Only 47 APs join to WLC-4402-50

Why only 47 APs join to the controller 4402-50, the debug capwap errors enable show this:
(Cisco Controller) >
*Sep 07 11:52:33.700: 00:3a:98:f0:f0:f0 Join Priority Processing status = 0, Incoming Ap's Priority 1, MaxLrads = 50, joined Aps =47
*Sep 07 11:52:46.100: 00:3a:98:f0:f0:f0 Join resp: Unable to encode CAPWAP Control IPV4 Address
*Sep 07 11:52:46.100: 00:3a:98:f0:f0:f0 Failed to encode Join response to 192.168.15.10:10738
*Sep 07 11:52:46.101: 00:3a:98:f0:f0:f0 Config Response Failure: Unable to send Join response to 192.168.15.10:10738
*Sep 07 11:52:46.103: 00:3a:98:f0:f0:f0 State machine handler: Failed to process  msg type = 3 state = 0 from 192.168.15.10:10738
*Sep 07 11:52:46.103: 00:3a:98:f0:f0:f0 Failed to parse CAPWAP packet from 192.168.15.10:10738
*Sep 07 11:52:46.105: 00:3a:98:f0:f0:f0 Discarding non-ClientHello Handshake OR DTLS encrypted packet from  192.168.15.10:10738)since DTLS session is not established
Can anybody help me with this? When I disconect another AP the AP join succesfully and when i connect the disconnected AP not join, alway only 47 join, doesn't matter what AP, the first 47 in arrive join to the controller.
Any idea?

The limit Stephen is discussing was put into place to eliminate over subscription of a single sfp port utilizing only one AP manager interface. Enabling LAG equally distributes the traffic out one IP address using BOTH sfp ports from the physical layer perspective. You can also achieve this by adding a second AP manager interface and tying it to the second physical port. You must do one of these two to enable support for the additional 2 APs. When creating a new interface for the AP manager2 make sure that you allow it to dynamically manage the APs. If not, you will still have the same problem.

Similar Messages

  • How many APs Can I join a WLC 4402 and WiSM?

    I have a WLC with 20 APs joined into the same management VLAN and
    I'll deploy other campus with 240 APs and 2 WiSMs Blade.
    Is there any recomendation about how many APs Can I put on the same management VLAN?
    thanks a lot

    Cisco recommends 60 - 100 access points per vlan. Attached is the best pratices document
    https://cisco.hosted.jivesoftware.com/docs/DOC-4204

  • AP 1131ag not able to join with WLC 4402

    In some of my spare time, I've been trying to get this AP to join with this WLC. It's been about two weeks now. I'm not sure what the problem is. I think that there are a few possible issues, but I'm asking the more experienced & knowledgeable support community. I did convert the autonomous AP to a LAP. So here are some outputs:
    AP sh ver
    AP0014.6956.6926#sh ver
    Cisco IOS Software, C1130 Software (C1130-K9W8-M), Version 12.4(25e)JAO3, RELEASE SOFTWARE (fc1)
    Technical Support: http://www.cisco.com/techsupport
    Copyright (c) 1986-2013 by Cisco Systems, Inc.
    Compiled Wed 18-Dec-13 20:53 by prod_rel_team
    ROM: Bootstrap program is C1130 boot loader
    BOOTLDR: C1130 Boot Loader (C1130-BOOT-M) Version 12.3(2)JA3, RELEASE SOFTWARE (fc2)
    AP0014.6956.6926 uptime is 2 hours, 11 minutes
    System returned to ROM by power-on
    System image file is "flash:/c1130-k9w8-mx.124-25e.JAO3/c1130-k9w8-mx.124-25e.JAO3"
    This product contains cryptographic features and is subject to United
    States and local country laws governing import, export, transfer and
    use. Delivery of Cisco cryptographic products does not imply
    third-party authority to import, export, distribute or use encryption.
    Importers, exporters, distributors and users are responsible for
    compliance with U.S. and local country laws. By using this product you
    agree to comply with applicable laws and regulations. If you are unable
    to comply with U.S. and local laws, return this product immediately.
    A summary of U.S. laws governing Cisco cryptographic products may be found at:
    http://www.cisco.com/wwl/export/crypto/tool/stqrg.html
    If you require further assistance please contact us by sending email to
    [email protected].
    cisco AIR-LAP1131AG-A-K9 (PowerPCElvis) processor (revision A0) with 27638K/5120K bytes of memory.
    Processor board ID FTX0924T1NR
    PowerPCElvis CPU at 262Mhz, revision number 0x0950
    Last reset from power-on
    LWAPP image version 7.3.1.72
    1 FastEthernet interface
    2 802.11 Radio(s)
    32K bytes of flash-simulated non-volatile configuration memory.
    Base ethernet MAC Address: 00:14:69:56:69:26
    Part Number                          : 73-8962-07
    PCA Assembly Number                  : 800-24818-06
    PCA Revision Number                  : C0
    PCB Serial Number                    : FOC092238UU
    Top Assembly Part Number             : 800-25544-01
    Top Assembly Serial Number           : FTX0924T1NR
    Top Revision Number                  : A0
    Product/Model Number                 : AIR-AP1131AG-A-K9  
    Configuration register is 0xF
    WLC sh sysinfo
    Manufacturer's Name.............................. Cisco Systems Inc.
    Product Name..................................... Cisco Controller
    Product Version.................................. 4.2.205.0
    RTOS Version..................................... 4.2.205.0
    Bootloader Version............................... 4.2.205.0
    Build Type....................................... DATA + WPS
    System Name...................................... wlcVA010a03a01
    System Location..................................
    System Contact...................................
    System ObjectID.................................. 1.3.6.1.4.1.14179.1.1.4.3
    IP Address....................................... 10.10.1.1
    System Up Time................................... 4 days 0 hrs 54 mins 42 secs
    Configured Country............................... US  - United States
    Operating Environment............................ Commercial (0 to 40 C)
    Internal Temp Alarm Limits....................... 0 to 65 C
    Internal Temperature............................. +39 C
    State of 802.11b Network......................... Enabled
    State of 802.11a Network......................... Enabled
    Number of WLANs.................................. 1
    3rd Party Access Point Support................... Disabled
    Number of Active Clients......................... 0
    Burned-in MAC Address............................ 00:18:73:35:DC:40
    Crypto Accelerator 1............................. Absent
    Crypto Accelerator 2............................. Absent
    Power Supply 1................................... Absent
    Power Supply 2................................... Present, OK
    WLC debug lwapp errors enable
    Fri Jan 24 16:55:15 2014: 00:13:5f:f8:94:f0 LWAPP Join Request does not include valid certificate in CERTIFICATE_PAYLOAD from AP 00:13:5f:f8:94:f0.
    Fri Jan 24 16:55:15 2014: 00:13:5f:f8:94:f0 Unable to free public key for AP 00:13:5f:f8:94:f0
    Fri Jan 24 16:55:15 2014: 00:13:5f:f8:94:f0 Decoding Join Request failed for AP 00:13:5f:f8:94:f0
    Fri Jan 24 16:55:20 2014: 00:13:5f:f8:94:f0 LWAPP Join Request does not include valid certificate in CERTIFICATE_PAYLOAD from AP 00:13:5f:f8:94:f0.
    Fri Jan 24 16:55:20 2014: 00:13:5f:f8:94:f0 Unable to free public key for AP 00:13:5f:f8:94:f0
    Fri Jan 24 16:55:20 2014: 00:13:5f:f8:94:f0 Decoding Join Request failed for AP 00:13:5f:f8:94:f0
    WLC debug lwapp events enable
    Fri Jan 24 16:52:20 2014: 00:13:5f:f8:94:f0 Received LWAPP DISCOVERY REQUEST from AP 00:13:5f:f8:94:f0 to ff:ff:ff:ff:ff:ff on port '1'
    Fri Jan 24 16:52:20 2014: 00:13:5f:f8:94:f0 Successful transmission of LWAPP Discovery Response to AP 00:13:5f:f8:94:f0 on port 1
    Fri Jan 24 16:52:20 2014: 00:13:5f:f8:94:f0 Received LWAPP DISCOVERY REQUEST from AP 00:13:5f:f8:94:f0 to ff:ff:ff:ff:ff:ff on port '1'
    Fri Jan 24 16:52:20 2014: 00:13:5f:f8:94:f0 Successful transmission of LWAPP Discovery Response to AP 00:13:5f:f8:94:f0 on port 1
    Fri Jan 24 16:52:31 2014: 00:13:5f:f8:94:f0 Received LWAPP JOIN REQUEST from AP 00:13:5f:f8:94:f0 to 06:0a:10:10:00:00 on port '1'
    Fri Jan 24 16:52:31 2014: 00:13:5f:f8:94:f0 LWAPP Join Request does not include valid certificate in CERTIFICATE_PAYLOAD from AP 00:13:5f:f8:94:f0.
    Fri Jan 24 16:52:31 2014: 00:13:5f:f8:94:f0 Unable to free public key for AP 00:13:5f:f8:94:f0
    Fri Jan 24 16:52:31 2014: 00:13:5f:f8:94:f0 Decoding Join Request failed for AP 00:13:5f:f8:94:f0
    Fri Jan 24 16:52:36 2014: 00:13:5f:f8:94:f0 Received LWAPP JOIN REQUEST from AP 00:13:5f:f8:94:f0 to 06:0a:10:10:00:00 on port '1'
    Fri Jan 24 16:52:36 2014: 00:13:5f:f8:94:f0 LWAPP Join Request does not include valid certificate in CERTIFICATE_PAYLOAD from AP 00:13:5f:f8:94:f0.
    Fri Jan 24 16:52:36 2014: 00:13:5f:f8:94:f0 Unable to free public key for AP 00:13:5f:f8:94:f0
    Fri Jan 24 16:52:36 2014: 00:13:5f:f8:94:f0 Decoding Join Request failed for AP 00:13:5f:f8:94:f0
    WLC debug pm pki enable
    Fri Jan 24 16:49:45 2014: sshpmGetIssuerHandles: invalid args (0x13d7edd0/0x13d7edd4/0x13d7edd8/0x30231b14/0)
    Fri Jan 24 16:49:45 2014: sshpmFreePublicKeyHandle: called with (nil)
    Fri Jan 24 16:49:45 2014: sshpmFreePublicKeyHandle: NULL argument.
    Fri Jan 24 16:49:50 2014: sshpmGetIssuerHandles: invalid args (0x13d91320/0x13d91324/0x13d91328/0x30231b14/0)
    Fri Jan 24 16:49:50 2014: sshpmFreePublicKeyHandle: called with (nil)
    Fri Jan 24 16:49:50 2014: sshpmFreePublicKeyHandle: NULL argument.
    Thanks!
    Leon

    cisco AIR-LAP1131AG-A-K9 (PowerPCElvis) processor (revision A0) with 27638K/5120K bytes of memory.WLC sh sysinfoManufacturer's Name.............................. Cisco Systems Inc.Product Name..................................... Cisco ControllerProduct Version.................................. 4.2.205.0RTOS Version..................................... 4.2.205.0Bootloader Version............................... 4.2.205.0Build Type....................................... DATA + WPSFri Jan 24 16:55:20 2014: 00:13:5f:f8:94:f0 LWAPP Join Request does not include valid certificate in CERTIFICATE_PAYLOAD from AP 00:13:5f:f8:94:f0.Fri Jan 24 16:52:36 2014: 00:13:5f:f8:94:f0 LWAPP Join Request does not include valid certificate in CERTIFICATE_PAYLOAD from AP 00:13:5f:f8:94:f0.
    adding to Above .
    Manually add self-signed certificates (SSCs) to a Cisco Wireless LAN (WLAN) Controller (WLC).
    you can manually add the SSC to the WLC.
    these kind problems occure with Lightweight AP Protocol (LWAPP)-converted AP.
    Via GUI:
    Choose Security > AP Policies and click Enabled beside Accept Self Signed Certificate.
    Select SSC from the Certificate Type drop-down menu.
    Enter the MAC address of the AP and the hash key, and click Add.
    Via CLI:
    Enable Accept Self Signed Certificate on the WLC. The command is config auth-list ap-policy ssc enable.
    (Cisco Controller) >config auth-list ap-policy ssc enable
    Add the AP MAC address and hash key to the authorization list,The command is config auth-list add ssc AP_MAC AP_key .
    (Cisco Controller) >config auth-list add ssc
    More to check here:
    http://www.cisco.com/en/US/products/ps6366/products_configuration_example09186a00806a426c.shtml.
    Also mention by Scott that this is very old version on WLC.Please upgrade it.
    Hope ite helps.
    REgards
    Dont forget to rate helpful posts

  • APs don't join new WLC

    Hi all,
    I had to changed our WLC due a RMA. Now the APs don't join the WLC:
    spamApTask0: Mar 07 14:58:25.789: #CAPWAP-3-DTLS_DB_ERR: capwap_ac_sm.c:7305 4c:4e:35:b3:da:37: Failed to create DTLS connection for AP  10:169:2:171 (15781).*spamApTask6: Mar 07 14:58:25.582: #CAPWAP-3-DTLS_DB_ERR: capwap_ac_sm.c:7305 4c:4e:35:b3:e3:85: Failed to create DTLS connection for AP  10:169:2:147 (15930).*spamApTask6: Mar 07 14:58:25.527: #CAPWAP-3-DTLS_DB_ERR: capwap_ac_sm.c:7305 4c:4e:35:b3:e3:a3: Failed to create DTLS connection for AP  10:169:2:145 (15932).*spamApTask3: Mar 07 14:58:25.193: #CAPWAP-3-DTLS_DB_ERR: capwap_ac_sm.c:7305 4c:4e:35:57:b2:63: Failed to create DTLS connection for AP  10:169:2:160 (31527).*spamApTask5: Mar 07 14:58:25.117: #CAPWAP-3-DTLS_DB_ERR: capwap_ac_sm.c:7305 4c:4e:35:b3:da:2b: Failed to create DTLS connection for AP  10:169:2:167 (15780).*spamApTask0: Mar 07 14:58:24.971: #CAPWAP-3-DTLS_DB_ERR: capwap_ac_sm.c:7305 4c:4e:35:b3:e3:d1: Failed to create DTLS connection for AP  10:169:2:177 (15935).*spamApTask7: Mar 07 14:58:24.516: #CAPWAP-3-DTLS_DB_ERR: capwap_ac_sm.c:7305 4c:4e:35:57:b2:f9: Failed to create DTLS connection for AP  10:169:2:142 (31537).*spamApTask4: Mar 07 14:58:24.345: #CAPWAP-3-DTLS_DB_ERR: capwap_ac_sm.c:7305 4c:4e:35:57:bb:fb: Failed to create DTLS connection for AP  10:169:2:153 (31680).*spamApTask0: Mar 07 14:58:23.737: #CAPWAP-3-DTLS_DB_ERR: capwap_ac_sm.c:7305 4c:4e:35:b3:da:37: Failed to create DTLS connection for AP  10:169:2:171 (15781).*spamApTask6: Mar 07 14:58:23.535: #CAPWAP-3-DTLS_DB_ERR: capwap_ac_sm.c:7305 4c:4e:35:b3:e3:85: Failed to create DTLS connection for AP  10:169:2:147 (15930).
    The only way that I found to solve it has been perform a reset factory default on APs. Unfortunately the APs have not SSH, TELNET or HTTP access enabled and I haven't physical access to all the APs.
    Are there some other way to solve thas?

    Hi Joan,
    spamApTask0: Mar 07 14:58:25.789: #CAPWAP-3-DTLS_DB_ERR: capwap_ac_sm.c:7305 4c:4e:35:b3:da:37: Failed to create DTLS connection for AP  10:169:2:171 (15781).
    As per logs this is the problem related to Certificate. Make sure that time setting on WLC is correct and updated.
    means Unable to create the DTLS database entry for the AP.
    Can you paste more info:
    From WLC: Sh sysinfo
    From AP: sh version
    Also paste the entire bootup process from AP console.
    Scott is right , for this kind of things you must raise a TAC case.
    Regards
    Dont forget to rate helpful posts

  • Wlc 4402 errors when trying to join ap

    Hello,
    I have a wlc 4402 controller with software version 6.0.199.4
    now i have problems adding 1131 aps to my controller.
    in the pas i added 15 access points (withouts problems) but
    now doesn't seems to work anymore.
    here's what i got from controller when trying to join
    *Nov 11 12:24:37.739: %LWAPP-3-RADIUS_ERR: spam_radius.c:138 Could not send join reply, AP authorization failed; AP:00:13:c4:93:c1:58
    here's what i got on the AP (console cable on my pc when booting)
    %LWAPP-3-CLIENTERRORLOG: LWAPP Crypto Init (SSC): no certs in the SSC Private File
    Got an idea on this ?
    thanks for help

    Was the AP in automatic mode before? Did you copy the LWAPP recovery image to the AP using tftp?
    All APs manufactured before 2005 or 2006 do not have MIC (manfacture install MIC) installed. You need to use LWAPP conversion tool to convert the AP to LWAPP/CAPWAP; so that the conversion tool will install SSC (Self Signed Certificates) to build the encrypt the LWAPP/CAPWAP control traffic:
    http://www.cisco.com/en/US/docs/wireless/access_point/conversion/lwapp/upgrade/guide/lwapnote.html
    As LWAPP discovery image is already there, you need to convert the AP back to autonomous mode and use LWAPP conversion tool to conver the AP:
    http://www.cisco.com/en/US/docs/wireless/access_point/12.3_8_JA/configuration/guide/s38trb.html#wp1058472
    I hope that the mode button is not disable on the AP. if it does, I hope that the break key is not disable. If both the mode button and break key are disable, you need to RMA the AP.

  • 1131 LWAP not join WLC 4402

    I am deploying WLC 4402 with LWAP 1131 but AP fail to join the WLC .The resone that I dont have DNS server.The error message in the AP is :
    AP001d.451f.8582>
    *Mar 1 00:00:38.005: %DHCP-6-ADDRESS_ASSIGN: Interface FastEthernet0 assigned D
    HCP address 172.26.5.12, mask 255.255.255.0, hostname AP001d.451f.8582
    Translating "CISCO-LWAPP-CONTROLLER"...domain server (255.255.255.255)
    *Mar 1 00:00:49.371: LWAPP_CLIENT_ERROR: lwapp_name_lookup - Could Not resolve
    I tried to configure the Controller address in LAP but I fail ,The error when I tried to configure AP is below:
    AP001d.451f.8582#lwapp ap controller ip address 172.26.5.10
    ERROR!!! Command is disabled.
    my question is :
    is it possible to make LAP join WLC with out DNS,if yes how ?

    Hi Yhab,
    There are other ways besides DNS to help in the AP and WLC Discovery process. Have a look in this good doc;
    Lightweight AP (LAP) Registration to a Wireless LAN Controller (WLC)
    http://www.cisco.com/en/US/tech/tk722/tk809/technologies_tech_note09186a00806c9e51.shtml#topic2
    For the Static entry problem;
    If this AP was ever registered you can use this command from the LAP CLI to clear the LWAPP configuration on the LAP:
    clear lwapp private-config
    This allows you to use the AP LWAPP static configuration commands again.
    Here is an example:
    Enable (enter password)
    AP1240#clear lwapp private-config
    AP1240#lwapp ap hostname AP1240
    AP1240#lwapp ap ip address 10.77.244.199 255.255.255.224
    AP1240#lwapp ap ip default-gateway 10.77.244.220
    AP1240#lwapp ap controller ip address 172.16.1.50
    Note: You cannot use the clear lwapp private-config command when the LAP is registered with the controller.
    http://www.cisco.com/en/US/products/hw/wireless/ps430/products_tech_note09186a00808e2d27.shtml#t2
    Hope this helps!
    Rob

  • WLC 4402 Update 7.0.253.3: all 17 APs use channel 1

    Since the update of our WLC 4402 to v 7.0.253.3 all 17 accesspoints are using channel 1 !!
    Has anyone an idea to solve this channel-fixing?
    Thx
    Markus

    Thanks Scott,
    your were right: Channel Assignment Method of RRM was turned OFF since the update of the firmware! I have now changed the setting to AUTOMATIC and now, the APs are again using different channels :-)
    THX
    Markus

  • Rolling upgrade of WLC 4402 controllers and APs

    In need to upgrade the software on two WLC 4402 controller in a hospital.   Both WLCs have the same config and one is primary (has all APs connected) and the other backup (no APs connected.)  The APs are placed so there is still coverage if one goes down in an area.    My question - is it possible to do a rolling upgrade to have no downtime for the wireless clients?  My plan would be to upgrade the backup WLC then selectively move APs to it.  If I swap the primary and secondary controllers in the high availability tab on each AP, do I need to do a reset (General - Hardware Reset) or will it automatically reboot and connect to the upgraded backup controller?   When I'm done, I'd upgrade the primary controller and now call that backup.   Does this make sense? 

    I've done this same sort of thing on a slightly larger scale about 5 times now at the hospital I work at.  Quick answer is "Yes, it is possible to do a rolling upgrade and have no downtime for wireless clients."
    I've got 5 WLC's, and I use the high availability tab to move all the AP's off one, upgrade it, and move all the AP's from the next WLC over to it, upgrade that one, etc.
    The thing you need to be careful of is your timing and your choice of APs to move.
    It generally takes about a minute to move an AP between WLCs running the same version.  But if there's a version change that makes the AP upgrade, you're looking at about 6 minutes.
    I do them one at a time, and when they show up in the WLC as being up, running and happy for 1 minute, I do the next one.  And so on.  Takes me about 3 days to go through all 5 WLCs and 375 APs.  Not once have I had a user notice the move.
    Also, in order to test, after I do the first upgrade, I move just one area's APs into that WLC for a day and then test the various flavors of gear we have (phones, infusion pumps, laptops, etc.) to confirm that the new version doesn't have any trouble.  Sometimes it does and I work with TAC to get things resolved before I do the whole hospital.
    jh

  • Wlc 4402 and 1010 Aps

    Hi,
    I have 2 vlans (wired-side) in my corporation: the first one for Data (vlan 1, native) and the second one for voice (vlan 2). We've just get a wlc 4402 with 1010 Aps and I would like to know one thing:
    Could I create 2 Ssids(one for voice and another for Data) and map each one to its wired Vlan?.
    Does the 1010 Ap support 802.1q?
    Thanks in advance for your help

    The 1010 aps connect to the switches as hosts
    (switchport mode access; switchport access vlan ...)
    The controller has 2 ports that connect to the network as trunks. You can connect them as port 1 and 2, or put them in a lag group [aka etherchannel)
    All the vlan trunking is done at the controller port to switch port. The AP sends the info down to the controller over the vlan specified for the aps
    In your case, you should create another vlan for the APS.
    The 4402 controller mgmt interface would sit in the same vlan as the APs. You would then create dynamic interfaces on the controller that have a vlan id and ip address for the desired network per your needs. You would then create a wlan on the controller and then bind it to the dynamic interface you just created.
    I am oversimplfying this process quite a bit, but it should get you started. There is now a good bit of info on cisco.com for the wireless products

  • WLC 4402, LAP1242AG APs and Layer 2 Switch Network Design

    Hi Every One,
    I am new designer in the Wireless technology. During design i came accros through a confusing/complex existing topology which i have to integrate with WLC 4402 as below;
    Existing:
    1: I have 12 Switches; all vtp mode server. all in single vlan 1 with single subnet 192.168.0.0/24. All users ports in this single vlan 1.
    2: All of these are old switches including 2950G, 350GXL, 4912.
    3: All the switches gateway is Pix Firewall (192.168.0.1).
    To Do:
    1: I have to implement 1 * WLC 4402, 22 *LAP1242AG Access Points.
    2: WLC will be connected to 350GXL or 4912 through Fiber.
    3: Access Points will be connected to all other 20 switches randomely.
    Confusion:
    1: In my design i created separate vlan 450 for WLC and APs management. But this is not doable in this current setup because all the switches are vtp mode server. Also the gateway is Firewall. Which will require configuration on all existing switches + Pix.(I DONT WANT TO GO FOR THIS OPTION).
    2: To make my work easy, is this possible to Put the WLC, APs in the same vlan 1 (192.168.0.0/24) that is currently used by the existing switches? The gateway for these WLC and APs will be Pix (192.168.0.1).
    3: I tried to search Cisco examples, but in every example Cisco has made a separate vlan for WLC, APs management. So will Point 2 worK?
    4: Do i require any specific changes for this?
    5: ANY OTHER DESIGN SUGGESTION?????????
    Please find the attached Diagram for more information.

    Thanks for the reply.
    1: U mean dat the switch port config will be as below;
    int g0/10
    description connected to WLAN Controller
    switch mode access
    switch access vlan 1
    int g0/23
    description connected to AP
    switchport mode access
    switchport access vlan 1
    so below wil b the sumary of config:
    All switches, WLC, APs, Wireless users and Wired users will be in the same subnet (192.168.0.0/24). Is it ok??
    2: Wat do u mean by vtp config; Please clarify???
    As i mentioned all switches are in vtp mode server. vtp domain name is configred on 12 out of 15 switch. Do i need to config same vtp domain name on all switches? I also have to check vtp pass??

  • WLC 4402 - APs last reboot reason power loss

    st1\:*{behavior:url(#ieooui) }
    /* Style Definitions */
    table.MsoNormalTable
    {mso-style-name:"Normale Tabelle";
    mso-tstyle-rowband-size:0;
    mso-tstyle-colband-size:0;
    mso-style-noshow:yes;
    mso-style-parent:"";
    mso-padding-alt:0cm 5.4pt 0cm 5.4pt;
    mso-para-margin:0cm;
    mso-para-margin-bottom:.0001pt;
    mso-pagination:widow-orphan;
    font-size:10.0pt;
    font-family:"Times New Roman";
    mso-ansi-language:#0400;
    mso-fareast-language:#0400;
    mso-bidi-language:#0400;}
    Hi,
    we have a Wireless LAN Controller WLC 4402, Software Version 4.1.192.22M (Mesh).
    At the moment there are 6 Access Points in one house, one of them is the root AP. The others are only connected via electrical socket.
    AP’s are: AIR-LAP1131AG-E-K9 / Boot Version 12.3.8.0 / IOS Version 12.4(3g)JMC1
    I think the configuration worked fine over a period of 2 years.
    Now the problem is that the number of access points connected to the controller is changing nearly every minute. At times there is only one AP connected to the controller. So it is impossible for the clients to build up a steady connection. They have to log in via the guest user web interface at short intervals or they can’t see the wireless lan.
    First we thought it would be a problem of one or two “defect” access points. But we replaced 4 of the 6 access points and the problem is still there.
    An example, yesterday:
    13:17 o’clock – 2 AP’s
    13:19 o’clock – 4 AP’s
    13:21 o’clock – 5 AP’s
    13:23 o’clock – 4 AP’s
    13:25 o’clock – 5 AP’s
    13:25 o’clock – 4 AP’s
    13:26 o’clock – 5 AP’s
    13:26 o’clock – 6 AP’s
    13:28 o’clock – 4 AP’s
    13:28 o’clock – 2 AP’s
    Eye-catching is the following message of the log, which appears often: “52       Mon May 16 13:21:56 2011        AP 'AP001d.e557.6fd8', MAC: 00:1d:70:01:bc:20 disassociated previously due to AP Reset. Last reboot reason: power loss
    Also eye-catching is the AP up time. The Root AP is up for over 80 days. But all the other access points show an up time of a few minutes until some hours…but not more.
    Does anybody know what the problem could be?? I read some similar threads but no solution.
    In the following an abstract of the log:
    21        Mon May 16 13:25:43 2011        AP 'AP0021.d847.ffca', MAC: 00:23:5e:49:9d:e0 disassociated previously due to AP Reset. Last reboot reason: power loss
    22        Mon May 16 13:25:30 2011        AP Disassociated. Base Radio MAC:00:1d:70:01:b5:a0
    23        Mon May 16 13:25:30 2011        AP's Interface:1(802.11a) Operation State Down: Base Radio MAC:00:1d:70:01:b5:a0 Cause=Heartbeat Timeout
    24        Mon May 16 13:25:30 2011        AP's Interface:0(802.11b) Operation State Down: Base Radio MAC:00:1d:70:01:b5:a0 Cause=Heartbeat Timeout
    25        Mon May 16 13:25:05 2011        Mesh child node '00:23:5e:49:9d:ef' has changed its parent to mesh node '00:1f:ca:cc:b7:40' from mesh node '00:1d:70:01:bc:20'.
    26        Mon May 16 13:24:10 2011        AP Disassociated. Base Radio MAC:00:23:5e:49:9d:e0
    27        Mon May 16 13:24:10 2011        AP's Interface:1(802.11a) Operation State Down: Base Radio MAC:00:23:5e:49:9d:e0 Cause=New Discovery
    28        Mon May 16 13:24:10 2011        AP's Interface:0(802.11b) Operation State Down: Base Radio MAC:00:23:5e:49:9d:e0 Cause=New Discovery
    29        Mon May 16 13:23:59 2011        AP's Interface:0(802.11b) Operation State Up: Base Radio MAC:00:1d:71:e1:b2:20 Cause=Admin Configured
    30        Mon May 16 13:23:59 2011        AP's Interface:0(802.11b) Operation State Down: Base Radio MAC:00:1d:71:e1:b2:20 Cause=Admin Configured
    31        Mon May 16 13:23:59 2011        AP's Interface:1(802.11a) Operation State Up: Base Radio MAC:00:1d:71:e1:b2:20 Cause=Admin Configured
    32        Mon May 16 13:23:59 2011        AP's Interface:0(802.11b) Operation State Up: Base Radio MAC:00:1d:71:e1:b2:20 Cause=Admin Configured
    33        Mon May 16 13:23:58 2011        AP 'AP001d.45d8.4ea6', MAC: 00:1d:71:e1:b2:20 disassociated previously due to AP Reset. Last reboot reason: power loss
    34        Mon May 16 13:23:31 2011        AP's Interface:0(802.11b) Operation State Up: Base Radio MAC:00:1d:70:01:b5:a0 Cause=Admin Configured
    35        Mon May 16 13:23:31 2011        AP's Interface:0(802.11b) Operation State Down: Base Radio MAC:00:1d:70:01:b5:a0 Cause=Admin Configured
    36        Mon May 16 13:23:31 2011        AP's Interface:1(802.11a) Operation State Up: Base Radio MAC:00:1d:70:01:b5:a0 Cause=Admin Configured
    37        Mon May 16 13:23:31 2011        AP's Interface:0(802.11b) Operation State Up: Base Radio MAC:00:1d:70:01:b5:a0 Cause=Admin Configured
    38        Mon May 16 13:23:30 2011        AP 'AP001d.e557.6f0c', MAC: 00:1d:70:01:b5:a0 disassociated previously due to AP Reset. Last reboot reason: power loss
    39        Mon May 16 13:23:13 2011        Client Association: Client MAC:00:1d:71:e1:b2:2f Base Radio MAC :00:1d:70:01:bc:20 Slot: 1 User Name:c1130-001D45D84EA6
    40        Mon May 16 13:23:13 2011        Mesh child node '00:1d:71:e1:b2:2f' has changed its parent to mesh node '00:1d:70:01:bc:20' from mesh node '00:1f:ca:cc:b7:40'.
    41        Mon May 16 13:23:04 2011        Mesh child node '00:1d:70:01:b5:af' has changed its parent to mesh node '00:23:5e:49:9d:e0' from mesh node '00:1f:ca:cc:b7:40'.
    42        Mon May 16 13:22:57 2011        AP 'AP0021.d847.ffca', MAC: 00:23:5e:49:9d:e0 disassociated previously due to AP Reset. Last reboot reason: power loss
    43        Mon May 16 13:22:39 2011        AP Disassociated. Base Radio MAC:00:23:5e:49:9d:e0
    44        Mon May 16 13:22:39 2011        AP's Interface:1(802.11a) Operation State Down: Base Radio MAC:00:23:5e:49:9d:e0 Cause=New Discovery
    45        Mon May 16 13:22:39 2011        AP's Interface:0(802.11b) Operation State Down: Base Radio MAC:00:23:5e:49:9d:e0 Cause=New Discovery
    46        Mon May 16 13:22:39 2011        AP 'AP0021.d847.ffca', MAC: 00:23:5e:49:9d:e0 disassociated previously due to AP Reset. Last reboot reason: power loss
    47        Mon May 16 13:22:17 2011        Mesh child node '00:23:5e:49:9d:ef' has changed its parent to mesh node '00:1d:70:01:bc:20' from mesh node '00:1f:ca:cc:b7:40'.
    48        Mon May 16 13:21:57 2011        AP's Interface:0(802.11b) Operation State Up: Base Radio MAC:00:1d:70:01:bc:20 Cause=Admin Configured
    49        Mon May 16 13:21:57 2011        AP's Interface:0(802.11b) Operation State Down: Base Radio MAC:00:1d:70:01:bc:20 Cause=Admin Configured
    50        Mon May 16 13:21:57 2011        AP's Interface:1(802.11a) Operation State Up: Base Radio MAC:00:1d:70:01:bc:20 Cause=Admin Configured
    51        Mon May 16 13:21:57 2011        AP's Interface:0(802.11b) Operation State Up: Base Radio MAC:00:1d:70:01:bc:20 Cause=Admin Configured
    52        Mon May 16 13:21:56 2011        AP 'AP001d.e557.6fd8', MAC: 00:1d:70:01:bc:20 disassociated previously due to AP Reset. Last reboot reason: power loss
    53        Mon May 16 13:21:39 2011        Client Association: Client MAC:00:23:5e:49:9d:ef Base Radio MAC :00:1f:ca:cc:b7:40 Slot: 1 User Name:c1130-0021D847FFCA
    54        Mon May 16 13:21:32 2011        Client Association: Client MAC:00:23:5e:49:9d:ef Base Radio MAC :00:1f:ca:cc:b7:40 Slot: 1 User Name:c1130-0021D847FFCA
    55        Mon May 16 13:21:12 2011        Mesh child node '00:1d:71:e1:b2:2f' has changed its parent to mesh node '00:1f:ca:cc:b7:40' from mesh node '00:1d:70:01:b5:a0'.
    56        Mon May 16 13:21:05 2011        Client Association: Client MAC:00:1d:70:01:bc:2f Base Radio MAC :00:1f:ca:cc:b7:40 Slot: 1 User Name:c1130-001DE5576FD8
    57        Mon May 16 13:20:32 2011        Mesh child node '00:23:5e:49:9d:ef' has changed its parent to mesh node '00:1f:ca:cc:b7:40' from mesh node '00:1d:70:01:bc:20'.
    58        Mon May 16 13:20:11 2011        Mesh child node '00:1d:70:01:bc:2f' is no longer associated with mesh node '00:1f:ca:cc:b7:40'.
    59        Mon May 16 13:20:06 2011        Mesh child node '00:1d:70:01:b5:af' has changed its parent to mesh node '00:1f:ca:cc:b7:40' from mesh node '00:1d:70:01:bc:20'.
    60        Mon May 16 13:19:57 2011        AP Disassociated. Base Radio MAC:00:1d:70:01:b5:a0
    61        Mon May 16 13:19:57 2011        AP's Interface:1(802.11a) Operation State Down: Base Radio MAC:00:1d:70:01:b5:a0 Cause=Heartbeat Timeout
    62        Mon May 16 13:19:57 2011        AP's Interface:0(802.11b) Operation State Down: Base Radio MAC:00:1d:70:01:b5:a0 Cause=Heartbeat Timeout
    63        Mon May 16 13:19:49 2011        AP Disassociated. Base Radio MAC:00:1d:70:01:bc:20
    64        Mon May 16 13:19:49 2011        AP's Interface:1(802.11a) Operation State Down: Base Radio MAC:00:1d:70:01:bc:20 Cause=Heartbeat Timeout
    65        Mon May 16 13:19:49 2011        AP's Interface:0(802.11b) Operation State Down: Base Radio MAC:00:1d:70:01:bc:20 Cause=Heartbeat Timeout
    66        Mon May 16 13:19:39 2011        AP Disassociated. Base Radio MAC:00:23:5e:49:9d:e0
    67        Mon May 16 13:19:39 2011        AP's Interface:1(802.11a) Operation State Down: Base Radio MAC:00:23:5e:49:9d:e0 Cause=Heartbeat Timeout
    68        Mon May 16 13:19:39 2011        AP's Interface:0(802.11b) Operation State Down: Base Radio MAC:00:23:5e:49:9d:e0 Cause=Heartbeat Timeout
    69        Mon May 16 13:19:36 2011        AP Disassociated. Base Radio MAC:00:1d:71:e1:b2:20
    70        Mon May 16 13:19:36 2011        AP's Interface:1(802.11a) Operation State Down: Base Radio MAC:00:1d:71:e1:b2:20 Cause=Heartbeat Timeout
    71        Mon May 16 13:19:36 2011        AP's Interface:0(802.11b) Operation State Down: Base Radio MAC:00:1d:71:e1:b2:20 Cause=Heartbeat Timeout
    Greetings Lydia

    st1\:*{behavior:url(#ieooui) }
    /* Style Definitions */
    table.MsoNormalTable
    {mso-style-name:"Normale Tabelle";
    mso-tstyle-rowband-size:0;
    mso-tstyle-colband-size:0;
    mso-style-noshow:yes;
    mso-style-parent:"";
    mso-padding-alt:0cm 5.4pt 0cm 5.4pt;
    mso-para-margin:0cm;
    mso-para-margin-bottom:.0001pt;
    mso-pagination:widow-orphan;
    font-size:10.0pt;
    font-family:"Times New Roman";
    mso-ansi-language:#0400;
    mso-fareast-language:#0400;
    mso-bidi-language:#0400;}
    Hey,
    last week I tried to upgrade the controller step-by-step.
    Under the software 4.1.192.35M the problem was still there… access points were often disassociated from the controller.
    There were problems with Software 4.2.207.54M too. The access points couldn’t reach the download-status. The log of the access point said that it could not open the tar-file.
    So I went back to 4.1.192.35M. Of course the controller lost some of its configuration. I configured it new with the same settings as before.
    After it the wireless connection seemed to be a little bit more robust. I asked the users to test the connection at the weekend and this is the answer:
    “so we tested the WLAN during the weekend. The situation definitely improved with respect to before. Authetication is much faster and the connection (when active) is sensibly faster.
    However the connection is still very unstable and it is necessary every five-ten minutes to reconnect (especially for intense network traffic like when watching a streaming content or using VOIP applications. Actually switching off and on again the WLAN card (Airport) often a new authentication is not required. However, without doing so the connection would not resume alone to a working state.
    So what to say? Better than before (thanks) but far from being fixed. From last September to January we did not experience any problem, so it must be something that chronologically happened at the beginning of the year, it is not a systemic problem.
    But there were no changes or anything else at the beginning of the year.
    Do you mean it makes sense to resume upgrading? I’m a little bit afraid of more problems like under 4.2.207.54M
    Greetings Lydia

  • Cisco AIR-LAP1041N-E-K9 not working with WLC 4402 version 7.0.116.0

    Hi All,
    appreciate your support for a problem i started facing today. i have a Cisco WLC 4402 running version 7.0.116.0 and it is working great with 25 Cisco 1252 APs. we have recieved a new 20 Cisco 1041N APs today and i installed one in our site but it doesn't work. it worked fine and loaded the image from flash and got the WLC ip address through DHCP option and started showing the below error:
    *Mar  1 00:00:10.021: %SOAP_FIPS-2-SELF_TEST_IOS_SUCCESS: IOS crypto FIPS self test passed
    *Mar  1 00:00:10.033: *** CRASH_LOG = YES
    *Mar  1 00:00:10.333: Port 1 is not presentSecurity Core found.
    Base Ethernet MAC address: C8:9C:1D:53:57:5E
    *Mar  1 00:00:11.373: %SOAP_FIPS-2-SELF_TEST_RAD_SUCCESS: RADIO crypto FIPS self test passed on interface Dot11Radio 0
    *Mar  1 00:00:11.465: %LWAPP-3-CLIENTEVENTLOG: Read and initialized AP event log (contains, 1088 messages)
    *Mar  1 00:00:11.494:  status of voice_diag_test from WLC is false
    *Mar  1 00:00:12.526: %LINK-3-UPDOWN: Interface GigabitEthernet0, changed state to up
    *Mar  1 00:00:13.594: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0, changed state to up
    *Mar  1 00:00:13.647: %SYS-5-RESTART: System restarted --
    Cisco IOS Software, C1040 Software (C1140-K9W8-M), Version 12.4(23c)JA2, RELEASE SOFTWARE (fc3)
    Technical Support: http://www.cisco.com/techsupport
    Copyright (c) 1986-2011 by Cisco Systems, Inc.
    Compiled Wed 13-Apr-11 12:50 by prod_rel_team
    *Mar  1 00:00:13.647: %SNMP-5-COLDSTART: SNMP agent on host APc89c.1d53.575e is undergoing a cold start
    *Mar  1 00:08:59.062: %CAPWAP-5-CHANGED: CAPWAP changed state to DISCOVERY
    *Mar  1 00:08:59.062: bsnInitRcbSlot: slot 1 has NO radio
    *Mar  1 00:08:59.138: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to reset
    *Mar  1 00:08:59.837: %SSH-5-ENABLED: SSH 2.0 has been enabled
    *Mar  1 00:09:00.145: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to down
    *Mar  1 00:09:09.136: %DHCP-6-ADDRESS_ASSIGN: Interface GigabitEthernet0 assigned DHCP address 172.16.26.81, mask 255.255.255.0, hostname APc89c.1d53.575e
    *Mar  1 00:09:17.912: %PARSER-4-BADCFG: Unexpected end of configuration file.
    *Mar  1 00:09:17.912:  status of voice_diag_test from WLC is false
    *Mar  1 00:09:17.984: Logging LWAPP message to 255.255.255.255.
    *Mar  1 00:09:19.865: %CDP_PD-4-POWER_OK: Full power - NEGOTIATED inline power source
    *Mar  1 00:09:19.886: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to up
    *Mar  1 00:09:20.873: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to up
    *Mar  1 00:09:20.874: %SYS-6-LOGGINGHOST_STARTSTOP: Logging to host 255.255.255.255 started - CLI initiated
    Translating "CISCO-CAPWAP-CONTROLLER.atheertele.com"...domain server (172.16.40.240)
    *Mar  1 00:09:29.029: %CAPWAP-5-DHCP_OPTION_43: Controller address 172.16.100.102 obtained through DHCP
    *May 25 08:27:02.000: %CAPWAP-5-DTLSREQSEND: DTLS connection request sent peer_ip: 172.16.100.101 peer_port: 5246
    *May 25 08:27:02.001: %CAPWAP-5-CHANGED: CAPWAP changed state to
    *May 25 08:27:03.175: %CAPWAP-5-DTLSREQSUCC: DTLS connection created sucessfully peer_ip: 172.16.100.101 peer_port: 5246
    *May 25 08:27:03.177: %CAPWAP-5-SENDJOIN: sending Join Request to 172.16.100.101
    *May 25 08:27:03.177: %CAPWAP-5-CHANGED: CAPWAP changed state to JOIN
    *May 25 08:27:03.329: %CAPWAP-5-CHANGED: CAPWAP changed state to CFG
    *May 25 08:27:03.333: %DTLS-5-ALERT: Received WARNING : Close notify alert from 172.16.100.101
    *May 25 08:27:03.333: %DTLS-5-PEER_DISCONNECT: Peer 172.16.100.101 has closed connection.
    *May 25 08:27:03.333: %DTLS-5-SEND_ALERT: Send FATAL : Close notify Alert to 172.16.100.101:5246
    *May 25 08:27:03.378: %CAPWAP-5-CHANGED: CAPWAP changed state to DISCOVERY
    *May 25 08:27:03.378: %CAPWAP-5-CHANGED: CAPWAP changed state to DISCOVERY
    *May 25 08:27:03.378: bsnInitRcbSlot: slot 1 has NO radio
    *May 25 08:27:03.448:  status of voice_diag_test from WLC is false
    *May 25 08:27:14.000: %CAPWAP-5-DTLSREQSEND: DTLS connection request sent peer_ip: 172.16.100.101 peer_port: 5246
    *May 25 08:27:14.001: %CAPWAP-5-CHANGED: CAPWAP changed state to
    *May 25 08:27:15.185: %CAPWAP-5-DTLSREQSUCC: DTLS connection created sucessfully peer_ip: 172.16.100.101 peer_port: 5246
    *May 25 08:27:15.186: %CAPWAP-5-SENDJOIN: sending Join Request to 172.16.100.101
    *May 25 08:27:15.186: %CAPWAP-5-CHANGED: CAPWAP changed state to JOIN
    *May 25 08:27:15.330: %CAPWAP-5-CHANGED: CAPWAP changed state to CFG
    *May 25 08:27:15.333: %DTLS-5-ALERT: Received WARNING : Close notify alert from 172.16.100.101
    *May 25 08:27:15.334: %DTLS-5-PEER_DISCONNECT: Peer 172.16.100.101 has closed connection.
    *May 25 08:27:15.334: %DTLS-5-SEND_ALERT: Send FATAL : Close notify Alert to 172.16.100.101:5246
    *May 25 08:27:15.379: %CAPWAP-5-CHANGED: CAPWAP changed state to DISCOVERY
    *May 25 08:27:15.379: %CAPWAP-5-CHANGED: CAPWAP changed state to DISCOVERY
    *May 25 08:27:15.379: bsnInitRcbSlot: slot 1 has NO radio
    *May 25 08:27:15.450:  status of voice_diag_test from WLC is false
    *May 25 08:27:26.000: %CAPWAP-5-DTLSREQSEND: DTLS connection request sent peer_ip: 172.16.100.101 peer_port: 5246
    *May 25 08:27:26.001: %CAPWAP-5-CHANGED: CAPWAP changed state to
    *May 25 08:27:27.182: %CAPWAP-5-DTLSREQSUCC: DTLS connection created sucessfully peer_ip: 172.16.100.101 peer_port: 5246
    *May 25 08:27:27.183: %CAPWAP-5-SENDJOIN: sending Join Request to 172.16.100.101
    *May 25 08:27:27.184: %CAPWAP-5-CHANGED: CAPWAP changed state to JOIN
    *May 25 08:27:27.329: %CAPWAP-5-CHANGED: CAPWAP changed state to CFG
    *May 25 08:27:27.333: %DTLS-5-ALERT: Received WARNING : Close notify alert from 172.16.100.101
    *May 25 08:27:27.333: %DTLS-5-PEER_DISCONNECT: Peer 172.16.100.101 has closed connection.
    *May 25 08:27:27.333: %DTLS-5-SEND_ALERT: Send FATAL : Close notify Alert to 172.16.100.101:5246
    *May 25 08:27:27.377: %CAPWAP-5-CHANGED: CAPWAP changed state to DISCOVERY
    *May 25 08:27:27.377: %CAPWAP-5-CHANGED: CAPWAP changed state to DISCOVERY
    *May 25 08:27:27.377: bsnInitRcbSlot: slot 1 has NO radio
    *May 25 08:27:27.433: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to administratively down
    *May 25 08:27:27.446: %PARSER-4-BADCFG: Unexpected end of configuration file.
    *May 25 08:27:27.447:  status of voice_diag_test from WLC is false
    *May 25 08:27:27.448: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to up
    *May 25 08:27:27.456: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to reset
    *May 25 08:27:38.000: %CAPWAP-5-DTLSREQSEND: DTLS connection request sent peer_ip: 172.16.100.101 peer_port: 5246
    *May 25 08:27:38.001: %CAPWAP-5-CHANGED: CAPWAP changed state to
    *May 25 08:27:39.183: %CAPWAP-5-DTLSREQSUCC: DTLS connection created sucessfully peer_ip: 172.16.100.101 peer_port: 5246
    *May 25 08:27:39.184: %CAPWAP-5-SENDJOIN: sending Join Request to 172.16.100.101
    *May 25 08:27:39.184: %CAPWAP-5-CHANGED: CAPWAP changed state to JOIN
    *May 25 08:27:39.326: %CAPWAP-5-CHANGED: CAPWAP changed state to CFG
    *May 25 08:27:39.329: %DTLS-5-ALERT: Received WARNING : Close notify alert from 172.16.100.101
    *May 25 08:27:39.329: %DTLS-5-PEER_DISCONNECT: Peer 172.16.100.101 has closed connection.
    *May 25 08:27:39.330: %DTLS-5-SEND_ALERT: Send FATAL : Close notify Alert to 172.16.100.101:5246
    *May 25 08:27:39.375: %CAPWAP-5-CHANGED: CAPWAP changed state to DISCOVERY
    *May 25 08:27:39.375: %CAPWAP-5-CHANGED: CAPWAP changed state to DISCOVERY
    *May 25 08:27:39.375: bsnInitRcbSlot: slot 1 has NO radio
    *May 25 08:27:39.446:  status of voice_diag_test from WLC is false
    *May 25 08:27:49.000: %CAPWAP-5-DTLSREQSEND: DTLS connection request sent peer_ip: 172.16.100.101 peer_port: 5246
    *May 25 08:27:49.001: %CAPWAP-5-CHANGED: CAPWAP changed state to
    *May 25 08:27:50.179: %CAPWAP-5-DTLSREQSUCC: DTLS connection created sucessfully peer_ip: 172.16.100.101 peer_port: 5246
    *May 25 08:27:50.180: %CAPWAP-5-SENDJOIN: sending Join Request to 172.16.100.101
    *May 25 08:27:50.180: %CAPWAP-5-CHANGED: CAPWAP changed state to JOIN
    *May 25 08:27:50.323: %CAPWAP-5-CHANGED: CAPWAP changed state to CFG
    *May 25 08:27:50.326: %DTLS-5-ALERT: Received WARNING : Close notify alert from 172.16.100.101
    *May 25 08:27:50.326: %DTLS-5-PEER_DISCONNECT: Peer 172.16.100.101 has closed connection.
    *May 25 08:27:50.326: %DTLS-5-SEND_ALERT: Send FATAL : Close notify Alert to 172.16.100.101:5246
    *May 25 08:27:50.370: %CAPWAP-5-CHANGED: CAPWAP changed state to DISCOVERY
    *May 25 08:27:50.370: %CAPWAP-5-CHANGED: CAPWAP changed state to DISCOVERY
    *May 25 08:27:50.370: bsnInitRcbSlot: slot 1 has NO radio
    *May 25 08:27:50.425: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to administratively down
    *May 25 08:27:50.438: %PARSER-4-BADCFG: Unexpected end of configuration file.
    i searched for the regulatory domains difference between  AIR-LAP1041N-E-K9 and  AIR-LAP1041N-A-K9 and didn't find any difference that may affect the operation of this AP.
    just to mention that our configuration in WLC for regulatory domains is:
    Configured Country Code(s) AR 
    Regulatory Domain  802.11a:  -A
                                 802.11bg: -A
    My question is, should i only include my country in the WLC (IQ) to add the requlatry domain (-E) to solve this problem? or changing the country will affect the operation of all working APs??
    Appreciate your kind support,
    Wisam Q.

    Hi Ramon,
    thank you for the reply but as shown in the below link:
    http://www.cisco.com/en/US/docs/wireless/controller/release/notes/crn7.0.html#wp233793
    the WLC in version 7.0.116.0 supports Cisco 1040 seiries APs.
    Thanks,
    Wisam Q.

  • Wireless controller ha between wlc5508 and wlc 4402

    We have 2 wlc:  a wlc 5508 ( license 100 AP ) and  wlc 4402 ( license 12AP).
    We try to setup when 5508 down, 12 identify AP (important AP -Group A) will join 4402 and all other AP (not improtan AP -Group B)
    wont joint  wlc 4402.
    First, all AP join wlc 5508, 2 WLC have same mobility group.
    After that, we  config 12 APs belongto group A have primary and secondary wlc, group B only has primary wlc.
    When wlc 5508 down, some of APs of GroupA and   some of APs of GroupB join wlc 4402. We test many times and we have differnet result each times.
    is theare any way to resolve our problem?
    Thanks.

    Just to add, make sure that the WLC is running the same code, if not, then make sure the ap is supported on the code that is running on the 5508. The issue with mixed code is the ap will upgrade and downgrade very time they switch to a different WLC.
    http://www.cisco.com/en/US/docs/wireless/controller/5500/tech_notes/Wireless_Software_Compatibility_Matrix.html
    Sent from Cisco Technical Support iPhone App

  • AP(2720e) not joining a WLC (2504)

    I recently purchased two 2702e AP's to expand the wireless coverage of our network but when I plug them in, they will not join the AP for some reason.
    This is what I am getting on the controller;
    (Cisco Controller) >show ap join stats detailed f44e0544e944
    Discovery phase statistics
    - Discovery requests received.............................. 51
    - Successful discovery responses sent...................... 26
    - Unsuccessful discovery request processing................ 0
    - Reason for last unsuccessful discovery attempt........... Not applicable
    - Time at last successful discovery attempt................ Dec 08 10:24:37.695
    - Time at last unsuccessful discovery attempt.............. Not applicable
    Join phase statistics
    - Join requests received................................... 0
    - Successful join responses sent........................... 0
    - Unsuccessful join request processing..................... 0
    - Reason for last unsuccessful join attempt................ Not applicable
    - Time at last successful join attempt..................... Not applicable
    - Time at last unsuccessful join attempt................... Not applicable
    Configuration phase statistics
    - Configuration requests received.......................... 0
    - Successful configuration responses sent.................. 0
    - Unsuccessful configuration request processing............ 0
    - Reason for last unsuccessful configuration attempt....... Not applicable
    --More-- or (q)uit
    - Time at last successful configuration attempt............ Not applicable
    - Time at last unsuccessful configuration attempt.......... Not applicable
    Last AP message decryption failure details
    - Reason for last message decryption failure............... Not applicable
    Last AP disconnect details
    - Reason for last AP connection failure.................... Not applicable
    - Last AP disconnect reason................................ Not applicable
    Last join error summary
    - Type of error that occurred last......................... None
    - Reason for error that occurred last...................... Not applicable
    - Time at which the last join error occurred............... Not applicable
    AP disconnect details
    - Reason for last AP connection failure.................... Not applicable
    I have tried it with just the default settings and by setting the IP on the AP to no avail.
    Any suggestion would be much appreciated.
    Eric

    Hi Eric,
    What software code is running on your 2504 ? I hope it is 7.6.130.0
    If it is 8.0.100.0, then there was a crtical bug given below, you need to check whether you hitting this
    https://tools.cisco.com/bugsearch/bug/CSCur43050
    Conditions:
    Seen only with APs that were manufactured in August, September or October, 2014 - all Aironet APs were affected EXCEPT the 700 series. Seen with WLCs running 8.0.100.0 or an 8.0.100.x special.
    If the WLC was manufactured in September 2014, or later (i.e. has a SHA2 MIC), then the first symptom is seen, i.e. the AP joins the 8.0.100 WLC, downloads the image, but then fails to rejoin.
    If the WLC was manufactured before September 2014 (i.e. does not have a SHA2 MIC), then the second symptom is seen, i.e. the AP can join the 8.0.100 WLC OK, but then will fail download during a subsequent upgrade.
    Also seen with new APs trying to join a controller running IOS-XE 3.6.0 (15.3(3)JN k9w8 image.) (Track CSCur50946 for the IOS-XE fix)
    Workaround:
    Downgrade to AireOS 7.6.130.0, or to IOS-XE 3.3, if the APs are supported in the earlier code
    Pls attach  AP console output while trying to boot & register to see the exact reason for failure.
    HTH
    Rasika
    **** Pls rate all useful responses ****

  • Trouble getting Cisco 2600 Series AP to stay joined to WLC 5508

    Hi,
    I have recently been tasked with upgrading our old Autonomous APs to LWAPs.  We have a 5508 WLC at our Virtual Co-Lo and I am using Flexconnect to accomadate local switching and dhcp at our sites.  I have upgraded over 50 APs and joined them to the controller.  These include only 1130AG and 1240AG models.  However they are working flawlessly and staying connected to the controller.  The issue I'm having is with a new batch of 2600 series APs staying connected to the controller.  I have attempted to do research into what may be causing the disconnects but have yet to find a solution.  I am using DNS to resolve the CAPWAP & LWAPP queries from the APs to the controller accross our WAN.  In reading other posts I thought it may be an issue with packets getting dropped but have had our Vendor who manages Sonicwalls at both ends of the WAN confirm for me there is no packet loss.  Below are logs I gathered using puttty from the AP & WLC.  Any help would be greatly appreciated.
    AP I'm doing the testing on:
    NAME: "AP2600", DESCR: "Cisco Aironet 2600 Series (IEEE 802.11n) Access Point"
    PID: AIR-CAP2602I-A-K9 , VID: V01, SN: FTX1740J8V1
    WLC in question:
    Manufacturer's Name.............................. Cisco Systems Inc.
    Product Name..................................... Cisco Controller
    Product Version.................................. 7.3.112.0
    Bootloader Version............................... 1.0.1
    Field Recovery Image Version..................... 6.0.182.0
    Firmware Version................................. FPGA 1.3, Env 1.6, USB console 1.27
    Build Type....................................... DATA + WPS
    System Name...................................... wificontroller
    System Location.................................. Corp
    System Contact................................... Net Engineer
    System ObjectID.................................. 1.3.6.1.4.1.9.1.1069
    Redundancy Mode.................................. Disabled
    IP Address....................................... 10.250.32.8
    Last Reset....................................... Software reset
    System Up Time................................... 190 days 3 hrs 34 mins 24 secs
    System Timezone Location......................... (GMT -5:00) Eastern Time (US and Canada)
    Configured Country............................... US  - United States
    Operating Environment............................ Commercial (0 to 40 C)
    Internal Temp Alarm Limits....................... 0 to 65 C
    --More-- or (q)uit
    Internal Temperature............................. +38 C
    External Temperature............................. +20 C
    Fan Status....................................... OK
    State of 802.11b Network......................... Enabled
    State of 802.11a Network......................... Enabled
    Number of WLANs.................................. 14
    Number of Active Clients......................... 71
    Burned-in MAC Address............................ C8:9C:1D:8C:52:E0
    Power Supply 1................................... Present, OK
    Power Supply 2................................... Absent
    Maximum number of APs supported.................. 100
    Here is the output that keeps on occuring as the AP joins the WLC for a brief time and then changes to standalone mode
    WT-4thFlr-AP3#
    *Dec 14 15:42:04.419: %CAPWAP-3-ERRORLOG: Retransmission count for packet exceeded max(CAPWAP_WTP_EVENT_REQUEST
    ., 3)
    *Dec 14 15:42:11.443: %EVT-4-WRN: Write of flash:/event.capwap done
    *Dec 14 15:42:11.483: %LWAPP-3-CLIENTERRORLOG: Switching to Standalone mode
    *Dec 14 15:42:11.487: %CAPWAP-3-ERRORLOG: GOING BACK TO DISCOVER MODE
    *Dec 14 15:42:11.487: %DTLS-5-SEND_ALERT: Send FATAL : Close notify Alert to 10.250.32.8:5246
    *Dec 14 15:42:11.571: %WIDS-6-DISABLED: IDS Signature is removed and disabled.
    *Dec 14 15:42:21.575: %CAPWAP-3-ERRORLOG: Selected MWAR 'wificontroller'(index 0).
    *Dec 14 15:42:21.575: %CAPWAP-3-ERRORLOG: Go join a capwap controller
    *Dec 14 15:42:12.000: %CAPWAP-5-DTLSREQSEND: DTLS connection request sent peer_ip: 10.250.32.8 peer_port: 5246
    *Dec 14 15:42:14.303: %CAPWAP-5-DTLSREQSUCC: DTLS connection created sucessfully peer_ip: 10.250.32.8 peer_port: 5246
    *Dec 14 15:42:14.303: %CAPWAP-5-SENDJOIN: sending Join Request to 10.250.32.8
    *Dec 14 15:42:15.127: Starting Ethernet promiscuous mode
    *Dec 14 15:42:15.535: %LWAPP-4-CLIENTEVENTLOG: OfficeExtend Localssid saved in AP flash
    *Dec 14 15:42:15.667: ac_first_hop_mac - IP:10.1.2.250 Hop IP:10.1.2.250 IDB:BVI1
    *Dec 14 15:42:15.667: Setting AC first hop MAC: 0017.c575.a23c
    *Dec 14 15:42:15.855: %CAPWAP-5-JOINEDCONTROLLER: AP has joined controller wificontroller
    *Dec 14 15:42:15.911: %LWAPP-4-CLIENTEVENTLOG: No Flex ACL map configuration file to load. Connect to controller to get configuration file
    *Dec 14 15:42:15.911: %LWAPP-4-CLIENTEVENTLOG: No Flex ACL map configuration file to load. Connect to controller to get configuration file
    *Dec 14 15:42:15.911: %LWAPP-4-CLIENTEVENTLOG: No LS Flex ACL map configuration file to load. Connect to controller to get configuration file
    *Dec 14 15:42:15.915: %LWAPP-4-CLIENTEVENTLOG: No Central Dhcp map configuration file to load. Connect to controller to get configuration file
    *Dec 14 15:42:15.915: %LWAPP-3-CLIENTERRORLOG: Switching to Connected mode
    *Dec 14 15:42:23.639: %WIDS-6-ENABLED: IDS Signature is loaded and enabled
    *Dec 14 15:42:34.615: %CLEANAIR-6-STATE: Slot 0 disabled
    *Dec 14 15:42:34.615: %CLEANAIR-6-STATE: Slot 1 disabled
    *Dec 14 15:45:43.783: %CAPWAP-3-ERRORLOG: Retransmission count for packet exceeded max(CAPWAP_WTP_EVENT_REQUEST
    ., 11)
    *Dec 14 15:45:43.787: %LWAPP-3-CLIENTERRORLOG: Switching to Standalone mode
    *Dec 14 15:45:43.787: %CAPWAP-3-ERRORLOG: GOING BACK TO DISCOVER MODE
    *Dec 14 15:45:43.787: %DTLS-5-SEND_ALERT: Send FATAL : Close notify Alert to 10.250.32.8:5246
    *Dec 14 15:45:43.867: %WIDS-6-DISABLED: IDS Signature is removed and disabled.
    *Dec 14 15:45:53.867: %CAPWAP-3-ERRORLOG: Selected MWAR 'wificontroller'(index 0).
    *Dec 14 15:45:53.867: %CAPWAP-3-ERRORLOG: Go join a capwap controller
    *Dec 14 15:45:44.000: %CAPWAP-5-DTLSREQSEND: DTLS connection request sent peer_ip: 10.250.32.8 peer_port: 5246
    *Dec 14 15:45:46.315: %CAPWAP-5-DTLSREQSUCC: DTLS connection created sucessfully peer_ip: 10.250.32.8 peer_port: 5246
    *Dec 14 15:45:46.315: %CAPWAP-5-SENDJOIN: sending Join Request to 10.250.32.8
    *Dec 14 15:45:46.487: Starting Ethernet promiscuous mode
    *Dec 14 15:45:49.903: %LWAPP-4-CLIENTEVENTLOG: OfficeExtend Localssid saved in AP flash
    *Dec 14 15:45:50.031: ac_first_hop_mac - IP:10.1.2.250 Hop IP:10.1.2.250 IDB:BVI1
    *Dec 14 15:45:50.031: Setting AC first hop MAC: 0017.c575.a23c
    Here are the results of debug capwap client event on the AP:
    WT-4thFlr-AP3#debug capwap client event
    CAPWAP Client EVENT display debugging is on
    WT-4thFlr-AP3#
    *Dec 14 15:54:58.335: %CAPWAP-3-EVENTLOG: Echo Interval Expired.
    *Dec 14 15:54:58.335: %CAPWAP-3-EVENTLOG: Sending packet to AC
    *Dec 14 15:54:58.335: %CAPWAP-3-EVENTLOG: Echo Request sent to 10.250.32.8
    *Dec 14 15:54:58.343: %CAPWAP-3-EVENTLOG: Resetting reTransmissionCnt to 0
    *Dec 14 15:54:58.343: %CAPWAP-3-EVENTLOG: Queue Empty.
    *Dec 14 15:54:58.343: %CAPWAP-3-EVENTLOG: Echo Response from 10.250.32.8
    *Dec 14 15:55:08.000: %CAPWAP-3-EVENTLOG: Setting time to 15:55:08 UTC Dec 14 2013
    *Dec 14 15:55:25.579: %CAPWAP-3-EVENTLOG: Sending packet to AC
    *Dec 14 15:55:25.587: %CAPWAP-3-EVENTLOG: Resetting reTransmissionCnt to 0
    *Dec 14 15:55:25.587: %CAPWAP-3-EVENTLOG: Queue Empty.
    *Dec 14 15:55:25.587: %CAPWAP-3-EVENTLOG: Wtp Event Response from 10.250.32.8
    *Dec 14 15:55:25.827: %CAPWAP-3-EVENTLOG: Sending packet to AC
    *Dec 14 15:55:25.835: %CAPWAP-3-EVENTLOG: Resetting reTransmissionCnt to 0
    *Dec 14 15:55:25.835: %CAPWAP-3-EVENTLOG: Queue Empty.
    *Dec 14 15:55:25.835: %CAPWAP-3-EVENTLOG: Wtp Event Response from 10.250.32.8
    *Dec 14 15:55:55.835: %CAPWAP-3-EVENTLOG: Echo Interval Expired.
    *Dec 14 15:55:55.835: %CAPWAP-3-EVENTLOG: Sending packet to AC
    *Dec 14 15:55:55.835: %CAPWAP-3-EVENTLOG: Echo Request sent to 10.250.32.8
    *Dec 14 15:55:55.843: %CAPWAP-3-EVENTLOG: Resetting reTransmissionCnt to 0
    *Dec 14 15:55:55.843: %CAPWAP-3-EVENTLOG: Queue Empty.
    *Dec 14 15:55:55.843: %CAPWAP-3-EVENTLOG: Echo Response from 10.250.32.8
    *Dec 14 15:55:56.000: %CAPWAP-3-EVENTLOG: Setting time to 15:55:56 UTC Dec 14 2013
    *Dec 14 15:56:25.735: %CAPWAP-3-EVENTLOG: Sending packet to AC
    *Dec 14 15:56:25.743: %CAPWAP-3-EVENTLOG: Resetting reTransmissionCnt to 0
    *Dec 14 15:56:25.743: %CAPWAP-3-EVENTLOG: Queue Empty.
    *Dec 14 15:56:25.743: %CAPWAP-3-EVENTLOG: Wtp Event Response from 10.250.32.8
    *Dec 14 15:56:25.983: %CAPWAP-3-EVENTLOG: Sending packet to AC
    *Dec 14 15:56:25.991: %CAPWAP-3-EVENTLOG: Resetting reTransmissionCnt to 0
    *Dec 14 15:56:25.991: %CAPWAP-3-EVENTLOG: Queue Empty.
    *Dec 14 15:56:25.991: %CAPWAP-3-EVENTLOG: Wtp Event Response from 10.250.32.8
    *Dec 14 15:56:55.991: %CAPWAP-3-EVENTLOG: Echo Interval Expired.
    *Dec 14 15:56:55.991: %CAPWAP-3-EVENTLOG: Sending packet to AC
    *Dec 14 15:56:55.991: %CAPWAP-3-EVENTLOG: Echo Request sent to 10.250.32.8
    *Dec 14 15:56:55.999: %CAPWAP-3-EVENTLOG: Resetting reTransmissionCnt to 0
    *Dec 14 15:56:55.999: %CAPWAP-3-EVENTLOG: Queue Empty.
    *Dec 14 15:56:55.999: %CAPWAP-3-EVENTLOG: Echo Response from 10.250.32.8
    *Dec 14 15:56:56.000: %CAPWAP-3-EVENTLOG: Setting time to 15:56:56 UTC Dec 14 2013
    Here are the results of debug capwap client packet detail:
    WT-4thFlr-AP3#
    *Dec 14 15:59:01.823: <<<<   Start of CAPWAP Packet  >>>>
    *Dec 14 15:59:01.823: CAPWAP Control mesg Sent to 10.250.32.8, Port 5246
    *Dec 14 15:59:01.823:         Msg Type   : CAPWAP_ECHO_REQUEST
    *Dec 14 15:59:01.823:         Msg Length : 0
    *Dec 14 15:59:01.823:         Msg SeqNum : 44
    *Dec 14 15:59:01.823: <<<<  End of CAPWAP Packet  >>>>
    *Dec 14 15:59:01.831: <<<<   Start of CAPWAP Packet  >>>>
    *Dec 14 15:59:01.831: CAPWAP Control mesg Recd from 10.250.32.8, Port 5246
    *Dec 14 15:59:01.831:         HLEN 2,   Radio ID 0,    WBID 1
    *Dec 14 15:59:01.831:         Msg Type   : CAPWAP_ECHO_RESPONSE
    *Dec 14 15:59:01.831:         Msg Length : 15
    *Dec 14 15:59:01.831:         Msg SeqNum : 44
    *Dec 14 15:59:01.831: 
    *Dec 14 15:59:01.831:      Type : CAPWAP_MSGELE_VENDOR_SPECIFIC_PAYLOAD, Length 11
    *Dec 14 15:59:01.831:         Vendor Identifier  : 0x00409600
    *Dec 14 15:59:01.831:
    *Dec 14 15:59:01.831:
        IE            :   UNKNOWN IE 151
    *Dec 14 15:59:01.831:     IE Length     :   5
    *Dec 14 15:59:01.831:     Decode routine not available, Printing Hex Dump
    *Dec 14 15:59:01.831:
    52 AC 80 46 00
    *Dec 14 15:59:01.831: <<<<  End of CAPWAP Packet  >>>>
    *Dec 14 15:59:20.931: <<<<   Start of CAPWAP Packet  >>>>
    *Dec 14 15:59:20.931: CAPWAP Control mesg Recd from 10.250.32.8, Port 5246
    *Dec 14 15:59:20.931:         HLEN 2,   Radio ID 0,    WBID 1
    *Dec 14 15:59:20.931:         Msg Type   : CAPWAP_CONFIGURATION_UPDATE_REQUEST
    *Dec 14 15:59:20.931:         Msg Length : 93
    *Dec 14 15:59:20.931:         Msg SeqNum : 38
    *Dec 14 15:59:20.931: 
    *Dec 14 15:59:20.931:      Type : CAPWAP_MSGELE_VENDOR_SPECIFIC_PAYLOAD, Length 89
    *Dec 14 15:59:20.931:         Vendor Identifier  : 0x00409600
    *Dec 14 15:59:20.931:
    *Dec 14 15:59:20.931:
        IE            :   RRM_NEIGHBOR_CTRL_PAYLOAD
    *Dec 14 15:59:20.931:     IE Length     :   83
    *Dec 14 15:59:20.931:     Decode routine not available, Printing Hex Dump
    *Dec 14 15:59:20.931:
    00 0A FA 20 08 01 F4 00 07 0A FA 20 08 03 00 01
    01 00 3C 00 B4 2E 06 2E E7 B4 94 51 B2 C7 79 25
    22 FD BE 04 F6 00 00 00 00 00 00 00 00 4F 50 52
    53 2D 57 69 46 69 00 00 00 00 00 00 00 00 00 00
    00 00 00 00 00 00 00 00 00 00 00 00 00 01 06 0B
    01 01 01
    *Dec 14 15:59:20.931: <<<<  End of CAPWAP Packet  >>>>
    *Dec 14 15:59:20.931: <<<<   Start of CAPWAP Packet  >>>>
    *Dec 14 15:59:20.931: CAPWAP Control mesg Sent to 10.250.32.8, Port 5246
    *Dec 14 15:59:20.931:         Msg Type   : CAPWAP_CONFIGURATION_UPDATE_RESPONSE
    *Dec 14 15:59:20.931:         Msg Length : 8
    *Dec 14 15:59:20.931:         Msg SeqNum : 38
    *Dec 14 15:59:20.931: 
    *Dec 14 15:59:20.931:      Type : CAPWAP_MSGELE_RESULT_CODE, Length 4
    *Dec 14 15:59:20.931:         Result Code : CAPWAP_SUCCESS
    *Dec 14 15:59:20.931: <<<<  End of CAPWAP Packet  >>>>
    *Dec 14 15:59:21.139: <<<<   Start of CAPWAP Packet  >>>>
    *Dec 14 15:59:21.139: CAPWAP Control mesg Recd from 10.250.32.8, Port 5246
    *Dec 14 15:59:21.139:         HLEN 2,   Radio ID 0,    WBID 1
    *Dec 14 15:59:21.139:         Msg Type   : CAPWAP_CONFIGURATION_UPDATE_REQUEST
    *Dec 14 15:59:21.139:         Msg Length : 111
    *Dec 14 15:59:21.139:         Msg SeqNum : 39
    *Dec 14 15:59:21.139: 
    *Dec 14 15:59:21.139:      Type : CAPWAP_MSGELE_VENDOR_SPECIFIC_PAYLOAD, Length 107
    *Dec 14 15:59:21.139:         Vendor Identifier  : 0x00409600
    *Dec 14 15:59:21.139:
    *Dec 14 15:59:21.139:
        IE            :   RRM_NEIGHBOR_CTRL_PAYLOAD
    *Dec 14 15:59:21.139:     IE Length     :   101
    *Dec 14 15:59:21.139:     Decode routine not available, Printing Hex Dump
    *Dec 14 15:59:21.143:
    01 0A FA 20 08 01 F4 00 07 0A FA 20 08 0C 00 01
    01 00 3C 00 B4 2E 06 2E E7 B4 94 51 B2 C7 79 25
    22 FD BE 04 F6 00 00 00 00 00 00 00 00 4F 50 52
    53 2D 57 69 46 69 00 00 00 00 00 00 00 00 00 00
    00 00 00 00 00 00 00 00 00 00 00 00 00 24 28 2C
    30 34 38 3C 40 95 99 9D A1 01 01 01 01 01 01 01
    01 01 01 01 01
    *Dec 14 15:59:21.143: <<<<  End of CAPWAP Packet  >>>>
    *Dec 14 15:59:21.143: <<<<   Start of CAPWAP Packet  >>>>
    *Dec 14 15:59:21.143: CAPWAP Control mesg Sent to 10.250.32.8, Port 5246
    *Dec 14 15:59:21.143:         Msg Type   : CAPWAP_CONFIGURATION_UPDATE_RESPONSE
    *Dec 14 15:59:21.143:         Msg Length : 8
    *Dec 14 15:59:21.143:         Msg SeqNum : 39
    *Dec 14 15:59:21.143: 
    *Dec 14 15:59:21.143:      Type : CAPWAP_MSGELE_RESULT_CODE, Length 4
    *Dec 14 15:59:21.143:         Result Code : CAPWAP_SUCCESS
    *Dec 14 15:59:21.143: <<<<  End of CAPWAP Packet  >>>>
    *Dec 14 15:59:25.547: <<<<   Start of CAPWAP Packet  >>>>
    *Dec 14 15:59:25.547: CAPWAP Control mesg Sent to 10.250.32.8, Port 5246
    *Dec 14 15:59:25.547:         Msg Type   : CAPWAP_WTP_EVENT_REQUEST
    *Dec 14 15:59:25.547:         Msg Length : 14
    *Dec 14 15:59:25.547:         Msg SeqNum : 45
    *Dec 14 15:59:25.547: 
    *Dec 14 15:59:25.547:      Type : CAPWAP_MSGELE_VENDOR_SPECIFIC_PAYLOAD, Length 10
    *Dec 14 15:59:25.547:         Vendor Identifier  : 0x00409600
    *Dec 14 15:59:25.547:
    *Dec 14 15:59:25.547:
        IE            :   RRM_LOAD_DATA_PAYLOAD
    *Dec 14 15:59:25.547:     IE Length     :   4
    *Dec 14 15:59:25.547:          slot 0 rxLoad 0 txLoad 0 ccaLoad 33
    *Dec 14 15:59:25.547: <<<<  End of CAPWAP Packet  >>>>
    *Dec 14 15:59:25.555: <<<<   Start of CAPWAP Packet  >>>>
    *Dec 14 15:59:25.555: CAPWAP Control mesg Recd from 10.250.32.8, Port 5246
    *Dec 14 15:59:25.555:         HLEN 2,   Radio ID 0,    WBID 1
    *Dec 14 15:59:25.555:         Msg Type   : CAPWAP_WTP_EVENT_RESPONSE
    *Dec 14 15:59:25.555:         Msg Length : 0
    *Dec 14 15:59:25.555:         Msg SeqNum : 45
    *Dec 14 15:59:25.555: <<<<  End of CAPWAP Packet  >>>>
    *Dec 14 15:59:25.795: <<<<   Start of CAPWAP Packet  >>>>
    *Dec 14 15:59:25.795: CAPWAP Control mesg Sent to 10.250.32.8, Port 5246
    *Dec 14 15:59:25.795:         Msg Type   : CAPWAP_WTP_EVENT_REQUEST
    *Dec 14 15:59:25.795:         Msg Length : 14
    *Dec 14 15:59:25.795:         Msg SeqNum : 46
    *Dec 14 15:59:25.795: 
    *Dec 14 15:59:25.795:      Type : CAPWAP_MSGELE_VENDOR_SPECIFIC_PAYLOAD, Length 10
    *Dec 14 15:59:25.795:         Vendor Identifier  : 0x00409600
    *Dec 14 15:59:25.795:
    *Dec 14 15:59:25.795:
        IE            :   RRM_LOAD_DATA_PAYLOAD
    *Dec 14 15:59:25.795:     IE Length     :   4
    *Dec 14 15:59:25.795:          slot 1 rxLoad 0 txLoad 0 ccaLoad 0
    *Dec 14 15:59:25.795: <<<<  End of CAPWAP Packet  >>>>
    *Dec 14 15:59:25.803: <<<<   Start of CAPWAP Packet  >>>>
    *Dec 14 15:59:25.803: CAPWAP Control mesg Recd from 10.250.32.8, Port 5246
    *Dec 14 15:59:25.803:         HLEN 2,   Radio ID 0,    WBID 1
    *Dec 14 15:59:25.803:         Msg Type   : CAPWAP_WTP_EVENT_RESPONSE
    *Dec 14 15:59:25.803:         Msg Length : 0
    *Dec 14 15:59:25.803:         Msg SeqNum : 46
    *Dec 14 15:59:25.803: <<<<  End of CAPWAP Packet  >>>>
    *Dec 14 15:59:30.375: <<<<   Start of CAPWAP Packet  >>>>
    *Dec 14 15:59:30.375: CAPWAP Control mesg Recd from 10.250.32.8, Port 5246
    *Dec 14 15:59:30.375:         HLEN 2,   Radio ID 0,    WBID 1
    *Dec 14 15:59:30.375:         Msg Type   : CAPWAP_CONFIGURATION_UPDATE_REQUEST
    *Dec 14 15:59:30.375:         Msg Length : 17
    *Dec 14 15:59:30.375:         Msg SeqNum : 40
    *Dec 14 15:59:30.375: 
    *Dec 14 15:59:30.375:      Type : CAPWAP_MSGELE_VENDOR_SPECIFIC_PAYLOAD, Length 13
    *Dec 14 15:59:30.375:         Vendor Identifier  : 0x00409600
            SlotId                  :   0
            Mobile Mac Addr         :   BC:52:B7:E3:17:CB
    *Dec 14 15:59:30.375: <<<<  End of CAPWAP Packet  >>>>
    *Dec 14 15:59:30.375: <<<<   Start of CAPWAP Packet  >>>>
    *Dec 14 15:59:30.375: CAPWAP Control mesg Sent to 10.250.32.8, Port 5246
    *Dec 14 15:59:30.375:         Msg Type   : CAPWAP_CONFIGURATION_UPDATE_RESPONSE
    *Dec 14 15:59:30.379:         Msg Length : 8
    *Dec 14 15:59:30.379:         Msg SeqNum : 40
    *Dec 14 15:59:30.379: 
    *Dec 14 15:59:30.379:      Type : CAPWAP_MSGELE_RESULT_CODE, Length 4
    *Dec 14 15:59:30.379:         Result Code : CAPWAP_SUCCESS
    *Dec 14 15:59:30.379: <<<<  End of CAPWAP Packet  >>>>
    *Dec 14 15:59:30.387: <<<<   Start of CAPWAP Packet  >>>>
    *Dec 14 15:59:30.387: CAPWAP Control mesg Recd from 10.250.32.8, Port 5246
    *Dec 14 15:59:30.387:         HLEN 2,   Radio ID 0,    WBID 1
    *Dec 14 15:59:30.387:         Msg Type   : CAPWAP_WTP_EVENT_RESPONSE
    *Dec 14 15:59:30.387:         Msg Length : 0
    *Dec 14 15:59:30.387:         Msg SeqNum : 47
    *Dec 14 15:59:30.387: <<<<  End of CAPWAP Packet  >>>>
    *Dec 14 16:00:00.387: <<<<   Start of CAPWAP Packet  >>>>
    *Dec 14 16:00:00.387: CAPWAP Control mesg Sent to 10.250.32.8, Port 5246
    *Dec 14 16:00:00.387:         Msg Type   : CAPWAP_ECHO_REQUEST
    *Dec 14 16:00:00.387:         Msg Length : 0
    *Dec 14 16:00:00.387:         Msg SeqNum : 48
    *Dec 14 16:00:00.387: <<<<  End of CAPWAP Packet  >>>>
    *Dec 14 16:00:00.395: <<<<   Start of CAPWAP Packet  >>>>
    *Dec 14 16:00:00.395: CAPWAP Control mesg Recd from 10.250.32.8, Port 5246
    *Dec 14 16:00:00.395:         HLEN 2,   Radio ID 0,    WBID 1
    *Dec 14 16:00:00.395:         Msg Type   : CAPWAP_ECHO_RESPONSE
    *Dec 14 16:00:00.395:         Msg Length : 15
    *Dec 14 16:00:00.395:         Msg SeqNum : 48
    *Dec 14 16:00:00.395: 
    *Dec 14 16:00:00.395:      Type : CAPWAP_MSGELE_VENDOR_SPECIFIC_PAYLOAD, Length 11
    *Dec 14 16:00:00.395:         Vendor Identifier  : 0x00409600
    *Dec 14 16:00:00.395:
    *Dec 14 16:00:00.395:
        IE            :   UNKNOWN IE 151
    *Dec 14 16:00:00.395:     IE Length     :   5
    *Dec 14 16:00:00.395:     Decode routine not available, Printing Hex Dump
    *Dec 14 16:00:00.395:
    52 AC 80 81 00
    *Dec 14 16:00:00.395: <<<<  End of CAPWAP Packet  >>>>

    Under my AP Policies I only have "Accept Manufactured Installed Certificate (MIC)" checked.  I attempted to add the AP based on MAC Address (c0:67:af:6f:25:70) with this certificate type but still have the same issue.  I then ran the following debug on my controller and this is the output I recieve regarding that MAC.  I tried to cut the output short because it get's somewhat redundant but was unsure what exactly to look for in the output.  Should I be selecting a different certificate type?  I am somewhat new to wireless technologies but doing my best to pick things up so if this seems trivial please forgive my ignorance.
    debug pm pki enable
    *sshpmLscTask: Dec 14 20:42:56.450: sshpmLscTask: LSC Task received a message 4
    *spamApTask6: Dec 14 20:42:58.840: sshpmGetIssuerHandles: locking ca cert table
    *spamApTask6: Dec 14 20:42:58.841: sshpmGetIssuerHandles: calling x509_alloc() for user cert
    *spamApTask6: Dec 14 20:42:58.841: sshpmGetIssuerHandles: calling x509_decode()
    *spamApTask6: Dec 14 20:42:58.845: sshpmGetIssuerHandles: C=US, ST=California, L=San Jose, O=Cisco Systems, CN=AP3G2-c067af6f2570, [email protected]
    *spamApTask6: Dec 14 20:42:58.845: sshpmGetIssuerHandles:   O=Cisco Systems, CN=Cisco Manufacturing CA
    *spamApTask6: Dec 14 20:42:58.845: sshpmGetIssuerHandles: Mac Address in subject is c0:67:af:6f:25:70
    *spamApTask6: Dec 14 20:42:58.845: sshpmGetIssuerHandles: Cert Name in subject is AP3G2-c067af6f2570
    *spamApTask6: Dec 14 20:42:58.845: sshpmGetIssuerHandles: Cert is issued by Cisco Systems.
    *spamApTask6: Dec 14 20:42:58.845: sshpmGetCID: called to evaluate
    *spamApTask6: Dec 14 20:42:58.845: sshpmGetCID: comparing to row 0, CA cert >bsnOldDefaultCaCert<
    *spamApTask6: Dec 14 20:42:58.845: sshpmGetCID: comparing to row 1, CA cert >bsnDefaultRootCaCert<
    *spamApTask6: Dec 14 20:42:58.845: sshpmGetCID: comparing to row 2, CA cert >bsnDefaultCaCert<
    *spamApTask6: Dec 14 20:42:58.845: sshpmGetCID: comparing to row 3, CA cert >bsnDefaultBuildCert<
    *spamApTask6: Dec 14 20:42:58.845: sshpmGetCID: comparing to row 4, CA cert >cscoDefaultNewRootCaCert<
    *spamApTask6: Dec 14 20:42:58.845: sshpmGetCID: comparing to row 5, CA cert >cscoDefaultMfgCaCert<
    *spamApTask6: Dec 14 20:42:58.845: sshpmGetCertFromCID: called to get cert for CID 282aef7e
    *spamApTask6: Dec 14 20:42:58.845: sshpmGetCertFromCID: comparing to row 0, certname >bsnOldDefaultCaCert<
    *spamApTask6: Dec 14 20:42:58.845: sshpmGetCertFromCID: comparing to row 1, certname >bsnDefaultRootCaCert<
    *spamApTask6: Dec 14 20:42:58.845: sshpmGetCertFromCID: comparing to row 2, certname >bsnDefaultCaCert<
    *spamApTask6: Dec 14 20:42:58.845: sshpmGetCertFromCID: comparing to row 3, certname >bsnDefaultBuildCert<
    *spamApTask6: Dec 14 20:42:58.845: sshpmGetCertFromCID: comparing to row 4, certname >cscoDefaultNewRootCaCert<
    *spamApTask6: Dec 14 20:42:58.845: sshpmGetCertFromCID: comparing to row 5, certname >cscoDefaultMfgCaCert<
    *spamApTask6: Dec 14 20:42:58.845: ssphmUserCertVerify: calling x509_decode()
    *spamApTask6: Dec 14 20:42:58.856: ssphmUserCertVerify: user cert verfied using >cscoDefaultMfgCaCert<
    *spamApTask6: Dec 14 20:42:58.856: sshpmGetIssuerHandles: ValidityString (current): 2013/12/15/01:42:58
    *spamApTask6: Dec 14 20:42:58.856: sshpmGetIssuerHandles: ValidityString (NotBefore): 2013/08/25/13:01:22
    *spamApTask6: Dec 14 20:42:58.856: sshpmGetIssuerHandles: ValidityString (NotAfter): 2023/08/25/13:11:22
    *spamApTask6: Dec 14 20:42:58.856: sshpmGetIssuerHandles: getting cisco ID cert handle...
    *spamApTask6: Dec 14 20:42:58.856: sshpmGetCID: called to evaluate
    *spamApTask6: Dec 14 20:42:58.856: sshpmGetCID: comparing to row 0, CA cert >bsnOldDefaultCaCert<
    *spamApTask6: Dec 14 20:42:58.856: sshpmGetCID: comparing to row 1, CA cert >bsnDefaultRootCaCert<
    *spamApTask6: Dec 14 20:42:58.856: sshpmGetCID: comparing to row 2, CA cert >bsnDefaultCaCert<
    *spamApTask6: Dec 14 20:42:58.856: sshpmGetCID: comparing to row 3, CA cert >bsnDefaultBuildCert<
    *spamApTask6: Dec 14 20:42:58.856: sshpmGetCID: comparing to row 4, CA cert >cscoDefaultNewRootCaCert<
    *spamApTask6: Dec 14 20:42:58.856: sshpmGetCID: comparing to row 5, CA cert >cscoDefaultMfgCaCert<
    *spamApTask6: Dec 14 20:42:58.856: sshpmGetCID: comparing to row 0, ID cert >bsnOldDefaultIdCert<
    *spamApTask6: Dec 14 20:42:58.856: sshpmGetCID: comparing to row 1, ID cert >bsnDefaultIdCert<
    *spamApTask6: Dec 14 20:42:58.856: sshpmGetCID: comparing to row 2, ID cert >cscoDefaultIdCert<
    *spamApTask6: Dec 14 20:42:58.857: sshpmFreePublicKeyHandle: called with 0x2c5f0cb8
    *spamApTask6: Dec 14 20:42:58.857: sshpmFreePublicKeyHandle: freeing public key
    *spamApTask0: Dec 14 20:43:17.451: sshpmGetCID: called to evaluate
    *spamApTask0: Dec 14 20:43:17.451: sshpmGetCID: comparing to row 0, CA cert >bsnOldDefaultCaCert<
    *spamApTask0: Dec 14 20:43:17.451: sshpmGetCID: comparing to row 1, CA cert >bsnDefaultRootCaCert<
    *spamApTask0: Dec 14 20:43:17.451: sshpmGetCID: comparing to row 2, CA cert >bsnDefaultCaCert<
    *spamApTask0: Dec 14 20:43:17.451: sshpmGetCID: comparing to row 3, CA cert >bsnDefaultBuildCert<
    *spamApTask0: Dec 14 20:43:17.451: sshpmGetCID: comparing to row 4, CA cert >cscoDefaultNewRootCaCert<
    *spamApTask0: Dec 14 20:43:17.451: sshpmGetCID: comparing to row 5, CA cert >cscoDefaultMfgCaCert<
    *spamApTask0: Dec 14 20:43:17.451: sshpmGetCID: comparing to row 0, ID cert >bsnOldDefaultIdCert<
    *spamApTask0: Dec 14 20:43:17.451: sshpmGetCID: comparing to row 1, ID cert >bsnDefaultIdCert<
    *spamApTask0: Dec 14 20:43:17.451: sshpmGetCID: comparing to row 2, ID cert >cscoDefaultIdCert<
    *spamApTask0: Dec 14 20:43:17.451: sshpmGetCertFromCID: called to get cert for CID 183fd2b6
    *spamApTask0: Dec 14 20:43:17.451: sshpmGetCertFromCID: comparing to row 0, certname >bsnOldDefaultCaCert<
    *spamApTask0: Dec 14 20:43:17.451: sshpmGetCertFromCID: comparing to row 1, certname >bsnDefaultRootCaCert<
    *spamApTask0: Dec 14 20:43:17.451: sshpmGetCertFromCID: comparing to row 2, certname >bsnDefaultCaCert<
    *spamApTask0: Dec 14 20:43:17.451: sshpmGetCertFromCID: comparing to row 3, certname >bsnDefaultBuildCert<
    *spamApTask0: Dec 14 20:43:17.451: sshpmGetCertFromCID: comparing to row 4, certname >cscoDefaultNewRootCaCert<
    *spamApTask0: Dec 14 20:43:17.451: sshpmGetCertFromCID: comparing to row 5, certname >cscoDefaultMfgCaCert<
    *spamApTask0: Dec 14 20:43:17.451: sshpmGetCertFromCID: comparing to row 0, certname >bsnOldDefaultIdCert<
    *spamApTask0: Dec 14 20:43:17.451: sshpmGetCertFromCID: comparing to row 1, certname >bsnDefaultIdCert<
    *spamApTask0: Dec 14 20:43:17.451: sshpmGetCertFromCID: comparing to row 2, certname >cscoDefaultIdCert<
    *spamApTask0: Dec 14 20:43:17.451: sshpmGetCID: called to evaluate

Maybe you are looking for

  • MPEG-2 Video Linear PCM Timecode no longer working in FCP7

    I edit daily with Final Cut Pro 7.0.3 on my MacBook Pro. I have several projects in which I imported files from an MR HD-100 hard drive. Not only did I successfully edit several projects, but I could open the individual files in QuickTime. They are 1

  • Infotype - Internal Control

    Hi Gurus, I stored personnel card no. of the employees of our organization in Infotype 32. I am able to get the report of the same thru Adhoc Query. Sometimes it might happen that particular employee loses his personnel card. The card no is again upd

  • InterMedia Web Agent

    I have found documentation on InterMedia Web Agent for 8.1.5 and 8.1.7, but not for 8.1.6. We are running RDBMS 8.1.6, OAS 4.0.8.2 on Solaris 2.6. I have configured one of our databases with the InterMedia Text option, and plan to configure our OAS f

  • Sick and tired og classpath and system properties

    Now im really turned on! Its maybe the fifth time i have to reinstall. Why? Because ANY change of weblogic.class.path seems to be irreversible, and the wlconfig-"tool" not even act as in the documentation. ***How do I really change weblogic.class.pat

  • JBUILDER5 :"sample.java": Error #: 750 : initialization error: com.borland"

    Hi there, I am trying to compile a few sample with new release of jdk1.4.0. It does with DOS-Promt. I get an error like ""sample.java": Error #: 750 : initialization error: com.borland.compiler.symtab.LoadError: class file has wrong version 48.0" whe