Virtual WLC Ports Confusion -or- ADDING ports to the vWLC

Similar Messages

• WLC 5508 issue with 4 ports in portchannel

  Hi,
  We have one WLC 5508 and LAG is enabled on it but when we connect 4 cables to a distribution switch only 3 links are sending and receiving traffic and the 4th one is up with outgoing traffic from the distribution switch to WLC but nothing incoming.
  Some APs went down and refuse to be registered back to the WLC. when we shut down the 4th port everything is back to normal.
  the etherchannel config is identical and I can see all ports are active and not suspended :
  interface GigabitEthernet2/2/1
  description PortChannel-WLC1-Port1
   switchport
   switchport trunk encapsulation dot1q
   switchport trunk allowed vlan 60-67,2808,2922,2923,2932
   switchport mode trunk
   channel-group 99 mode on
  interface GigabitEthernet2/2/2
  description PortChannel-WLC1-Port2
   switchport
   switchport trunk encapsulation dot1q
   switchport trunk allowed vlan 60-67,2808,2922,2923,2932
   switchport mode trunk
   channel-group 99 mode on
  interface GigabitEthernet2/2/3
  description PortChannel-WLC1-Port3
   switchport
   switchport trunk encapsulation dot1q
   switchport trunk allowed vlan 60-67,2808,2922,2923,2932
   switchport mode trunk
   channel-group 99 mode on
  interface GigabitEthernet2/2/4
  description PortChannel-WLC1-Port4
   switchport
   switchport trunk encapsulation dot1q
   switchport trunk allowed vlan 60-67,2808,2922,2923,2932
   switchport mode trunk
   channel-group 99 mode on

  sh etherchannel 99 sum
  Flags:  D - down        P - bundled in port-channel
          I - stand-alone s - suspended
          H - Hot-standby (LACP only)
          R - Layer3      S - Layer2
          U - in use      N - not in use, no aggregation
          f - failed to allocate aggregator
          M - not in use, no aggregation due to minimum links not met
          m - not in use, port not aggregated due to minimum links not met
          u - unsuitable for bundling
          d - default port
          w - waiting to be aggregated
  Number of channel-groups in use: 38
  Number of aggregators:           38
  Group  Port-channel  Protocol    Ports
  ------+-------------+-----------+-----------------------------------------------
  99     Po99(SU)         -        Gi2/2/1(P)     Gi2/2/2(P)     Gi2/2/3(D)     
                                   Gi2/2/4(P)     
  Last applied Hash Distribution Algorithm: Fixed
  Gi2/2/3 is down becasue we had to shut down the interface because when it is up many APs refuse to register.

• WLC 5508 and its 8 ports

  I've three independants sites that I want to manage with the controller 5508, do I have to use three port of management?
  could you explain me the use of managment interface because the wlc contains 8 and I'm using the first port "1".

  Hi Sali,
  This link should give you a good idea of how those ports work:
  http://www.cisco.com/en/US/docs/wireless/controller/7.4/configuration/guides/consolidated/b_cg74_CONSOLIDATED_chapter_011010.html
  Ultimately, you can only assign a single "port" number to your management interface with LAG disabled.  With LAG enabled, it is similar to an etherchannel setup where you are bundling all the connected ports together. 
  Cheers,
  Erwin
  How helpful was I? Don't forget to rate me when you have the chance!

• Port Forwarding Rule Added Via UPnP

  14:24:13, 27 May.
  (2110048.260000) Port forwarding rule added via UPnP. protocol: UDP, external ports: any->57902, internal ports: 57902, internal client: 192.168.1.65
  14:23:34, 27 May.
  (2110008.940000) Port forwarding rule added via UPnP. protocol: UDP, external ports: any->57902, internal ports: 57902, internal client: 192.168.1.65
  14:22:53, 27 May.
  (2109967.800000) Port forwarding rule added via UPnP. protocol: UDP, external ports: any->57902, internal ports: 57902, internal client: 192.168.1.65
  14:22:10, 27 May.
  (2109925.160000) Port forwarding rule added via UPnP. protocol: UDP, external ports: any->57902, internal ports: 57902, internal client: 192.168.1.65
  14:21:37, 27 May.
  (2109892.130000) Port forwarding rule added via UPnP. protocol: UDP, external ports: any->57902, internal ports: 57902, internal client: 192.168.1.65
  14:21:06, 27 May.
  (2109861.170000) Port forwarding rule added via UPnP. protocol: UDP, external ports: any->57902, internal ports: 57902, internal client: 192.168.1.65
  14:20:26, 27 May.
  (2109820.740000) Port forwarding rule added via UPnP. protocol: UDP, external ports: any->57902, internal ports: 57902, internal client: 192.168.1.65
   Hi guys, would anyone be able to tell me what the above messages in my HH3's log mean?  My connection has been fine but I would like to know why this is happening every few seconds. 
  At first I thought it was because of a certain program I was using but it happens even when this program isn't running so I just don't know!!  Any help is appreciated.
  EDIT:  So I'm guessing it's something to do with having UPnP turned on.  The reason I'm asking is because I've seen other people's logs and they aren't filled with this message.

  Thanks, TommyBobbins.
  I will turn off UPnP and see what happens.
  I checked the logs again my computer has a lease of 192.168.1.64 - this IP address is also showing the same error in the logs. I suspect the other IP address, ending in 65 is my Dad's computer. He uses Windows and I use Mac.
  I'll keep you posted.
  EDIT:  Just turned off UPnP and that was OK.  I checked a program called uTorrent and it says the incoming TCP port (54488) is working.....I find this strange as I have portforwarding turned off... :s
  Any ideas?
  EDIT AGAIN:
  Just wanted to add this in:
  18:54:38, 27 May.
  (2126273.250000) Port forwarding rule added via UPnP. protocol: UDP, external ports: any->52503, internal ports: 52503, internal client: 192.168.1.65
  18:53:53, 27 May.
  (2126228.130000) Port forwarding rule added via UPnP. protocol: UDP, external ports: any->52503, internal ports: 52503, internal client: 192.168.1.65
  18:53:20, 27 May.
  (2126194.690000) Port forwarding rule added via UPnP. protocol: UDP, external ports: any->52503, internal ports: 52503, internal client: 192.168.1.65
  20:34:34, 27 May.
  (2132268.320000) Port forwarding rule added via UPnP. protocol: UDP, external ports: any->54488, internal ports: 54488, internal client: 192.168.1.64
  20:34:31, 27 May.
  (2132266.240000) Port forwarding rule deleted via UPnP. protocol: UDP, external ports: any->54488, internal ports: 54488, internal client: 192.168.1.64
  20:34:29, 27 May.
  (2132264.190000) Port forwarding rule added via UPnP. protocol: TCP, external ports: any->54488, internal ports: 54488, internal client: 192.168.1.64
  20:34:27, 27 May.
  (2132262.050000) Port forwarding rule deleted via UPnP. protocol: TCP, external ports: any->54488, internal ports: 54488, internal client: 192.168.1.64
  As you can see it happens on different ports and UDP and TCP ports....
  Hasn't happened in the 20mins or so I've had UPnP turned off.  Still, I am curious as to what causes this.

• IP Virtual Host w/SSL serving on port 80 and 443

  We have an OS 10.3.8 system and we've configured several virtual hosts using the system admin panel. One IP has several hosts on it. We have a seperate IP with one virtual host on it since it is running SSL. I have it configured for port 443 and I have all the security certificates installed OK. The site operates correctly over HTTPs. If I try to access it with standard HTTP I get a service not available error (which makes sense since server admin sets the config files to port 443 ... not 80).
  The only way I can get it to work is to add another virual host in server admin running on that IP at port 80. Unfortunately, that means it will be logged seperately (which I don't really want it to do). What do I need to change to get a single virtual host on a specific IP to respond correctly to both 443 and 80 using the file layout generated by server admin (I can modify them manually)?
  Thanks in advance ...
  Tom

  >The only way I can get it to work is to add another virual host in server admin running on that IP at port 80.
  That's correct. That's how you run a site as both HTTP and HTTPS - they're two sites.
  > Unfortunately, that means it will be logged seperately
  Why? You can set both sites to use the same log file and their hits will be combined in a single file.
  > What do I need to change to get a single virtual host on a specific IP to respond correctly to both 443 and 80 using the file layout generated by server admin (I can modify them manually)?
  You can't, but if your issue is the logging, my answer above should take care of that.

• CMS Ports - Confusion

  Hi,
  I have the setup below
  When installing BI 4 I want to understand something about ports and what checks need to be carried out prior to install.
  The SQL Server is installed first with empty databases setup for Audit and CMS. I have then on BI4_SERVER setup ODBC connection to the databases so i can provide this information in the install.
  As default BI 4 uses port 6400 to connect to the CMS (as I understand). In the example above - this would be SQL_SERVER 6400.
  - If I try to (prior to install of application BI_SERVER but after the empty database install) telnet to SQL_SERVER 6400. It gets refused. Do I need to setup anything for the database to listen to port 6400?
  - If I try to (prior to install of application BI_SERVER but after the empty database install) telnet to BI4_SERVER 6400. It gets refused. Do I need to setup anything for the database to listen to port 6400? The reason for this second question is because in the install logs when i try and install BI 4 i get the following error
  *#*_*FWM 20030|Could not reach CMS 'BI_SERVER:6400'. Specify the correct host and port and check for network issues. (FWM 20030)|Could not reach CMS 'BI_SERVER:6400'. Specify the correct host and port and check for network issues. (FWM 20030)*_*#*
  - The last question I have is that does the BI 4 application just use port 6400 on the "BI4_SERVER" and then use the ODBC connection to connect to SQL_SERVER. In turn we dont actually use the port 6400 on the SQL_SERVER
  Any assistance would be grateful to clear my understanding on this.
  Thanks,

  Hi,
  If SQL server is installed on the different server then default port  (1433) needs to be open between Sql server CMS DB to BO APP server. If you have bound SQL server DB with different port then same needs to be open  from Sql Server DB to BO APP server.
  Once you setup the database and for to check the port status use telnet command on BO App server and try to see if SQL server DB port is opened or not.
  After that create ODBC connection on BO APP server and if ODBC connection is not successful then in ODBC connection screen enter the SQL server full name along with port name or try with IP address & port name. e.g sqlservername.xxx.xx,1433
  6400 is the default port for CMS and 6410 is the default port for SIA same you can see at the time of BO installation.
  For the client system connectivity with BO server tomcat port 8080 and CMS port 6400 needs to open.
  refer attached link for BO installation with SQL server DB.
  http://guozspace.com/2012/04/28/sap-business-objects-bi-4-0-installation-steps/
  Amit

• Confusion/frustration opening ports

  I better give the situation first.
  My brother and I play FFXI (Final Fantasy 11) on two computers.  We login and after about 5-10 minutes we get a time out error message.  Anyone who knows FFXI knows about R0 (recieving) and S0 (sending).  At the moment its our Sending signal that is droping and causing the time out error.
  I called Square Enix and was told we needed to open ports.  I figure that should be easy, so I go online and on their site find the list of ports to open.
  TCP:
   25, 80, 110, 443 or 50000 - 65535
  UDP:
  50000 - 65535
  So I login to the router admin after turning off norton and windows firewalls on all computers.  On the Port Triggering page there is not only the Port Triggering option but also Port Forwarding options.  From what I understand we dont' need Port Forwarding.  So I set up with this
  Aplication: PlayOnline (name on desktop icon actual file is pol.boot but doesn't work)
  Triggering range 25-65535 (was hoping to use one port range.)
  I left the Port Frowarding section alone and checked the "Enable" box and save settings.
  It didn't help.  I even enabled UPNP on both the router firewall and on the POL Settings, still didn't help.
  Any help on this is greatly appreciated.   I don't want to do a DMZ because we need ports for both computers open and eventually the 3rd (backup) incase one of these crash.  We are ready to scream.
  Message Edited by unacorn on 10-16-2007 08:34 PM

  No. Port triggering and port forwarding and DMZ are different ways how to open ports on the router to be used inside your network. There is always some kind of server involved in the LAN for that. A server in this sense can also be your game which opens various ports on your computer and listens for incoming traffic on those ports. But as you are running a router with network address translation (NAT) those open ports on the computer cannot be seen from the internet by default. Your computer has a private IP address 192.168.1.* which cannot be accessed directly from the internet. NAT maps the single public IP address to multiple private IP addresses. By default the router does drop any incoming traffic from the internet simply because it does not know where to send it. If a computer inside your LAN sends something out before, then the router will accept the returning answer and forwards it to the computer which send the data out before. But this only works if a computer inside first initiates the connection. If your computer on 192.168.1.50 connects to www.linksys.com the router remembers that it was 192.168.1.50 that connected to www.linksys.com and will forward the responds from www.linksys.com back to 192.168.1.50 (obviously this is a little bit simplified but the basics are correct).
  To accept unrelated traffic from the internet to get into your LAN and reach a computer you have to tell the router what it should do. That is port forwarding. If something arrives on port 25 it will always forward the traffic to a specific computer defined in the forwarding. This may be necessary in case in multi-player games where other people from other IP addresses have to send you something before you ever send something to them. That's an example when you need forwarding. Your game application on your computer is the "server" then because it listens/opens some ports on the computer which must be accessible from the internet for unrelated traffic. Otherwise unrelated incoming traffic is dropped.
  Port triggering is a way to dynamically add some port forwardings depending on previous outgoing traffic. For example, you can forward some port 2525 on traffic on port 25. This means if a computer inside the LAN connects to port 25 the router will dynamically establish incoming port forwarding on port 2525 to the same computer inside the LAN which used port 25 before. It depends on the router for how long this forwarding will be active. It also won't help you if you require the same port forwardings at the same time on two or more computers inside your LAN connecting to the same server in the internet. At any given time it is only possible to forward a port to a single computer inside the LAN.
  Connections from the LAN to internet servers are not affect by either port forwarding or port triggering. By default, any computer in the LAN can access any server at any port in the internet.
  Many ISPs only assign you a single public IP address. You cannot connect multiple computers or routers at the same time to the modem then. Check with your ISP if it is possible to connect multiple devices to the modem and get multiple public IP addresses.
  If you can I would think about whether you really want to get a second router or whether you simply connect both computers directly to the modem and use it that way. There is little benefit hooking up a second router with a second set of port forwardings.

• Adding port and port scan

  Hello,
  I want to open a port (say 4010). Below is what I try...
  I go to System Preferences->Sharing->Firewall, and click New.
  Then I select PortName: Other, TCP Port Numer: 4010, UDP Port Numer: 4010, description: MyNewPort.
  I see that MyNewPort is checked and that the Firewall is On.
  I then open Network Utility, click on Port Scan tab, and scan 127.0.0.1 for ports between 4000 and 4020.
  It reports:
  Port Scan has started...
  Port Scanning host: 127.0.0.1
  Port Scan has complee...
  (it doesn't find 4010). Why? What's going on?
  help is welcome,
  Kamel

  well, what I've done is try to open a telnet session on port 4010 of localhost.
  I gave the error message resulting from this in my previous post.
  the program I mentioned that listens to port 4010 can actually be told to listen to any port. I want to check that it does in fact work by sending info to a port using telnet. As of now, I'm stuck at the point of getting telnet to send to the port.
  I think telnet fails because the port is NOT in fact open--since this is what is shown by the Network Utility port scan. But as described earlier, I've set it open in System Prefereneces->...->Firewall, and also in my router administration page.

• Virtualized WLC + Prime + MSE solution

  Dear all,
  we are facing some problem to deploy a virtualized localization solution made of WLC, Prime Infrastructure and MSE.
  We constructed, in our lab, on a UCS C220M3 with VMWare 5.1 the following solution:
  Virtual WLC version 7.3.101 (ip address 10.0.1.249)
  Prime Infrastructure 1.2.0.103 (ip address 10.0.1.250)
  Virtual MSE 7.3.101 (ip address 10.0.1.247)
  WLC is working properly, can register APs and is properly integrated with the Prime. For the localization solution we deployed three access points:  
  -one 3502 in flex connect mode
  -two 1142 in monitor mode
  The problem came out  when we started to work with the MSE. MSE has been registered inside Prime and synchronized with maps and controller.
  After that we checked the maps but no information was displayed. So we started facing the problem and we found that the NMSP protocol remained inactive even if the troubleshooting windows didn't report any explicit issue.
  At this stage we started checking the debug messages and in particular, for the NMSP we countinuously received the follwing message:
  *nmspRxServerTask: Nov 17 17:55:09.777: Allocated new NMSP connection 0
  *nmspRxServerTask: Nov 17 17:55:09.778: sslConnectionInit:  SSL_new() conn ssl 0x2aaaae71ab88
  *nmspRxServerTask: Nov 17 17:55:09.778: sslConnectionInit: SSL_do_handshake for conn ssl 0x2aaaae71ab88, conn state: INIT, SSL state: HANDSHAKING
  *nmspRxServerTask: Nov 17 17:55:09.778: -- returns WANT_READ for conn ssl 0x2aaaae71ab88
  *nmspRxServerTask: Nov 17 17:55:09.778: sslConnectionInit() success with Connection state: INIT, SSL state: HANDSHAKING
  *nmspRxServerTask: Nov 17 17:55:09.785: doSSLRecvLoop: Handshake has not completed for conn 0
  *nmspRxServerTask: Nov 17 17:55:09.785: sslConnectionInit: SSL_do_handshake for conn ssl 0x2aaaae71ab88, conn state: INIT, SSL state: HANDSHAKING
  *nmspRxServerTask: Nov 17 17:55:09.785: -- returns WANT_READ for conn ssl 0x2aaaae71ab88
  *nmspRxServerTask: Nov 17 17:55:10.100: doSSLRecvLoop: Handshake has not completed for conn 0
  *nmspRxServerTask: Nov 17 17:55:10.100: sslConnectionInit: SSL_do_handshake for conn ssl 0x2aaaae71ab88, conn state: INIT, SSL state: HANDSHAKING
  *nmspRxServerTask: Nov 17 17:55:10.100: -- handshake failed for conn ssl 0x2aaaae71ab88,error = error:00000000:lib(0):func(0):reason(0)
  *nmspRxServerTask: Nov 17 17:55:10.100:  freeing Nmsp conn ssl 0x2aaaae71ab88, conn id 0
  Also the statistics for the NMSP protocol emphatized an SSL error:
  (Cisco Controller) >show nmsp statistics summary
  NMSP Global Counters
  Client Measure Send Fail......................... 0
  Send RSSI with no entry.......................... 0
  APP msg too big.................................. 0
  Failed Select on Accept Socket................... 0
  Failed SSL write................................. 0
  Partial SSL write................................ 0
  SSL write returned zero.......................... 0
  SSL write attempts to want read.................. 0
  SSL write attempts to want write................. 0
  SSL write got default error...................... 0
  SSL write max data length sent................... 0
  SSL write max attempts to write in loop.......... 0
  SSL read returned zero........................... 0
  SSL read attempts to want read................... 0
  SSL read attempts to want write.................. 0
  SSL read got default error....................... 0
  Failed SSL read - Con Rx buf freed............... 0
  Failed SSL read - Con/SSL freed.................. 0
  Max records read before exiting SSL read......... 0
  --More-- or (q)uit
  Highest Prio Tx Q full........................... 0
  Normal Prio Tx Q full............................ 0
  Highest Prio Tx Q Sent........................... 0
  Normal Prio Tx Q Sent............................ 0
  Highest Prio Tx Q count.......................... 0
  Normal Prio Tx Q count........................... 0
  Messages sent by APPs to Highest Prio TxQ........ 0
  Max Measure Notify Msg........................... 0
  Max Info Notify Msg.............................. 0
  Max Highest Prio Tx Q Size....................... 0
  Max Normal Prio Tx Q Size........................ 0
  Max Rx Size...................................... 1
  Max Info Notify Q Size........................... 0
  Max Client Info Notify Delay..................... 0
  Max Rogue AP Info Notify Delay................... 0
  Max Rogue Client Info Notify Delay............... 0
  Max Client Measure Notify Delay.................. 0
  Max Tag Measure Notify Delay..................... 0
  Max Rogue AP Measure Notify Delay................ 0
  Max Rogue Client Measure Notify Delay............ 0
  Max Client Stats Notify Delay.................... 0
  Max RFID Stats Notify Delay...................... 0
  RFID Measurement Periodic........................ 0
  --More-- or (q)uit
  RFID Measurement Immediate....................... 0
  SSL Handshake failed............................. 1319
  NMSP Rx detected con failure..................... 0
  NMSP Tx detected con failure..................... 0
  NMSP Tx buf size exceeded........................ 0
  NMSP Tx Invalid msg id .......................... 0
  Reconnect Before Conn Timeout.................... 0
  Rogue AP Info Changed DB Full.................... 0
  Rogue AP Meas Changed DB Full.................... 0
  Rogue Client Info Changed DB Full................ 0
  Rogue Client Meas Changed DB Full................ 0
  Looking around the Internet we found a similar case where the issue was solved dealing with the authorization list upon the wireless lan controller but after the suggested check we saw that the MSE is correctly authorized inside the controller: Here's the "show auth-list" on the WLC:
  (Cisco Controller) >show auth-list
  Authorize MIC APs against AAA ................... disabled
  Authorize LSC APs against Auth-List ............. disabled
  APs Allowed to Join
    AP with Manufacturing Installed Certificate.... no
    AP with Self-Signed Certificate................ no
    AP with Locally Significant Certificate........ no
  Mac Addr                  Cert Type    Key Hash
  00:0c:29:68:c8:57         LBS-SSC      6d6703ef9cccfb5a430e04b3ad128f8170fb435c
  that perfectly matches what was on the MSE:
  cmd> show server-auth-info
  invoke command: com.aes.server.cli.CmdGetServerAuthInfo
  AesLog queue high mark: 50000
  AesLog queue low mark: 500
  Server Auth Info
  MAC Address: 00:0c:29:68:c8:57
  Key Hash: 6d6703ef9cccfb5a430e04b3ad128f8170fb435c
  Certificate Type: SSC
  Finally I tried to look around the MSE logs and here what I found tailing the locserver errors:
  ==> /opt/mse/logs/locserver/locserver-error-0-0.log <==
  11/17/12 17:54:13.513 ERROR[locp] [36] Error in ConnectHandler(endPoint) <LocpSessionTarget mode=CLIENT><LocpEndPoint status=HANDSHAKE totalBytesSent=72000 totalBytesReceived=1315800><LocpEndPoint.Key host=10.0.1.249 port=16113/></LocpEndPoint></LocpSessionTarget>
  11/17/12 17:54:13.513 ERROR[com.aes] [36] [ConnectHandler:handle-09] THROW
  javax.net.ssl.SSLHandshakeException: General SSLEngine problem
          at com.sun.net.ssl.internal.ssl.Handshaker.checkThrown(Handshaker.java:1015)
          at com.sun.net.ssl.internal.ssl.SSLEngineImpl.checkTaskThrown(SSLEngineImpl.java:485)
          at com.sun.net.ssl.internal.ssl.SSLEngineImpl.writeAppRecord(SSLEngineImpl.java:1128)
          at com.sun.net.ssl.internal.ssl.SSLEngineImpl.wrap(SSLEngineImpl.java:1100)
          at javax.net.ssl.SSLEngine.wrap(SSLEngine.java:452)
          at com.aes.server.locp.transport.IOChannelSecure.doHandshake(IOChannelSecure.java:230)
          at com.aes.server.locp.transport.LocpTransportService$ConnectHandler.handle(LocpTransportService.java:354)
          at com.aes.server.locp.transport.ChannelEventDispatcherImpl$HandlerTask.run(ChannelEventDispatcherImpl.java:348)
          at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:441)
          at java.util.concurrent.FutureTask$Sync.innerRun(FutureTask.java:303)
          at java.util.concurrent.FutureTask.run(FutureTask.java:138)
          at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886)
          at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908)
          at java.lang.Thread.run(Thread.java:662)
  Caused by: javax.net.ssl.SSLHandshakeException: General SSLEngine problem
          at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:174)
          at com.sun.net.ssl.internal.ssl.SSLEngineImpl.fatal(SSLEngineImpl.java:1528)
          at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:243)
          at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:235)
          at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1206)
          at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:136)
          at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:593)
          at com.sun.net.ssl.internal.ssl.Handshaker$1.run(Handshaker.java:533)
          at java.security.AccessController.doPrivileged(Native Method)
          at com.sun.net.ssl.internal.ssl.Handshaker$DelegatedTask.run(Handshaker.java:952)
          at com.aes.server.locp.transport.IOChannelSecure.doTasks(IOChannelSecure.java:265)
          at com.aes.server.locp.transport.IOChannelSecure.doHandshake(IOChannelSecure.java:193)
          ... 8 more
  Caused by: sun.security.validator.ValidatorException: No trusted certificate found
          at sun.security.validator.SimpleValidator.buildTrustedChain(SimpleValidator.java:346)
          at sun.security.validator.SimpleValidator.engineValidate(SimpleValidator.java:111)
          at sun.security.validator.Validator.validate(Validator.java:218)
          at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:126)
          at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:209)
          at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:249)
          at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1185)
          ... 15 more
  Everything seems to bring to a certificate error but I don't know, from a side if this is the right direction of investigfation and, from the other, where to check for this certificate and how to find a solution.
  May someone  give us some help?
  Thank in advance to all.
  Regards.
  Marco

  Hi Pongsatorn,
  This is caused by a bug with the ID - CSCub42987. And yes, it only applies to the Virtual WLC's.
  Here is the work-around: (need to be performed from the CLI of the MSE as follows)
  1. cmdshell
  2. config unauthenticated-nmsp true
  3. exit
  4. service msed restart
  Ram.

• Virtual WLC, dropping clients.

  Hello.
  I have some clients who are getting dropped på an AP. I have used the debug client command, can anyone tell what to change on the WLC to make the erros stop.
  The vWLC is running the newest version, and AP's are 1602i.
  *apfMsConnTask_6: Oct 07 16:01:16.954: 68:b5:99:45:44:8e suppRates  statusCode is 0 and gotSuppRatesElement is 1
  *apfMsConnTask_6: Oct 07 16:01:16.954: 68:b5:99:45:44:8e STA - rates (12): 130 132 139 150 12 18 24 36 48 72 96 108 0 0 0 0
  *apfMsConnTask_6: Oct 07 16:01:16.954: 68:b5:99:45:44:8e extSuppRates  statusCode is 0 and gotExtSuppRatesElement is 1
  *apfMsConnTask_6: Oct 07 16:01:16.954: 68:b5:99:45:44:8e Processing WPA IE type 221, length 22 for mobile 68:b5:99:45:44:8e
  *apfMsConnTask_6: Oct 07 16:01:16.954: 68:b5:99:45:44:8e 0.0.0.0 START (0) Initializing policy
  *apfMsConnTask_6: Oct 07 16:01:16.954: 68:b5:99:45:44:8e 0.0.0.0 START (0) Change state to AUTHCHECK (2) last state START (0)
  *apfMsConnTask_6: Oct 07 16:01:16.954: 68:b5:99:45:44:8e 0.0.0.0 AUTHCHECK (2) Change state to 8021X_REQD (3) last state AUTHCHECK (2)
  *apfMsConnTask_6: Oct 07 16:01:16.954: 68:b5:99:45:44:8e 0.0.0.0 8021X_REQD (3) DHCP required on AP 68:86:a7:ca:bd:40 vapId 5 apVapId 5for this client
  *apfMsConnTask_6: Oct 07 16:01:16.954: 68:b5:99:45:44:8e Not Using WMM Compliance code qosCap 00
  *apfMsConnTask_6: Oct 07 16:01:16.954: 68:b5:99:45:44:8e 0.0.0.0 8021X_REQD (3) Plumbed mobile LWAPP rule on AP 68:86:a7:ca:bd:40 vapId 5 apVapId 5 flex-acl-name:
  *apfMsConnTask_6: Oct 07 16:01:16.954: 68:b5:99:45:44:8e apfMsAssoStateInc
  *apfMsConnTask_6: Oct 07 16:01:16.954: 68:b5:99:45:44:8e apfPemAddUser2 (apf_policy.c:276) Changing state for mobile 68:b5:99:45:44:8e on AP 68:86:a7:ca:bd:40 from Idle to Associated
  *apfMsConnTask_6: Oct 07 16:01:16.954: 68:b5:99:45:44:8e apfPemAddUser2:session timeout forstation 68:b5:99:45:44:8e - Session Tout 0, apfMsTimeOut '0' and sessionTimerRunning flag is  0
  *apfMsConnTask_6: Oct 07 16:01:16.954: 68:b5:99:45:44:8e Stopping deletion of Mobile Station: (callerId: 48)
  *apfMsConnTask_6: Oct 07 16:01:16.954: 68:b5:99:45:44:8e Func: apfPemAddUser2, Ms Timeout = 0, Session Timeout = 0
  *apfMsConnTask_6: Oct 07 16:01:16.954: 68:b5:99:45:44:8e Sending Assoc Response to station on BSSID 68:86:a7:ca:bd:44 (status 0) ApVapId 5 Slot 0
  *apfMsConnTask_6: Oct 07 16:01:16.954: 68:b5:99:45:44:8e apfProcessAssocReq (apf_80211.c:7399) Changing state for mobile 68:b5:99:45:44:8e on AP 68:86:a7:ca:bd:40 from Associated to Associated
  *apfMsConnTask_6: Oct 07 16:01:16.961: 68:b5:99:45:44:8e Updating AID for REAP AP Client 68:86:a7:ca:bd:40 - AID ===> 3
  *dot1xMsgTask: Oct 07 16:01:16.963: 68:b5:99:45:44:8e Creating a PKC PMKID Cache entry for station 68:b5:99:45:44:8e (RSN 0)
  *dot1xMsgTask: Oct 07 16:01:16.963: 68:b5:99:45:44:8e Setting active key cache index 8 ---> 8
  *dot1xMsgTask: Oct 07 16:01:16.963: 68:b5:99:45:44:8e Setting active key cache index 8 ---> 0
  *dot1xMsgTask: Oct 07 16:01:16.963: 68:b5:99:45:44:8e Initiating WPA PSK to mobile 68:b5:99:45:44:8e
  *dot1xMsgTask: Oct 07 16:01:16.963: 68:b5:99:45:44:8e dot1x - moving mobile 68:b5:99:45:44:8e into Force Auth state
  *dot1xMsgTask: Oct 07 16:01:16.963: 68:b5:99:45:44:8e Starting key exchange to mobile 68:b5:99:45:44:8e, data packets will be dropped
  *dot1xMsgTask: Oct 07 16:01:16.963: 68:b5:99:45:44:8e Sending EAPOL-Key Message to mobile 68:b5:99:45:44:8e
                                                                                                                state INITPMK (message 1), replay counter 00.00.00.00.00.00.00.00
  *Dot1x_NW_MsgTask_6: Oct 07 16:01:16.972: 68:b5:99:45:44:8e Received EAPOL-Key from mobile 68:b5:99:45:44:8e
  *Dot1x_NW_MsgTask_6: Oct 07 16:01:16.972: 68:b5:99:45:44:8e Received EAPOL-key in PTK_START state (message 2) from mobile 68:b5:99:45:44:8e
  *Dot1x_NW_MsgTask_6: Oct 07 16:01:16.972: 68:b5:99:45:44:8e Stopping retransmission timer for mobile 68:b5:99:45:44:8e
  *Dot1x_NW_MsgTask_6: Oct 07 16:01:16.972: 68:b5:99:45:44:8e Sending EAPOL-Key Message to mobile 68:b5:99:45:44:8e
                                                                                                                      state PTKINITNEGOTIATING (message 3), replay counter 00.00.00.00.00.00.00.01
  *Dot1x_NW_MsgTask_6: Oct 07 16:01:16.981: 68:b5:99:45:44:8e Received EAPOL-Key from mobile 68:b5:99:45:44:8e
  *Dot1x_NW_MsgTask_6: Oct 07 16:01:16.981: 68:b5:99:45:44:8e Received EAPOL-key in PTKINITNEGOTIATING state (message 4) from mobile 68:b5:99:45:44:8e
  *Dot1x_NW_MsgTask_6: Oct 07 16:01:16.981: 68:b5:99:45:44:8e Stopping retransmission timer for mobile 68:b5:99:45:44:8e
  *Dot1x_NW_MsgTask_6: Oct 07 16:01:16.981: 68:b5:99:45:44:8e apfMs1xStateInc
  *Dot1x_NW_MsgTask_6: Oct 07 16:01:16.981: 68:b5:99:45:44:8e 0.0.0.0 8021X_REQD (3) Change state to L2AUTHCOMPLETE (4) last state 8021X_REQD (3)
  *Dot1x_NW_MsgTask_6: Oct 07 16:01:16.981: 68:b5:99:45:44:8e 0.0.0.0 L2AUTHCOMPLETE (4) DHCP required on AP 68:86:a7:ca:bd:40 vapId 5 apVapId 5for this client
  *Dot1x_NW_MsgTask_6: Oct 07 16:01:16.981: 68:b5:99:45:44:8e Not Using WMM Compliance code qosCap 00
  *Dot1x_NW_MsgTask_6: Oct 07 16:01:16.981: 68:b5:99:45:44:8e 0.0.0.0 L2AUTHCOMPLETE (4) Plumbed mobile LWAPP rule on AP 68:86:a7:ca:bd:40 vapId 5 apVapId 5 flex-acl-name:
  *Dot1x_NW_MsgTask_6: Oct 07 16:01:16.981: 68:b5:99:45:44:8e 0.0.0.0 L2AUTHCOMPLETE (4) Change state to DHCP_REQD (7) last state L2AUTHCOMPLETE (4)
  *Dot1x_NW_MsgTask_6: Oct 07 16:01:16.981: 68:b5:99:45:44:8e 0.0.0.0 DHCP_REQD (7) pemAdvanceState2 5952, Adding TMP rule
  *Dot1x_NW_MsgTask_6: Oct 07 16:01:16.982: 68:b5:99:45:44:8e 0.0.0.0 DHCP_REQD (7) Adding Fast Path rule
    type = Airespace AP - Learn IP address
    on AP 68:86:a7:ca:bd:40, slot 0, interface = 1, QOS = 0
    IPv4 ACL ID = 255, IPv
  *Dot1x_NW_MsgTask_6: Oct 07 16:01:16.982: 68:b5:99:45:44:8e 0.0.0.0 DHCP_REQD (7) Fast Path rule (contd...) 802.1P = 0, DSCP = 0, TokenID = 64206  Local Bridging Vlan = 1, Local Bridging intf id = 6
  *Dot1x_NW_MsgTask_6: Oct 07 16:01:16.982: 68:b5:99:45:44:8e 0.0.0.0 DHCP_REQD (7) Successfully plumbed mobile rule (IPv4 ACL ID 255, IPv6 ACL ID 255)
  *Dot1x_NW_MsgTask_6: Oct 07 16:01:16.982: 68:b5:99:45:44:8e Key exchange done, data packets from mobile 68:b5:99:45:44:8e should be forwarded shortly
  *Dot1x_NW_MsgTask_6: Oct 07 16:01:16.982: 68:b5:99:45:44:8e Sending EAPOL-Key Message to mobile 68:b5:99:45:44:8e
                                                                                                                      state PTKINITDONE (message 5 - group), replay counter 00.00.00.00.00.00.00.02
  *apfReceiveTask: Oct 07 16:01:16.982: 68:b5:99:45:44:8e 0.0.0.0 DHCP_REQD (7) State Update from Mobility-Incomplete to Mobility-Complete, mobility role=Local, client state=APF_MS_STATE_ASSOCIATED
  *apfReceiveTask: Oct 07 16:01:16.982: 68:b5:99:45:44:8e 0.0.0.0 DHCP_REQD (7) pemAdvanceState2 5576, Adding TMP rule
  *apfReceiveTask: Oct 07 16:01:16.982: 68:b5:99:45:44:8e 0.0.0.0 DHCP_REQD (7) Replacing Fast Path rule
    type = Airespace AP - Learn IP address
    on AP 68:86:a7:ca:bd:40, slot 0, interface = 1, QOS = 0
    IPv4 ACL ID = 255,
  *apfReceiveTask: Oct 07 16:01:16.982: 68:b5:99:45:44:8e 0.0.0.0 DHCP_REQD (7) Fast Path rule (contd...) 802.1P = 0, DSCP = 0, TokenID = 64206  Local Bridging Vlan = 1, Local Bridging intf id = 6
  *apfReceiveTask: Oct 07 16:01:16.982: 68:b5:99:45:44:8e 0.0.0.0 DHCP_REQD (7) Successfully plumbed mobile rule (IPv4 ACL ID 255, IPv6 ACL ID 255)
  *pemReceiveTask: Oct 07 16:01:16.982: 68:b5:99:45:44:8e 0.0.0.0 Added NPU entry of type 9, dtlFlags 0x0
  *pemReceiveTask: Oct 07 16:01:16.982: 68:b5:99:45:44:8e 0.0.0.0 Added NPU entry of type 9, dtlFlags 0x0
  *spamApTask1: Oct 07 16:01:16.990: 68:b5:99:45:44:8e Sent EAPOL-Key M5 for mobile 68:b5:99:45:44:8e
  *Dot1x_NW_MsgTask_6: Oct 07 16:01:17.001: 68:b5:99:45:44:8e Received EAPOL-Key from mobile 68:b5:99:45:44:8e
  *Dot1x_NW_MsgTask_6: Oct 07 16:01:17.001: 68:b5:99:45:44:8e Received EAPOL-key in REKEYNEGOTIATING state (message 6) from mobile 68:b5:99:45:44:8e
  *Dot1x_NW_MsgTask_6: Oct 07 16:01:17.001: 68:b5:99:45:44:8e Stopping retransmission timer for mobile 68:b5:99:45:44:8e
  *DHCP Socket Task: Oct 07 16:01:28.373: 68:b5:99:45:44:8e DHCP received op BOOTREPLY (2) (len 333,vlan 0, port 1, encap 0xec03)
  *DHCP Socket Task: Oct 07 16:01:28.373: 68:b5:99:45:44:8e DHCP setting server from OFFER (server 10.21.1.254, yiaddr 10.21.1.96)
  *DHCP Socket Task: Oct 07 16:01:28.376: 68:b5:99:45:44:8e DHCP received op BOOTREPLY (2) (len 333,vlan 0, port 1, encap 0xec03)
  *DHCP Socket Task: Oct 07 16:01:28.376: 68:b5:99:45:44:8e apfMsRunStateInc
  *DHCP Socket Task: Oct 07 16:01:28.376: 68:b5:99:45:44:8e 10.21.1.96 DHCP_REQD (7) Change state to RUN (20) last state DHCP_REQD (7)
  *DHCP Socket Task: Oct 07 16:01:28.376: 68:b5:99:45:44:8e Assigning Address 10.21.1.96 to mobile
  *DHCP Socket Task: Oct 07 16:01:28.376: 68:b5:99:45:44:8e DHCP success event for client. Clearing dhcp failure count for interface data.
  *DHCP Socket Task: Oct 07 16:01:28.376: 68:b5:99:45:44:8e DHCP success event for client. Clearing dhcp failure count for interface data.
  *pemReceiveTask: Oct 07 16:01:28.376: 68:b5:99:45:44:8e 10.21.1.96 Removed NPU entry.
  *Dot1x_NW_MsgTask_6: Oct 07 16:01:34.017: 68:b5:99:45:44:8e Received EAPOL-Key from mobile 68:b5:99:45:44:8e
  *Dot1x_NW_MsgTask_6: Oct 07 16:01:34.017: 68:b5:99:45:44:8e Received EAPOL-key to initiate new key exchange from mobile 68:b5:99:45:44:8e
  *Dot1x_NW_MsgTask_6: Oct 07 16:01:34.017: 68:b5:99:45:44:8e Initializing EAPOL-Key Request replay counter to 00 00 00 00 00 00 00 a0 for client 68:b5:99:45:44:8e
  *Dot1x_NW_MsgTask_6: Oct 07 16:01:34.017: 68:b5:99:45:44:8e Starting key exchange to mobile 68:b5:99:45:44:8e, data packets will be dropped
  *Dot1x_NW_MsgTask_6: Oct 07 16:01:34.017: 68:b5:99:45:44:8e Sending EAPOL-Key Message to mobile 68:b5:99:45:44:8e
                                                                                                                      state INITPMK (message 1), replay counter 00.00.00.00.00.00.00.03
  *Dot1x_NW_MsgTask_6: Oct 07 16:01:34.017: 68:b5:99:45:44:8e Received EAPOL-key MIC err message from  mobile 68:b5:99:45:44:8e
  *Dot1x_NW_MsgTask_6: Oct 07 16:01:34.018: 68:b5:99:45:44:8e Received EAPOL-Key from mobile 68:b5:99:45:44:8e
  *Dot1x_NW_MsgTask_6: Oct 07 16:01:34.018: 68:b5:99:45:44:8e Received EAPOL-key to initiate new key exchange from mobile 68:b5:99:45:44:8e
  *Dot1x_NW_MsgTask_6: Oct 07 16:01:34.018: 68:b5:99:45:44:8e Starting key exchange to mobile 68:b5:99:45:44:8e, data packets will be dropped
  *Dot1x_NW_MsgTask_6: Oct 07 16:01:34.018: 68:b5:99:45:44:8e Sending EAPOL-Key Message to mobile 68:b5:99:45:44:8e
                                                                                                                      state INITPMK (message 1), replay counter 00.00.00.00.00.00.00.03
  *Dot1x_NW_MsgTask_6: Oct 07 16:01:34.018: 68:b5:99:45:44:8e Received EAPOL-key MIC err message from  mobile 68:b5:99:45:44:8e
  *dot1xMsgTask: Oct 07 16:01:34.997: 68:b5:99:45:44:8e Failure sending WPA EAPOL-Key due to invalid state 2 to mobile 68:b5:99:45:44:8e
  *dot1xMsgTask: Oct 07 16:01:34.997: 68:b5:99:45:44:8e Unable to send WPA key to mobile 68:b5:99:45:44:8e
  *dot1xMsgTask: Oct 07 16:01:34.997: 68:b5:99:45:44:8e Unable to update broadcast key to mobile 68:B5:99:45:44:8E
  *osapiBsnTimer: Oct 07 16:01:35.201: 68:b5:99:45:44:8e 802.1x 'timeoutEvt' Timer expired for station 68:b5:99:45:44:8e and for message = M2
  *dot1xMsgTask: Oct 07 16:01:35.201: 68:b5:99:45:44:8e Retransmit 1 of EAPOL-Key M1 (length 99) for mobile 68:b5:99:45:44:8e
  *osapiBsnTimer: Oct 07 16:01:36.221: 68:b5:99:45:44:8e 802.1x 'timeoutEvt' Timer expired for station 68:b5:99:45:44:8e and for message = M2
  *dot1xMsgTask: Oct 07 16:01:36.221: 68:b5:99:45:44:8e Retransmit 2 of EAPOL-Key M1 (length 99) for mobile 68:b5:99:45:44:8e
  *osapiBsnTimer: Oct 07 16:01:37.241: 68:b5:99:45:44:8e 802.1x 'timeoutEvt' Timer expired for station 68:b5:99:45:44:8e and for message = M2
  *dot1xMsgTask: Oct 07 16:01:37.241: 68:b5:99:45:44:8e Retransmit failure for EAPOL-Key M1 to mobile 68:b5:99:45:44:8e, retransmit count 3, mscb deauth count 0
  *dot1xMsgTask: Oct 07 16:01:37.241: 68:b5:99:45:44:8e Resetting MSCB PMK Cache Entry 0 for station 68:b5:99:45:44:8e
  *dot1xMsgTask: Oct 07 16:01:37.241: 68:b5:99:45:44:8e Setting active key cache index 0 ---> 8
  *dot1xMsgTask: Oct 07 16:01:37.241: 68:b5:99:45:44:8e Sent Deauthenticate to mobile on BSSID 68:86:a7:ca:bd:40 slot 0(caller 1x_ptsm.c:546)
  *dot1xMsgTask: Oct 07 16:01:37.241: 68:b5:99:45:44:8e Scheduling deletion of Mobile Station:  (callerId: 57) in 10 seconds
  (Cisco Controller) >*osapiBsnTimer: Oct 07 16:01:47.442: 68:b5:99:45:44:8e apfMsExpireCallback (apf_ms.c:615) Expiring Mobile!
  *apfReceiveTask: Oct 07 16:01:47.442: 68:b5:99:45:44:8e apfMsExpireMobileStation (apf_ms.c:5827) Changing state for mobile 68:b5:99:45:44:8e on AP 68:86:a7:ca:bd:40 from Associated to Disassociated

  Hello!
  Thanks for all you help. It worked for me setting the SSID to WPA2-AES.
  I also got a nice answer from Cisco TAC:
  I went through the data you kindly provided and can see that the printer has connected to wireless, the debugs you attached to the case shows that the AP is in RUN state:
  *DHCP Socket Task: Oct 07 15:16:05.090: 68:b5:99:45:44:8e 10.21.1.96 DHCP_REQD (7) Change state to RUN (20) last state DHCP_REQD (7)
  But, after a short while, the printer started replying with invalid EAPOL messages, the debug you attached to the case showing the following g message:
  *Dot1x_NW_MsgTask_6: Oct 07 15:16:12.993: 68:b5:99:45:44:8e Ignoring invalid EAPOL version (1) in EAPOL-key message from mobile 68:b5:99:45:44:8e
  Looking to the msglog on controller, we can see the following message:
  *spamApTask1: Oct 07 19:02:37.430: #LOG-3-Q_IND: 1x_eapkey.c:618 TKIP MIC errors reported in EAPOL key msg from client 68:b5:99:45:44:8e
  *Dot1x_NW_MsgTask_6: Oct 07 19:02:37.415: #DOT1X-3-WPA_KEY_MIC_ERR: 1x_eapkey.c:618 TKIP MIC errors reported in EAPOL key msg from client 68:b5:99:45:44:8e
  *dot1xMsgTask: Oct 07 19:01:18.360: #DOT1X-3-WPA_SEND_STATE_ERR: 1x_kxsm.c:1404 Unable to send EAPOL-key msg  - invalid WPA state (2) - client 68:b5:99:45:44:8e
  *spamApTask1: Oct 07 19:01:17.439: #LWAPP-3-MIC_COUNTER: spam_lrad.c:33547 The system has received MIC countermeasure, WLAN 5, slot 0 AP Lunderskov-Salg client 68:b5:99:45:44:8e
  Looks like the printer is replying with invalid EAPOL message since it’s not compatible with TKIP encryption method, I can see on TTW-Printer SSID that WPA/TKIP is enabled on this SSID.
  The Action Plan:
  I would suggest to change the encryption method to WPA2/AES instead of WPA/TKIP, then test again, if you still have the same issue, please provide the new ‘debug client ’ output.
  Let me know if you have any questions or comments,

• Cisco LAP 2602 can not join Virtual WLC

  dear all, 
  i just install Virtual WLC and i remove WLC 2504 , i install & configured it , but LAP can not join. it was work fine with WLC 2504.
  i used the same network topology with the old WLC.
  i receive this error logs.
  *spamApTask4: Feb 04 06:01:30.082: <<<<  Start of CAPWAP Packet  >>>>
  *spamApTask4: Feb 04 06:01:30.082: CAPWAP Control mesg Recd from 10.192.200.93, Port 26711
  *spamApTask4: Feb 04 06:01:30.082:              HLEN 4,   Radio ID 0,    WBID 1
  *spamApTask4: Feb 04 06:01:30.082:              Msg Type   :   CAPWAP_DISCOVERY_REQUEST
  *spamApTask4: Feb 04 06:01:30.082:              Msg Length : 155
  *spamApTask4: Feb 04 06:01:30.082:              Msg SeqNum : 0
  *spamApTask4: Feb 04 06:01:30.082:   
  *spamApTask4: Feb 04 06:01:30.082:       Type : CAPWAP_MSGELE_DISCOVERY_TYPE, Length 1
  *spamApTask4: Feb 04 06:01:30.082:              Discovery Type : CAPWAP_DISCOVERY_TYPE_UNKNOWN
  *spamApTask4: Feb 04 06:01:30.082:   
  *spamApTask4: Feb 04 06:01:30.082:       Type : CAPWAP_MSGELE_WTP_BOARD_DATA, Length 62
  *spamApTask4: Feb 04 06:01:30.083:              Vendor Identifier      : 0x00409600
  *spamApTask4: Feb 04 06:01:30.083:              WTP_SERIAL_NUMBER : AIR-CAP2602E-I-K9
  *spamApTask4: Feb 04 06:01:30.083:   
  *spamApTask4: Feb 04 06:01:30.083:       Type : CAPWAP_MSGELE_WTP_DESCRIPTOR, Length 40
  *spamApTask4: Feb 04 06:01:30.083:              Maximum Radios Supported  : 2
  *spamApTask4: Feb 04 06:01:30.083:              Radios in Use             : 2
  *spamApTask4: Feb 04 06:01:30.083:              Encryption Capabilities   : 0x00 0x01
  *spamApTask4: Feb 04 06:01:30.083:   
  *spamApTask4: Feb 04 06:01:30.083:       Type : CAPWAP_MSGELE_WTP_FRAME_TUNNEL, Length 1
  *spamApTask4: Feb 04 06:01:30.083:              WTP Frame Tunnel Mode : NATIVE_FRAME_TUNNEL_MODE
  *spamApTask4: Feb 04 06:01:30.083:   
  *spamApTask4: Feb 04 06:01:30.083:       Type : CAPWAP_MSGELE_WTP_MAC_TYPE, Length 1
  *spamApTask4: Feb 04 06:01:30.083:              WTP Mac Type  : SPLIT_MAC
  *spamApTask4: Feb 04 06:01:30.083:   
  *spamApTask4: Feb 04 06:01:30.083:       Type : CAPWAP_MSGELE_VENDOR_SPECIFIC_PAYLOAD, Length 10
  *spamApTask4: Feb 04 06:01:30.083:              Vendor Identifier  : 0x00409600
  *spamApTask4: Feb 04 06:01:30.083: 
          IE            :   UNKNOWN IE 207
  *spamApTask4: Feb 04 06:01:30.083:      IE Length     :   4
  *spamApTask4: Feb 04 06:01:30.083:      Decode routine not available, Printing Hex Dump
  *spamApTask4: Feb 04 06:01:30.083: 00000000: 03 00 00 01                                       ....
  *spamApTask4: Feb 04 06:01:30.083:   
  *spamApTask4: Feb 04 06:01:30.083:       Type : CAPWAP_MSGELE_VENDOR_SPECIFIC_PAYLOAD, Length 12
  *spamApTask4: Feb 04 06:01:30.083:              Vendor Identifier  : 0x00409600
  *spamApTask4: Feb 04 06:01:30.083: 
          IE            :   RAD_NAME_PAYLOAD
  *spamApTask4: Feb 04 06:01:30.083:      IE Length     :   6
  *spamApTask4: Feb 04 06:01:30.083:      Rad  Name     :   
  *spamApTask4: Feb 04 06:01:30.083: CEO_AP
  *spamApTask4: Feb 04 06:01:30.083: <<<<  End of CAPWAP Packet  >>>>
  *spamApTask4: Feb 04 06:01:30.083: dc:a5:f4:8c:ff:30 Discovery Request from 10.192.200.93:26711
  *spamApTask4: Feb 04 06:01:30.083: dc:a5:f4:8c:ff:30 ApModel: AIR-CAP2602E-I-K9
  *spamApTask4: Feb 04 06:01:30.083: dc:a5:f4:8c:ff:30 Join Priority Processing status = 0, Incoming Ap's Priority 1, MaxLrads = 200, joined Aps =0
  *spamApTask4: Feb 04 06:01:30.083: apModel: AIR-CAP2602E-I-K9
  *spamApTask4: Feb 04 06:01:30.083: apType = 26 apModel: AIR-CAP2602E-I-K9
  *spamApTask4: Feb 04 06:01:30.083: apType: Ox1a bundleApImageVer: 8.0.110.0
  *spamApTask4: Feb 04 06:01:30.083: version:8 release:0 maint:110 build:0
  *spamApTask4: Feb 04 06:01:30.083: dc:a5:f4:8c:ff:30 Discovery Response sent to 10.192.200.93 port 26711
  *spamApTask4: Feb 04 06:01:30.083: dc:a5:f4:8c:ff:30 Discovery Response sent to 10.192.200.93:26711
  Please any help.

  dear
  yes  the wlc  2504  is 8.0.110 but because its damaged i replaced it with  new vWLC v 8.0.110.
  also i can not put the LAP in flexconnect until its joint.

• Cti port and cti route port on CUCM

  I always confuse the meaning and usage of cti port and cti route port, can somebody explain to me? thanks.

  when i got the explanation on this the 1st time this is what they told me:
  the CTI route point is a virtual device that is always available and handles the call until the JTAPI app (UCC, CUE, 3rd party VM, etc)
  this is where the call is answered, where it's put on hold, etc.
  the purpose of the CTI route point is to have a DN that can take all the calls. The CTI RP also communicates with the JTAPI app to let it know that it got a call and asks what to do with it. the JTAPI app at some point tells the CTI RP to send it to a CTI port
  the CTI Port is just like a phone line, it takes the RTP stream and is where all the interaction takes place, you enter your ID, information, password, etc.
  it can only take one call at a time and the number of CTI Ports an app has registered equals the max number of call it can take at any given time
  HTH

• The Port : 6001 is not working in the system

  Hi Experts,
  OS   :  AIX 6.1
  SAP :  SAP Netweaver EHP1
  In the OS level the Port : 6001 is not working and giving the out put as...
  pb2adm> telnet abcprdpb2 6001
  Trying...
  telnet: connect: A remote host refused an attempted connect operation.
  Virtual host : abcprdpb2
  As it is the BI java stack system & I configured the SMD & wily in the system. From the BI java stack system the wily agent is not working and it uses the port : 6001.
  Now the issue is regarding to the port : 6001
  when telnet in the same system which is Virtual host : abcprdpb2 is not working and which I have given the output above. It is working when I telnet to the other systems. Please see the output  below...
  pb2adm>  telnet abcprd001 6001
  Trying...
  Connected to abcprd001.
  Escape character is '^]'.
  Connection closed.
  From other system  virtual host : abcprd001
  As I have checked with the firewall team and said it is fine in the system and same us AIX team also. But still port : 6001 issue is not resolved in the Virtual host : abcprdpb2
  Can you please let me know how to open the port : 6001 in the Virtual host : abcprdpb2 and also how we can confirm that port : 6001 is opened or blocked in the Virtual host : abcprdpb2.
  Thanks & Regards,
  Sandeep.

  Hi,
  The both mentioned virtual systems are in different LPAR's (Physical host).
  Already I have checked the /etc/services and looks every thing is fine in the file. I have also checked the file inetd.conf  and I didn't find any thing # on the Telnet.It seems every thing is fine in the both files.
  Can you please look in to it and provide some thing which I have to look in the OS level.
  Thanks & Regards,
  Sandeep

• How can i browse FP 2000 via serial port same use Ethernet port(RJ 45)?

  I am a new user for  labview.I develope my program with FP 2000 but I have some problem
    1 How can i browse FP 2000 via serial port same use Ethernet port(RJ 45)? if it can Tell me please.
    2 If  I use GSM/GPRS modem via FP 2000 rs 232 port (I under stand how to send AT command) and leave it stand alone
       Can I dial modem and browse file in FP 2000 same as use Ethernetport?
  Someone please help me.Thank you very much.

  Hi!
      First, I can say that your project involves many things, I cannot describe all features in the forum, and I'm not used with GPRS modems (my modems are base band serial modems...).
      Anyway, I would say that in your project you should proceed like this:
        1) Configure your FP 2000 module via MAX and ethernet connection;
        2) Download an embedded application to your module (build in LabView Real-Time)
        3) In your application, you should build a kind of serial port manager, and by the means of serial port you send/receive commands from PC.
      The commands from PC can include "Tell me the about the FP 2000 file system ", or "switch on line X", or anything you need.
     I think it would be difficult to use Internet exp, because you use IE with TCP/IP, and TCP/IP is over ethernet.
     I know that for Windows you can find some wrappers that make you "see" the serial port as an ethernet, but these wrapper do not exist under filed Point, and you shoul build one yourself!!!(and that's not easy).
      For example, to browse your files, you should build a VI that searches through your file system, and reports, via serial, the files present in a directory (it's an example....).
      About communication between GPRS modems and FP2000, I know nothing.  I suppose that these modems accept serial inputs, so you'll have to configure your serial port on FP 2000 with the correct baud rate, parity, and so on..... and you send your data to the modem.  The modem will transfer data in its way, no matter on how it does.
      To send data to your modem you shoud take a look to some Serial communication examples.  What I suggest you, first, is to connect the serial port of FP2000 to a PC, and test communication between PC and FP2000, without modems. Just direct cable connection!  If you're able to do this, insertion of modems is the next step, and should be quite easy.  If you're not able to make the PC receive strings of data from FP2000, over  RS232, adding modems is a further complication, and you won't come out of this mess!
     So, what I say, is just build, for now, a simple embedded application for FP2000, that, using RS232, sends data to a PC (you should see data sent with use of Hyper terminal).
      To build this application, use Instrument I/O --> VISA commands (VISA open, VISA write, and Property node should be enough, for now).
     Please, let me know if this helps......
      Have a nice (programming) day!
  graziano

• Set-VMNetworkAdapterVlan throws Failed while applying switch port settings 'Ethernet Switch Port VLAN Settings' error

  Hi,
  I'm following this
  guide I'm getting an error when running the below command:
  Set-VMNetworkAdapterVlan -vmname PurpleVM1 -Isolated -PrimaryVlanId 2 –SecondaryVlanId 4
  Generates the following error:
  Set-VMNetworkAdapterVlan : The operation failed.
  Failed while applying switch port settings 'Ethernet Switch Port VLAN Settings' on switch 'New Virtual Switch': One or
  more arguments are invalid (0x80070057).
  A parameter that is not valid was passed to the operation.
  Does anyone know why this is happening?
  ta

  Hi TomG101,
  It seems that there is a configuration conflict on the virtual switch port .
  Also I tested the command on my lab , it works .
  For troubleshooting please  create a new virtual switch then try to configure again .
  Any further information please feel free to let us know .
  Best Regards
  Elton Ji
  We
  are trying to better understand customer views on social support experience, so your participation in this
  interview project would be greatly appreciated if you have time.
  Thanks for helping make community forums a great place.