EAP Request from AAA to mobile 00:24:d6:97:b3:be (EAP Id 217)
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.101: 00:24:d6:97:b3:be Reusing allocated memory for EAP Pkt for retransmission to mobile 00:24:d6:97:b3:be
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.101: 00:24:d6:97:b3:be mscb->apfMsLwappLradNhMac = 00:00:0c:07:ac:dc mscb->apfMsLradSlotId = 1 mscb->apfMsLradJumbo = 0 mscb->apfMsintIfNum = 1
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.101: 00:24:d6:97:b3:be mscb->apfMsBssid = 18:33:9d:f0:21:80 mscb->apfMsAddress = 00:24:d6:97:b3:be mscb->apfMsApVapId = 2
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.101: 00:24:d6:97:b3:be dot1xcb->snapOrg = 00 00 00 dot1xcb->eapolWepBit = 0 mscb->apfMsLwappLradVlanId = 220 mscb->apfMsLwappMwarInet.ipv4.addr = 176217288
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.101: 00:24:d6:97:b3:be mscb->apfMsLwappMwarPort = 5246 mscb->apfMsLwappLradInet.ipv4.addr = 176325157 mscb->apfMsLwappLradPort = 9385
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.105: 00:24:d6:97:b3:be Received EAPOL EAPPKT from mobile 00:24:d6:97:b3:be
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.105: 00:24:d6:97:b3:be Received EAP Response from mobile 00:24:d6:97:b3:be (EAP Id 217, EAP Type 13)
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.105: 00:24:d6:97:b3:be Resetting reauth count 0 to 0 for mobile 00:24:d6:97:b3:be
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.105: 00:24:d6:97:b3:be Entering Backend Auth Response state for mobile 00:24:d6:97:b3:be
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.106: 00:24:d6:97:b3:be Processing Access-Challenge for mobile 00:24:d6:97:b3:be
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.106: 00:24:d6:97:b3:be Entering Backend Auth Req state (id=218) for mobile 00:24:d6:97:b3:be
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.106: 00:24:d6:97:b3:be Sending EAP Request from AAA to mobile 00:24:d6:97:b3:be (EAP Id 218)
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.106: 00:24:d6:97:b3:be Reusing allocated memory for EAP Pkt for retransmission to mobile 00:24:d6:97:b3:be
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.106: 00:24:d6:97:b3:be mscb->apfMsLwappLradNhMac = 00:00:0c:07:ac:dc mscb->apfMsLradSlotId = 1 mscb->apfMsLradJumbo = 0 mscb->apfMsintIfNum = 1
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.106: 00:24:d6:97:b3:be mscb->apfMsBssid = 18:33:9d:f0:21:80 mscb->apfMsAddress = 00:24:d6:97:b3:be mscb->apfMsApVapId = 2
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.106: 00:24:d6:97:b3:be dot1xcb->snapOrg = 00 00 00 dot1xcb->eapolWepBit = 0 mscb->apfMsLwappLradVlanId = 220 mscb->apfMsLwappMwarInet.ipv4.addr = 176217288
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.106: 00:24:d6:97:b3:be mscb->apfMsLwappMwarPort = 5246 mscb->apfMsLwappLradInet.ipv4.addr = 176325157 mscb->apfMsLwappLradPort = 9385
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.110: 00:24:d6:97:b3:be Received EAPOL EAPPKT from mobile 00:24:d6:97:b3:be
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.110: 00:24:d6:97:b3:be Received EAP Response from mobile 00:24:d6:97:b3:be (EAP Id 218, EAP Type 13)
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.110: 00:24:d6:97:b3:be Resetting reauth count 0 to 0 for mobile 00:24:d6:97:b3:be
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.110: 00:24:d6:97:b3:be Entering Backend Auth Response state for mobile 00:24:d6:97:b3:be
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.111: 00:24:d6:97:b3:be Processing Access-Challenge for mobile 00:24:d6:97:b3:be
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.111: 00:24:d6:97:b3:be Entering Backend Auth Req state (id=219) for mobile 00:24:d6:97:b3:be
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.111: 00:24:d6:97:b3:be Sending EAP Request from AAA to mobile 00:24:d6:97:b3:be (EAP Id 219)
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.111: 00:24:d6:97:b3:be Reusing allocated memory for EAP Pkt for retransmission to mobile 00:24:d6:97:b3:be
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.111: 00:24:d6:97:b3:be mscb->apfMsLwappLradNhMac = 00:00:0c:07:ac:dc mscb->apfMsLradSlotId = 1 mscb->apfMsLradJumbo = 0 mscb->apfMsintIfNum = 1
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.111: 00:24:d6:97:b3:be mscb->apfMsBssid = 18:33:9d:f0:21:80 mscb->apfMsAddress = 00:24:d6:97:b3:be mscb->apfMsApVapId = 2
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.111: 00:24:d6:97:b3:be dot1xcb->snapOrg = 00 00 00 dot1xcb->eapolWepBit = 0 mscb->apfMsLwappLradVlanId = 220 mscb->apfMsLwappMwarInet.ipv4.addr = 176217288
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.111: 00:24:d6:97:b3:be mscb->apfMsLwappMwarPort = 5246 mscb->apfMsLwappLradInet.ipv4.addr = 176325157 mscb->apfMsLwappLradPort = 9385
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.115: 00:24:d6:97:b3:be Received EAPOL EAPPKT from mobile 00:24:d6:97:b3:be
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.115: 00:24:d6:97:b3:be Received EAP Response from mobile 00:24:d6:97:b3:be (EAP Id 219, EAP Type 13)
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.115: 00:24:d6:97:b3:be Resetting reauth count 0 to 0 for mobile 00:24:d6:97:b3:be
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.115: 00:24:d6:97:b3:be Entering Backend Auth Response state for mobile 00:24:d6:97:b3:be
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.116: 00:24:d6:97:b3:be Processing Access-Challenge for mobile 00:24:d6:97:b3:be
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.116: 00:24:d6:97:b3:be Entering Backend Auth Req state (id=220) for mobile 00:24:d6:97:b3:be
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.116: 00:24:d6:97:b3:be Sending EAP Request from AAA to mobile 00:24:d6:97:b3:be (EAP Id 220)
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.116: 00:24:d6:97:b3:be Reusing allocated memory for EAP Pkt for retransmission to mobile 00:24:d6:97:b3:be
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.116: 00:24:d6:97:b3:be mscb->apfMsLwappLradNhMac = 00:00:0c:07:ac:dc mscb->apfMsLradSlotId = 1 mscb->apfMsLradJumbo = 0 mscb->apfMsintIfNum = 1
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.116: 00:24:d6:97:b3:be mscb->apfMsBssid = 18:33:9d:f0:21:80 mscb->apfMsAddress = 00:24:d6:97:b3:be mscb->apfMsApVapId = 2
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.116: 00:24:d6:97:b3:be dot1xcb->snapOrg = 00 00 00 dot1xcb->eapolWepBit = 0 mscb->apfMsLwappLradVlanId = 220 mscb->apfMsLwappMwarInet.ipv4.addr = 176217288
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.116: 00:24:d6:97:b3:be mscb->apfMsLwappMwarPort = 5246 mscb->apfMsLwappLradInet.ipv4.addr = 176325157 mscb->apfMsLwappLradPort = 9385
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.352: 00:24:d6:97:b3:be Received EAPOL EAPPKT from mobile 00:24:d6:97:b3:be
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.352: 00:24:d6:97:b3:be Received EAP Response from mobile 00:24:d6:97:b3:be (EAP Id 220, EAP Type 13)
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.352: 00:24:d6:97:b3:be Resetting reauth count 0 to 0 for mobile 00:24:d6:97:b3:be
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.352: 00:24:d6:97:b3:be Entering Backend Auth Response state for mobile 00:24:d6:97:b3:be
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.354: 00:24:d6:97:b3:be Processing Access-Challenge for mobile 00:24:d6:97:b3:be
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.354: 00:24:d6:97:b3:be Entering Backend Auth Req state (id=221) for mobile 00:24:d6:97:b3:be
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.354: 00:24:d6:97:b3:be Sending EAP Request from AAA to mobile 00:24:d6:97:b3:be (EAP Id 221)
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.354: 00:24:d6:97:b3:be Reusing allocated memory for EAP Pkt for retransmission to mobile 00:24:d6:97:b3:be
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.354: 00:24:d6:97:b3:be mscb->apfMsLwappLradNhMac = 00:00:0c:07:ac:dc mscb->apfMsLradSlotId = 1 mscb->apfMsLradJumbo = 0 mscb->apfMsintIfNum = 1
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.354: 00:24:d6:97:b3:be mscb->apfMsBssid = 18:33:9d:f0:21:80 mscb->apfMsAddress = 00:24:d6:97:b3:be mscb->apfMsApVapId = 2
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.354: 00:24:d6:97:b3:be dot1xcb->snapOrg = 00 00 00 dot1xcb->eapolWepBit = 0 mscb->apfMsLwappLradVlanId = 220 mscb->apfMsLwappMwarInet.ipv4.addr = 176217288
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.354: 00:24:d6:97:b3:be mscb->apfMsLwappMwarPort = 5246 mscb->apfMsLwappLradInet.ipv4.addr = 176325157 mscb->apfMsLwappLradPort = 9385
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.359: 00:24:d6:97:b3:be Received EAPOL EAPPKT from mobile 00:24:d6:97:b3:be
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.359: 00:24:d6:97:b3:be Received EAP Response from mobile 00:24:d6:97:b3:be (EAP Id 221, EAP Type 13)
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.359: 00:24:d6:97:b3:be Resetting reauth count 0 to 0 for mobile 00:24:d6:97:b3:be
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.359: 00:24:d6:97:b3:be Entering Backend Auth Response state for mobile 00:24:d6:97:b3:be
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.360: 00:24:d6:97:b3:be Processing Access-Challenge for mobile 00:24:d6:97:b3:be
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.360: 00:24:d6:97:b3:be Entering Backend Auth Req state (id=222) for mobile 00:24:d6:97:b3:be
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.360: 00:24:d6:97:b3:be Sending EAP Request from AAA to mobile 00:24:d6:97:b3:be (EAP Id 222)
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.360: 00:24:d6:97:b3:be Reusing allocated memory for EAP Pkt for retransmission to mobile 00:24:d6:97:b3:be
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.360: 00:24:d6:97:b3:be mscb->apfMsLwappLradNhMac = 00:00:0c:07:ac:dc mscb->apfMsLradSlotId = 1 mscb->apfMsLradJumbo = 0 mscb->apfMsintIfNum = 1
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.360: 00:24:d6:97:b3:be mscb->apfMsBssid = 18:33:9d:f0:21:80 mscb->apfMsAddress = 00:24:d6:97:b3:be mscb->apfMsApVapId = 2
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.360: 00:24:d6:97:b3:be dot1xcb->snapOrg = 00 00 00 dot1xcb->eapolWepBit = 0 mscb->apfMsLwappLradVlanId = 220 mscb->apfMsLwappMwarInet.ipv4.addr = 176217288
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.360: 00:24:d6:97:b3:be mscb->apfMsLwappMwarPort = 5246 mscb->apfMsLwappLradInet.ipv4.addr = 176325157 mscb->apfMsLwappLradPort = 9385
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.365: 00:24:d6:97:b3:be Received EAPOL EAPPKT from mobile 00:24:d6:97:b3:be
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.365: 00:24:d6:97:b3:be Received EAP Response from mobile 00:24:d6:97:b3:be (EAP Id 222, EAP Type 13)
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.365: 00:24:d6:97:b3:be Resetting reauth count 0 to 0 for mobile 00:24:d6:97:b3:be
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.365: 00:24:d6:97:b3:be Entering Backend Auth Response state for mobile 00:24:d6:97:b3:be
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.366: 00:24:d6:97:b3:be Processing Access-Challenge for mobile 00:24:d6:97:b3:be
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.366: 00:24:d6:97:b3:be Entering Backend Auth Req state (id=223) for mobile 00:24:d6:97:b3:be
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.366: 00:24:d6:97:b3:be Sending EAP Request from AAA to mobile 00:24:d6:97:b3:be (EAP Id 223)
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.366: 00:24:d6:97:b3:be Reusing allocated memory for EAP Pkt for retransmission to mobile 00:24:d6:97:b3:be
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.366: 00:24:d6:97:b3:be mscb->apfMsLwappLradNhMac = 00:00:0c:07:ac:dc mscb->apfMsLradSlotId = 1 mscb->apfMsLradJumbo = 0 mscb->apfMsintIfNum = 1
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.366: 00:24:d6:97:b3:be mscb->apfMsBssid = 18:33:9d:f0:21:80 mscb->apfMsAddress = 00:24:d6:97:b3:be mscb->apfMsApVapId = 2
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.366: 00:24:d6:97:b3:be dot1xcb->snapOrg = 00 00 00 dot1xcb->eapolWepBit = 0 mscb->apfMsLwappLradVlanId = 220 mscb->apfMsLwappMwarInet.ipv4.addr = 176217288
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.366: 00:24:d6:97:b3:be mscb->apfMsLwappMwarPort = 5246 mscb->apfMsLwappLradInet.ipv4.addr = 176325157 mscb->apfMsLwappLradPort = 9385
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.371: 00:24:d6:97:b3:be Received EAPOL EAPPKT from mobile 00:24:d6:97:b3:be
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.371: 00:24:d6:97:b3:be Received EAP Response from mobile 00:24:d6:97:b3:be (EAP Id 223, EAP Type 13)
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.371: 00:24:d6:97:b3:be Resetting reauth count 0 to 0 for mobile 00:24:d6:97:b3:be
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.371: 00:24:d6:97:b3:be Entering Backend Auth Response state for mobile 00:24:d6:97:b3:be
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.372: 00:24:d6:97:b3:be Processing Access-Challenge for mobile 00:24:d6:97:b3:be
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.372: 00:24:d6:97:b3:be Entering Backend Auth Req state (id=224) for mobile 00:24:d6:97:b3:be
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.372: 00:24:d6:97:b3:be Sending EAP Request from AAA to mobile 00:24:d6:97:b3:be (EAP Id 224)
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.372: 00:24:d6:97:b3:be Reusing allocated memory for EAP Pkt for retransmission to mobile 00:24:d6:97:b3:be
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.372: 00:24:d6:97:b3:be mscb->apfMsLwappLradNhMac = 00:00:0c:07:ac:dc mscb->apfMsLradSlotId = 1 mscb->apfMsLradJumbo = 0 mscb->apfMsintIfNum = 1
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.372: 00:24:d6:97:b3:be mscb->apfMsBssid = 18:33:9d:f0:21:80 mscb->apfMsAddress = 00:24:d6:97:b3:be mscb->apfMsApVapId = 2
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.372: 00:24:d6:97:b3:be dot1xcb->snapOrg = 00 00 00 dot1xcb->eapolWepBit = 0 mscb->apfMsLwappLradVlanId = 220 mscb->apfMsLwappMwarInet.ipv4.addr = 176217288
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.372: 00:24:d6:97:b3:be mscb->apfMsLwappMwarPort = 5246 mscb->apfMsLwappLradInet.ipv4.addr = 176325157 mscb->apfMsLwappLradPort = 9385
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.375: 00:24:d6:97:b3:be Received EAPOL EAPPKT from mobile 00:24:d6:97:b3:be
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.375: 00:24:d6:97:b3:be Received EAP Response from mobile 00:24:d6:97:b3:be (EAP Id 224, EAP Type 13)
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.375: 00:24:d6:97:b3:be Resetting reauth count 0 to 0 for mobile 00:24:d6:97:b3:be
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.375: 00:24:d6:97:b3:be Entering Backend Auth Response state for mobile 00:24:d6:97:b3:be
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.389: 00:24:d6:97:b3:be Processing Access-Challenge for mobile 00:24:d6:97:b3:be
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.389: 00:24:d6:97:b3:be Entering Backend Auth Req state (id=225) for mobile 00:24:d6:97:b3:be
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.389: 00:24:d6:97:b3:be Sending EAP Request from AAA to mobile 00:24:d6:97:b3:be (EAP Id 225)
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.389: 00:24:d6:97:b3:be Reusing allocated memory for EAP Pkt for retransmission to mobile 00:24:d6:97:b3:be
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.389: 00:24:d6:97:b3:be mscb->apfMsLwappLradNhMac = 00:00:0c:07:ac:dc mscb->apfMsLradSlotId = 1 mscb->apfMsLradJumbo = 0 mscb->apfMsintIfNum = 1
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.389: 00:24:d6:97:b3:be mscb->apfMsBssid = 18:33:9d:f0:21:80 mscb->apfMsAddress = 00:24:d6:97:b3:be mscb->apfMsApVapId = 2
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.389: 00:24:d6:97:b3:be dot1xcb->snapOrg = 00 00 00 dot1xcb->eapolWepBit = 0 mscb->apfMsLwappLradVlanId = 220 mscb->apfMsLwappMwarInet.ipv4.addr = 176217288
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.389: 00:24:d6:97:b3:be mscb->apfMsLwappMwarPort = 5246 mscb->apfMsLwappLradInet.ipv4.addr = 176325157 mscb->apfMsLwappLradPort = 9385
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.391: 00:24:d6:97:b3:be Received EAPOL EAPPKT from mobile 00:24:d6:97:b3:be
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.391: 00:24:d6:97:b3:be Received EAP Response from mobile 00:24:d6:97:b3:be (EAP Id 225, EAP Type 13)
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.391: 00:24:d6:97:b3:be Resetting reauth count 0 to 0 for mobile 00:24:d6:97:b3:be
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.391: 00:24:d6:97:b3:be Entering Backend Auth Response state for mobile 00:24:d6:97:b3:be
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.410: 00:24:d6:97:b3:be Processing Access-Accept for mobile 00:24:d6:97:b3:be
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.410: 00:24:d6:97:b3:be Resetting web IPv4 acl from 255 to 255
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.410: 00:24:d6:97:b3:be Resetting web IPv4 Flex acl from 65535 to 65535
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.410: 00:24:d6:97:b3:be Username entry ([email protected]) created for mobile, length = 253
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.410: 00:24:d6:97:b3:be Username entry ([email protected]) created in mscb for mobile, length = 253
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.410: 00:24:d6:97:b3:be override for default ap group, marking intgrp NULL
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.410: 00:24:d6:97:b3:be Applying Interface policy on Mobile, role Unassociated. Ms NAC State 2 Quarantine Vlan 0 Access Vlan 220
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.410: 00:24:d6:97:b3:be Re-applying interface policy for client
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.410: 00:24:d6:97:b3:be 0.0.0.0 8021X_REQD (3) Changing IPv4 ACL 'none' (ACL ID 255) ===> 'none' (ACL ID 255) --- (caller apf_policy.c:2219)
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.410: 00:24:d6:97:b3:be 0.0.0.0 8021X_REQD (3) Changing IPv6 ACL 'none' (ACL ID 255) ===> 'none' (ACL ID 255) --- (caller apf_policy.c:2240)
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.410: 00:24:d6:97:b3:be apfApplyWlanPolicy: Retaining the ACL recieved in AAA attributes 1 on mobile
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.410: 00:24:d6:97:b3:be apfApplyWlanPolicy: Apply WLAN Policy over PMIPv6 Client Mobility Type
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.410: 00:24:d6:97:b3:be Inserting AAA Override struct for mobile
MAC: 00:24:d6:97:b3:be, source 4
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.410: 00:24:d6:97:b3:be Setting re-auth timeout to 1800 seconds, got from WLAN config.
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.410: 00:24:d6:97:b3:be Station 00:24:d6:97:b3:be setting dot1x reauth timeout = 1800
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.410: 00:24:d6:97:b3:be Creating a PKC PMKID Cache entry for station 00:24:d6:97:b3:be (RSN 2)
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.410: 00:24:d6:97:b3:be Resetting MSCB PMK Cache Entry 0 for station 00:24:d6:97:b3:be
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.410: 00:24:d6:97:b3:be Setting active key cache index 8 ---> 8
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.410: 00:24:d6:97:b3:be Setting active key cache index 8 ---> 0
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.410: 00:24:d6:97:b3:be Adding BSSID 18:33:9d:f0:21:8e to PMKID cache at index 0 for station 00:24:d6:97:b3:be
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.410: New PMKID: (16)
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.410: [0000] 6f d1 ce 84 08 74 41 a5 06 6b 89 02 c9 e9 f8 c8
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.410: 00:24:d6:97:b3:be Disabling re-auth since PMK lifetime can take care of same.
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.410: 00:24:d6:97:b3:be unsetting PmkIdValidatedByAp
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.410: 00:24:d6:97:b3:be Client in Posture Reqd state. PMK cache not updated.
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.410: 00:24:d6:97:b3:be Sending EAP-Success to mobile 00:24:d6:97:b3:be (EAP Id 225)
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.410: 00:24:d6:97:b3:be mscb->apfMsLwappLradNhMac = 00:00:0c:07:ac:dc mscb->apfMsLradSlotId = 1 mscb->apfMsLradJumbo = 0 mscb->apfMsintIfNum = 1
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.410: 00:24:d6:97:b3:be mscb->apfMsBssid = 18:33:9d:f0:21:80 mscb->apfMsAddress = 00:24:d6:97:b3:be mscb->apfMsApVapId = 2
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.410: 00:24:d6:97:b3:be dot1xcb->snapOrg = 00 00 00 dot1xcb->eapolWepBit = 0 mscb->apfMsLwappLradVlanId = 220 mscb->apfMsLwappMwarInet.ipv4.addr = 176217288
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.410: 00:24:d6:97:b3:be mscb->apfMsLwappMwarPort = 5246 mscb->apfMsLwappLradInet.ipv4.addr = 176325157 mscb->apfMsLwappLradPort = 9385
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.410: 00:24:d6:97:b3:be Freeing AAACB from Dot1xCB as AAA auth is done for mobile 00:24:d6:97:b3:be
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.410: 00:24:d6:97:b3:be EAPOL Header:
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.410: 00000000: 02 03 5f 00 .._.
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.410: 00:24:d6:97:b3:be Found an cache entry for BSSID 18:33:9d:f0:21:8e in PMKID cache at index 0 of station 00:24:d6:97:b3:be
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.410: 00:24:d6:97:b3:be Found an cache entry for BSSID 18:33:9d:f0:21:8e in PMKID cache at index 0 of station 00:24:d6:97:b3:be
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.410: Including PMKID in M1 (16)
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.410: [0000] 6f d1 ce 84 08 74 41 a5 06 6b 89 02 c9 e9 f8 c8
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.410: 00:24:d6:97:b3:be Starting key exchange to mobile 00:24:d6:97:b3:be, data packets will be dropped
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.410: 00:24:d6:97:b3:be Sending EAPOL-Key Message to mobile 00:24:d6:97:b3:be
state INITPMK (message 1), replay counter 00.00.00.00.00.00.00.00
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.410: 00:24:d6:97:b3:be Sending EAPOL-Key Message to mobile 00:24:d6:97:b3:be
state INITPMK (message 1), replay counter 00.00.00.00.00.00.00.00
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.410: 00:24:d6:97:b3:be Reusing allocated memory for EAP Pkt for retransmission to mobile 00:24:d6:97:b3:be
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.410: 00:24:d6:97:b3:be mscb->apfMsLwappLradNhMac = 00:00:0c:07:ac:dc mscb->apfMsLradSlotId = 1 mscb->apfMsLradJumbo = 0 mscb->apfMsintIfNum = 1
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.410: 00:24:d6:97:b3:be mscb->apfMsBssid = 18:33:9d:f0:21:80 mscb->apfMsAddress = 00:24:d6:97:b3:be mscb->apfMsApVapId = 2
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.410: 00:24:d6:97:b3:be dot1xcb->snapOrg = 00 00 00 dot1xcb->eapolWepBit = 0 mscb->apfMsLwappLradVlanId = 220 mscb->apfMsLwappMwarInet.ipv4.addr = 176217288
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.410: 00:24:d6:97:b3:be mscb->apfMsLwappMwarPort = 5246 mscb->apfMsLwappLradInet.ipv4.addr = 176325157 mscb->apfMsLwappLradPort = 9385
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.410: 00:24:d6:97:b3:be Entering Backend Auth Success state (id=225) for mobile 00:24:d6:97:b3:be
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.410: 00:24:d6:97:b3:be Received Auth Success while in Authenticating state for mobile 00:24:d6:97:b3:be
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.410: 00:24:d6:97:b3:be dot1x - moving mobile 00:24:d6:97:b3:be into Authenticated state
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.414: 00:24:d6:97:b3:be Received EAPOL-Key from mobile 00:24:d6:97:b3:be
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.414: 00:24:d6:97:b3:be Received EAPOL-key in PTK_START state (message 2) from mobile 00:24:d6:97:b3:be
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.414: 00:24:d6:97:b3:be PMK: Sending cache add
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.414: 00:24:d6:97:b3:be Stopping retransmission timer for mobile 00:24:d6:97:b3:be
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.414: 00:24:d6:97:b3:be EAPOL Header:
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.414: 00000000: 02 03 5f 00 .._.
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.414: 00:24:d6:97:b3:be Sending EAPOL-Key Message to mobile 00:24:d6:97:b3:be
state PTKINITNEGOTIATING (message 3), replay counter 00.00.00.00.00.00.00.01
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.414: 00:24:d6:97:b3:be Sending EAPOL-Key Message to mobile 00:24:d6:97:b3:be
state PTKINITNEGOTIATING (message 3), replay counter 00.00.00.00.00.00.00.01
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.414: 00:24:d6:97:b3:be Reusing allocated memory for EAP Pkt for retransmission to mobile 00:24:d6:97:b3:be
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.414: 00:24:d6:97:b3:be mscb->apfMsLwappLradNhMac = 00:00:0c:07:ac:dc mscb->apfMsLradSlotId = 1 mscb->apfMsLradJumbo = 0 mscb->apfMsintIfNum = 1
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.414: 00:24:d6:97:b3:be mscb->apfMsBssid = 18:33:9d:f0:21:80 mscb->apfMsAddress = 00:24:d6:97:b3:be mscb->apfMsApVapId = 2
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.414: 00:24:d6:97:b3:be dot1xcb->snapOrg = 00 00 00 dot1xcb->eapolWepBit = 0 mscb->apfMsLwappLradVlanId = 220 mscb->apfMsLwappMwarInet.ipv4.addr = 176217288
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.414: 00:24:d6:97:b3:be mscb->apfMsLwappMwarPort = 5246 mscb->apfMsLwappLradInet.ipv4.addr = 176325157 mscb->apfMsLwappLradPort = 9385
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.418: 00:24:d6:97:b3:be Received EAPOL-Key from mobile 00:24:d6:97:b3:be
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.418: 00:24:d6:97:b3:be Received EAPOL-key in PTKINITNEGOTIATING state (message 4) from mobile 00:24:d6:97:b3:be
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.418: 00:24:d6:97:b3:be Stopping retransmission timer for mobile 00:24:d6:97:b3:be
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.418: 00:24:d6:97:b3:be Freeing EAP Retransmit Bufer for mobile 00:24:d6:97:b3:be
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.418: 00:24:d6:97:b3:be apfMs1xStateInc
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.418: 00:24:d6:97:b3:be 0.0.0.0 8021X_REQD (3) Change state to L2AUTHCOMPLETE (4) last state 8021X_REQD (3)
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.418: 00:24:d6:97:b3:be Central switch is FALSE
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.418: 00:24:d6:97:b3:be Sending the Central Auth Info
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.418: 00:24:d6:97:b3:be Central Auth Info Allocated PMKLen = 32
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.418: EapolReplayCounter: 00 00 00 00 00 00 00 01
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.418: EapolReplayCounter: 00 00 00 00 00 00 00 01
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.418: 00:24:d6:97:b3:be PMK: pmkActiveIndex = 0
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.418: 00:24:d6:97:b3:be EapolReplayCounter: 00 00 00 00 00 00 00 01
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.418: 00:24:d6:97:b3:be msAssocTypeFlagsMsb = 0 msAssocTypeFlagsLsb = 2
apfMsEntryType = 0 apfMsEapType = 13
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.418: 00:24:d6:97:b3:be 0.0.0.0 L2AUTHCOMPLETE (4) DHCP required on AP 18:33:9d:f0:21:80 vapId 2 apVapId 2for this client
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.418: 00:24:d6:97:b3:be Not Using WMM Compliance code qosCap 00
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.418: 00:24:d6:97:b3:be 0.0.0.0 L2AUTHCOMPLETE (4) Plumbed mobile LWAPP rule on AP 18:33:9d:f0:21:80 vapId 2 apVapId 2 flex-acl-name:POSTURE_REDIRECT_ACL
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.418: 00:24:d6:97:b3:be 0.0.0.0 L2AUTHCOMPLETE (4) Change state to DHCP_REQD (7) last state L2AUTHCOMPLETE (4)
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.418: 00:24:d6:97:b3:be 0.0.0.0 DHCP_REQD (7) pemAdvanceState2 6166, Adding TMP rule
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.418: 00:24:d6:97:b3:be 0.0.0.0 DHCP_REQD (7) Adding Fast Path rule
type = Airespace AP - Learn IP address
on AP 18:33:9d:f0:21:80, slot 1, interface = 1, QOS = 0
IPv4 ACL ID = 255, IPv
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.418: 00:24:d6:97:b3:be 0.0.0.0 DHCP_REQD (7) Fast Path rule (contd...) 802.1P = 0, DSCP = 0, TokenID = 64206 Local Bridging Vlan = 220, Local Bridging intf id = 0
*Dot1x_NW_MsgTask_6: Aug 12 10:58:24.418: 00:24:d6:97:b3:be 0.0.0.0 DHCP_REQD (7) Successfully plumbed mobile rule (IPv4 ACL ID 255, IPv6 ACL ID 255, L2 ACL ID 255)
*apfReceiveTask: Aug 12 10:58:24.418: 00:24:d6:97:b3:be 0.0.0.0 DHCP_REQD (7) State Update from Mobility-Incomplete to Mobility-Complete, mobility role=Local, client state=APF_MS_STATE_ASSOCIATED
*apfReceiveTask: Aug 12 10:58:24.418: 00:24:d6:97:b3:be 0.0.0.0 DHCP_REQD (7) pemAdvanceState2 5761, Adding TMP rule
*apfReceiveTask: Aug 12 10:58:24.418: 00:24:d6:97:b3:be 0.0.0.0 DHCP_REQD (7) Replacing Fast Path rule
type = Airespace AP - Learn IP address
on AP 18:33:9d:f0:21:80, slot 1, interface = 1, QOS = 0
IPv4 ACL ID = 255,
*apfReceiveTask: Aug 12 10:58:24.418: 00:24:d6:97:b3:be 0.0.0.0 DHCP_REQD (7) Fast Path rule (contd...) 802.1P = 0, DSCP = 0, TokenID = 64206 Local Bridging Vlan = 220, Local Bridging intf id = 0
*apfReceiveTask: Aug 12 10:58:24.418: 00:24:d6:97:b3:be 0.0.0.0 DHCP_REQD (7) Successfully plumbed mobile rule (IPv4 ACL ID 255, IPv6 ACL ID 255, L2 ACL ID 255)
*pemReceiveTask: Aug 12 10:58:24.418: 00:24:d6:97:b3:be 0.0.0.0 Added NPU entry of type 9, dtlFlags 0x0
*pemReceiveTask: Aug 12 10:58:24.418: 00:24:d6:97:b3:be 0.0.0.0 Added NPU entry of type 9, dtlFlags 0x0
*spamApTask6: Aug 12 10:58:24.418: 00:24:d6:97:b3:be spamEncodeCentralAuthInoMsPayload: msAssocTypeFlagsMsb = 0 msAssocTypeFlagsLsb = 2
apfMsEntryType = 0 pmkLen = 32
*DHCP Socket Task: Aug 12 10:58:24.546: 00:24:d6:97:b3:be DHCP received op BOOTREPLY (2) (len 325,vlan 220, port 1, encap 0xec03)
*DHCP Socket Task: Aug 12 10:58:24.546: 00:24:d6:97:b3:be DHCP setting server from ACK (server 10.0.17.85, yiaddr 10.130.130.120)
*DHCP Socket Task: Aug 12 10:58:24.548: 00:24:d6:97:b3:be 10.130.130.120 DHCP_REQD (7) Change state to WEBAUTH_REQD (8) last state DHCP_REQD (7)
*DHCP Socket Task: Aug 12 10:58:24.548: 00:24:d6:97:b3:be 10.130.130.120 WEBAUTH_REQD (8) pemAdvanceState2 6671, Adding TMP rule
*DHCP Socket Task: Aug 12 10:58:24.548: 00:24:d6:97:b3:be 10.130.130.120 WEBAUTH_REQD (8) Replacing Fast Path rule
type = Airespace AP Client - ACL passthru
on AP 18:33:9d:f0:21:80, slot 1, interface = 1, QOS = 0
IPv4 A
*DHCP Socket Task: Aug 12 10:58:24.548: 00:24:d6:97:b3:be 10.130.130.120 WEBAUTH_REQD (8) Fast Path rule (contd...) 802.1P = 0, DSCP = 0, TokenID = 64206 Local Bridging Vlan = 220, Local Bridging intf id = 0
*DHCP Socket Task: Aug 12 10:58:24.548: 00:24:d6:97:b3:be 10.130.130.120 WEBAUTH_REQD (8) Successfully plumbed mobile rule (IPv4 ACL ID 1, IPv6 ACL ID 255, L2 ACL ID 255)
*DHCP Socket Task: Aug 12 10:58:24.548: 00:24:d6:97:b3:be Plumbing web-auth redirect rule due to user logout
*DHCP Socket Task: Aug 12 10:58:24.548: 00:24:d6:97:b3:be Assigning Address 10.130.130.120 to mobile
*DHCP Socket Task: Aug 12 10:58:24.548: 00:24:d6:97:b3:be DHCP success event for client. Clearing dhcp failure count for interface management.
*DHCP Socket Task: Aug 12 10:58:24.548: 00:24:d6:97:b3:be DHCP success event for client. Clearing dhcp failure count for interface management.
*pemReceiveTask: Aug 12 10:58:24.548: 00:24:d6:97:b3:be 10.130.130.120 Added NPU entry of type 2, dtlFlags 0x0
*IPv6_Msg_Task: Aug 12 10:58:25.330: 00:24:d6:97:b3:be Pushing IPv6 Vlan Intf ID 0: fe80:0000:0000:0000:f524:1910:69f0:9482 , and MAC: 00:24:D6:97:B3:BE , Binding to Data Plane. SUCCESS !! dhcpv6bitmap 0
*IPv6_Msg_Task: Aug 12 10:58:25.330: 00:24:d6:97:b3:be Link Local address fe80::f524:1910:69f0:9482 updated to mscb. Not Advancing pem state.Current state: mscb in apfMsMmInitial mobility state and client state APF_MS_STATE_A
*DHCP Socket Task: Aug 12 10:58:28.581: 00:24:d6:97:b3:be DHCP received op BOOTREPLY (2) (len 308,vlan 220, port 1, encap 0xec03)
*DHCP Socket Task: Aug 12 10:58:28.589: 00:24:d6:97:b3:be DHCP received op BOOTREPLY (2) (len 308,vlan 220, port 1, encap 0xec03)
*DHCP Socket Task: Aug 12 11:00:07.959: 00:24:d6:97:b3:be DHCP received op BOOTREPLY (2) (len 308,vlan 220, port 1, encap 0xec03)
*DHCP Socket Task: Aug 12 11:00:07.967: 00:24:d6:97:b3:be DHCP received op BOOTREPLY (2) (len 308,vlan 220, port 1, encap 0xec03)
*DHCP Socket Task: Aug 12 11:01:59.153: 00:24:d6:97:b3:be DHCP received op BOOTREPLY (2) (len 308,vlan 220, port 1, encap 0xec03)
Can you see any obvious reason why the NAC agent wont pop up?
Thanks
Mario -
WLC 5508 HA Problem Soft.ver 7.4.100
Dear Support,
we are using two WLC 5508 software ver.7.4.100 with first 50AP license and in the next day we add 50AP license again to the primary WLC. when we activate HA base in the following guiden http://www.cisco.com/c/en/us/td/docs/wireless/controller/technotes/7-5/High_Availability_DG.html but when we doing test the failover we found a couple log message on the Secondary WLC like below and not for long time all AP on the Secondary WLC was drop off.
1. DP Critical Error
2. *RRM-DCLNT-2_4: May 23 07:43:53.204: #RRM-3-RRM_LOGMSG: rrmTables.c:682 RRM LOG: Could not retrieve RRM Coverage Measurement DataKey BSSID:34:db:fd:dd:3e:20,Key SlotId:0
*RRM-DCLNT-2_4: May 23 07:43:53.164: #RRM-3-RRM_LOGMSG: rrmTables.c:682 RRM LOG: Could not retrieve RRM Coverage Measurement DataKey BSSID:34:db:fd:dd:3e:20,Key SlotId:0
*RRM-DCLNT-2_4: May 23 07:43:52.854: #RRM-3-RRM_LOGMSG: rrmTables.c:682 RRM LOG: Could not retrieve RRM Coverage Measurement DataKey BSSID:2c:36:f8:72:fc:c0,Key SlotId:0
I also send a complete log for both problem above and enclose it with pdf file. need you advice and assistance,
regard, afriansyahI agree go to version 7.4.121.0 I has some strange issues on prior releases. Personally I am running 7.6.120.0 right now but that's mainly due to support for the 3702 access points.
http://www.cisco.com/c/en/us/td/docs/wireless/controller/technotes/7-5/High_Availability_DG.html#pgfId-74573
that's a good guide just to double check yourself just in case. - -
LAG WLC 5508 7.0.235 and Nexus 7K 5.2(3a)
I can't get the WLC to form a LAG, the 5508 has 2 SFPs direct to Nexus 7k. Enabled LAG and rebooted. The 5508s port 2 just stays Link Down in WLC.
hostname n7k-01
int port-channel 31
vpc 31
int eth1/12
description WLC-5508-Port1
switchport
switchport mode trunk
channel-group 31 mode active
no shut
show run int eth1/12
Ethernet1/12 is up
Dedicated Interface
Belongs to Po31
hostname n7k-02
int port-channel 31
vpc 31
int eth1/7
description WLC-5508-Port2
switchport
switchport mode trunk
channel-group 31 mode active
no shut
show run int eth1/7
Ethernet 1/7 is down (Link not connected)
Dedicated Interface
Belongs to Po31Controller cannot establish SXP connection with a Cisco Nexus 7000 Series switch.
Symptom: An SXP connection from the controller to the Cisco Nexus 7000 Series switch reports the On state on the controller side while the switch reports the Waiting for Response state.
Conditions: Establishing SXP connection between the controller and ASA.
Workaround: Add an intermediate device that supports SXPv2 between the controller and the Cisco Nexus 7000 Series switch. -
WLC 5508 - WGBs & HREAP on LAN
So, I really have two questions here. For some background information, I have a wireless network with two WLC 5508 controllers and 220 LWAPs in the same location as the controllers. All APs are currently in local mode. I run a few guest networks as well as some other client networks. One client in particular uses their network to connect mobile machines to their VLAN. The only issue is that the machines do not have wireless adapters. Instead, the manufacturer put inside the chassis, a D-Link WGB, which has an ethernet cable, you then have to plug into the ethernet port. These devices cannot seem to connect to the network. I have found, the WGBs do associate on the network, but the wired client behind it cannot pass traffic onto the VLAN. I have also tried connecting PCs with different SOHO style WGBs from different manufacturers with the same result.
After going through Cisco's documentation, I found that using 1230s in WGB mode can resolve this issue since they use IAPP to communicate the MAC table of the wired side clients they service back to the controller. I have configured a 1230, and used it as the WGB for the client machine instead of the D-Link and it does seem to work, but this would mean configuring a considerable number of 1230s to hand over to the client.
The first question would be, Is there something I am missing that I would need to do in order to allow SOHO style WGBs to forward wired side client traffic onto the network while LWAPs are in local mode? Or would the WGB NEED to support IAPP?
The second question is that, I may have found another solution to this already, but would like some input prior to committing.
This client also uses these same machines with the same WGBs inside the chassis at another location where the client operates the network themselves. They also use the same WLC model with the same version, and same APs. The only difference is that they use H-REAP mode with local switching.
I also tested this idea, and it seemed to work. With the AP in H-REAP mode, and the client's WLAN set to local switching, the machine and WGB connected with no problem.
So the question with this, would be; would there be any disadvantages in running all 220 APs at this location in H-REAP mode? What would I be losing if anything? Also, I would like to keep all other WLANs centrally switched.
I understand what the difference would be for this client's WLAN if I ran in H-REAP mode with local switching, but what would the difference be in the other guest WLANs if I set them to be centrally switched? (Is there any difference between running APs in local mode vs running APs in H-REAP with central switching?)Hey,
I read your quesiton quickly so I might miss some points, but I think you need to do some more configuraiton for your passive clients behind the WGB:
'''snip'''
Passive Clients Behind a WGB
The controller might not be able to see passive clients behind a WGB. Clients (such as cameras and programmable logic devices) do not initiate a traffic stream unless they are connected. Complete these steps in order avoid this issue:
Add a static MAC filter entry for the passive WGB device and MAC filter entry for the devices that are behind it.
Use this command in order to enable MAC filtering on the WLAN along with aaa override:config macfilter ipaddress MAC_address IP_address
Add a static entry on the WGB IOS-based device: bridge 1 addressxxxx.xxxx.xxxx forward FastEthernet0Note: In addition, increase the dot11 activity timer.
Add a static ARP entry on the L3 router:
hostname(config)#arp
arpa
'''snip'''
Reference: http://tiny.cc/cjsxu
Also, know please that WGB is not supported with hybrid REAP (H-REAP).
Even if it worked with you sometimes, it is not supported and cisco did not design it to work with HREAP.
http://bit.ly/yLn9D1
I am only aware about one difference between central switching HREAP and local mode; which is that any limitation applied to HREAP will be applied if it is central switching. just like our situation with WGB with HREAP.
Maybe you are looking for
-
A group by field needs to appear on every page of the report.
Hi. My rtf template has a word header which is the report descriptn that appears on evry page. The report is grouped by business unit and then grouped by job description. The problem is the business unit appears only first time when it gets changed a
-
HELP! I need some help from true Mac fans! What should I buy???
So, I'm moving to Japan, which has a couple of implications (other than the fact that my wife's parents and my parents are looking for any legal recourse to stop us from taking their only grandchild out of the country). More importantly however, I ha
-
What's wrong with the audio in .avi exports?
I've been trying to export a 30-second flash animation to an .avi format, but it seems like regardless of the settings I choose, the audio comes out crackly. It's not even consistent. If I export it again with the exact same settings, it's crackly i
-
BT Voyager 205 & iChat - How to make it all work!
I have just been going through **** to get iChat working with a BT Voyager 205 modem/router. In the end I contacted Apple and an extremely helpful iChat Engineer from Apple contacted me. With his patient advice and tutor-ship we succeeded in making i
-
Hi, I need help in user exit coding i.e. the requirement is like this. Exit is EXIT_SAPLV09A_004. After entering the sold to party in VA01,one pop up comes when we press enter. In that pop up we can see SH,BP,PY.From that if we select SH and that SH