[WLAN Controller] Disconnect Client PC in AP

Similar Messages

• WLAN Controller 4402 - Port HA Fails

  We have a WLAN Controller 4402, with firmware version 4.0.206.0. The ports are connected to 2 separate switches. 'ap-manager' is on port 1, and 'ap-manager 2' is on port 2. The wireless network is running fine when both ports are connected. However, when I disconnect port 1, the client be disassociated, then re-associated, but unable to grab DHCP IP address. I have also assigned a static IP address on the client, but is unable to ping anywhere, not even the gateway. From what I understand, the ports should be able to backup each other in case of failure, but the HA does not seem to work. What could be wrong?

  Let me make sure I understand something about this bug your referring to. In order to see if this might be affecting us I would want to change my controllers ap-manager interface gateway address from that of the hsrp address, to one of the actual ip addresses setup on the router right?
  I think this might be the problem with my rollout. Seems like ever so often everyone looses their wireless connection. you can be working one minute perfect signal and everything, then without moving or anything boom your disconnected. Just recently converted every AP to WCS/WLC and then this started happening.
  My concern is that I have two VLANs setup for my wireless with HSRP. One VLAN for all my AP's and ap-manager interface and such. One VLAN for wireless clients.
  Both VLANs setup on the core 6509's with the standby IP as the default gateway.
  Wondering if the problem is only related to the vlan for ap-manager interface? Are maybe I need to do the same for the wireless lan interface for the clients?

• Communication between : AP and WLAN controller

  Hi,
  The communication between AP and WLAN Controller is ( Data and Control ) UDP.
  Source port 1024 and destination port 12222 and 12223. Actually which device listen to which port or both should listen as control and data can be generated from both the devices.
  How does the user ( wireless client) traffic is switched - if user traffic is a TCP traffic. It will be sent to WLANC and then WLANC forwards it to respective VLAN or default gateway ( depending upon the destination in the packet ).
  Please explain / share the experience.
  any link on cisco.com
  Thanka in advance
  Subodh

  "the LWAPP Control and Data messages are encapsulated in UDP packets that are carried over the IP network. The only requirement is established IP connectivity between the access points and the WLC. The LWAPP tunnel uses the access point's IP address and the WLC's AP Manager interface IP address as endpoints. The AP Manager interface is explained in further detail in the
  implementation section. On the access point side, both LWAPP Control and Data messages use an ephemeral port that is derived from a hash of the access point MAC address as the UDP port. On the WLC side, LWAPP Data messages always use UDP port 12222. On the WLC side, LWAPP Control messages always use UDP port 12223.
  The mechanics and sequencing of Layer 3 LWAPP are similar to Layer 2 LWAPP except that the packets are carried in UDP packets instead of being encapsulated in Ethernet frames."
  Taken from "Cisco 440X Series Wireless LAN Controllers Deployment Guide"

• Cisco LWAP & WLAN Controller Flexconnect Across HP Switches

  Hello All, I'm looking for a little guidance in making the needed routing and switching configuration changes on our Corporate Network to accomadate flex connect functionality for Cisco Lightweight Access Points (LWAPs).  The LWAPs that are currently configured on our network only work when our WLAN Controller is up and running and I need for them to be disconnectable so that we can move the WLAN Controller to our virtual co-lo.  It should be known that I inhereted this network from the previous admin and have been working hard to map everything out to the best of my ability.  Also, the WLAN controller is already operating in our production network so it limits my ability to do much testing. 
  Just FYI, I'm a new Systems Admin promoted from a Desktop Support role and have my CCENT (Currently working on CCNA & MCITP Server Admin) so I have some knowledge but it is limited on the networking and switching side of things.  Unfortunately, the Senior Systems Admin has even less knowledge of networking than me and I don't really have anyone to turn to which is why I'm posting here.  I would have utilized GNS to help me simulate the configuration however there are HP switches in the mix and no means of emulating them.
  -Relevant Device List-
  (CONSA251) Sonicwall  NSA 240 - 10.1.1.251
    Interface Information 
  Interface    IP Address    Description   
  X0  ->  LAN
    10.1.1.251   LAN Interface  
  X1  ->  WAN
    *************   Time Warner WAN  
  X2  ->  DMZ
    *************   DMZ Interface  
  X3  ->  WAN
    *************   Sprint WAN  
  X0-V20  ->  LAN
    10.1.101.1   Corporate WLAN  
  X0-V30  ->  LAN
    192.168.1.1   Guest WLAN 
  (CORT250) Cisco 3845 - 10.1.1.250
  (CO-WLAN-CTRLER) Cisco 5508 Wireless Controller - 10.1.1.2
  (COSW240) HP Procurve 4108GL - 10.1.1.240
  (COSW238) HP Procurve 2510B-24 - 10.1.20.238
  (CORP-AP-MIS) AIR-LAP1131AG-A-K9 - 10.1.1.79
  (COSW239) HP1810G-24 - No IP (Inaccesible but being replaced)
  I will now go on to explain our network topology as it pertains to the WAPs and WLAN Controller and how I believe it needs to be configured in order to operate from my perspective. 
  Our Corporate and Guest Wireless Access is provided via the Sonicwall CONSA251 through a connection from the X0 interface to HP Switch COSW239 which is then connected to WLAN Controller CO-WLAN-CTRLER as detailed below:
  Device - Interface Name/Port
  CONSA251 - X0
  COSW239  - 2
  COSW239  - 18,19
  CO-WLAN-CTRLER - 2,3
  The WLAN Controller currently communicates with all the LWAPs via Layer 3 TCP\IP as I understand it and then routes all DHCP requests and traffic destine for the 10.1.101.1 (corporate WLAN) and 192.168.1.1 (Guest WLAN) to the Sonicwall and vice versa.
  Now what I am trying to do is VLAN the LWAP CORP-AP-MIS across the HP Switches to the X0 interface on the Sonicwall NSA240 where it will be able to route traffic via VLAN 20 & 30.  The problem lies in my inexperience with HP VLAN configurations and how the ports need to be configured on each device so it can route traffic to the Sonicwall when the WLAN Controller is shutdown.
  The LWAP CORP-AP-MIS layer 2 trace to the WLAN Controller is as shown below:
  Device - Interface Name/Port
  CORP-AP-MIS -  FA/0
  COSW238     - 16
  COSW238     - 25
  COSW240     - B4
  COSW240     - H6
  CORT250     - GigabitEthernet0/0
  CORT250     - Se1/0
  CONSA251    - X0
  Now for all intesive purposes the Corporate Router CORT250 should probably be handling the routing for our Corporate and Guest Wireless network however that was not the way it was originally setup and I have to work with what was inhereted.  The Corporate Router CORT250 has a default route to the Sonicwall and the Sonicwall CONSA251 has all the routing already in place for the Corporate & Guest WLANs.
  What I would like to do is VLAN off the X0-V20&V30 accross multiple switches and switchports to each LWAP in our building.  I do have the LWAP I'm testing on configured with Flex Connect which I understand is required for it to be disconnectable.
  Any guidance on how I would go about configuring this accross devices would be appreciated.  I know there are some difference between HP and Cisco Switching terms and how tagging, untagging, and trunking works however I lack the experience to apply this in practice especially in a production environment. 
  I will be happy to provide any additional information or clarification that is needed.  Thank you in advance for the help.

  Just to add about the ISE... you can profile, but having only one ssid might or might not work in your situation.  Also if you end up with remote sites or ap's in h-reap mode, currently ISE cant do any profiling.  If you go with the 7500 or 5508/WiSM2, they don't really do an active-active or active backup. They are both up and you can split the load or put all ap's on one, its up to you.  I usually split the load just to make sure both are working.  I don't want to all of a sudden loose the primary and then find out my secondary/backup is not working.

• I need to bridge a printer off a wireless bridge using a 4402 WLAN Controller

  I need to bridge a printer off a wireless bridge using a 4402 WLAN Controller.  Would I need to make any changes on the 4402 WLAN Controller?

  One options is to take a cisco autonmous access point and configure it as a WGB. And no, you would not have to do anything special to the WLC in thay deisgn. The WGB would act as a wireless client.
  Make sense?

• Data flow using a WLAN controller

  Can someone explain the flow of data from wireless client to some destination in the internal network (or the Internet) using a WLAN Controller? Use a 4402 as an example.
  Specifically, I am wondering if client traffic actually passes thru the WLAN Controller (4402). I am reading the configuration guide and it doesn't seem to be explicitly stated one way or the other.

  Hi Ken,
  This is a very common question these days.
  Here is a recent thread as well as an excerpt from a good doc:
  http://forum.cisco.com/eforum/servlet/NetProf?page=netprof&forum=Wireless%20-%20Mobility&topic=Getting%20Started%20with%20Wireless&CommCmd=MB%3Fcmd%3Ddisplay_location%26location%3D.1ddaca5d
  In the Cisco Centralized WLAN architecture, LWAPP-enabled access points operate in the lightweight mode (as opposed to the autonomous mode). The access points associate to a Cisco WLAN controller. The controller manages the configuration, firmware, and control transactions such as 802.1x authentication. In addition, all wireless traffic is tunneled through the controller.
  LWAPP is an IETF draft protocol that defines the control messaging for setup and path authentication and run-time operations. LWAPP also defines the tunneling mechanism for data traffic.
  In an LWAPP environment, a Cisco Aironet LWAPP-enabled access point discovers a controller by using LWAPP discovery mechanisms and then sends it an LWAPP join request. The controller sends the access point an LWAPP join response allowing the access point to join the controller. When the access point is joined, the controller downloads its software if the versions on the access point and controller do not match.
  LWAPP secures the control communication between the access point and controller by means of a secure key distribution, utilizing X.509 certificates on both the access point and controller.
  From this doc:
  http://www.cisco.com/en/US/products/hw/wireless/ps430/products_quick_start09186a00805100f5.html#wp47092
  Hope this helps!
  Rob
  Please remember to rate helpful posts.........

• WLAN controller redundancy over IP VPN

  Customer currently has a Cisco 5500 WLAN controller at one of our datacenters. They want to add a WLAN controller as redundancy at their local site which shall be used as a secondary failover controller. This site is reachable over VPN. Which redundancy options do I have here? As i understand with HA functions the controllers has to be within the same L2 network and have low latency. Is my only option here to manually configure a new controller, buy double the AP licenses and copy the config from the old one? And if the first fail the APs would need to reboot and reassociate with the secondary controller?
  Would be really greatful if someone could point me in the right direction :)

  You have a few options .. 
  1. Buy two fully licensed controllers. One primary one secondary and configure as such.
  2. HA N+1 where you buy one fully licensed controller and one HA controller or a controller with a minimum of 50 licenses. Put the secondary controller into ha mode and it will go to max licenses. 
  http://www.cisco.com/c/en/us/td/docs/wireless/technology/hi_avail/N1_High_Availability_Deployment_Guide/Licensing.html
  3. APSSO AND CLIENT SSO this is where you need layer 2. There is a data base that syncs between the
  http://www.cisco.com/c/en/us/td/docs/wireless/controller/technotes/7-5/High_Availability_DG.pdf

• Problem Wlan Controller 5508

  Friends,
  I have a problem authenticate with AP AIR-LAP1131AG-AK9 to Wlan Controller 5508 (software versión of the Wlan Controller6.0.202.0 ). This AP always tries to authenticate with Wlan Controller. Maybe it tries to download the ios version.
  Could be a hardware problem.
  I am going to attach the log file.
  Thank.
  Marco.

  *Nov 23 20:28:50.348: %APF-3-AID_UPDATE_FAILED: apf_80211.c:5744 Error updating Association ID for REAP AP Client64:00:f1:12:b1:d0 - AID 4
  *Nov 23 20:28:50.348: %LWAPP-3-MAX_AID2: spam_api.c:1045 Reached max limit on the association ID for AP (max association ID 256)
  Looks like a great case for TAC.
  This is an HREAP AP?   It looks like it is associated fine with the WLC (no logs indicating it is trying) but instead it looks like Client Associations are breaking because it thinks it is up to 256 AIDs.....?
  Maybe this is a common error, but it hasn't cross my path before...

• WLAN CONTROLLER 2100

  We have have three different locations on three different subnets 172.17.0.0/16, 172.20.0.0/24 and 172.21.0.0/24.
  An MPLS connects all three offices together.
  All three routers are doing DHCP server for their respective LAN
  All internet traffic must pass through 172.17.0.0/16 where I have my sonic wall firewall.
  My aim is to deploy the WLAN controller on the 172.17.0.0/16 network.
  Then plug 1131LAP access points on each of the subnets.
  Access points are able connect to the controller but my challenge is that when a client connects to an any of the APs, dhcp is assigned from the 172.17.0.0/16 LAN irrespective of which location the client is connecting from.
  When I log in to the controller I can see that the APs are assigned ip address from the dhcp server at their location e.g AP at 172.21.0.0/24 gets an ip address of 172.21.0.42/24 from its local router but when a client connects to that same AP the client is given an ip from 172.17.0.0/16 network.

  Thanks Scot. Yes I configured a guest WLAN and allowed tunnel to WLC but I had problem in dealing with access rule configuration.Here is what I did;
  I created a "Guest" interface on physical port number 2,then assigned a completely different IP address of 192.168.0.2
  Create a guest SSID and assigned it to the guest interface.
  On the firewall device (NSA 2400) I configured a second physical interface (GUEST ZONE) 192.168.0.1 and defined a dhcp scope on this interface
  Create access rule that
  Denys traffic from GUEST > LAN and LAN > GUEST
  Allows traffic from GUEST to WAN and WAN to GUEST
  Then connect WLC port 2 to the guest interface port on NSA 2400 device.
  When clients connects to the guest SSID,ip is assigned correctly from the Firewall device.
  From windows connection icon I can that there is access to the Internet but it won't browse
  Also a ping to the WLC interface 192.168.0.2 replies fine but
  Ping to firewall 192.168.0.1 times out continuously.
  Is it possible for me to define acl within the WLC that will block traffic from the guest LAN to our corporate LAN so that I can forget about the access rule within the NSA 2400 .?
  Once again thank you so much your post has being very helpful
  Sent from Cisco Technical Support iPad App

• WLAN Controller Required?

  Currently developing a solution to convert simple Windows wired domain to wireless.
  Considering using ten Aironet 1100 APs for 200 Windows XP clients on a single network/domain. Clients will authenticate using certificates with RADIUS (IAS) over EAP-TLS. Each Aironet will support 20 clients and will be wired back to the RADIUS server.
  What Cisco software is required on the 1100s and what WLAN controller (if any) is required?
  Thanks!

  If you plan on using the Cisco Unified Wireless Solution, you would require a controller. Different models supports different number of AP's. For 10 Ap's which would be required in your place, a 4402 controller which supports 12 AP's should be a good choice.
  The AP's download the code from the controller and hence just need a recovery image. The controller would come preloaded with the software required and you can upgrade to th latest code. Please refer toe the documentation below.
  http://cisco.com/en/US/prod/collateral/wireless/ps5678/ps6521/product_at_a_glance0900aecd805df476.pdf
  Pushkar

• Wlan controller option 150

  Hi friend,
  Its posible enable option 150 (for phone) in wlan lan controller 5508, i want to create a DHCP POOL for my Wireless IP PHONE, but i can this option.
  other solución could be to use a DHCP externel ( like router), but the broadcast traffic dont pass from Wlan Controller to Router.
  Could you helpe me please.
  Marco.

  Marco,
       The DHCP server in the WLC is not fully functional.  You can only set the subnet, GW and DNS that the client uses.  You can't set any of the advanced features, like option 150 for the TFTP server.
  Now, under the interface for the phone subnet, what do you have set for the DHCP server?  if you set it to a router/switch/server the WLC will proxy the request to the device.  and the client will get the correct address.
  If you are using a secrity device, this won't work.  You'll need to disable DHCP proxy. 
  From the GUI Controller > Advanced > DHCP, and uncheck the box.
  From the CLI config dhcp proxy disable
  Once this is done, make sure you have the ip helper-address under the L3 interface and point to the DHCP server.
  HTH,
  Steve
  Please remember to rate helpful posts or to mark the question as answered so that it can be found later.

• WLAN Controller Displays Interface IP in Web Authentication URL Instead of FQDN

  Hi,
  Can someone offer any help with the issue below please?
  I have a guest wlan configured on a Cisco 2106 WLAN controller. Guest users are redirected to a Web Authenticaion page when they try to access the internet through a web browser, and can only proceed by succesfully authenticating with the controller.
  The problem I have is that the guest users are presented with an SSL certficate error before they hit the web authentication page. I have installed an SSL certificate from Verisign on the controller, and have configured an FQDN for the interface that is used for the guest wlan. However, the certificate error still persists because when the user is re-redirected to the web auth page, the URL in the address bar is presented as the IP address of the interface instead of the FQDN, For example, when a user is redirected, the address bar in their web browser displays; https://1.1.1.5/ instead of https://guestwifi.domain.com/ The SSL certificate that is installed on the controller is securing the FQDN of the interface.
  I'm not sure if i'm missing something here, but i'm struggling to find how to get the FQDN to display instead of the IP.
  Thanks,
  Paul

  I'm not following what you mean when you sayd "FQDN for the interface that is used for the guest wlan"......
  I assume you configured the Virtual Interface  to have the dns entry as guestwifi.domain.com but clients are still being redirected to the virtual IP itself and not the dns name? 
  The only reason I can think of for that happening was if the WLC had not been rebooted since applying the DNS name to the Virtual Interface (it takes a reboot to modify client redirect stuff, the same goes for http vs https).
  so guestwifi.domain.com should have a DNS entry resolving to 1.1.1.5, that entry should be on your virtual interface, and upon reboot you should always redirect to guestwifi.domain.com unless you manually type https://1.1.1.5 in the browser.

• Wlan Controller Hotspot Solution

  Hi,
  We are using cisco wlan controller for our wireless network. By the way we need guest internet access for our guests. Can we make a hotspot solution with only our controller? I mean the user will join the guest network and then a web page opens then user enters the credentials. Then he can use the internet.
  Thanks.

  Its better to use different Vlans:
  The LAP is registered to the WLC. The WLC is connected to the Layer 2 switch. The router that connects the users to the WAN also connects to the Layer 2 switch. You need to create two WLANs, one for the guest users and the other for the internal LAN users. You also need a DHCP server to provide IP addresses for the guest and internal wireless clients. The guest users use web authentication in order to access the network. The internal users use EAP authentication. The 2811 router also acts as the DHCP server for the wireless clients.
  Note: This document assumes that the WLC is configured with the basic parameters and the LAP is registered to the WLC. Refer to Lightweight AP (LAP) Registration to a Wireless LAN Controller (WLC) for information on how to configure the basic parameters on a WLC and how to register the LAP to WLC.
  When configured as a DHCP server, some of the firewalls do not support DHCP requests from a relay agent. The WLC is a relay agent for the client. The firewall configured as a DHCP server ignores these requests. Clients must be directly connected to the firewall and cannot send requests through another relay agent or router. The firewall can work as a simple DHCP server for internal hosts that are directly connected to it. This allows the firewall to maintain its table based on the MAC addresses that are directly connected and that it can see. This is why an attempt to assign addresses from a DHCP relay are not available and the packets are discarded. PIX Firewall has this limitation.

• Problem WLAN controller 4400

  There is a WLAN controller 4400 which controls the access points. There is a collapse of all access points from 00:00 to 00:12.
  The link is working properly, no problems with the AC, the point is not restarted.
  Logging
  1.  May 24 2010 00:01:08 CAPWAP 3 ECHO_ERR capwap_ac_sm.c:5116 Did not receive heartbeat reply; AP: 00:3a:98:5e:f7:80 *
  2.  May 24 2010 00:02:38 CAPWAP 3 ECHO_ERR capwap_ac_sm.c:5116 Did not receive heartbeat reply; AP: 00:26:ca:b7:ce:30 *
  3.  May 24 2010 00:02:49 DOT1X 3 ABORT_AUTH 1x_bauth_sm.c:447 Authentication aborted for client 00:15:70:f1:e4:b4 *
  4.  May 24 2010 00:03:07 APF 3 INVALID_RADIO_TYPE apf_api.c:27324 Invalid radio type 255 received. *
  5.  May 24 2010 00:06:50 APF 3 INVALID_RADIO_TYPE apf_api.c:27324 Invalid radio type 255 received. *
  6.  May 24 2010 00:06:50 APF 3 INVALID_RADIO_TYPE apf_api.c:27337 Invalid radio type 255 received. *
  7.  May 24 2010 00:06:50 APF 3 INVALID_RADIO_TYPE apf_api.c:27324 Invalid radio type 255 received. *
  8.  May 24 2010 00:06:50 APF 3 INVALID_RADIO_TYPE apf_api.c:27337 Invalid radio type 255 received. *
  9.  May 24 2010 00:07:03 APF 3 INVALID_RADIO_TYPE apf_api.c:27324 Invalid radio type 255 received. *
  10.  May 24 2010 00:07:03 APF 3 INVALID_RADIO_TYPE apf_api.c:27337 Invalid radio type 255 received. *
  11.  May 24 2010 00:07:10 APF 3 INVALID_RADIO_TYPE apf_api.c:27324 Invalid radio type 255 received. *
  12.  May 24 2010 00:07:10 APF 3 INVALID_RADIO_TYPE apf_api.c:27337 Invalid radio type 255 received.

  If your WLC firmware is 5.X then I would like to recommend you upgrade to 6.X.

• AIR-LAP1310G-E-K9 acces point not joining to 5508 wlan controller

  Hi,
  I have Cisco AIR-LAP1310G-E-K9 access point and 5508 wlan controller with version 7.0.220 and it is joining to the WLAN controller.  I have enabled dhcp in the lan controller and i dont have external dns server. How to fix this issue?  Can this LAN controller version will support this access point? 
  My Lan Controller Management IP Address is 10.10.10.5
  Please find the below configuration of 1300 access point.
  AP001d.4513.dd68#reload
  Proceed with reload? [confirm]
  %SYS-5-RELOAD: Reload requested by console. Reload Reason: Reload Command.
  %LWAPP-5-CHANGED: LWAPP changed state to DOWNXmodem file system is available.
  flashfs[0]: 4 files, 2 directories
  flashfs[0]: 0 orphaned files, 0 orphaned directories
  flashfs[0]: Total bytes: 7741440
  flashfs[0]: Bytes used: 2052608
  flashfs[0]: Bytes available: 5688832
  flashfs[0]: flashfs fsck took 14 seconds.
  Base ethernet MAC Address: 00:1d:45:13:dd:68
  Initializing ethernet port 0...
  Reset ethernet port 0...
  Reset done!
  ethernet link up, 100 mbps, full-duplex
  Ethernet port 0 initialized: link is up
  Unable to get our ip address: no "IP_ADDR" variable set
  The system has been encountered and error initializing
  tftp file system. The system is ignoring the error and
  continuing boot. If you interrupt the system boot process,
  the following commands will set IP_ADDR, DEFAULT_ROUTER
  and NETMASK environment variables, initializing tftp file
  system, and finish loading the operating system software:
      set IP_ADDR
      set DEFAULT_ROUTER
      set NETMASK
      tftp_init
      boot
  Loading "flash:/c1310-rcvk9w8-mx/c1310-rcvk9w8-mx"...############################################################################################################################################################################################
  File "flash:/c1310-rcvk9w8-mx/c1310-rcvk9w8-mx" uncompressed and installed, entry point: 0x3000
  executing...
                Restricted Rights Legend
  Use, duplication, or disclosure by the Government is
  subject to restrictions as set forth in subparagraph
  (c) of the Commercial Computer Software - Restricted
  Rights clause at FAR sec. 52.227-19 and subparagraph
  (c) (1) (ii) of the Rights in Technical Data and Computer
  Software clause at DFARS sec. 252.227-7013.
             cisco Systems, Inc.
             170 West Tasman Drive
             San Jose, California 95134-1706
  Cisco IOS Software, C1310 Software (C1310-RCVK9W8-M), Version 12.4(10b)JA3, RELEASE SOFTWARE (fc1)
  Technical Support: http://www.cisco.com/techsupport
  Copyright (c) 1986-2008 by Cisco Systems, Inc.
  Compiled Wed 19-Mar-08 19:09 by prod_rel_team
  Image text-base: 0x00003000, data-base: 0x003BE9E0
  Initializing flashfs...
  flashfs[1]: 4 files, 2 directories
  flashfs[1]: 0 orphaned files, 0 orphaned directories
  flashfs[1]: Total bytes: 7741440
  flashfs[1]: Bytes used: 2052608
  flashfs[1]: Bytes available: 5688832
  flashfs[1]: flashfs fsck took 2 seconds.
  flashfs[1]: Initialization complete....done Initializing flashfs.
  This product contains cryptographic features and is subject to United
  States and local country laws governing import, export, transfer and
  use. Delivery of Cisco cryptographic products does not imply
  third-party authority to import, export, distribute or use encryption.
  Importers, exporters, distributors and users are responsible for
  compliance with U.S. and local country laws. By using this product you
  agree to comply with applicable laws and regulations. If you are unable
  to comply with U.S. and local laws, return this product immediately.
  A summary of U.S. laws governing Cisco cryptographic products may be found at:
  http://www.cisco.com/wwl/export/crypto/tool/stqrg.html
  If you require further assistance please contact us by sending email to
  [email protected].
  cisco AIR-LAP1310G-E-K9R   (PowerPCElvis) processor (revision A0) with 24566K/8192K bytes of memory.
  Processor board ID FHK1133E002
  PowerPCElvis CPU at 262Mhz, revision number 0x0950
  Last reset from reload
  LWAPP image version 3.0.51.0
  1 FastEthernet interface
  32K bytes of flash-simulated non-volatile configuration memory.
  Base ethernet MAC Address: 00:1D:45:13:DD:68
  Part Number                          : 73-8960-09
  PCA Assembly Number                  : 800-24963-06
  PCA Revision Number                  : A0
  PCB Serial Number                    : FOC113000V7
  Top Assembly Part Number             : 800-28479-05
  Top Assembly Serial Number           : FHK1133E002
  Top Revision Number                  : B0
  Product/Model Number                 : AIR-LAP1310G-E-K9R
  The name for the keys will be: ap.cisco.com
  % The key modulus size is 1024 bits
  % Generating 1024 bit RSA keys, keys will be non-exportable...[OK]
  ip ssh version 2
      ^
  % Invalid input detected at '^' marker.
  transport input ssh
                   ^
  % Invalid input detected at '^' marker.
  aaa new-model
  ^
  % Invalid input detected at '^' marker.
  aaa authentication login default enable local none
  ^
  % Invalid input detected at '^' marker.
  o
  ^
  % Invalid input detected at '^' marker.
  Press RETURN to get started!
  *Mar  1 00:00:05.442: %LINK-3-UPDOWN: Interface FastEthernet0, changed state to up
  *Mar  1 00:00:06.473: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0, changed state to up
  *Mar  1 00:00:07.817: %SYS-5-RESTART: System restarted --
  Cisco IOS Software, C1310 Software (C1310-RCVK9W8-M), Version 12.4(10b)JA3, RELEASE SOFTWARE (fc1)
  Technical Support: http://www.cisco.com/techsupport
  Copyright (c) 1986-2008 by Cisco Systems, Inc.
  Compiled Wed 19-Mar-08 19:09 by prod_rel_team
  Translating "CISCO-LWAPP-CONTROLLER"...domain server (255.255.255.255)
  transport input ssh
                   ^
  % Invalid input detected at '^' marker.
  *Mar  1 00:00:33.860: %LWAPP-3-CLIENTEVENTLOG: Performing DNS resolution for CISCO-LWAPP-CONTROLLER
  *Mar  1 00:00:33.860: %LWAPP-3-CLIENTERRORLOG: DNS Name Lookup: could not resolve CISCO-LWAPP-CONTROLLER
  *Mar  1 00:00:33.861: %LWAPP-5-CHANGED: LWAPP changed state to DISCOVERY
  logging origin-id string AP:001d.4513.dd68
           ^
  % Invalid input detected at '^' marker.
  logging 255.255.255.255
          ^
  % Invalid input detected at '^' marker.
  logging trap 3
          ^
  % Invalid input detected at '^' marker.
  *Mar  1 00:00:37.440: Logging LWAPP message to 255.255.255.255.
  AP001d.4513.dd68>
  %LWAPP-3-CLIENTEVENTLOG: Forcing AP to obtain IP address using DHCP
  %DHCP-6-ADDRESS_ASSIGN: Interface FastEthernet0 assigned DHCP address 10.10.10.46, mask 255.255.255.0, hostname AP001d.4513.dd68
  Translating "CISCO-LWAPP-CONTROLLER.CISCO-LWAPP-CONTROLLER.mydomain.com"...domain server (10.10.10.5)
  %LWAPP-3-CLIENTEVENTLOG: Did not get vendor specific options from DHCP.
  %LWAPP-3-CLIENTEVENTLOG: Did not get log server settings from DHCP.
  %LWAPP-3-CLIENTEVENTLOG: Performing DNS resolution for CISCO-LWAPP-CONTROLLER.CISCO-LWAPP-CONTROLLER.mydomain.com
  %LWAPP-3-CLIENTERRORLOG: DNS Name Lookup: could not resolve CISCO-LWAPP-CONTROLLER.CISCO-LWAPP-CONTROLLER.mydomain.com
  AP001d.4513.dd68>

  Your debug is very telling ..
  AP001d.4513.dd68>
  %LWAPP-3-CLIENTEVENTLOG: Forcing AP to obtain IP address using DHCP
  %DHCP-6-ADDRESS_ASSIGN: Interface FastEthernet0 assigned DHCP address 10.10.10.46, mask 255.255.255.0, hostname AP001d.4513.dd68
  Translating "CISCO-LWAPP-CONTROLLER.CISCO-LWAPP-CONTROLLER.mydomain.com"...domain server (10.10.10.5)
  %LWAPP-3-CLIENTEVENTLOG: Did not get vendor specific options from DHCP.
  %LWAPP-3-CLIENTEVENTLOG: Did not get log server settings from DHCP.
  %LWAPP-3-CLIENTEVENTLOG: Performing DNS resolution for CISCO-LWAPP-CONTROLLER.CISCO-LWAPP-CONTROLLER.mydomain.com
  %LWAPP-3-CLIENTERRORLOG: DNS Name Lookup: could not resolve CISCO-LWAPP-CONTROLLER.CISCO-LWAPP-CONTROLLER.mydomain.com
  AP001d.4513.dd68>
  What are you using to tell the AP where the contoller lives ? Since you are consoled into the ap you can use the -> capwap ap controller ip address
  This will point the ap to your controller
  "Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin
  ‎"I'm in a serious relationship with my Wi-Fi. You could say we have a connection."