ISE and WLC 5508 IP and MAc address

Hi!
Is it possible that we recibe IP address and Mac address Client at the same time in ISE ?
The wlc permits choose radius Call station ip type MAC or IP, but not both.
Thanks you,

If you are using dot1x then no, the mac address is sent since the client does not receive an ip address till authetication succeeds.
Sent from Cisco Technical Support Android App

Similar Messages

  • Wlc 5508 invalid ipad mac address

    Hello,
    Help me pls,
    While configuring mac address filter on a WLC 5508 there is problem with mac address beginning with 77:....
    I cant add it to WLC mac filter.
    Thanks in advance

    If you are using dot1x then no, the mac address is sent since the client does not receive an ip address till authetication succeeds.
    Sent from Cisco Technical Support Android App

  • Format WLC-5508 Flash and IOS recovery guide

    Dear Support Cummunity,
    i have a WLC-5508 where by i am unable to join any kind of AIR-LAP1x00 Access-Points.
    They can't join in the local management ip of the controller within same L2 or via routed network thereby using the APs CLi by
    "lwapp ap controller ip addr xx.xx.xx.xx".
    I upgraded from: 6.0.188.0 to
    AIR-CT5500-K9-6-0-199-0.aes
    AIR-CT5500-K9-7-0-98-0.aes
    thereby catching the same logs every time.
    The main error message from the WLCs log i catched first  is:
    "maximum number of downloads (0) exceeded"
    *sntpReceiveTask: Jul 16 07:40:58.827: %LOG-3-Q_IND: capwap_ac_sm.c:1683 Ignoring discovery request from AP 00:26:99:86:c9:b9 - maximum number of downloads (0) exceeded
    *spamApTask1: Jul 16 07:40:58.343: %CAPWAP-3-DISC_MAX_DOWNLOAD: capwap_ac_sm.c:1683 Ignoring discovery request from AP 00:26:99:86:c9:b9 - maximum number of downloads (0) exceeded
    *sntpReceiveTask: Jul 16 07:40:48.822: %LOG-3-Q_IND: capwap_ac_sm.c:1683 Ignoring discovery request from AP 00:26:99:86:c9:b9 - maximum number of downloads (0) exceeded
    *spamApTask1: Jul 16 07:40:48.342: %CAPWAP-3-DISC_MAX_DOWNLOAD: capwap_ac_sm.c:1683 Ignoring discovery request from AP 00:26:99:86:c9:b9 - maximum number of downloads (0) exceeded
    Later on i found some more logging infos:
    *Aug 16 04:12:07.188: %SYSTEM-3-FILE_READ_FAIL: nvstore.c:422 Failed to read configuration file 'cliWebInitParms.cfg'
    *Aug 16 04:12:07.188: %CNFGR-3-INV_COMP_ID: cnfgr.c:2080 Invalid Component Id : Unrecognized (81) in cfgConfiguratorInit.
    *Aug 16 04:12:07.139: %SYSTEM-3-FILE_READ_FAIL: nvstore.c:422 Failed to read configuration file 'rfidInitParms.cfg'
    *Aug 16 04:12:07.126: %SYSTEM-3-FILE_READ_FAIL: nvstore.c:422 Failed to read configuration file 'dhcpParms.cfg'
    *Aug 16 04:12:07.113: %SYSTEM-3-FILE_READ_FAIL: nvstore.c:422 Failed to read configuration file 'bcastInitParms.cfg'
    *Aug 16 04:12:07.047: %SYSTEM-3-FILE_READ_FAIL: nvstore.c:422 Failed to read configuration file 'rrmInitParms.cfg'
    *Aug 16 04:12:06.906: %SYSTEM-3-FILE_READ_FAIL: nvstore.c:422 Failed to read configuration file 'apfInitParms.cfg'
    *Aug 16 04:12:06.801: %MM-3-MEMBER_ADD_FAILED: mm_dir.c:860 Could not add Mobility Member. Reason: IP already assigned, Member-Count:1,MAC: 00:00:00:00:00:00, IP: 0.0.0.0
    *Aug 16 04:12:06.599: %SYSTEM-3-FILE_READ_FAIL: nvstore.c:422 Failed to read configuration file 'mmInitParms.cfg'
    *Aug 16 04:12:06.589: %SYSTEM-3-FILE_READ_FAIL: nvstore.c:422 Failed to read configuration file 'aaaapiInitParms.cfg'
    *Aug 16 04:12:06.587: %SYSTEM-3-FILE_READ_FAIL: nvstore.c:422 Failed to read configuration file 'pemInitParms.cfg'
    *Aug 16 04:12:06.474: %SYSTEM-3-FILE_READ_FAIL: nvstore.c:422 Failed to read configuration file 'dot1xInitParms.cfg'
    *Aug 16 04:12:06.446: %SYSTEM-3-FILE_READ_FAIL: nvstore.c:422 Failed to read configuration file 'capwapInitParms.cfg'
    *Aug 16 04:12:06.301: %SYSTEM-3-FILE_READ_FAIL: nvstore.c:422 Failed to read configuration file 'spamInitParms.cfg'
    *Aug 16 04:12:06.298: %LICENSE-1-REQUEST_FAILED: license_syslog_notify:564 License request for feature base-ap-count 1.0 failed in this device, UDI=AIR-CT5508-K9:FCW1341L530
    *Aug 16 04:12:05.221: %SSHPM-3-FREAD_FAILED: sshpmlscscep.c:1268 Error reading file /mnt/application/lscca_pem.crt
    *Aug 16 04:11:46.121: %SYSTEM-3-FILE_READ_FAIL: nvstore.c:422 Failed to read configuration file 'sshpmInitParms.cfg'
    as for me it looks like my filesystem is kind of corrupted since several files can not be read.
    now at power up one can choose 5 in order to format flash/disk. unfortuanitly i have not found some documentation about formatting flash procedures.
    please guide me to the appropriate documentation.
    ============================================================
    Boot Loader Menu
    ============================================================
    1. Run primary image (7.0.98.0) - Active
    2. Run backup image (6.0.199.0)
    3. Change active boot image
    4. Clear configuration
    5. Format FLASH Drive
    6. Manually update images
    Enter selection: 5
    Launching...
    WARNING!  Choose this option may render the device warranty invalid
    and/or make the device unusable.
    what are my next steps going to be from here in order to format/restore?
    thank you
    colin

    (Cisco Controller) >show sys
    Incorrect usage.  Use the '?' or key to list commands.
    (Cisco Controller) >show sysinfo
    Manufacturer's Name.............................. Cisco Systems Inc.
    Product Name..................................... Cisco Controller
    Product Version.................................. 7.0.98.0
    Bootloader Version............................... 1.0.1
    Field Recovery Image Version..................... N/A
    Firmware Version................................. FPGA 1.3, Env 1.6, USB console 1.27
    Build Type....................................... DATA + WPS
    System Name...................................... WLC
    System Location..................................
    System Contact...................................
    System ObjectID.................................. 1.3.6.1.4.1.9.1.1069
    IP Address....................................... 192.168.11.16
    Last Reset....................................... Software reset
    System Up Time................................... 0 days 0 hrs 4 mins 41 secs
    System Timezone Location......................... (GMT +1:00) Amsterdam, Berlin, Rome, Vienna
    Current Boot License Level....................... base
    Current Boot License Type........................ Permanent
    Next Boot License Level.......................... base
    Next Boot License Type........................... Permanent
    Configured Country............................... CH  - Switzerland
    --More-- or (q)uit
    Operating Environment............................ Commercial (0 to 40 C)
    Internal Temp Alarm Limits....................... 0 to 65 C
    Internal Temperature............................. +39 C
    External Temperature............................. +25 C
    Fan Status....................................... OK
    State of 802.11b Network......................... Enabled
    State of 802.11a Network......................... Enabled
    Number of WLANs.................................. 1
    Number of Active Clients......................... 0
    Burned-in MAC Address............................ 00:24:97:CE:E0:40
    Power Supply 1................................... Present, OK
    Power Supply 2................................... Absent
    Maximum number of APs supported.................. 0  ç ???
    why is it that it tells me i've got 0 APs supported on a permanent base license witch ships per default?
    i tried to install a evaluation License but without success..

  • Converged Access Design Help (Catalyst 3850 and WLC 5508...Mobility Oracle)

    Hello,
    I am an engineer working with a Cisco Gold Partner in Saudi Arabia. We have a large university as our client where they are constructing a new
    building and require our services to build the network infrastructure. Therefore, we are to implement the routing and switching infrastructure as
    well as the Wireless solution.
    At present, I have no issues in implementing the R&S infrastructure as it is very straight forward but it has implications on the deployment of
    the wireless solution which I explain further below. The R&S infrastructure comprises of the typical Core, Distribution, and Access layers and we
    are focusing on the local distribution and access switches with regards to the new building. The client has a converged Layer 3 network spanning
    from distribution layer to core layer and they are running EIGRP for this convergence. This is not a problem and has already been implemented.
    Yet, the challenge arises in deploying the WLAN infrastructure. The client already has a Cisco WLAN infrastructure in place where they have a
    large number of LAPs that are registered with their controllers in the Data Center. They have two WLC 5508 where one is the Primary and the other
    the Secondary. The local distribution switch to which the WLC are connected also is the gateway for the SVIs for the SSIDs that are configured on
    the controllers. This means that once the packets from the AP come in to the WLC, they are tagged with the correct VLAN and sent to the directly
    connected distribution switch which then routes it into the rest of the Layer 3 network. Interestingly, the WLC 5508 are running AireOS 7.6 and
    support the "New Mobility" feature. The two controllers have formed a Mobility Group (MG) between each other.
    Now, the new building will have two Catalyst 3850 switches installed where each one has a total of 40 AP licenses pre-installed and activated
    i.e. a total of 80 APs can be supported by the two switches. A total of 67 LAPs will be deployed in the new building which can be accommodated
    between the two switches and their integrated controller.
    Yet, based on my understanding and research about Converged Access is that, ideally, the Catalyst 3850 will only run the Mobility Agent (MA)
    feature while a central controller would provide the Mobility Controller (MC) service. unfortunately, there are not enough licenses on the
    existing WLC 5508 nor can we migrate the new licenses that will facilitate such a split deployment.
    This means that I would need to configure the two Catalyst 3850 as independent MC and form a MG between them. I have done this and tested this
    already and the mobility is working fine. But my concern is not about getting the Catalyst 3850 to work as this is simple but rather it is
    focused on creating a common Mobility Domain (MD) so that clients can roam from this new building to the rest of the campus while maintaining the
    state of their connections to the WLAN infrastructure.
    To make things more complicated, since the new building will have its own Layer 3 distribution switch and the Catalyst 3850 switches will connect
    to this distribution switch, it means that new VLANs and SVIs need to be created for the SSIDs broadcast in the new building. This means that new
    subnets need to be assigned to the SSIDs.
    As such, I have the following questions:
    Q1) If we create new SVIs for the SSIDs (same SSIDs names will be used in the new building as in the rest of the university campus) this means
    that new subnets will be assigned to these SSIDs. Now, I believe I have two options...one is to make the new Catalyst 3850s to be in the same MG
    as the existing WLC 5508 which then cater for Layer 3 client roaming or I have to treat this as a totally seperate WLAN network and follow on to
    the solution as per the next question. Please advise which is a better option?
    Q2) I could create separate MG i.e. the new building Catalyst 3850s can be in one MG and the existing controllers can be in another MG. I can
    then have one of the existing WLC 5508 (the primary one) to run the Mobility Oracle (MO) feature so as to create a single Mobility Domain (MD).
    Would this facilitate in Layer 3 client roaming and RRM for all the controllers in the same MD?
    Q3) If I do create a MD, how is this accomplished in such an environment since the documentation is severely limited in this regard?
    Please advise at your earliest. To assist further, I have attached a topology diagram which may aid in explaining the situation with more
    clarity. If these things are clarified, I will be better able to wrap my head around the technology and in turn service my clients better.
    Regards,
    Amir

    Hi Amir,
    Q1) If we create new SVIs for the SSIDs (same SSIDs names will be used in the new building as in the rest of the university campus) this means that new subnets will be assigned to these SSIDs. Now, I believe I have two options...one is to make the new Catalyst 3850s to be in the same MG as the existing WLC 5508 which then cater for Layer 3 client roaming or I have to treat this as a totally seperate WLAN network and follow on to the solution as per the next question. Please advise which is a better option?
    I would configure them in the same mobility group. Also configure same SPG for those two 3850 stacks if users are frequently roaming within these two buildings.
    Q2) I could create separate MG i.e. the new building Catalyst 3850s can be in one MG and the existing controllers can be in another MG. I can then have one of the existing WLC 5508 (the primary one) to run the Mobility Oracle (MO) feature so as to create a single Mobility Domain (MD). Would this facilitate in Layer 3 client roaming and RRM for all the controllers in the same MD?
    MO is not required (it is only for very large scale deployments)
    Q3) If I do create a MD, how is this accomplished in such an environment since the documentation is severely limited in this regard?
    Yes, documents are hard to find :(
    These notes may be useful to you based on my experience. I am running IOS-XE 3.6.1 in my production.
    http://mrncciew.com/2014/05/06/configuring-new-mobility/
    http://mrncciew.com/2013/12/14/3850ma-with-5760mc/
    HTH
    Rasika
    *** Pls rate all useful responses ****

  • 2 Cisco WLC 5508 controllers and software upgrade 7.6.130 + FUS 1.9

    Hi
    I have two WLC 5508 controllers that need 7.6.130 and FUS 1.9 installed. (Current version 7.3 and FUS 1.7)
    Configuration: One controller is at Site A and the other controller is at Site B (two different states..)
    They're configured so that if Site A goes down, Site A AP's will failover to Site B and vice versa ..
    - What would be the recommended approach for upgrading the software to 7.6.130.0 (from 7.3) and also upgrading FUS 1.9 (from 1.7)?
    My plan was to download 7.6.130.0 to both controllers and pre-download the software to all AP's (about 100 total between both sites) and then reboot the controllers at night at the same time? Or one before the other? 
    Step 2. Install FUS 1.9 to each controller.
    I'm concerned over what might happen during the upgrade and AP failover etc..
    Thanks

    This is what I would do:
    Upload v7.6.130.0 to all WLCs and then use the pre image download to push the image to all access points. 
    Dont reboot the wlc
    Image swap in the access points so that v7.6.130.0 is primary
    Move all access point to one of the WLCs (A)
    Enable ap AAA authentication on the WLC that has no access points and the one you will work on first.  This prevents access points from joining  
    Reboot the WLC (A)
    Upload the FUS 1.9.0.0
    Reboot WLC (A) this takes up to 45 minutes
    When the WLC (A) comes back online, uncheck ap AAA authentication
    Move access points from WLC (B) to WLC (A)
    Enable ap  AAA authentication on  WLC (B)
    Perform all the other task you did earlier on WLC (A)
    That's it.
    -Scott

  • LMS 4.2 and WLC 5508

    Hi all,
    Recently I have replaced 2 4400 WLC by 5508 wlc's.
    I have also replaced both 4400 in LMS by those new 5508. They have the same ip's, so I have removed the old 4400's from LMS and created 2 new devices.
    When checking the device center, LMS tells me Data collection, User tracking, Inventory and Fault discovery has succeeded.
    When I check the Reachability status in device center it is ok for ping, telnet, SSH, SNMPV2 read, SNMPV2 write. However I am not able to open the configuration through Config editor. He gives me the pop-up "CEDT0042: No latest configuration file exists for the device in Archive."
    When I go and check the archive summary report, I can see for both devices the log below:
    NMP: Failed to establish SNMP connection to x.x.x.x - Cause: Device is Unreachable. Check the ReadOnly community string. SNMP: Failed to establish SNMP connection to x.x.x.x - Cause: Device is Unreachable. Check the ReadOnly community string.
    Any ideas,
    Thanks,
    Joris

    Hello,
    I think I have found the problem. WLC 5508 is not compatible with LMS 4.2.2.
    I can find this in the release notes:
    Cisco Unified Wireless Network Solution Components
    The following components are part of the Cisco UWN Solution and are compatible in this release:
    Note For more information on the compatibility of wireless software components across releases, see the Cisco Wireless Solutions Software Compatibility Matrix.
    •Cisco IOS Release 15.2(2)JB
    •Cisco Prime Infrastructure 1.3
    •Mobility Services Engine (MSE) 7.4.100.0 software release and context-aware software
    Apparently only Prime 1.3 can manage this device.
    Joris

  • 802.1x and wired dynamic vlans on MAC addresses

    Hi All,
    I would like to setup our new offices with dynamic vlans determined by the MAC address of the device connecting. So I need a database of MAC addresses in groups for which vlan they will go in, with separate vlans for printers and servers and computers and BYOD. If this can work for wireless too then even better.
    I've done some reading but am really struggling to find the information I need.
    We have a Windows domain and brand new 3850 Cisco switches.
    Can anyone steer me in the right direction (or tell me how to do it!) please?
    Thanks for reading.

    Hi, 
    So you need to perform MAB authentication. As you mentioned, you will need to create a DB of MAC entries.
    In order to configure the Windows server (2003 or 2008?) to assign the dynamic VLAN you need to define the Remote Access Policies and create the custom attributes. For example:
    Tunnel-Medium-Type. Select a value appropriate to the previous selections you have made for the policy. For example, if the network policy you are configuring is a wireless policy, select Value: 802 (Includes all 802 media plus Ethernet canonical format).
    Tunnel-Pvt-Group-ID. Enter the integer that represents the VLAN number to which group members will be assigned. 
    Tunnel-Type. Select Virtual LANs (VLAN).
    You can find more information here:
    Configure a Network Policy for VLANs
    VLAN Attributes Used in Network Policy
    802.1X Authentication Services Configuration Guide, Cisco IOS XE Release 3SE (Catalyst 3850 Switches)
    HTH.

  • Ping problem in the neighborhood and Msan can see the mac address of router

    Hi everyone
     i have a router 1941/K9 with card EHWIC-4SHDSL-EA ,i have configure this card in my router , the problem is I can not ping the ip @ Neighbourhood and the MSAN can't also  see the mac-address of the router  do you notice that the interface in the MSAN and in the router is UP  / UP
    anybody help me

    Hi,
    An ethernet interface will be always up/up and it goes down only if there is problem between the given port and the connected one. The issue can be anywhere else in the middle.

  • LAN and WAN share the same MAC address -- could this be a security issue?

    When I bought the AEBS(n), I was a bit surprised to see only one ethernet MAC address listed (on bottom of unit, or was it in config utility?), in addition to wireless MAC. My main router has two ethernet MACs.
    So last nite, I investigated. I confirmed my suspicion that both the WAN port and the LAN ports share the same MAC address! My setup has the AEBS WAN port plugged into my home LAN's main router, and a Linux machine plugged into a LAN port of the AEBS.
    View of AEBS WAN side (from main router at 192.168.1.1)
    ii# arp
    Seconds IP Address MAC Address
    734 66.130.224.1 001120A87AF5 -- ISP router
    789 192.168.1.21 0016CBC430A6 -- AEBS WAN port
    28 192.168.1.33 0010DC47DC53 -- home PC
    824 192.168.1.73 00065BB2F295 -- work PC
    View of AEBS LAN side (from a Linux box at 10.0.1.41)
    root@LKG7CAE25 # cat /proc/net/arp
    IP address HW type Flags HW address Mask Device
    10.0.1.1 0x1 0x2 00:16:CB:C4:30:A6 * eth0
    10.0.1.1 on the LAN side of AEBS and 192.168.1.21 on the WAN side of the AEBS both use the same MAC address, 00:16:CB:C4:30:A6.
    I tried to provoke some leakage between the two sides (for example with broadcast packets), but haven't been able to do it so yet. Perhaps the switch in front of the eth MAC has enough smarts to keep the two subnets separate? Still it sort of worries me, if I used the AEBS as my only router, that both WAN and LAN go thru the same ethernet MAC (same h/w). I browsed here but found no discussion on this.
    Comments anyone?

    .... This is why there are separate MAC addresses
    for ethernet and wireless, they are physically
    different networks. In the case of the WAN/LAN, both
    are ethernet-type networks but are physically
    distinct (this is the purpose of a router like the
    AEBS), so having the same MAC address on both sides
    won't cause any sort of collision nor should it be
    possible to leak across networks. MAC addresses can't
    be used for routing beyond the physical network.
    If it is indeed two different NICs sharing a single MAC, then indeed it is not an issue as you would never want to connect these two NICs together. But is it really two NICs?
    My worry is that these two subnets are on the same physical network, with some magic going on to keep them separate anyway. Do we have some picture of AEBS internals? Maybe that would answer the question...

  • WLC 5508, vlan select, reserved address in external DHCP server

    Hi guys,
    I have a deploy with a WLC 5508 version 7.0.116.0, APs mode local and vlan select feature enable. The issue is that the reserved IP address in external DHCP server not work. The DHCP contains a reserved IP address associates with mac address, but the assignement of IP is not match with de policies in DHCP. All others services operate normally.
    This reserved assignment operate previusly to modificate the WLAN to vlan select feature. Help me to improve this situation.
    Thanks.-
    Best regards

    Hello Abhishek, thanks for you quick answer....
    the link was a document used for the deploy, but not especifict nothing about the reserved IP address for particular host. In other words, the reserved IP address (through MAC address) in external DHCP server not work when "vlan select" its enable.

  • NAC OoB and WLC Causing flap and network down

    I'm trying to intall a NAC Solution in a Wireless network but it's causing a MAC address flapping between switches interfaces and it's bringing the network down.
    I've done the deployment following the Cisco documentation:
    (WLC)-----(L2 Switch)-----(NACServer)--------(L3 Switch3com)
                        |_____________________________|
    One connection from L2 to L3 throught NAC and one trunk out-of-band.
    I Filtered the Vlans that should only be showed in the trunks but it keeps causing flapping when I plug the untrusted interface of NAC.
    The only thing is that I wasn't able to take the Vlan 1 out of the Trunk in the 3Com switch (NAC Trusted interface).
    Anybody has experienced this before and get solved?

    yes, you can do it, just remember that the accounting server IP address must be the "service IP address" of the trusted management interface of the CAS

  • WLC 5508 , AP client dhcp address different from WLAN interface VLAN subnet?

    Hope the title makes sense, here's my situation: I have multiple businesses on 1 WLC 5508, there's a LAG to my core switch with seperate interfaces for each, broken up by vlans.
    My question is: if i have a WLAN setup to use interface "Company A" which is vlan 10 with an ip of 10.0.1.5 which then points to 10.0.1.10 for dhcp.
    Can the WLAN client connecting to the Company A WLAN use an IP in a different IP range?(192.168.1.10?) can the wlc route? from the perspective of the DHCP server where doers the request come from? (10.0.1.5?)
    Can the DHCP server 10.0.10.10 on vlan 10 respond back with and ip on a different subnet to assign to the client to use and still be fully fonctioning? would the default gateway for the client need to be 10.0.1.5?  So the clients ip would be 192.168.1.10 /24 with a gateway of 10.0.1.5 (ip adress fo vlan10 interface on WLC) And if multiple clients on the same subnet wanted to talk to each other woudl the WLC know how to route them to each other without passing through the default gateway?
    Sorry if this is confusing I'm having a bit of a hard time explaining it in works, i can try and draw somethign up if it makes more sense.
    thanks
    Eric

    I think if you want these clients to stick to a WLAN configured on a VLAN that has a different IP addressing you could configure your VLAN with the normal IP addressing then add on the SVI the 2nd IP_Class_default_gateway.
    E.G.
    Vlan 10
    interface vlan 10
    ip address 10.0.10.1 255.255.255.0
    ip address 192.168.1.1 255.255.255.0 secondary
    Clients that receive IP address from 192.168.1.0/24 network will be able to reach 192.168.1.1 and all traffic will pass right.

  • ISE Identities - Lifetime/Age-Out of Mac-Addresses

    Hello,
    is there a way to have the Mac-Addresses/Identities in the ISE-Database age-out after a certain amount of time (i.e. 4 weeks).
    Beste regards

    Here are some screenshot for the same

  • LWAPP's losing names and showing up as default MAC address's

    I have been having random LWAPP's that have been configured previously showing up as the original names as if they were just installed (APxxx:xxxx:xxxx). I know this becasue the location field is the location of where they are, and AP group name is also set to the location they are. What would cause this?
    WLC = 7.0.98.0
    AP = 1142n 12.4(23c)JA
    This problem is here and there...it is happening to about 5 percent of my overall AP's.

    AP event log from controller:
    AP event log download completed.
    ======================= AP Event log Contents =====================
    *Mar 1 00:15:54.702: %CDP_PD-2-POWER_LOW: All radios disabled - NEGOTIATED WS-C4506-E (5475.d01d.8052)
    *Mar 1 00:16:02.966: %CAPWAP-3-ERRORLOG: Did not get log server settings from DHCP.
    *Aug 30 19:37:23.001: %CAPWAP-3-ERRORLOG: Go join a capwap controller
    *Aug 30 19:37:23.001: %CAPWAP-5-DTLSREQSEND: DTLS connection request sent peer_ip: 10.200.1.10 peer_port: 5246
    *Aug 30 19:37:23.001: %CAPWAP-5-CHANGED: CAPWAP changed state to
    *Aug 30 19:37:23.734: %CAPWAP-5-DTLSREQSUCC: DTLS connection created sucessfully peer_ip: 10.200.1.10 peer_port: 5246
    *Aug 30 19:37:23.734: %CAPWAP-5-SENDJOIN: sending Join Request to 10.200.1.10
    *Aug 30 19:37:23.734: %CAPWAP-5-CHANGED: CAPWAP changed state to JOIN
    *Aug 30 19:37:23.751: %CAPWAP-5-CHANGED: CAPWAP changed state to IMAGE
    *Aug 30 19:38:04.730: %CDP_PD-2-POWER_LOW: All radios disabled - NEGOTIATED WS-C4506-E (5475.d01d.8052)
    *Aug 30 19:38:12.291: *** Access point reloading. Reason: NEW IMAGE DOWNLOAD ***
    *Aug 30 19:38:12.292: %SYS-4-PUPDATECLOCK: Periodic Clock update with ROMMON failed, because size left in ROMMON (4294967295),
    *Mar 1 00:15:54.161: %CDP_PD-4-POWER_OK: Full power - NEGOTIATED inline power source
    *Mar 1 00:15:54.184: %LINK-3-UPDOWN: Interface Dot11Radio1, changed state to up
    *Mar 1 00:15:54.191: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to up
    *Mar 1 00:15:55.155: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio1, changed state to up
    --More-- or (q)uit
    *Mar 1 00:15:55.176: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to up
    *Mar 1 00:16:02.982: %CAPWAP-3-ERRORLOG: Did not get log server settings from DHCP.
    *Aug 30 19:39:56.001: %CAPWAP-3-ERRORLOG: Go join a capwap controller
    *Aug 30 19:39:56.001: %CAPWAP-5-DTLSREQSEND: DTLS connection request sent peer_ip: 10.200.1.10 peer_port: 5246
    *Aug 30 19:39:56.001: %CAPWAP-5-CHANGED: CAPWAP changed state to
    *Aug 30 19:39:56.744: %CAPWAP-5-DTLSREQSUCC: DTLS connection created sucessfully peer_ip: 10.200.1.10 peer_port: 5246
    *Aug 30 19:39:56.744: %CAPWAP-5-SENDJOIN: sending Join Request to 10.200.1.10
    *Aug 30 19:39:56.744: %CAPWAP-5-CHANGED: CAPWAP changed state to JOIN
    *Aug 30 19:39:56.940: %CAPWAP-5-CHANGED: CAPWAP changed state to CFG
    *Aug 30 19:39:57.047: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to reset
    *Aug 30 19:39:57.051: %CAPWAP-5-CHANGED: CAPWAP changed state to UP
    *Aug 30 19:39:57.052: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to up
    *Aug 30 19:39:57.252: %LWAPP-3-CLIENTEVENTLOG: Received AP Syslog IP Address(255.255.255.255) configuration.
    *Aug 30 19:39:57.258: %CAPWAP-5-JOINEDCONTROLLER: AP has joined controller Wism-Slot1Proc1
    *Aug 30 19:39:57.263: %LINK-5-CHANGED: Interface Dot11Radio1, changed state to reset
    *Aug 30 19:39:57.263: %LWAPP-3-CLIENTEVENTLOG: SSID RPS added to the slot[0]
    *Aug 30 19:39:57.264: %LWAPP-3-CLIENTEVENTLOG: SSID RPS-GUEST added to the slot[0]
    *Aug 30 19:39:57.264: %LWAPP-3-CLIENTEVENTLOG: SSID ILOVEDOGS added to the slot[0]
    *Aug 30 19:39:57.265: %LWAPP-3-CLIENTEVENTLOG: SSID RPS added to the slot[1]
    *Aug 30 19:39:57.284: %DOT11-4-NO_HT: Interface Dot11Radio1, Mcs rates disabled on vlan 2 due to not using AES encryption or en
    *Aug 30 19:39:57.287: %DOT11-4-NO_HT: Interface Dot11Radio0, Mcs rates disabled on vlan 2 due to not using AES encryption or en
    *Aug 30 19:39:57.287: %LINK-3-UPDOWN: Interface Dot11Radio1, changed state to up
    *Aug 30 19:39:57.287: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to reset
    --More-- or (q)uit
    *Aug 30 19:39:57.287: %LWAPP-3-CLIENTEVENTLOG: SSID RPS-GUEST added to the slot[1]
    *Aug 30 19:39:57.287: %LWAPP-3-CLIENTEVENTLOG: SSID ILOVEDOGS added to the slot[1]
    *Aug 30 19:39:57.297: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to up
    *Aug 31 02:29:15.271: %LINK-5-CHANGED: Interface Dot11Radio1, changed state to reset
    *Aug 31 02:29:15.324: %LINK-3-UPDOWN: Interface Dot11Radio1, changed state to up
    *Aug 31 02:29:15.327: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to reset
    *Aug 31 02:29:15.411: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to up
    *Aug 31 03:34:40.892: *** Access point reloading. Reason: Recvd RESET req from Controller ***
    *Mar 1 00:15:55.598: %CDP_PD-4-POWER_OK: Full power - NEGOTIATED inline power source
    *Mar 1 00:15:55.622: %LINK-3-UPDOWN: Interface Dot11Radio1, changed state to up
    *Mar 1 00:15:55.630: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to up
    *Mar 1 00:15:56.594: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio1, changed state to up
    *Mar 1 00:15:56.616: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to up
    *Mar 1 00:16:02.969: %CAPWAP-3-ERRORLOG: Did not get log server settings from DHCP.
    *Aug 31 03:33:11.001: %CAPWAP-3-ERRORLOG: Selected MWAR 'RPS-5508-2'(index 0).
    *Aug 31 03:33:11.001: %CAPWAP-3-ERRORLOG: Go join a capwap controller
    *Aug 31 03:33:11.001: %CAPWAP-5-DTLSREQSEND: DTLS connection request sent peer_ip: 10.200.1.21 peer_port: 5246
    *Aug 31 03:33:11.001: %CAPWAP-5-CHANGED: CAPWAP changed state to
    *Aug 31 03:33:11.842: %CAPWAP-5-DTLSREQSUCC: DTLS connection created sucessfully peer_ip: 10.200.1.21 peer_port: 5246
    *Aug 31 03:33:11.842: %CAPWAP-5-SENDJOIN: sending Join Request to 10.200.1.21
    *Aug 31 03:33:11.842: %CAPWAP-5-CHANGED: CAPWAP changed state to JOIN
    *Aug 31 03:33:11.975: %CAPWAP-5-CHANGED: CAPWAP changed state to CFG
    *Aug 31 03:33:12.100: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to reset
    --More-- or (q)uit
    *Aug 31 03:33:12.104: %CAPWAP-5-CHANGED: CAPWAP changed state to UP
    *Aug 31 03:33:12.105: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to up
    *Aug 31 03:33:12.312: %LWAPP-3-CLIENTEVENTLOG: Received AP Syslog IP Address(255.255.255.255) configuration.
    *Aug 31 03:33:12.318: %CAPWAP-5-JOINEDCONTROLLER: AP has joined controller RPS-5508-2
    *Aug 31 03:33:12.322: %LINK-5-CHANGED: Interface Dot11Radio1, changed state to reset
    *Aug 31 03:33:12.322: %LWAPP-3-CLIENTEVENTLOG: SSID RPS added to the slot[0]
    *Aug 31 03:33:12.324: %LWAPP-3-CLIENTEVENTLOG: SSID RPS-GUEST added to the slot[0]
    *Aug 31 03:33:12.324: %LWAPP-3-CLIENTEVENTLOG: SSID RPS added to the slot[1]
    *Aug 31 03:33:12.324: %LWAPP-3-CLIENTEVENTLOG: SSID RPS-GUEST added to the slot[1]
    *Aug 31 03:33:12.342: %DOT11-4-NO_HT: Interface Dot11Radio1, Mcs rates disabled on vlan 1 due to not using AES encryption or en
    *Aug 31 03:33:12.346: %DOT11-4-NO_HT: Interface Dot11Radio0, Mcs rates disabled on vlan 1 due to not using AES encryption or en
    *Aug 31 03:33:12.346: %LINK-3-UPDOWN: Interface Dot11Radio1, changed state to up
    *Aug 31 03:33:12.346: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to reset
    *Aug 31 03:33:12.354: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to up
    *Aug 31 03:36:11.493: %LINK-5-CHANGED: Interface Dot11Radio1, changed state to reset
    *Aug 31 03:36:11.503: %LINK-3-UPDOWN: Interface Dot11Radio1, changed state to up
    *Aug 31 03:51:52.242: %CAPWAP-5-CHANGED: CAPWAP changed state to DOWN
    *Aug 31 03:51:52.336: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to administratively down
    *Aug 31 03:51:52.342: %LINK-5-CHANGED: Interface Dot11Radio1, changed state to administratively down
    *Aug 31 03:51:52.345: %CAPWAP-5-CHANGED: CAPWAP changed state to UP
    *Aug 31 03:51:52.346: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to up
    *Aug 31 03:51:52.346: %LINK-3-UPDOWN: Interface Dot11Radio1, changed state to up
    *Aug 31 03:51:52.346: %LWAPP-3-CLIENTEVENTLOG: SSID RPS added to the slot[0]
    --More-- or (q)uit
    *Aug 31 03:51:52.346: %LWAPP-3-CLIENTEVENTLOG: SSID RPS added to the slot[1]
    *Aug 31 03:51:52.347: %LINK-5-CHANGED: Interface Dot11Radio1, changed state to reset
    *Aug 31 03:51:52.347: %LWAPP-3-CLIENTEVENTLOG: SSID RPS-GUEST added to the slot[0]
    *Aug 31 03:51:52.347: %LWAPP-3-CLIENTEVENTLOG: SSID RPS-GUEST added to the slot[1]
    *Aug 31 03:51:52.370: %LINK-3-UPDOWN: Interface Dot11Radio1, changed state to up
    *Aug 31 03:51:52.370: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to reset
    *Aug 31 03:51:52.379: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to up
    *Aug 31 03:52:02.470: *** Access point reloading. Reason: Recvd RESET req from Controller ***
    *Mar 1 00:15:52.829: %CDP_PD-4-POWER_OK: Full power - NEGOTIATED inline power source
    *Mar 1 00:15:52.853: %LINK-3-UPDOWN: Interface Dot11Radio1, changed state to up
    *Mar 1 00:15:52.860: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to up
    *Mar 1 00:15:52.960: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio1, changed state to up
    *Mar 1 00:15:52.963: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to up
    *Mar 1 00:16:02.966: %CAPWAP-3-ERRORLOG: Did not get log server settings from DHCP.
    *Apr 20 11:02:16.001: %CAPWAP-3-ERRORLOG: Selected MWAR 'RPS-5508-2'(index 0).
    *Apr 20 11:02:16.001: %CAPWAP-3-ERRORLOG: Go join a capwap controller
    *Apr 20 11:02:16.001: %CAPWAP-5-DTLSREQSEND: DTLS connection request sent peer_ip: 10.200.1.21 peer_port: 5246
    *Apr 20 11:02:16.001: %CAPWAP-5-CHANGED: CAPWAP changed state to
    *Apr 20 11:02:16.991: %CAPWAP-5-DTLSREQSUCC: DTLS connection created sucessfully peer_ip: 10.200.1.21 peer_port: 5246
    *Apr 20 11:02:16.991: %CAPWAP-5-SENDJOIN: sending Join Request to 10.200.1.21
    *Apr 20 11:02:16.991: %CAPWAP-5-CHANGED: CAPWAP changed state to JOIN
    *Apr 20 11:02:17.279: %CAPWAP-5-CHANGED: CAPWAP changed state to CFG
    *Apr 20 11:02:17.459: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to reset
    --More-- or (q)uit
    *Apr 20 11:02:17.463: %CAPWAP-5-CHANGED: CAPWAP changed state to UP
    *Apr 20 11:02:17.463: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to up
    *Apr 20 11:02:17.549: %CAPWAP-5-JOINEDCONTROLLER: AP has joined controller RPS-5508-2
    *Apr 20 11:02:17.556: %LINK-5-CHANGED: Interface Dot11Radio1, changed state to reset
    *Apr 20 11:02:17.556: %LWAPP-3-CLIENTEVENTLOG: SSID RPS added to the slot[0]
    *Apr 20 11:02:17.582: %DOT11-4-NO_HT: Interface Dot11Radio0, Mcs rates disabled on vlan 1 due to not using AES encryption or en
    *Apr 20 11:02:17.583: %LINK-3-UPDOWN: Interface Dot11Radio1, changed state to up
    *Apr 20 11:02:17.583: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to reset
    *Apr 20 11:02:17.583: %LWAPP-3-CLIENTEVENTLOG: SSID RPS-GUEST added to the slot[0]
    *Apr 20 11:02:17.583: %LWAPP-3-CLIENTEVENTLOG: SSID RPS added to the slot[1]
    *Apr 20 11:02:17.583: %LWAPP-3-CLIENTEVENTLOG: SSID RPS-GUEST added to the slot[1]
    *Apr 20 11:02:17.591: %DOT11-4-NO_HT: Interface Dot11Radio1, Mcs rates disabled on vlan 1 due to not using AES encryption or en
    *Apr 20 11:02:17.591: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to up
    *Apr 20 13:10:23.885: *** Access point reloading. Reason: Recvd RESET req from Controller ***
    *Mar 1 00:15:54.051: %CDP_PD-4-POWER_OK: Full power - NEGOTIATED inline power source
    *Mar 1 00:15:54.075: %LINK-3-UPDOWN: Interface Dot11Radio1, changed state to up
    *Mar 1 00:15:54.082: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to up
    *Mar 1 00:15:55.045: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio1, changed state to up
    *Mar 1 00:15:55.067: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to up
    *Mar 1 00:16:02.971: %CAPWAP-3-ERRORLOG: Did not get log server settings from DHCP.
    *Apr 20 13:11:59.001: %CAPWAP-3-ERRORLOG: Selected MWAR 'RPS-5508-2'(index 0).
    *Apr 20 13:11:59.001: %CAPWAP-3-ERRORLOG: Go join a capwap controller
    *Apr 20 13:11:59.001: %CAPWAP-5-DTLSREQSEND: DTLS connection request sent peer_ip: 10.200.1.21 peer_port: 5246
    --More-- or (q)uit
    *Apr 20 13:11:59.001: %CAPWAP-5-CHANGED: CAPWAP changed state to
    *Apr 20 13:11:59.836: %CAPWAP-5-DTLSREQSUCC: DTLS connection created sucessfully peer_ip: 10.200.1.21 peer_port: 5246
    *Apr 20 13:11:59.836: %CAPWAP-5-SENDJOIN: sending Join Request to 10.200.1.21
    *Apr 20 13:11:59.836: %CAPWAP-5-CHANGED: CAPWAP changed state to JOIN
    *Apr 20 13:11:59.965: %CAPWAP-5-CHANGED: CAPWAP changed state to CFG
    *Apr 20 13:12:00.090: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to reset
    *Apr 20 13:12:00.095: %CAPWAP-5-CHANGED: CAPWAP changed state to UP
    *Apr 20 13:12:00.095: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to up
    *Apr 20 13:12:00.183: %CAPWAP-5-JOINEDCONTROLLER: AP has joined controller RPS-5508-2
    *Apr 20 13:12:00.196: %LINK-5-CHANGED: Interface Dot11Radio1, changed state to reset
    *Apr 20 13:12:00.196: %LWAPP-3-CLIENTEVENTLOG: SSID RPS added to the slot[0]
    *Apr 20 13:12:00.196: %LWAPP-3-CLIENTEVENTLOG: SSID RPS-GUEST added to the slot[0]
    *Apr 20 13:12:00.196: %LWAPP-3-CLIENTEVENTLOG: SSID RPS added to the slot[1]
    *Apr 20 13:12:00.196: %LWAPP-3-CLIENTEVENTLOG: SSID RPS-GUEST added to the slot[1]
    *Apr 20 13:12:00.217: %DOT11-4-NO_HT: Interface Dot11Radio1, Mcs rates disabled on vlan 1 due to not using AES encryption or en
    *Apr 20 13:12:00.223: %DOT11-4-NO_HT: Interface Dot11Radio0, Mcs rates disabled on vlan 1 due to not using AES encryption or en
    *Apr 20 13:12:00.223: %LINK-3-UPDOWN: Interface Dot11Radio1, changed state to up
    *Apr 20 13:12:00.223: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to reset
    *Apr 20 13:12:00.229: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to up
    *Apr 20 14:20:10.592: %CAPWAP-3-ERRORLOG: Received a upload request from controller for event log buffer

  • WLC 5508 LAG and CAt 3750 cross stack

    Hello,
    I would like to use the LAG feature on my 5508 WLCs and connect each of them to two different port of a 3750 stack using cross stack. Do you think it will work?
    Cisco suggests not to connect different LAG ports of a WLC to different CAT3750 but it's not clear if it was referred to different standalone 3750s or to a stackwise of 3750s.
    Tnks all
    Johnny

    The HA kicks in when the primary looses gateway, do a small test, keep a continuous ping to WLC  from its gateway as source and break one of the link in the LAG and see if you drop any packet ?

Maybe you are looking for