Cisco 3602i controller joining issues...

I have a couple 3600s that dont want to join. One i and one e that are both doing the samething. It is able to find the controller via layer 3 discovery but it is acting like it is a mesh AP when it tries to join the controller.
From the 2500 contoller (running 7.2)
*spamApTask2: May 13 12:03:05.272: f0:f7:55:ae:xx:xx Mesh AP username f0f755aexx
xx.
*spamApTask2: May 13 12:03:10.739: f0:f7:55:ae:xx:xx spamProcessJoinRequest : RA
P, Check MAC filter
From the 3602i
flash:/mesh_start_cfg.txt: No such file or directoryThe filesystem containing th
e variables may not be initialized yet.
I should note that 3500 APs are able to join this controller. The field guy is going to try to add the MAC address to the filter list when he gets back out on site to see if it allows it to join. I am just kind of wondering if anyone else has seen this problem or as any insight on the issue.
Thanks!

There have been other post just like yours. Some APs have the mesh image and it required you to add te Mac address then you can change the ap mode.
Thanks,
Scott Fella
Sent from my iPhone

Similar Messages

AP join issue to controller ( 3650 inbuild controller)

I am facing issue with Ap joining to controller with , Ap light flashing from green,red,green and the model of controller switch in build is 3650 .
below are the error which i am getting on access point during controller joining request.
APf44e.0545.8c4c#
*Dec 29 09:24:33.103: AP has SHA2 MIC certificate - Using SHA2 MIC certificate for DTLS.
*Dec 29 09:24:33.000: %CAPWAP-5-DTLSREQSEND: DTLS connection request sent peer_ip: 10.10.0.2 peer_port: 5246
*Dec 29 09:24:34.255: %CAPWAP-5-DTLSREQSUCC: DTLS connection created sucessfully peer_ip: 10.10.0.2 peer_port: 5246
*Dec 29 09:24:34.255: %CAPWAP-5-SENDJOIN: sending Join Request to 10.10.0.2
*Dec 29 09:24:52.491: %DTLS-5-SEND_ALERT: Send FATAL : Close notify Alert to 10.10.0.2:5246
*Dec 29 09:24:52.579: %LWAPP-4-CLIENTEVENTLOG: Not sending change state post as the radio admin is down, lrad state = 5
*Dec 29 09:24:52.579: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to administratively down
*Dec 29 09:24:52.579: %LINK-5-CHANGED: Interface Dot11Radio1, changed state to administratively down
*Dec 29 09:24:52.583: %LINK-6-UPDOWN: Interface Dot11Radio0, changed state to up
*Dec 29 09:24:52.603: %LINK-6-UPDOWN: Interface Dot11Radio1, changed state to up
*Dec 29 09:24:53.583: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to down
*Dec 29 09:24:53.611: %LINK-6-UPDOWN: Interface Dot11Radio1, changed state to down
*Dec 29 09:24:53.619: %LINK-5-CHANGED: Interface Dot11Radio1, changed state to reset
*Dec 29 09:24:54.603: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to up
*Dec 29 09:24:54.611: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio1, changed state to down
*Dec 29 09:24:54.635: %LINK-6-UPDOWN: Interface Dot11Radio1, changed state to up
*Dec 29 09:24:54.643: %LINK-6-UPDOWN: Interface Dot11Radio0, changed state to down
*Dec 29 09:24:54.651: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to reset
*Dec 29 09:24:55.635: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio1, changed state to up
*Dec 29 09:24:55.643: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to down
*Dec 29 09:24:55.679: %LINK-6-UPDOWN: Interface Dot11Radio0, changed state to up
*Dec 29 09:24:56.679: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to up
Not in Bound state.
*Dec 29 09:26

Hi
What AP model & what IOS-XE versions are you using ? Make sure you have compatible software versions according to the AP model. Table 2 of the link given below (1700/1570 AP supported in IOS-XE 3.7.0E code, given table not upto date with that info)
http://www.cisco.com/c/en/us/td/docs/wireless/compatibility/matrix/compatibility-matrix.html#56735
If you have compatible software then see whether you have follow the guidelines given in the below
http://mrncciew.com/2013/09/29/getting-started-with-3850/
HTH
Rasika
**** Pls rate all useful responses ****

AP - WLC joining issue

We have 3 WLC's(5500) in our network and about 150 AP's. Only 4 AP's register to 1 controller, over 70 to 2nd and about 50 to 3rd. On checking & comparing few of the AP's this is what i concluded.
1. 4 AP's that registered to the first WLC did not have that AP in the primary, secondary or tertiary list. If it was there then it was either secondary or tertiary or the device name entered is not resolvable by DNS but the device name is correct. Management IP was not configured on any of the 4 AP's for any of the WLC's
2. AP's registered to second and third WLC's have similar config. First WLC as Primary, Second as secondary and third Tertiary with correct DNS name in the field but wrong device name. Also all have Management IP's entered as well.
CAPWAP Join Taken Time for 4 AP's varies from 6to10 mins while for other AP its few seconds. DNS for cisco-capwap-controller points to WLC with4 AP's. I donot see any use of option in DNS for WAP's.
How can i make AP's join this WLC.
Should I get the DNS and device name discrepancy corrected?
What is the selection process for AP's to choose WLC, as I see AP's not joining WLC in there building but joining a WLC in other adjacent building? Is there a way for me to influence this decision?

What is the selection process for AP's to choose WLC, as I see AP's not joining WLC in there building but joining a WLC in other adjacent building? Is there a way for me to influence this decision?
Best way to do this is configure AP High Availability of APs with primary,secondary,tertiary WLC name & IP (both fields required). This is taking precedence over any other methods.
http://mrncciew.com/2013/04/07/ap-failover/
If you have AP join issue, try to configure DHCP option 43 & see if that helps
http://www.cisco.com/c/en/us/support/docs/wireless-mobility/wireless-lan-wlan/97066-dhcp-option-43-00.html
If this is one off case, you can try static or broadcast forwarding as a interim solution
http://mrncciew.com/2013/03/17/ap-registration/
http://mrncciew.com/2013/05/04/wlc-discovery-via-broadcast/
HTH
Rasika
*** Pls rate all useful responses ***

Could not resolve CISCO-LWAPP-CONTROLLER

Hi..
I have AP Cisco Aironet 1250. I want upgrade to LWAPP. AP using static IP address. When AP try to joinm error message displayed "DNS Name Lookup: could not resolve CISCO-LWAPP-CONTROLLER".
Loading file /c1250...
extracting info (292 bytes)
Image info:
    Version Suffix: k9w8-.124-10b.JDD
    Image Name: c1250-k9w8-mx.124-10b.JDD
    Version Directory: c1250-k9w8-mx.124-10b.JDD
    Ios Image Size: 4352512
    Total Image Size: 4352512
    Image Feature: WIRELESS LAN|LWAPP
    Image Family: C1250
    Wireless Switch Management Version: 4.2.207.0
Extracting files...
c1250-k9w8-mx.124-10b.JDD/ (directory) 0 (bytes)
extracting c1250-k9w8-mx.124-10b.JDD/c1250-k9w8-mx.124-10b.JDD (3956889 bytes)
%LWAPP-5-!CHANGED: LWAPP changed state to JOIN
%LWAPP-5-CHANGED: LWAPP changed state to IMAGE
Error messages:
*Jun 30 09:46:16.491: %LWAPP-3-CLIENTEVENTLOG: Performing DNS resolution for CISCO-LWAPP-CONTROLLER
*Jun 30 09:46:16.491: %LWAPP-3-CLIENTERRORLOG: DNS Name Lookup: could not resolve CISCO-LWAPP-CONTROLLER
*Jun 30 09:46:16.491: %LWAPP-5-CHANGED: LWAPP changed state to DISCOVERY
*Jun 30 09:46:16.651: %LWAPP-3-CLIENTEVENTLOG: Performing DNS resolution for CISCO-LWAPP-CONTROLLER
*Jun 30 09:46:16.651: %LWAPP-3-CLIENTERRORLOG: DNS Name Lookup: could not resolve CISCO-LWAPP-CONTROLLER
*Jun 30 09:46:16.651: Logging LWAPP message to 255.255.255.255.
Any help?
Thanks.

/* Style Definitions */
table.MsoNormalTable
{mso-style-name:"Table Normal";
mso-tstyle-rowband-size:0;
mso-tstyle-colband-size:0;
mso-style-noshow:yes;
mso-style-priority:99;
mso-style-qformat:yes;
mso-style-parent:"";
mso-padding-alt:0cm 5.4pt 0cm 5.4pt;
mso-para-margin-top:0cm;
mso-para-margin-right:0cm;
mso-para-margin-bottom:10.0pt;
mso-para-margin-left:0cm;
line-height:115%;
mso-pagination:widow-orphan;
font-size:11.0pt;
font-family:"Calibri","sans-serif";
mso-ascii-font-family:Calibri;
mso-ascii-theme-font:minor-latin;
mso-hansi-font-family:Calibri;
mso-hansi-theme-font:minor-latin;
mso-bidi-font-family:"Times New Roman";
mso-bidi-theme-font:minor-bidi;}
/* Style Definitions */
table.MsoNormalTable
{mso-style-name:"Table Normal";
mso-tstyle-rowband-size:0;
mso-tstyle-colband-size:0;
mso-style-noshow:yes;
mso-style-priority:99;
mso-style-qformat:yes;
mso-style-parent:"";
mso-padding-alt:0cm 5.4pt 0cm 5.4pt;
mso-para-margin-top:0cm;
mso-para-margin-right:0cm;
mso-para-margin-bottom:10.0pt;
mso-para-margin-left:0cm;
line-height:115%;
mso-pagination:widow-orphan;
font-size:11.0pt;
font-family:"Calibri","sans-serif";
mso-ascii-font-family:Calibri;
mso-ascii-theme-font:minor-latin;
mso-hansi-font-family:Calibri;
mso-hansi-theme-font:minor-latin;
mso-bidi-font-family:"Times New Roman";
mso-bidi-theme-font:minor-bidi;}
You configuration is not correct. You can remove the line ‘domain-name CISCO-LWAPP-CONTROLLER.mydomain.com’ or replace it with ‘domain-name mydomain.com’ and configure the DNS server with both "CISCO-LWAPP-CONTROLLER.mydomain.com" and "CISCO-CAPWAP-CONTROLLER.mydomain.com" pointing to 172.16.00.25.
I suggest that you remove this line and forget about DNS and go for DHCP option 60 and 43 as you already have configured. You do not need both the DNS configuration and DHCP option 43.
Since you have configured ‘option 60 ascii "Cisco AP c1250"’ and ‘option 43 hex f104ac100019’ then your 1250s should try to associate with the controller 172.16.00.25.
Please post more of the syslog and look for events regarding DHCP option 43.
Is the address 172.16.00.25 for the WLC correct?
Regards,
André

CISCO-LWAPP-CONTROLLER

Hello,
I am trying to get this officeextend working.
I connected the ap and checked the H-Reap box and then officeextend and gave it a public ip. This public ip is NAT'd to the dmz controller on the firewall. (The dmz controller is 5508 running code 6.0.199.4)
I have connected this officeextend 1132 ap to a broadband connection and this gets an ip of 192.168.1.23 on its fa0 interface. all good till now.
when i console onto the officeextend 1132 AP, i get an error msg could not resolve Cisco-LWAPP-Controller.abc.uk....domain server (192.168.1.254) and Cisco-CAPWAP-Controller.home.uk...think it needs DNS set to the public ip on the local asdl box, is it ?
if this is the case, I am not sure if i can do this as this is controlled by the ISP

I have added this now scott on the management interface but still cant get the AP to join the controller. This AP is connected to a broadband wireless router connected back to a ADSL router that has the DNS settings
(also i cant see any traffic hitting on ports 5246 and 5247 on the firewall. so think this AP is not trying to go out )
it comes up with
CAPWAP-5-DHCP_RENEW: Could not discover WLC using DHCP IP. Renewing DHCP IP.
Translating "CISCO-CAPWAP-CONTROLLER.Abc.uk"...domain server (192.168.1.254)
*Apr 8 16:25:39.983: %CAPWAP-3-ERRORLOG: Did not get log server settings from DHCP.
Translating "CISCO-LWAPP-CONTROLLER.Abc"...domain server (192.168.1.254)
*Apr 8 16:25:42.095: %CAPWAP-3-ERRORLOG: Could Not resolve CISCO-CAPWAP-CONTROLLER.Abc.uk
config on AP
service password-encryption
hostname AP6400.f14d.b6ba
logging rate-limit console 9
enable secret 5 $1$ACEH$BuOIS/RYEP5ZXvWxbyCFS/
aaa new-model
aaa authentication login default local
aaa authentication login reap_eap_methods group radius
aaa session-id common
eap profile lwapp_eap_profile
method fast
crypto pki trustpoint Cisco_IOS_MIC_cert
revocation-check none
rsakeypair Cisco_IOS_MIC_Keys
crypto pki trustpoint cisco-root-cert
revocation-check none
rsakeypair Cisco_IOS_MIC_Keys
crypto pki trustpoint airespace-device-root-cert
revocation-check none
rsakeypair Cisco_IOS_MIC_Keys
crypto pki trustpoint airespace-new-root-cert
revocation-check none
rsakeypair Cisco_IOS_MIC_Keys
crypto pki trustpoint airespace-old-root-cert
revocation-check none
rsakeypair Cisco_IOS_MIC_Keys
username Cisco secret 5 $1$2zkE$CaKkr5zDUWwltKRFvrIto0
ip ssh version 2
interface Dot11Radio0
no ip route-cache
mbssid
speed basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0
power client local
packet retries 64 drop-packet
interface Dot11Radio0.2
encapsulation dot1Q 2 native
no ip route-cache
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
bridge-group 1 spanning-disabled
interface Dot11Radio1
no ip route-cache
mbssid
power client local
packet retries 64 drop-packet
interface Dot11Radio1.2
encapsulation dot1Q 2 native
no ip route-cache
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
bridge-group 1 spanning-disabled
interface FastEthernet0
ip address dhcp client-id FastEthernet0
no ip route-cache
duplex auto
speed auto
bridge-group 1
no bridge-group 1 source-learning
bridge-group 1 spanning-disabled
no ip http server
logging trap errors
logging origin-id string AP:6400.f14d.b6ba
logging facility kern
logging snmp-trap notifications
logging snmp-trap informational
logging snmp-trap debugging
logging 255.255.255.255
radius-server local
no authentication eapfast
no authentication leap
no authentication mac
nas 66.11.22.33 key 7 111D110C041B18030A2632253C363832
group hreap
control-plane
line con 0
line vty 0 4
transport input none
line vty 5 15
transport input none
end

Which WLC interface should be resolved from cisco-lwapp-controller.domain

Hi,
we use several 4402 wlc and want the aps connect to connect to them via dns discovery.
It would be fine if somebody could tell me to which ip address (in our dns database) I have to add an alias for cisco-lwapp-controller.<domain>.
Is it the management interface, the ap manager interface or one/all dynamic interface(s)?
Is there any hint concerning this in the documentation?
Best Regards,
Thorsten

You use the management interface of the WLC.
Here is a good link also if you have issues:
http://www.cisco.com/en/US/products/ps6366/products_tech_note09186a00808f8599.shtml#backinfo

VLAN assignment without ACS on Cisco Wireless Controller 5508

I was wondering if it is possible to do dynamic VLAN assignment on the Cisco Wireless Controller 5508 without using Cisco ACS but use Microsoft NPS server instead? Is there a manual or article that someone can point me in the right direction?
Thank you!

Any RADIUS server will allow you to do the dynamic vlan assignment if you configure the right RADIUS attributes (64, 65 and 81 that Steve mentioned above).
This doc shows example of dynamic vlan assignment with WLC and ACS.
http://www.cisco.com/en/US/tech/tk722/tk809/technologies_configuration_example09186a008076317c.shtml
Same config on WLC is needed. However, on the RADIUS you need to configure the same attributes on the NPS instead.
HTH
Amjad
Rating useful replies is more useful than saying "Thank you"

Cisco CAPWAP controller ????

Hi,
Really sorry if this isn't the right place but am desperate for help!
Have applied for a dream job for me to get into networking but one of the things that they have asked for that I haven't heard of before is a Cisco CAPWAP controller, is anyone able to explain the basics or it for me?
From quick web search it seems to be a type of wireless access point!
Any info would be useful.
Thanks
Sent from Cisco Technical Support iPad App

CAPWAP
The controller-based solution allows the splitting of 802.11 functions between the controller-based AP, which handles real-time
portions of the standard, and the Cisco WLC, which handles items that are not time sensitive. This model is called split MAC .
The AP handles the portions that have real-time requirements, such as the following:
■ Beacons management
■ 802.11 encryption and decryption
■ Frame buffering for dozing stations
■ Probe responses
■ Air monitoring for interferences and rogues
The controller handles all other functionalities, such as the following:
■ 802.11 authentication and association
■ QoS and security management
■ Mobility (roaming) management
■ RF management
■ Bridging to and from the DS in the right VLAN
Lightweight APs (LAP) communicate with the controller using a specific protocol, Control and Provisioning of Wireless Access
Points (CAPWAP). The LAP encapsulates all 802.11 data frames received from a client into a CAPWAP frame. The data frame
portion is simply encapsulated into a CAPWAP frame, and is not encrypted by default (data part encryption is possible but optional).
The LAPs also constantly exchange encrypted CAPWAP control messages with the controller via the Radio Resource Management
(RRM) engine for real-time RF management, including
■ Radio resource monitoring
■ Dynamic channel assignment
■ Interference detection and avoidance
■ Dynamic transmit power control
■ Coverage hole detection
This come from a book wrote by Jerome Henry

Cisco 5760 controller in centralized mode supports 4404 controller as anchor controller?

Hello All,
I have a cisco 5760 controller running in centralized mode. I want to configure one 4404 controller as anchor controller to work with the 5760 controller. Is this supported?.
Thanks in advance
Shabeeb

No, It is not supported.
You cannot have a mobility peer with 5760 unless you enable "new mobility" on its peer . In CUWN products this is supported in 5508/WiSM2/8510 on specific codes. In current supported codes it has to be 7.6.x or 8.x.
As you know 4400 only supported upto 7.0.x code. So new mobility is not supported, hence you cannot peer with CA products.
In case if you have a "new mobility" supported WLC, here how you configure it
http://mrncciew.com/2014/05/06/configuring-new-mobility/
HTH
Rasika
**** Pls rate all useful responses ****

Cisco 5508 controller

I have Cisco 5508 controller in our high school. I changed the password for one of our WLANs yesterday.(WLANs>WLANs>WLAN in question (in my case OBSD-Internal)>Security>Layer 2. For some reason it reverted back to the previous password ( this was confirmed by a client attempting to connect). What could possibly cause this?

Hi Sean,
May be you did not saved the config on WLC(After changing the password).
Regards

Join issues with Multicube reports

I experts,
We have a Multicube M with a Real time cube A and Basic Cube B. Cube B was added to the Multicube recently.
Cube A contains Phasing data ( like Forecast) for Opportunities. See some eg records below.
Oppt PERIOD KF1
001   001       10
001   002       20
001   003       30
002   001       40
002   002       20
002   003       30.
Cube B containes Opportunities and Customer ( with Nav Attr). The Customer master data looks like below. Here both TYPE and GROUP are Nav attr of Customer.
Customer Type Grp
C1            T1     G1
C2            T2     G2
Cube B contains records as shown below
Oppt Customer KF2
001   C1           100
002   C2           300.
Now when we ran our Report on MultiCube, we expect to see below
Oppt Period Customer Type Grp KF1
001     001       C1        T1    G1   10
001     002       C1        T1    G1   20
001     003       C1        T1    G1   30
002     001       C2        T2    G2   40
002     002       C2        T2    G2   20
002     003       C2        T2    G2   30.
But in place Customer, Type, Grp, we get 'Not assinged" .
I have checked teh identification for all KFs and Chars, they are identified.
Can anyone help??
Thanks,
DV

Can you check for the data inside the infoproviders in the cubes with the manage option. It possible when the grouping is not done properly. Check for the Master date entry of the customer. I dont think its because of the join issue..
Good Luck..
Sandhya

Cisco 526 controller and AP541N

Hello,
I have a cisco 526 controller. Since this device is EOL. Can I still use 526 controller with AP541N? What are the limitations and problem configuring with
AP541N?
Thanks.
Dipendra

Hi Dipendra,
The 541N is NOT supported via the 526 Controller
With the Cisco AP 541N, you can:
• Easily set up, configure, and manage multiple wireless access points, without the need to invest in a wireless controller
http://www.cisco.com/en/US/prod/collateral/wireless/ps5678/ps10492/data_sheet_c78-566239.html
Cheers!
Rob

Cisco wireless controller 4400

Hey all,
I was wondering does the Cisco Wireless controller 4400 come with any management software such as the Cisco Wireless Controller system software?
regards,
Mark

WCS doesn't come with your WLC purchase you can down load a trial version of WCS from Cisco site. I think it is a 15 or 30 day trial.
You would have to purchase a license to run a full blown WCS. You can get this in either Linux or Windows.
Hope this helps you.
You can find info on this at:
http://www.cisco.com/en/US/prod/collateral/wireless/ps5755/ps6301/ps6305/product_data_sheet0900aecd804b4646_ps3915_Products_Data_Sheet.html

LWAPP cannot translate cisco-lwapp-controller

Hi all:
I had add a hostname to DNS server as CISCO-LWAPP-CONTROLLER . and i use my controller as a internal DHCP server , it will assign ip to a lot of vlan. My lightweigh ap cannot translate the cisco-lwapp-controller and other a record at DNS server .

Can you translate that on the local lan? Verify that the manamgement and ap-manager is configured for vlan "0" untagged and that the trunk port is setup with the native vlan of the WLC management and ap-manager interface. If you console in the ap and power cycle the ap, what does the log show. Post the log so we can take a look at it.

Cisco Outdoor Controller Based Access Point

Hi,
I am looking for Cisco Outdoor Controller Based access point model. The WLC is Cisco 2500 Series.
I have checked couple of outdoor models but all are mesh access point. I am looking for normal controller based outdoor access point ( just like controller based indoor access point models )
Thanks.

adding to Leo...
Cisco Aironet 1300 Series
http://www.cisco.com/en/US/products/ps5861/index.html
Cisco Aironet 1550 Series
http://www.cisco.com/en/US/products/ps11451/index.html
Cisco Aironet 1520 Series
http://www.cisco.com/en/US/products/ps8368/index.html
these all are Cisco OUTdoor APs.
Now u can choose as per ur req.
Regards
Dont forget to rate helpful posts

Cisco 3602i controller joining issues...

Similar Messages

Maybe you are looking for