WLC 2504 with LAG
Hi all.
I`m configuring new 2504. I updated it to 7.4.100.60 and enabled LAG.
I want to configure interfaces "ap-mgmt" - for AP management.
(Cisco Controller) >config interface create ap-mgmt 69
(Cisco Controller) >config interface address dynamic-interface ap-mgmt 10.50.50.157 255.255.255.224 10.50.50.158
(Cisco Controller) >config interface ap-manager ap-mgmt enable
AP manager interface already exist on port.
So I disable ap-manager on default "management" interfase and enable it on dynamic "ap-mgmt"
(Cisco Controller) >config interface ap-manager management disable
Warning! You have no AP manager on this port.
The controller behavior will be unpredictable.
Are you sure you want to continue? (y/n) y
(Cisco Controller) >config interface ap-manager ap-mgmt enable
After that I have nice sh int summ, I can ping all interfaces, but AP can`t register on the controller "ap-mgmt" (10.50.50.157) interface
(Cisco Controller) >show interface summary
Number of Interfaces.......................... 5 (<-- I don`t understand why 5 shown here)
Interface Name Port Vlan Id IP Address Type Ap Mgr Guest
ap-mgmt LAG 69 10.50.50.157 Dynamic Yes No
management LAG 79 10.10.10.95 Static No No
virtual N/A N/A 1.1.1.1 Static No No
workstations_wifi LAG 74 10.200.200.253 Dynamic No No
After reboot
(Cisco Controller) >save config
Are you sure you want to save? (y/n) y
Configuration Saved!
(Cisco Controller) >reset system
Are you sure you would like to reset the system? (y/N) y
System will now restart!
I got this:
(Cisco Controller) >show interface summary
Number of Interfaces.......................... 5
Interface Name Port Vlan Id IP Address Type Ap Mgr Guest
ap-mgmt - 69 10.50.50.157 Dynamic Yes No
management LAG 79 10.10.10.95 Static Yes No
virtual N/A N/A 1.1.1.1 Static No No
workstations_wifi LAG 74 10.200.200.253 Dynamic No No
(Cisco Controller) >show interface detailed ap-mgmt
Interface Name................................... ap-mgmt
MAC Address...................................... fc:99:47:1b:77:60
IP Address....................................... 10.50.50.157
IP Netmask....................................... 255.255.255.224
IP Gateway....................................... 10.50.50.158
External NAT IP State............................ Disabled
External NAT IP Address.......................... 0.0.0.0
VLAN............................................. 69
NAS-Identifier................................... wlc2504-1
Active Physical Port............................. Unconfigured
Primary Physical Port............................ Unconfigured
Backup Physical Port............................. Unconfigured
DHCP Proxy Mode.................................. Global
Primary DHCP Server.............................. Unconfigured
Secondary DHCP Server............................ Unconfigured
DHCP Option 82................................... Disabled
ACL.............................................. Unconfigured
mDNS Profile Name................................ Unconfigured
AP Manager....................................... Yes
Guest Interface.................................. No
L2 Multicast..................................... Enabled
(Cisco Controller) >show interface detailed management
Interface Name................................... management
MAC Address...................................... fc:99:47:1b:77:6f
IP Address....................................... 10.10.10.95
IP Netmask....................................... 255.255.255.0
IP Gateway....................................... 10.10.10.254
External NAT IP State............................ Disabled
External NAT IP Address.......................... 0.0.0.0
VLAN............................................. 79
Quarantine-vlan.................................. 0
Active Physical Port............................. LAG (13)
Primary Physical Port............................ LAG (13)
Backup Physical Port............................. Unconfigured
DHCP Proxy Mode.................................. Global
Primary DHCP Server.............................. Unconfigured
Secondary DHCP Server............................ Unconfigured
DHCP Option 82................................... Disabled
ACL.............................................. Unconfigured
mDNS Profile Name................................ Unconfigured
AP Manager....................................... Yes
Guest Interface.................................. No
L2 Multicast..................................... Disabled
So my newly created "ap-mgmt" interface was thrown from LAG and default "management" interface was restored as AP Manager.
After reboot I can`t ping "ap-mgmt" (10.50.50.157), it`s clear why - because it have no physical port associated with it.
My question is why I can`t make other than default "management" interface as AP Manager when LAG enabled?
I try 7.4.100.60, try 7.4.100.0, try two more 2504 results the same.
>it's recommended to put both of them into the same VLAN and the same subnetIn documentation I don`t find such recommendation, please share the link.
And it states:
AP-Manager Interface Configuring the AP-manager interface on the same VLAN or IP subnet as the management interface results in optimum access point association.
Similar Messages
-
Configuration of Cisco WLC 2504 with Local LAN static IP and DHCP
I want to configure Cisco WLC 2504 with Local LAN static IP and WLC 2504 with DHCP so that APs can be connect with controller.
Currently i am using WLC 2504 with DHCP so can anyone suggest how to do that..Hi Sandeep
The info is correct, if we're using code below 7.3.101.0.
This issue is fixed via the below bug id.
CSCto01390 Unable to ping AP's directly connected to a 2500 controller
check the fix that is updated on 7.4, 7.5 RNE.
http://www.cisco.com/en/US/docs/wireless/controller/release/notes/crn75.html
Note
Directly connected APs are supported only in Local mode.
http://www.cisco.com/en/US/prod/collateral/wireless/ps6302/ps8322/ps11630/data_sheet_c78-645111.html
For quick and easy deployment Access Points can be connected directly to 2504 Wireless LAN Controller via two PoE (Power over Ethernet) ports
Thanks
Saravanan -
Hi!!! Please help with the solution.
I have one WLC 2504, 4 Cisco 1141 APs and one AP 1602.
Yesterday, I upgrade the WLC with version 7.5.102 to version 7.6.100.
After the upgrade in Message Logs on the WLC at the same time see the following message:
*RRM-MGR-5_0-GRP: Jan 23 08:44:25.449: #DEBUG-4-INVALID_MODULE: debug.c:2636 Unhandled debug module 5005.[...It occurred 20 times/sec!.]
*RRM-MGR-2_4-GRP: Jan 23 08:35:41.189: #DEBUG-4-INVALID_MODULE: debug.c:2636 Unhandled debug module 5005.[...It occurred 10 times/sec!.]
*RRM-MGR-5_0-GRP: Jan 23 08:34:17.373: #DEBUG-4-INVALID_MODULE: debug.c:2636 Unhandled debug module 5005.[...It occurred 20 times/sec!.]
*RRM-MGR-2_4-GRP: Jan 23 08:25:32.125: #DEBUG-4-INVALID_MODULE: debug.c:2636 Unhandled debug module 5005.[...It occurred 10 times/sec!.]
*RRM-MGR-5_0-GRP: Jan 23 08:24:09.309: #DEBUG-4-INVALID_MODULE: debug.c:2636 Unhandled debug module 5005.[...It occurred 20 times/sec!.]
*RRM-MGR-2_4-GRP: Jan 23 08:15:23.013: #DEBUG-4-INVALID_MODULE: debug.c:2636 Unhandled debug module 5005.[...It occurred 10 times/sec!.]
*RRM-MGR-5_0-GRP: Jan 23 08:14:01.213: #DEBUG-4-INVALID_MODULE: debug.c:2636 Unhandled debug module 5005.[...It occurred 20 times/sec!.]
*RRM-MGR-2_4-GRP: Jan 23 08:05:13.949: #DEBUG-4-INVALID_MODULE: debug.c:2636 Unhandled debug module 5005.[...It occurred 10 times/sec!.]
*RRM-MGR-5_0-GRP: Jan 23 08:03:53.149: #DEBUG-4-INVALID_MODULE: debug.c:2636 Unhandled debug module 5005.[...It occurred 20 times/sec!.]
*RRM-MGR-2_4-GRP: Jan 23 07:55:04.905: #DEBUG-4-INVALID_MODULE: debug.c:2636 Unhandled debug module 5005.[...It occurred 10 times/sec!.]
*RRM-MGR-5_0-GRP: Jan 23 07:53:45.086: #DEBUG-4-INVALID_MODULE: debug.c:2636 Unhandled debug module 5005.[...It occurred 20 times/sec!.]
*RRM-MGR-2_4-GRP: Jan 23 07:44:55.813: #DEBUG-4-INVALID_MODULE: debug.c:2636 Unhandled debug module 5005.[...It occurred 10 times/sec!.]
*RRM-MGR-5_0-GRP: Jan 23 07:43:37.010: #DEBUG-4-INVALID_MODULE: debug.c:2636 Unhandled debug module 5005.[...It occurred 20 times/sec!.]
*RRM-MGR-2_4-GRP: Jan 23 07:34:46.749: #DEBUG-4-INVALID_MODULE: debug.c:2636 Unhandled debug module 5005.[...It occurred 10 times/sec!.]
*RRM-MGR-5_0-GRP: Jan 23 07:33:28.930: #DEBUG-4-INVALID_MODULE: debug.c:2636 Unhandled debug module 5005.[...It occurred 20 times/sec!.]
*RRM-MGR-2_4-GRP: Jan 23 07:24:37.669: #DEBUG-4-INVALID_MODULE: debug.c:2636 Unhandled debug module 5005.[...It occurred 10 times/sec!.]
*RRM-MGR-5_0-GRP: Jan 23 07:23:20.865: #DEBUG-4-INVALID_MODULE: debug.c:2636 Unhandled debug module 5005.[...It occurred 20 times/sec!.]
*RRM-MGR-2_4-GRP: Jan 23 07:14:28.593: #DEBUG-4-INVALID_MODULE: debug.c:2636 Unhandled debug module 5005.[...It occurred 10 times/sec!.]
*RRM-MGR-5_0-GRP: Jan 23 07:13:12.789: #DEBUG-4-INVALID_MODULE: debug.c:2636 Unhandled debug module 5005.[...It occurred 20 times/sec!.]
*RRM-MGR-2_4-GRP: Jan 23 07:04:19.529: #DEBUG-4-INVALID_MODULE: debug.c:2636 Unhandled debug module 5005.[...It occurred 10 times/sec!.]
*RRM-MGR-5_0-GRP: Jan 23 07:03:04.729: #DEBUG-4-INVALID_MODULE: debug.c:2636 Unhandled debug module 5005.[...It occurred 20 times/sec!.]
*RRM-MGR-2_4-GRP: Jan 23 06:54:10.493: #DEBUG-4-INVALID_MODULE: debug.c:2636 Unhandled debug module 5005.[...It occurred 10 times/sec!.]
*RRM-MGR-5_0-GRP: Jan 23 06:52:56.689: #DEBUG-4-INVALID_MODULE: debug.c:2636 Unhandled debug module 5005.[...It occurred 20 times/sec!.]
*RRM-MGR-2_4-GRP: Jan 23 06:44:01.445: #DEBUG-4-INVALID_MODULE: debug.c:2636 Unhandled debug module 5005.[...It occurred 10 times/sec!.]
*RRM-MGR-5_0-GRP: Jan 23 06:42:48.645: #DEBUG-4-INVALID_MODULE: debug.c:2636 Unhandled debug module 5005.
*sntpReceiveTask: Jan 23 06:35:22.218: #LOG-4-Q_IND: debug.c:2636 Unhandled debug module 5005.[...It occurred 19 times.!]
*RRM-MGR-2_4-GRP: Jan 23 06:33:48.070: #DEBUG-4-INVALID_MODULE: debug.c:2636 Unhandled debug module 5005.[...It occurred 10 times/sec!.]
*RRM-MGR-5_0-GRP: Jan 23 06:32:36.266: #DEBUG-4-INVALID_MODULE: debug.c:2636 Unhandled debug module 5005.[...It occurred 20 times/sec!.]
*RRM-MGR-2_4-GRP: Jan 23 06:23:39.030: #DEBUG-4-INVALID_MODULE: debug.c:2636 Unhandled debug module 5005.[...It occurred 10 times/sec!.]
*RRM-MGR-5_0-GRP: Jan 23 06:22:28.226: #DEBUG-4-INVALID_MODULE: debug.c:2636 Unhandled debug module 5005.[...It occurred 20 times/sec!.]
*RRM-MGR-2_4-GRP: Jan 23 06:13:29.986: #DEBUG-4-INVALID_MODULE: debug.c:2636 Unhandled debug module 5005.[...It occurred 10 times/sec!.]
*RRM-MGR-5_0-GRP: Jan 23 06:12:20.186: #DEBUG-4-INVALID_MODULE: debug.c:2636 Unhandled debug module 5005.[...It occurred 20 times/sec!.]
*RRM-MGR-2_4-GRP: Jan 23 06:03:20.930: #DEBUG-4-INVALID_MODULE: debug.c:2636 Unhandled debug module 5005.[...It occurred 10 times/sec!.]
*RRM-MGR-5_0-GRP: Jan 23 06:02:12.130: #DEBUG-4-INVALID_MODULE: debug.c:2636 Unhandled debug module 5005.[...It occurred 20 times/sec!.]
*RRM-MGR-2_4-GRP: Jan 23 05:53:11.890: #DEBUG-4-INVALID_MODULE: debug.c:2636 Unhandled debug module 5005.[...It occurred 10 times/sec!.]
*RRM-MGR-5_0-GRP: Jan 23 05:52:04.090: #DEBUG-4-INVALID_MODULE: debug.c:2636 Unhandled debug module 5005.[...It occurred 20 times/sec!.]
*RRM-MGR-2_4-GRP: Jan 23 05:43:02.838: #DEBUG-4-INVALID_MODULE: debug.c:2636 Unhandled debug module 5005.[...It occurred 10 times/sec!.]
*RRM-MGR-5_0-GRP: Jan 23 05:41:56.039: #DEBUG-4-INVALID_MODULE: debug.c:2636 Unhandled debug module 5005.[...It occurred 20 times/sec!.]
*RRM-MGR-2_4-GRP: Jan 23 05:32:53.790: #DEBUG-4-INVALID_MODULE: debug.c:2636 Unhandled debug module 5005.[...It occurred 10 times/sec!.]
*RRM-MGR-5_0-GRP: Jan 23 05:31:47.986: #DEBUG-4-INVALID_MODULE: debug.c:2636 Unhandled debug module 5005.[...It occurred 20 times/sec!.]
*RRM-MGR-2_4-GRP: Jan 23 05:22:44.758: #DEBUG-4-INVALID_MODULE: debug.c:2636 Unhandled debug module 5005.[...It occurred 10 times/sec!.]
*RRM-MGR-5_0-GRP: Jan 23 05:21:39.950: #DEBUG-4-INVALID_MODULE: debug.c:2636 Unhandled debug module 5005.[...It occurred 20 times/sec!.]
*RRM-MGR-2_4-GRP: Jan 23 05:12:35.718: #DEBUG-4-INVALID_MODULE: debug.c:2636 Unhandled debug module 5005.[...It occurred 10 times/sec!.]
*RRM-MGR-5_0-GRP: Jan 23 05:11:31.910: #DEBUG-4-INVALID_MODULE: debug.c:2636 Unhandled debug module 5005.[...It occurred 20 times/sec!.]
*RRM-MGR-2_4-GRP: Jan 23 05:02:26.670: #DEBUG-4-INVALID_MODULE: debug.c:2636 Unhandled debug module 5005.[...It occurred 10 times/sec!.]
*RRM-MGR-5_0-GRP: Jan 23 05:01:23.859: #DEBUG-4-INVALID_MODULE: debug.c:2636 Unhandled debug module 5005.[...It occurred 20 times/sec!.]
*RRM-MGR-2_4-GRP: Jan 23 04:52:17.606: #DEBUG-4-INVALID_MODULE: debug.c:2636 Unhandled debug module 5005.[...It occurred 10 times/sec!.]
*RRM-MGR-5_0-GRP: Jan 23 04:51:15.794: #DEBUG-4-INVALID_MODULE: debug.c:2636 Unhandled debug module 5005.[...It occurred 20 times/sec!.]
*RRM-MGR-2_4-GRP: Jan 23 04:42:08.566: #DEBUG-4-INVALID_MODULE: debug.c:2636 Unhandled debug module 5005.[...It occurred 10 times/sec!.]
*RRM-MGR-5_0-GRP: Jan 23 04:41:07.750: #DEBUG-4-INVALID_MODULE: debug.c:2636 Unhandled debug module 5005.[...It occurred 20 times/sec!.]
*RRM-MGR-2_4-GRP: Jan 23 04:31:59.506: #DEBUG-4-INVALID_MODULE: debug.c:2636 Unhandled debug module 5005.[...It occurred 10 times/sec!.]
*RRM-MGR-5_0-GRP: Jan 23 04:30:59.703: #DEBUG-4-INVALID_MODULE: debug.c:2636 Unhandled debug module 5005.[...It occurred 20 times/sec!.]
*RRM-MGR-2_4-GRP: Jan 23 04:21:50.450: #DEBUG-4-INVALID_MODULE: debug.c:2636 Unhandled debug module 5005.[...It occurred 10 times/sec!.]
*RRM-MGR-5_0-GRP: Jan 23 04:20:51.646: #DEBUG-4-INVALID_MODULE: debug.c:2636 Unhandled debug module 5005.[...It occurred 20 times/sec!.]
*RRM-MGR-2_4-GRP: Jan 23 04:11:41.402: #DEBUG-4-INVALID_MODULE: debug.c:2636 Unhandled debug module 5005.[...It occurred 10 times/sec!.]
*RRM-MGR-5_0-GRP: Jan 23 04:10:43.598: #DEBUG-4-INVALID_MODULE: debug.c:2636 Unhandled debug module 5005.[...It occurred 20 times/sec!.]
*RRM-MGR-2_4-GRP: Jan 23 04:01:32.326: #DEBUG-4-INVALID_MODULE: debug.c:2636 Unhandled debug module 5005.[...It occurred 10 times/sec!.]
*RRM-MGR-5_0-GRP: Jan 23 04:00:35.522: #DEBUG-4-INVALID_MODULE: debug.c:2636 Unhandled debug module 5005.[...It occurred 20 times/sec!.]
*RRM-MGR-2_4-GRP: Jan 23 03:51:23.258: #DEBUG-4-INVALID_MODULE: debug.c:2636 Unhandled debug module 5005.[...It occurred 10 times/sec!.]
*RRM-MGR-5_0-GRP: Jan 23 03:50:27.442: #DEBUG-4-INVALID_MODULE: debug.c:2636 Unhandled debug module 5005.[...It occurred 20 times/sec!.]
*RRM-MGR-2_4-GRP: Jan 23 03:41:14.182: #DEBUG-4-INVALID_MODULE: debug.c:2636 Unhandled debug module 5005.[...It occurred 10 times/sec!.]
*RRM-MGR-5_0-GRP: Jan 23 03:40:19.378: #DEBUG-4-INVALID_MODULE: debug.c:2636 Unhandled debug module 5005.[...It occurred 20 times/sec!.]
*RRM-MGR-2_4-GRP: Jan 23 03:31:05.106: #DEBUG-4-INVALID_MODULE: debug.c:2636 Unhandled debug module 5005.[...It occurred 10 times/sec!.]
*RRM-MGR-5_0-GRP: Jan 23 03:30:11.302: #DEBUG-4-INVALID_MODULE: debug.c:2636 Unhandled debug module 5005.[...It occurred 20 times/sec!.]
*RRM-MGR-2_4-GRP: Jan 23 03:20:56.042: #DEBUG-4-INVALID_MODULE: debug.c:2636 Unhandled debug module 5005.[...It occurred 10 times/sec!.]
*RRM-MGR-5_0-GRP: Jan 23 03:20:03.242: #DEBUG-4-INVALID_MODULE: debug.c:2636 Unhandled debug module 5005.[...It occurred 20 times/sec!.]
*RRM-MGR-2_4-GRP: Jan 23 03:10:46.978: #DEBUG-4-INVALID_MODULE: debug.c:2636 Unhandled debug module 5005.[...It occurred 10 times/sec!.]
*RRM-MGR-5_0-GRP: Jan 23 03:09:55.178: #DEBUG-4-INVALID_MODULE: debug.c:2636 Unhandled debug module 5005.[...It occurred 20 times/sec!.]
*RRM-MGR-2_4-GRP: Jan 23 03:00:37.902: #DEBUG-4-INVALID_MODULE: debug.c:2636 Unhandled debug module 5005.[...It occurred 10 times/sec!.]
*RRM-MGR-5_0-GRP: Jan 23 02:59:47.102: #DEBUG-4-INVALID_MODULE: debug.c:2636 Unhandled debug module 5005.[...It occurred 20 times/sec!.]
*RRM-MGR-2_4-GRP: Jan 23 02:50:28.826: #DEBUG-4-INVALID_MODULE: debug.c:2636 Unhandled debug module 5005.[...It occurred 10 times/sec!.]
*RRM-MGR-5_0-GRP: Jan 23 02:49:39.026: #DEBUG-4-INVALID_MODULE: debug.c:2636 Unhandled debug module 5005.[...It occurred 20 times/sec!.]
*RRM-MGR-2_4-GRP: Jan 23 02:40:19.782: #DEBUG-4-INVALID_MODULE: debug.c:2636 Unhandled debug module 5005.[...It occurred 10 times/sec!.]
*RRM-MGR-5_0-GRP: Jan 23 02:39:30.983: #DEBUG-4-INVALID_MODULE: debug.c:2636 Unhandled debug module 5005.[...It occurred 20 times/sec!.]
*RRM-MGR-2_4-GRP: Jan 23 02:30:10.742: #DEBUG-4-INVALID_MODULE: debug.c:2636 Unhandled debug module 5005.[...It occurred 10 times/sec!.]
*RRM-MGR-5_0-GRP: Jan 23 02:29:22.942: #DEBUG-4-INVALID_MODULE: debug.c:2636 Unhandled debug module 5005.[...It occurred 20 times/sec!.]
*RRM-MGR-2_4-GRP: Jan 23 02:20:01.698: #DEBUG-4-INVALID_MODULE: debug.c:2636 Unhandled debug module 5005.[...It occurred 10 times/sec!.]
*RRM-MGR-5_0-GRP: Jan 23 02:19:14.886: #DEBUG-4-INVALID_MODULE: debug.c:2636 Unhandled debug module 5005.[...It occurred 20 times/sec!.]
*RRM-MGR-2_4-GRP: Jan 23 02:09:52.646: #DEBUG-4-INVALID_MODULE: debug.c:2636 Unhandled debug module 5005.[...It occurred 10 times/sec!.]
*RRM-MGR-5_0-GRP: Jan 23 02:09:06.842: #DEBUG-4-INVALID_MODULE: debug.c:2636 Unhandled debug module 5005.[...It occurred 20 times/sec!.]
*RRM-MGR-2_4-GRP: Jan 23 01:59:43.587: #DEBUG-4-INVALID_MODULE: debug.c:2636 Unhandled debug module 5005.[...It occurred 10 times/sec!.]
*RRM-MGR-5_0-GRP: Jan 23 01:58:58.783: #DEBUG-4-INVALID_MODULE: debug.c:2636 Unhandled debug module 5005.[...It occurred 20 times/sec!.]
*RRM-MGR-2_4-GRP: Jan 23 01:49:34.546: #DEBUG-4-INVALID_MODULE: debug.c:2636 Unhandled debug module 5005.[...It occurred 10 times/sec!.]
*RRM-MGR-5_0-GRP: Jan 23 01:48:50.742: #DEBUG-4-INVALID_MODULE: debug.c:2636 Unhandled debug module 5005.[...It occurred 20 times/sec!.]
*RRM-MGR-2_4-GRP: Jan 23 01:39:25.494: #DEBUG-4-INVALID_MODULE: debug.c:2636 Unhandled debug module 5005.[...It occurred 10 times/sec!.]
*RRM-MGR-5_0-GRP: Jan 23 01:38:42.687: #DEBUG-4-INVALID_MODULE: debug.c:2636 Unhandled debug module 5005.[...It occurred 20 times/sec!.]
*RRM-MGR-2_4-GRP: Jan 23 01:29:16.454: #DEBUG-4-INVALID_MODULE: debug.c:2636 Unhandled debug module 5005.[...It occurred 10 times/sec!.]
*RRM-MGR-5_0-GRP: Jan 23 01:28:34.642: #DEBUG-4-INVALID_MODULE: debug.c:2636 Unhandled debug module 5005.[...It occurred 20 times/sec!.]
*RRM-MGR-2_4-GRP: Jan 23 01:19:07.402: #DEBUG-4-INVALID_MODULE: debug.c:2636 Unhandled debug module 5005.[...It occurred 10 times/sec!.]
*RRM-MGR-5_0-GRP: Jan 23 01:18:26.594: #DEBUG-4-INVALID_MODULE: debug.c:2636 Unhandled debug module 5005.[...It occurred 20 times/sec!.]
*RRM-MGR-2_4-GRP: Jan 23 01:08:58.362: #DEBUG-4-INVALID_MODULE: debug.c:2636 Unhandled debug module 5005.[...It occurred 10 times/sec!.]
*RRM-MGR-5_0-GRP: Jan 23 01:08:18.554: #DEBUG-4-INVALID_MODULE: debug.c:2636 Unhandled debug module 5005.[...It occurred 20 times/sec!.]
*RRM-MGR-2_4-GRP: Jan 23 00:58:49.322: #DEBUG-4-INVALID_MODULE: debug.c:2636 Unhandled debug module 5005.[...It occurred 10 times/sec!.]
*RRM-MGR-5_0-GRP: Jan 23 00:58:10.514: #DEBUG-4-INVALID_MODULE: debug.c:2636 Unhandled debug module 5005.[...It occurred 20 times/sec!.]
*RRM-MGR-2_4-GRP: Jan 23 00:48:40.266: #DEBUG-4-INVALID_MODULE: debug.c:2636 Unhandled debug module 5005.[...It occurred 10 times/sec!.]
*RRM-MGR-5_0-GRP: Jan 23 00:48:02.467: #DEBUG-4-INVALID_MODULE: debug.c:2636 Unhandled debug module 5005.[...It occurred 20 times/sec!.]
*RRM-MGR-2_4-GRP: Jan 23 00:38:31.222: #DEBUG-4-INVALID_MODULE: debug.c:2636 Unhandled debug module 5005.[...It occurred 10 times/sec!.]
*RRM-MGR-5_0-GRP: Jan 23 00:37:54.411: #DEBUG-4-INVALID_MODULE: debug.c:2636 Unhandled debug module 5005.[...It occurred 20 times/sec!.]
*RRM-MGR-2_4-GRP: Jan 23 00:28:22.174: #DEBUG-4-INVALID_MODULE: debug.c:2636 Unhandled debug module 5005.[...It occurred 10 times/sec!.]
*RRM-MGR-5_0-GRP: Jan 23 00:27:46.374: #DEBUG-4-INVALID_MODULE: debug.c:2636 Unhandled debug module 5005.[...It occurred 20 times/sec!.]
*RRM-MGR-2_4-GRP: Jan 23 00:18:13.106: #DEBUG-4-INVALID_MODULE: debug.c:2636 Unhandled debug module 5005.[...It occurred 10 times/sec!.]
*RRM-MGR-5_0-GRP: Jan 23 00:17:38.306: #DEBUG-4-INVALID_MODULE: debug.c:2636 Unhandled debug module 5005.[...It occurred 20 times/sec!.]
*RRM-MGR-2_4-GRP: Jan 23 00:08:04.062: #DEBUG-4-INVALID_MODULE: debug.c:2636 Unhandled debug module 5005.[...It occurred 10 times/sec!.]
*RRM-MGR-5_0-GRP: Jan 23 00:07:30.262: #DEBUG-4-INVALID_MODULE: debug.c:2636 Unhandled debug module 5005.[...It occurred 20 times/sec!.]
*RRM-MGR-2_4-GRP: Jan 22 23:57:55.022: #DEBUG-4-INVALID_MODULE: debug.c:2636 Unhandled debug module 5005.[...It occurred 10 times/sec!.]
*RRM-MGR-5_0-GRP: Jan 22 23:57:22.222: #DEBUG-4-INVALID_MODULE: debug.c:2636 Unhandled debug module 5005.[...It occurred 20 times/sec!.]
*RRM-MGR-2_4-GRP: Jan 22 23:47:45.958: #DEBUG-4-INVALID_MODULE: debug.c:2636 Unhandled debug module 5005.[...It occurred 10 times/sec!.]
*RRM-MGR-5_0-GRP: Jan 22 23:47:14.158: #DEBUG-4-INVALID_MODULE: debug.c:2636 Unhandled debug module 5005.[...It occurred 20 times/sec!.]
*RRM-MGR-2_4-GRP: Jan 22 23:37:36.906: #DEBUG-4-INVALID_MODULE: debug.c:2636 Unhandled debug module 5005.[...It occurred 10 times/sec!.]
*RRM-MGR-5_0-GRP: Jan 22 23:37:06.106: #DEBUG-4-INVALID_MODULE: debug.c:2636 Unhandled debug module 5005.[...It occurred 20 times/sec!.]
*RRM-MGR-2_4-GRP: Jan 22 23:27:27.826: #DEBUG-4-INVALID_MODULE: debug.c:2636 Unhandled debug module 5005.[...It occurred 10 times/sec!.]
*RRM-MGR-5_0-GRP: Jan 22 23:26:58.026: #DEBUG-4-INVALID_MODULE: debug.c:2636 Unhandled debug module 5005.[...It occurred 20 times/sec!.]
*RRM-MGR-2_4-GRP: Jan 22 23:17:18.762: #DEBUG-4-INVALID_MODULE: debug.c:2636 Unhandled debug module 5005.[...It occurred 10 times/sec!.]
*RRM-MGR-5_0-GRP: Jan 22 23:16:49.962: #DEBUG-4-INVALID_MODULE: debug.c:2636 Unhandled debug module 5005.[...It occurred 20 times/sec!.]
*RRM-MGR-2_4-GRP: Jan 22 23:07:09.686: #DEBUG-4-INVALID_MODULE: debug.c:2636 Unhandled debug module 5005.[...It occurred 10 times/sec!.]
*RRM-MGR-5_0-GRP: Jan 22 23:06:41.870: #DEBUG-4-INVALID_MODULE: debug.c:2636 Unhandled debug module 5005.
With what may be the problem exists? Any suggestion?Have you upgraded the FUS to 1.8.0.0? What happens if you try to boot from v7.5 do you see the messages and maybe boot back to v7.6?
Here is what the doc mentions about the error
Error Message %DEBUG-4-INVALID_MODULE: Unhandled debug module [dec].
Explanation This module cannot be debugged.
Recommended Action Copy the message exactly as it appears on the console or in the system log. Research and attempt to resolve the issue using the tools and utilities provided at http://www.cisco.com/tac. With some messages, these tools and utilities will supply clarifying information. Search for resolved software issues using the Bug Toolkit at http://tools.cisco.com/Support/BugToolKit/. If you still require assistance, open a case with the Technical Assistance Center via the Internet at http://tools.cisco.com/ServiceRequestTool/create/launch.do, or contact your Cisco technical support representative and provide the representative with the information you have gathered.
http://www.cisco.com/en/US/docs/wireless/controller/message/guide/msgs4.html#wp1000708
Sent from Cisco Technical Support iPhone App -
Prime Infrastructure 1.3 + WLC 2504 - Enable LAG?
Hi everybody,
I'm facing a little issue using Prime Infrastructure 1.3 configuration templates to manage a couple of 2504 WLCs.
I'm using a Configuration -> General template to enable LAG on a couple of controller and when I try to apply it I get the error: "LAG mode cannot be enabled for 2500 series of controllers."
Obviously I can enable LAG locally on controllers, but then each time I try to apply the configuration template from Prime Infrastructure LAG gets disabled again.
Is this a known issues? Does anybody known how it can be worked around?
Thanks,
LThere is a defect in PI 1.4 that you can't enable LAG for the 2504. It's possible that 1.3 also affected
https://tools.cisco.com/bugsearch/bug/CSCui37076
HTH,
Steve
Please remember to rate useful posts, and mark questions as answered -
Hello all, i need your help, i have a WLC but AP's not joined with controller, this errors sends:
cisco AIR-CAP3602I-N-K9 (PowerPC) processor (revision A0) with 167926K/81920K bytes of memory.
Processor board ID FTX1734GJ9E
PowerPC CPU at 800Mhz, revision number 0x2151
Last reset from power-on
LWAPP image version 7.3.1.53
1 Gigabit Ethernet interface
32K bytes of flash-simulated non-volatile configuration memory.
Base ethernet MAC Address: 7C:69:F6:1A:2A:C4
Part Number : 73-14521-02
PCA Assembly Number : 800-37501-02
PCA Revision Number : A0
PCB Serial Number : FOC17306LVB
Top Assembly Part Number : 800-35852-02
Top Assembly Serial Number : FTX1734GJ9E
Top Revision Number : C0
Product/Model Number : AIR-CAP3602I-N-K9
% Please define a domain-name first.
*Aug 1 18:34:32.035: %CAPWAP-3-ERRORLOG: Could Not resolve CISCO-CAPWAP-CONTROLLER
*Aug 1 18:34:32.035: %CAPWAP-3-ERRORLOG: Discovery response from MWAR 'WLAN_EstrellaR'running version 7.0.220.0 is rejected.
*Aug 1 18:34:32.035: %CAPWAP-3-ERRORLOG: Failed to decode discovery response.
*Aug 1 18:34:32.035: %CAPWAP-3-ERRORLOG: CAPWAP SM handler: Failed to process message type 2 state 2.
*Aug 1 18:34:32.035: %CAPWAP-3-ERRORLOG: Failed to handle capwap control message from controller
*Aug 1 18:34:32.035: %CAPWAP-3-ERRORLOG: Failed to process unencrypted capwap packet from 10.4.14.201
*Aug 1 18:34:32.035: %CAPWAP-3-ERRORLOG: Discovery response from MWAR 'WLAN_EstrellaR'running version 7.0.220.0 is rejected.
*Aug 1 18:34:32.035: %CAPWAP-3-ERRORLOG: Failed to decode discovery response.
*Aug 1 18:34:32.035: %CAPWAP-3-ERRORLOG: CAPWAP SM handler: Failed to process message type 2 state 2.
Translating "CISCO-CAPWAP-CONTROLLER"...domain server (255.255.255.255)
*Aug 1 18:34:42.035: %CAPWAP-3-ERRORLOG: Could Not resolve CISCO-CAPWAP-CONTROLLER
*Aug 1 18:34:42.035: %CAPWAP-3-ERRORLOG: Discovery response from MWAR 'WLAN_EstrellaR'running version 7.0.220.0 is rejected.
*Aug 1 18:34:42.035: %CAPWAP-3-ERRORLOG: Failed to decode discovery response.
*Aug 1 18:34:42.035: %CAPWAP-3-ERRORLOG: CAPWAP SM handler: Failed to process message type 2 state 2.
*Aug 1 18:34:42.035: %CAPWAP-3-ERRORLOG: Failed to handle capwap control message from controller
*Aug 1 18:34:42.035: %CAPWAP-3-ERRORLOG: Failed to process unencrypted capwap packet from 10.4.14.201
Translating "CISCO-CAPWAP-CONTROLLER"...domain server (255.255.255.255)Hi Martin
Martin Velazquez wrote:Hello all, i need your help, i have a WLC but AP's not joined with controller, this errors sends:cisco AIR-CAP3602I-N-K9 (PowerPC) processor (revision A0) with 167926K/81920K bytes of memory.*Aug 1 18:34:42.035: %CAPWAP-3-ERRORLOG: Discovery response from MWAR 'WLAN_EstrellaR'running version 7.0.220.0 is rejected.
U need atleast 7.1.91.0 version on controoler .
3600 series AP first suppourt is
CAP3602I
7.1.91.0
Update firmaware on wlc.
also paster sh sysinfo from WLC.
matrix compatibiolity: http://www.cisco.com/en/US/docs/wireless/controller/5500/tech_notes/Wireless_Software_Compatibility_Matrix.html
Regards -
Client got not connection to wlan over wlc 2504 on 802.11b/g
Hi everybody,
We are using a wlc 2504 with 7.6.100.0 and AP 1532e.
I have the strange observacion that only clients with 802.11n (2.4GHz) can connect to the WLAN. Clients thats works only with 802.11b/g, they can't connect to the WLAN. Affected are all machines which want to connect with 802.11b/g.
This is a MESH WLAN with 5GHz backhaul and 2.4GHz for the user.
During the debugging found the following:
*apfMsConnTask_4: May 09 11:44:40.581: 00:1b:77:b4:34:e0 Sending Assoc Response to station on BSSID 18:9c:5d:71:34:50 (status 0) ApVapId 1 Slot 0
*apfMsConnTask_4: May 09 11:44:40.581: 00:1b:77:b4:34:e0 apfProcessAssocReq (apf_80211.c:8292) Changing state for mobile 00:1b:77:b4:34:e0 on AP 18:9c:5d:71:34:50 from Associated to Associated
*spamApTask6: May 09 11:44:40.584: 00:1b:77:b4:34:e0 Sent 1x initiate message to multi thread task for mobile 00:1b:77:b4:34:e0
*Dot1x_NW_MsgTask_0: May 09 11:44:40.584: 00:1b:77:b4:34:e0 Creating a PKC PMKID Cache entry for station 00:1b:77:b4:34:e0 (RSN 2)
*Dot1x_NW_MsgTask_0: May 09 11:44:40.584: 00:1b:77:b4:34:e0 Resetting MSCB PMK Cache Entry 0 for station 00:1b:77:b4:34:e0
*Dot1x_NW_MsgTask_0: May 09 11:44:40.584: 00:1b:77:b4:34:e0 Setting active key cache index 8 ---> 8
*Dot1x_NW_MsgTask_0: May 09 11:44:40.584: 00:1b:77:b4:34:e0 Setting active key cache index 8 ---> 0
*Dot1x_NW_MsgTask_0: May 09 11:44:40.584: 00:1b:77:b4:34:e0 Adding BSSID 18:9c:5d:71:34:50 to PMKID cache at index 0 for station 00:1b:77:b4:34:e0
*Dot1x_NW_MsgTask_0: May 09 11:44:40.584: New PMKID: (16)
*Dot1x_NW_MsgTask_0: May 09 11:44:40.584: [0000] f6 3d 52 9f 2a de 52 90 1d a2 46 49 0f 14 f6 69
*Dot1x_NW_MsgTask_0: May 09 11:44:40.584: 00:1b:77:b4:34:e0 Initiating RSN PSK to mobile 00:1b:77:b4:34:e0
*Dot1x_NW_MsgTask_0: May 09 11:44:40.584: 00:1b:77:b4:34:e0 EAP-PARAM Debug - eap-params for Wlan-Id :1 is disabled - applying Global eap timers and retries
*Dot1x_NW_MsgTask_0: May 09 11:44:40.584: 00:1b:77:b4:34:e0 dot1x - moving mobile 00:1b:77:b4:34:e0 into Force Auth state
*Dot1x_NW_MsgTask_0: May 09 11:44:40.584: 00:1b:77:b4:34:e0 EAPOL Header:
*Dot1x_NW_MsgTask_0: May 09 11:44:40.584: 00000000: 02 03 00 5f ..._
*Dot1x_NW_MsgTask_0: May 09 11:44:40.584: 00:1b:77:b4:34:e0 Found an cache entry for BSSID 18:9c:5d:71:34:50 in PMKID cache at index 0 of station 00:1b:77:b4:34:e0
*Dot1x_NW_MsgTask_0: May 09 11:44:40.584: 00:1b:77:b4:34:e0 Found an cache entry for BSSID 18:9c:5d:71:34:50 in PMKID cache at index 0 of station 00:1b:77:b4:34:e0
*Dot1x_NW_MsgTask_0: May 09 11:44:40.584: Including PMKID in M1 (16)
*Dot1x_NW_MsgTask_0: May 09 11:44:40.584: [0000] f6 3d 52 9f 2a de 52 90 1d a2 46 49 0f 14 f6 69
*Dot1x_NW_MsgTask_0: May 09 11:44:40.584: 00:1b:77:b4:34:e0 Starting key exchange to mobile 00:1b:77:b4:34:e0, data packets will be dropped
*Dot1x_NW_MsgTask_0: May 09 11:44:40.584: 00:1b:77:b4:34:e0 Sending EAPOL-Key Message to mobile 00:1b:77:b4:34:e0
state INITPMK (message 1), replay counter 00.00.00.00.00.00.00.00
*Dot1x_NW_MsgTask_0: May 09 11:44:40.584: 00:1b:77:b4:34:e0 Sending EAPOL-Key Message to mobile 00:1b:77:b4:34:e0
state INITPMK (message 1), replay counter 00.00.00.00.00.00.00.00
*Dot1x_NW_MsgTask_0: May 09 11:44:40.584: 00:1b:77:b4:34:e0 Allocating EAP Pkt for retransmission to mobile 00:1b:77:b4:34:e0
*Dot1x_NW_MsgTask_0: May 09 11:44:40.585: 00:1b:77:b4:34:e0 mscb->apfMsLwappLradNhMac = 78:da:6e:59:c9:8c mscb->apfMsLradSlotId = 0 mscb->apfMsLradJumbo = 0 mscb->apfMsintIfNum = 1
*Dot1x_NW_MsgTask_0: May 09 11:44:40.585: 00:1b:77:b4:34:e0 mscb->apfMsBssid = 18:9c:5d:71:34:50 mscb->apfMsAddress = 00:1b:77:b4:34:e0 mscb->apfMsApVapId = 1
*Dot1x_NW_MsgTask_0: May 09 11:44:40.585: 00:1b:77:b4:34:e0 dot1xcb->snapOrg = 00 00 00 dot1xcb->eapolWepBit = 0 mscb->apfMsLwappLradVlanId = 0 mscb->apfMsLwappMwarInet.ipv4.addr = -1062679171
*Dot1x_NW_MsgTask_0: May 09 11:44:40.585: 00:1b:77:b4:34:e0 mscb->apfMsLwappMwarPort = 5246 mscb->apfMsLwappLradInet.ipv4.addr = -1062679163 mscb->apfMsLwappLradPort = 40089
*osapiBsnTimer: May 09 11:44:42.649: 00:1b:77:b4:34:e0 802.1x 'timeoutEvt' Timer expired for station 00:1b:77:b4:34:e0 and for message = M2
*dot1xMsgTask: May 09 11:44:42.649: 00:1b:77:b4:34:e0 Retransmit 1 of EAPOL-Key M1 (length 121) for mobile 00:1b:77:b4:34:e0
*dot1xMsgTask: May 09 11:44:42.649: 00:1b:77:b4:34:e0 mscb->apfMsLwappLradNhMac = 78:da:6e:59:c9:8c mscb->apfMsLradSlotId = 0 mscb->apfMsLradJumbo = 0 mscb->apfMsintIfNum = 1
*dot1xMsgTask: May 09 11:44:42.649: 00:1b:77:b4:34:e0 mscb->apfMsBssid = 18:9c:5d:71:34:50 mscb->apfMsAddress = 00:1b:77:b4:34:e0 mscb->apfMsApVapId = 1
*dot1xMsgTask: May 09 11:44:42.649: 00:1b:77:b4:34:e0 dot1xcb->snapOrg = 00 00 00 dot1xcb->eapolWepBit = 0 mscb->apfMsLwappLradVlanId = 0 mscb->apfMsLwappMwarInet.ipv4.addr = -1062679171
*dot1xMsgTask: May 09 11:44:42.649: 00:1b:77:b4:34:e0 mscb->apfMsLwappMwarPort = 5246 mscb->apfMsLwappLradInet.ipv4.addr = -1062679163 mscb->apfMsLwappLradPort = 40089
*osapiBsnTimer: May 09 11:44:44.649: 00:1b:77:b4:34:e0 802.1x 'timeoutEvt' Timer expired for station 00:1b:77:b4:34:e0 and for message = M2
*dot1xMsgTask: May 09 11:44:44.649: 00:1b:77:b4:34:e0 Retransmit 2 of EAPOL-Key M1 (length 121) for mobile 00:1b:77:b4:34:e0
*dot1xMsgTask: May 09 11:44:44.649: 00:1b:77:b4:34:e0 mscb->apfMsLwappLradNhMac = 78:da:6e:59:c9:8c mscb->apfMsLradSlotId = 0 mscb->apfMsLradJumbo = 0 mscb->apfMsintIfNum = 1
*dot1xMsgTask: May 09 11:44:44.649: 00:1b:77:b4:34:e0 mscb->apfMsBssid = 18:9c:5d:71:34:50 mscb->apfMsAddress = 00:1b:77:b4:34:e0 mscb->apfMsApVapId = 1
*dot1xMsgTask: May 09 11:44:44.649: 00:1b:77:b4:34:e0 dot1xcb->snapOrg = 00 00 00 dot1xcb->eapolWepBit = 0 mscb->apfMsLwappLradVlanId = 0 mscb->apfMsLwappMwarInet.ipv4.addr = -1062679171
*dot1xMsgTask: May 09 11:44:44.650: 00:1b:77:b4:34:e0 mscb->apfMsLwappMwarPort = 5246 mscb->apfMsLwappLradInet.ipv4.addr = -1062679163 mscb->apfMsLwappLradPort = 40089
*osapiBsnTimer: May 09 11:44:46.649: 00:1b:77:b4:34:e0 802.1x 'timeoutEvt' Timer expired for station 00:1b:77:b4:34:e0 and for message = M2
*dot1xMsgTask: May 09 11:44:46.649: 00:1b:77:b4:34:e0 Retransmit failure for EAPOL-Key M1 to mobile 00:1b:77:b4:34:e0, retransmit count 3, mscb deauth count 1
*dot1xMsgTask: May 09 11:44:46.649: 00:1b:77:b4:34:e0 Resetting MSCB PMK Cache Entry 0 for station 00:1b:77:b4:34:e0
*dot1xMsgTask: May 09 11:44:46.649: 00:1b:77:b4:34:e0 Removing BSSID 18:9c:5d:71:34:50 from PMKID cache of station 00:1b:77:b4:34:e0
*dot1xMsgTask: May 09 11:44:46.649: 00:1b:77:b4:34:e0 Setting active key cache index 0 ---> 8
*dot1xMsgTask: May 09 11:44:46.649: 00:1b:77:b4:34:e0 Sent Deauthenticate to mobile on BSSID 18:9c:5d:71:34:50 slot 0(caller 1x_ptsm.c:598)
*dot1xMsgTask: May 09 11:44:46.649: 00:1b:77:b4:34:e0 Setting active key cache index 8 ---> 8
*dot1xMsgTask: May 09 11:44:46.649: 00:1b:77:b4:34:e0 Deleting the PMK cache when de-authenticating the client.
*dot1xMsgTask: May 09 11:44:46.649: 00:1b:77:b4:34:e0 Global PMK Cache deletion failed.
*dot1xMsgTask: May 09 11:44:46.649: 00:1b:77:b4:34:e0 Scheduling deletion of Mobile Station: (callerId: 57) in 10 seconds
*dot1xMsgTask: May 09 11:44:46.649: 00:1b:77:b4:34:e0 Freeing EAP Retransmit Bufer for mobile 00:1b:77:b4:34:e0
*apfMsConnTask_4: May 09 11:44:52.083: 00:1b:77:b4:34:e0 Reassociation received from mobile on BSSID 18:9c:5d:71:34:50
*apfMsConnTask_4: May 09 11:44:52.083: 00:1b:77:b4:34:e0 Global 200 Clients are allowed to AP radio
*apfMsConnTask_4: May 09 11:44:52.083: 00:1b:77:b4:34:e0 Max Client Trap Threshold: 0 cur: 1
*apfMsConnTask_4: May 09 11:44:52.083: 00:1b:77:b4:34:e0 Rf profile 600 Clients are allowed to AP wlan
*apfMsConnTask_4: May 09 11:44:52.083: 00:1b:77:b4:34:e0 Applying Interface policy on Mobile, role Unassociated. Ms NAC State 2 Quarantine Vlan 0 Access Vlan 1
*apfMsConnTask_4: May 09 11:44:52.083: 00:1b:77:b4:34:e0 Re-applying interface policy for client
*apfMsConnTask_4: May 09 11:44:52.083: 00:1b:77:b4:34:e0 0.0.0.0 START (0) Changing IPv4 ACL 'none' (ACL ID 255) ===> 'none' (ACL ID 255) --- (caller apf_policy.c:2202)
*apfMsConnTask_4: May 09 11:44:52.083: 00:1b:77:b4:34:e0 0.0.0.0 START (0) Changing IPv6 ACL 'none' (ACL ID 255) ===> 'none' (ACL ID 255) --- (caller apf_policy.c:2223)
*apfMsConnTask_4: May 09 11:44:52.083: 00:1b:77:b4:34:e0 apfApplyWlanPolicy: Apply WLAN Policy over PMIPv6 Client Mobility Type
*apfMsConnTask_4: May 09 11:44:52.083: 00:1b:77:b4:34:e0 In processSsidIE:4795 setting Central switched to TRUE
*apfMsConnTask_4: May 09 11:44:52.083: 00:1b:77:b4:34:e0 In processSsidIE:4798 apVapId = 1 and Split Acl Id = 65535
*apfMsConnTask_4: May 09 11:44:52.083: 00:1b:77:b4:34:e0 Applying site-specific Local Bridging override for station 00:1b:77:b4:34:e0 - vapId 1, site 'default-group', interface 'catodos'
*apfMsConnTask_4: May 09 11:44:52.083: 00:1b:77:b4:34:e0 Applying Local Bridging Interface Policy for station 00:1b:77:b4:34:e0 - vlan 1, interface id 12, interface 'catodos'
*apfMsConnTask_4: May 09 11:44:52.083: 00:1b:77:b4:34:e0 processSsidIE statusCode is 0 and status is 0
*apfMsConnTask_4: May 09 11:44:52.083: 00:1b:77:b4:34:e0 processSsidIE ssid_done_flag is 0 finish_flag is 0
*apfMsConnTask_4: May 09 11:44:52.083: 00:1b:77:b4:34:e0 STA - rates (8): 2 4 11 22 12 18 24 36 48 72 96 108 0 0 0 0
*apfMsConnTask_4: May 09 11:44:52.083: 00:1b:77:b4:34:e0 suppRates statusCode is 0 and gotSuppRatesElement is 1
*apfMsConnTask_4: May 09 11:44:52.083: 00:1b:77:b4:34:e0 STA - rates (12): 2 4 11 22 12 18 24 36 48 72 96 108 0 0 0 0
*apfMsConnTask_4: May 09 11:44:52.083: 00:1b:77:b4:34:e0 extSuppRates statusCode is 0 and gotExtSuppRatesElement is 1
*apfMsConnTask_4: May 09 11:44:52.083: 00:1b:77:b4:34:e0 Processing RSN IE type 48, length 20 for mobile 00:1b:77:b4:34:e0
*apfMsConnTask_4: May 09 11:44:52.083: 00:1b:77:b4:34:e0 0.0.0.0 START (0) Initializing policy
*apfMsConnTask_4: May 09 11:44:52.084: 00:1b:77:b4:34:e0 0.0.0.0 START (0) Change state to AUTHCHECK (2) last state START (0)
*apfMsConnTask_4: May 09 11:44:52.084: 00:1b:77:b4:34:e0 0.0.0.0 AUTHCHECK (2) Change state to 8021X_REQD (3) last state AUTHCHECK (2)
*apfMsConnTask_4: May 09 11:44:52.084: 00:1b:77:b4:34:e0 Central switch is TRUE
*apfMsConnTask_4: May 09 11:44:52.084: 00:1b:77:b4:34:e0 Not Using WMM Compliance code qosCap 00
*apfMsConnTask_4: May 09 11:44:52.084: 00:1b:77:b4:34:e0 0.0.0.0 8021X_REQD (3) Plumbed mobile LWAPP rule on AP 18:9c:5d:71:34:50 vapId 1 apVapId 1 flex-acl-name:
*apfMsConnTask_4: May 09 11:44:52.084: 00:1b:77:b4:34:e0 apfPemAddUser2 (apf_policy.c:333) Changing state for mobile 00:1b:77:b4:34:e0 on AP 18:9c:5d:71:34:50 from Associated to Associated
*apfMsConnTask_4: May 09 11:44:52.084: 00:1b:77:b4:34:e0 apfPemAddUser2:session timeout forstation 00:1b:77:b4:34:e0 - Session Tout 1800, apfMsTimeOut '1800' and sessionTimerRunning flag is 0
*apfMsConnTask_4: May 09 11:44:52.084: 00:1b:77:b4:34:e0 Scheduling deletion of Mobile Station: (callerId: 49) in 1800 seconds
*apfMsConnTask_4: May 09 11:44:52.084: 00:1b:77:b4:34:e0 Func: apfPemAddUser2, Ms Timeout = 1800, Session Timeout = 1800
*apfMsConnTask_4: May 09 11:44:52.084: 00:1b:77:b4:34:e0 Sending Assoc Response to station on BSSID 18:9c:5d:71:34:50 (status 0) ApVapId 1 Slot 0
*apfMsConnTask_4: May 09 11:44:52.084: 00:1b:77:b4:34:e0 apfProcessAssocReq (apf_80211.c:8292) Changing state for mobile 00:1b:77:b4:34:e0 on AP 18:9c:5d:71:34:50 from Associated to Associated
*spamApTask6: May 09 11:44:52.087: 00:1b:77:b4:34:e0 Sent 1x initiate message to multi thread task for mobile 00:1b:77:b4:34:e0
*Dot1x_NW_MsgTask_0: May 09 11:44:52.087: 00:1b:77:b4:34:e0 Creating a PKC PMKID Cache entry for station 00:1b:77:b4:34:e0 (RSN 2)
*Dot1x_NW_MsgTask_0: May 09 11:44:52.087: 00:1b:77:b4:34:e0 Resetting MSCB PMK Cache Entry 0 for station 00:1b:77:b4:34:e0
*Dot1x_NW_MsgTask_0: May 09 11:44:52.087: 00:1b:77:b4:34:e0 Setting active key cache index 8 ---> 8
*Dot1x_NW_MsgTask_0: May 09 11:44:52.087: 00:1b:77:b4:34:e0 Setting active key cache index 8 ---> 0
*Dot1x_NW_MsgTask_0: May 09 11:44:52.087: 00:1b:77:b4:34:e0 Adding BSSID 18:9c:5d:71:34:50 to PMKID cache at index 0 for station 00:1b:77:b4:34:e0
*Dot1x_NW_MsgTask_0: May 09 11:44:52.087: New PMKID: (16)
*Dot1x_NW_MsgTask_0: May 09 11:44:52.087: [0000] f6 3d 52 9f 2a de 52 90 1d a2 46 49 0f 14 f6 69
*Dot1x_NW_MsgTask_0: May 09 11:44:52.087: 00:1b:77:b4:34:e0 Initiating RSN PSK to mobile 00:1b:77:b4:34:e0
*Dot1x_NW_MsgTask_0: May 09 11:44:52.087: 00:1b:77:b4:34:e0 EAP-PARAM Debug - eap-params for Wlan-Id :1 is disabled - applying Global eap timers and retries
*Dot1x_NW_MsgTask_0: May 09 11:44:52.087: 00:1b:77:b4:34:e0 dot1x - moving mobile 00:1b:77:b4:34:e0 into Force Auth state
*Dot1x_NW_MsgTask_0: May 09 11:44:52.087: 00:1b:77:b4:34:e0 EAPOL Header:
*Dot1x_NW_MsgTask_0: May 09 11:44:52.087: 00000000: 02 03 00 5f ..._
*Dot1x_NW_MsgTask_0: May 09 11:44:52.087: 00:1b:77:b4:34:e0 Found an cache entry for BSSID 18:9c:5d:71:34:50 in PMKID cache at index 0 of station 00:1b:77:b4:34:e0
*Dot1x_NW_MsgTask_0: May 09 11:44:52.087: 00:1b:77:b4:34:e0 Found an cache entry for BSSID 18:9c:5d:71:34:50 in PMKID cache at index 0 of station 00:1b:77:b4:34:e0
*Dot1x_NW_MsgTask_0: May 09 11:44:52.087: Including PMKID in M1 (16)
*Dot1x_NW_MsgTask_0: May 09 11:44:52.087: [0000] f6 3d 52 9f 2a de 52 90 1d a2 46 49 0f 14 f6 69
*Dot1x_NW_MsgTask_0: May 09 11:44:52.087: 00:1b:77:b4:34:e0 Starting key exchange to mobile 00:1b:77:b4:34:e0, data packets will be dropped
*Dot1x_NW_MsgTask_0: May 09 11:44:52.087: 00:1b:77:b4:34:e0 Sending EAPOL-Key Message to mobile 00:1b:77:b4:34:e0
state INITPMK (message 1), replay counter 00.00.00.00.00.00.00.00
*Dot1x_NW_MsgTask_0: May 09 11:44:52.087: 00:1b:77:b4:34:e0 Sending EAPOL-Key Message to mobile 00:1b:77:b4:34:e0
state INITPMK (message 1), replay counter 00.00.00.00.00.00.00.00
*Dot1x_NW_MsgTask_0: May 09 11:44:52.087: 00:1b:77:b4:34:e0 Allocating EAP Pkt for retransmission to mobile 00:1b:77:b4:34:e0
*Dot1x_NW_MsgTask_0: May 09 11:44:52.087: 00:1b:77:b4:34:e0 mscb->apfMsLwappLradNhMac = 78:da:6e:59:c9:8c mscb->apfMsLradSlotId = 0 mscb->apfMsLradJumbo = 0 mscb->apfMsintIfNum = 1
*Dot1x_NW_MsgTask_0: May 09 11:44:52.087: 00:1b:77:b4:34:e0 mscb->apfMsBssid = 18:9c:5d:71:34:50 mscb->apfMsAddress = 00:1b:77:b4:34:e0 mscb->apfMsApVapId = 1
*Dot1x_NW_MsgTask_0: May 09 11:44:52.087: 00:1b:77:b4:34:e0 dot1xcb->snapOrg = 00 00 00 dot1xcb->eapolWepBit = 0 mscb->apfMsLwappLradVlanId = 0 mscb->apfMsLwappMwarInet.ipv4.addr = -1062679171
*Dot1x_NW_MsgTask_0: May 09 11:44:52.087: 00:1b:77:b4:34:e0 mscb->apfMsLwappMwarPort = 5246 mscb->apfMsLwappLradInet.ipv4.addr = -1062679163 mscb->apfMsLwappLradPort = 40089
*osapiBsnTimer: May 09 11:44:54.249: 00:1b:77:b4:34:e0 802.1x 'timeoutEvt' Timer expired for station 00:1b:77:b4:34:e0 and for message = M2
*dot1xMsgTask: May 09 11:44:54.249: 00:1b:77:b4:34:e0 Retransmit 1 of EAPOL-Key M1 (length 121) for mobile 00:1b:77:b4:34:e0
*dot1xMsgTask: May 09 11:44:54.249: 00:1b:77:b4:34:e0 mscb->apfMsLwappLradNhMac = 78:da:6e:59:c9:8c mscb->apfMsLradSlotId = 0 mscb->apfMsLradJumbo = 0 mscb->apfMsintIfNum = 1
*dot1xMsgTask: May 09 11:44:54.249: 00:1b:77:b4:34:e0 mscb->apfMsBssid = 18:9c:5d:71:34:50 mscb->apfMsAddress = 00:1b:77:b4:34:e0 mscb->apfMsApVapId = 1
*dot1xMsgTask: May 09 11:44:54.249: 00:1b:77:b4:34:e0 dot1xcb->snapOrg = 00 00 00 dot1xcb->eapolWepBit = 0 mscb->apfMsLwappLradVlanId = 0 mscb->apfMsLwappMwarInet.ipv4.addr = -1062679171
*dot1xMsgTask: May 09 11:44:54.249: 00:1b:77:b4:34:e0 mscb->apfMsLwappMwarPort = 5246 mscb->apfMsLwappLradInet.ipv4.addr = -1062679163 mscb->apfMsLwappLradPort = 40089
*osapiBsnTimer: May 09 11:44:56.249: 00:1b:77:b4:34:e0 802.1x 'timeoutEvt' Timer expired for station 00:1b:77:b4:34:e0 and for message = M2
*dot1xMsgTask: May 09 11:44:56.249: 00:1b:77:b4:34:e0 Retransmit 2 of EAPOL-Key M1 (length 121) for mobile 00:1b:77:b4:34:e0
*dot1xMsgTask: May 09 11:44:56.249: 00:1b:77:b4:34:e0 mscb->apfMsLwappLradNhMac = 78:da:6e:59:c9:8c mscb->apfMsLradSlotId = 0 mscb->apfMsLradJumbo = 0 mscb->apfMsintIfNum = 1
*dot1xMsgTask: May 09 11:44:56.249: 00:1b:77:b4:34:e0 mscb->apfMsBssid = 18:9c:5d:71:34:50 mscb->apfMsAddress = 00:1b:77:b4:34:e0 mscb->apfMsApVapId = 1
*dot1xMsgTask: May 09 11:44:56.249: 00:1b:77:b4:34:e0 dot1xcb->snapOrg = 00 00 00 dot1xcb->eapolWepBit = 0 mscb->apfMsLwappLradVlanId = 0 mscb->apfMsLwappMwarInet.ipv4.addr = -1062679171
*dot1xMsgTask: May 09 11:44:56.249: 00:1b:77:b4:34:e0 mscb->apfMsLwappMwarPort = 5246 mscb->apfMsLwappLradInet.ipv4.addr = -1062679163 mscb->apfMsLwappLradPort = 40089
*osapiBsnTimer: May 09 11:44:58.249: 00:1b:77:b4:34:e0 802.1x 'timeoutEvt' Timer expired for station 00:1b:77:b4:34:e0 and for message = M2
*dot1xMsgTask: May 09 11:44:58.249: 00:1b:77:b4:34:e0 Retransmit failure for EAPOL-Key M1 to mobile 00:1b:77:b4:34:e0, retransmit count 3, mscb deauth count 2
*dot1xMsgTask: May 09 11:44:58.249: 00:1b:77:b4:34:e0 Resetting MSCB PMK Cache Entry 0 for station 00:1b:77:b4:34:e0
*dot1xMsgTask: May 09 11:44:58.249: 00:1b:77:b4:34:e0 Removing BSSID 18:9c:5d:71:34:50 from PMKID cache of station 00:1b:77:b4:34:e0
*dot1xMsgTask: May 09 11:44:58.249: 00:1b:77:b4:34:e0 Setting active key cache index 0 ---> 8
*dot1xMsgTask: May 09 11:44:58.250: 00:1b:77:b4:34:e0 Sent Deauthenticate to mobile on BSSID 18:9c:5d:71:34:50 slot 0(caller 1x_ptsm.c:598)
*dot1xMsgTask: May 09 11:44:58.250: 00:1b:77:b4:34:e0 Setting active key cache index 8 ---> 8
*dot1xMsgTask: May 09 11:44:58.250: 00:1b:77:b4:34:e0 Deleting the PMK cache when de-authenticating the client.
*dot1xMsgTask: May 09 11:44:58.250: 00:1b:77:b4:34:e0 Global PMK Cache deletion failed.
*dot1xMsgTask: May 09 11:44:58.250: 00:1b:77:b4:34:e0 Scheduling deletion of Mobile Station: (callerId: 57) in 10 seconds
*dot1xMsgTask: May 09 11:44:58.250: 00:1b:77:b4:34:e0 Freeing EAP Retransmit Bufer for mobile 00:1b:77:b4:34:e0
*apfMsConnTask_4: May 09 11:45:03.768: 00:1b:77:b4:34:e0 Reassociation received from mobile on BSSID 18:9c:5d:71:34:50
*apfMsConnTask_4: May 09 11:45:03.768: 00:1b:77:b4:34:e0 Global 200 Clients are allowed to AP radio
*apfMsConnTask_4: May 09 11:45:03.769: 00:1b:77:b4:34:e0 Max Client Trap Threshold: 0 cur: 1
*apfMsConnTask_4: May 09 11:45:03.769: 00:1b:77:b4:34:e0 Rf profile 600 Clients are allowed to AP wlan
*apfMsConnTask_4: May 09 11:45:03.769: 00:1b:77:b4:34:e0 Applying Interface policy on Mobile, role Unassociated. Ms NAC State 2 Quarantine Vlan 0 Access Vlan 1
*apfMsConnTask_4: May 09 11:45:03.769: 00:1b:77:b4:34:e0 Re-applying interface policy for client
*apfMsConnTask_4: May 09 11:45:03.769: 00:1b:77:b4:34:e0 0.0.0.0 START (0) Changing IPv4 ACL 'none' (ACL ID 255) ===> 'none' (ACL ID 255) --- (caller apf_policy.c:2202)
*apfMsConnTask_4: May 09 11:45:03.769: 00:1b:77:b4:34:e0 0.0.0.0 START (0) Changing IPv6 ACL 'none' (ACL ID 255) ===> 'none' (ACL ID 255) --- (caller apf_policy.c:2223)
*apfMsConnTask_4: May 09 11:45:03.769: 00:1b:77:b4:34:e0 apfApplyWlanPolicy: Apply WLAN Policy over PMIPv6 Client Mobility Type
*apfMsConnTask_4: May 09 11:45:03.769: 00:1b:77:b4:34:e0 In processSsidIE:4795 setting Central switched to TRUE
*apfMsConnTask_4: May 09 11:45:03.769: 00:1b:77:b4:34:e0 In processSsidIE:4798 apVapId = 1 and Split Acl Id = 65535
*apfMsConnTask_4: May 09 11:45:03.769: 00:1b:77:b4:34:e0 Applying site-specific Local Bridging override for station 00:1b:77:b4:34:e0 - vapId 1, site 'default-group', interface 'catodos'
*apfMsConnTask_4: May 09 11:45:03.769: 00:1b:77:b4:34:e0 Applying Local Bridging Interface Policy for station 00:1b:77:b4:34:e0 - vlan 1, interface id 12, interface 'catodos'
*apfMsConnTask_4: May 09 11:45:03.769: 00:1b:77:b4:34:e0 processSsidIE statusCode is 0 and status is 0
*apfMsConnTask_4: May 09 11:45:03.769: 00:1b:77:b4:34:e0 processSsidIE ssid_done_flag is 0 finish_flag is 0
*apfMsConnTask_4: May 09 11:45:03.769: 00:1b:77:b4:34:e0 STA - rates (8): 2 4 11 22 12 18 24 36 48 72 96 108 0 0 0 0
*apfMsConnTask_4: May 09 11:45:03.769: 00:1b:77:b4:34:e0 suppRates statusCode is 0 and gotSuppRatesElement is 1
*apfMsConnTask_4: May 09 11:45:03.769: 00:1b:77:b4:34:e0 STA - rates (12): 2 4 11 22 12 18 24 36 48 72 96 108 0 0 0 0
*apfMsConnTask_4: May 09 11:45:03.769: 00:1b:77:b4:34:e0 extSuppRates statusCode is 0 and gotExtSuppRatesElement is 1
*apfMsConnTask_4: May 09 11:45:03.769: 00:1b:77:b4:34:e0 Processing RSN IE type 48, length 20 for mobile 00:1b:77:b4:34:e0
*apfMsConnTask_4: May 09 11:45:03.769: 00:1b:77:b4:34:e0 0.0.0.0 START (0) Initializing policy
*apfMsConnTask_4: May 09 11:45:03.769: 00:1b:77:b4:34:e0 0.0.0.0 START (0) Change state to AUTHCHECK (2) last state START (0)
*apfMsConnTask_4: May 09 11:45:03.769: 00:1b:77:b4:34:e0 0.0.0.0 AUTHCHECK (2) Change state to 8021X_REQD (3) last state AUTHCHECK (2)
*apfMsConnTask_4: May 09 11:45:03.769: 00:1b:77:b4:34:e0 Central switch is TRUE
*apfMsConnTask_4: May 09 11:45:03.769: 00:1b:77:b4:34:e0 Not Using WMM Compliance code qosCap 00
*apfMsConnTask_4: May 09 11:45:03.770: 00:1b:77:b4:34:e0 0.0.0.0 8021X_REQD (3) Plumbed mobile LWAPP rule on AP 18:9c:5d:71:34:50 vapId 1 apVapId 1 flex-acl-name:
*apfMsConnTask_4: May 09 11:45:03.770: 00:1b:77:b4:34:e0 apfPemAddUser2 (apf_policy.c:333) Changing state for mobile 00:1b:77:b4:34:e0 on AP 18:9c:5d:71:34:50 from Associated to Associated
*apfMsConnTask_4: May 09 11:45:03.770: 00:1b:77:b4:34:e0 apfPemAddUser2:session timeout forstation 00:1b:77:b4:34:e0 - Session Tout 1800, apfMsTimeOut '1800' and sessionTimerRunning flag is 0
*apfMsConnTask_4: May 09 11:45:03.770: 00:1b:77:b4:34:e0 Scheduling deletion of Mobile Station: (callerId: 49) in 1800 seconds
*apfMsConnTask_4: May 09 11:45:03.770: 00:1b:77:b4:34:e0 Func: apfPemAddUser2, Ms Timeout = 1800, Session Timeout = 1800
*apfMsConnTask_4: May 09 11:45:03.770: 00:1b:77:b4:34:e0 Sending Assoc Response to station on BSSID 18:9c:5d:71:34:50 (status 0) ApVapId 1 Slot 0
*apfMsConnTask_4: May 09 11:45:03.770: 00:1b:77:b4:34:e0 apfProcessAssocReq (apf_80211.c:8292) Changing state for mobile 00:1b:77:b4:34:e0 on AP 18:9c:5d:71:34:50 from Associated to Associated
*spamApTask6: May 09 11:45:03.772: 00:1b:77:b4:34:e0 Sent 1x initiate message to multi thread task for mobile 00:1b:77:b4:34:e0
*Dot1x_NW_MsgTask_0: May 09 11:45:03.773: 00:1b:77:b4:34:e0 Creating a PKC PMKID Cache entry for station 00:1b:77:b4:34:e0 (RSN 2)
*Dot1x_NW_MsgTask_0: May 09 11:45:03.773: 00:1b:77:b4:34:e0 Resetting MSCB PMK Cache Entry 0 for station 00:1b:77:b4:34:e0
*Dot1x_NW_MsgTask_0: May 09 11:45:03.773: 00:1b:77:b4:34:e0 Setting active key cache index 8 ---> 8
*Dot1x_NW_MsgTask_0: May 09 11:45:03.773: 00:1b:77:b4:34:e0 Setting active key cache index 8 ---> 0
*Dot1x_NW_MsgTask_0: May 09 11:45:03.773: 00:1b:77:b4:34:e0 Adding BSSID 18:9c:5d:71:34:50 to PMKID cache at index 0 for station 00:1b:77:b4:34:e0
*Dot1x_NW_MsgTask_0: May 09 11:45:03.773: New PMKID: (16)
*Dot1x_NW_MsgTask_0: May 09 11:45:03.773: [0000] f6 3d 52 9f 2a de 52 90 1d a2 46 49 0f 14 f6 69
*Dot1x_NW_MsgTask_0: May 09 11:45:03.773: 00:1b:77:b4:34:e0 Initiating RSN PSK to mobile 00:1b:77:b4:34:e0
*Dot1x_NW_MsgTask_0: May 09 11:45:03.773: 00:1b:77:b4:34:e0 EAP-PARAM Debug - eap-params for Wlan-Id :1 is disabled - applying Global eap timers and retries
*Dot1x_NW_MsgTask_0: May 09 11:45:03.773: 00:1b:77:b4:34:e0 dot1x - moving mobile 00:1b:77:b4:34:e0 into Force Auth state
*Dot1x_NW_MsgTask_0: May 09 11:45:03.773: 00:1b:77:b4:34:e0 EAPOL Header:
*Dot1x_NW_MsgTask_0: May 09 11:45:03.773: 00000000: 02 03 00 5f ..._
*Dot1x_NW_MsgTask_0: May 09 11:45:03.773: 00:1b:77:b4:34:e0 Found an cache entry for BSSID 18:9c:5d:71:34:50 in PMKID cache at index 0 of station 00:1b:77:b4:34:e0
*Dot1x_NW_MsgTask_0: May 09 11:45:03.773: 00:1b:77:b4:34:e0 Found an cache entry for BSSID 18:9c:5d:71:34:50 in PMKID cache at index 0 of station 00:1b:77:b4:34:e0
*Dot1x_NW_MsgTask_0: May 09 11:45:03.773: Including PMKID in M1 (16)
*Dot1x_NW_MsgTask_0: May 09 11:45:03.773: [0000] f6 3d 52 9f 2a de 52 90 1d a2 46 49 0f 14 f6 69
*Dot1x_NW_MsgTask_0: May 09 11:45:03.773: 00:1b:77:b4:34:e0 Starting key exchange to mobile 00:1b:77:b4:34:e0, data packets will be dropped
*Dot1x_NW_MsgTask_0: May 09 11:45:03.773: 00:1b:77:b4:34:e0 Sending EAPOL-Key Message to mobile 00:1b:77:b4:34:e0
state INITPMK (message 1), replay counter 00.00.00.00.00.00.00.00
*Dot1x_NW_MsgTask_0: May 09 11:45:03.773: 00:1b:77:b4:34:e0 Sending EAPOL-Key Message to mobile 00:1b:77:b4:34:e0
state INITPMK (message 1), replay counter 00.00.00.00.00.00.00.00
*Dot1x_NW_MsgTask_0: May 09 11:45:03.773: 00:1b:77:b4:34:e0 Allocating EAP Pkt for retransmission to mobile 00:1b:77:b4:34:e0
*Dot1x_NW_MsgTask_0: May 09 11:45:03.773: 00:1b:77:b4:34:e0 mscb->apfMsLwappLradNhMac = 78:da:6e:59:c9:8c mscb->apfMsLradSlotId = 0 mscb->apfMsLradJumbo = 0 mscb->apfMsintIfNum = 1
*Dot1x_NW_MsgTask_0: May 09 11:45:03.773: 00:1b:77:b4:34:e0 mscb->apfMsBssid = 18:9c:5d:71:34:50 mscb->apfMsAddress = 00:1b:77:b4:34:e0 mscb->apfMsApVapId = 1
*Dot1x_NW_MsgTask_0: May 09 11:45:03.773: 00:1b:77:b4:34:e0 dot1xcb->snapOrg = 00 00 00 dot1xcb->eapolWepBit = 0 mscb->apfMsLwappLradVlanId = 0 mscb->apfMsLwappMwarInet.ipv4.addr = -1062679171
*Dot1x_NW_MsgTask_0: May 09 11:45:03.773: 00:1b:77:b4:34:e0 mscb->apfMsLwappMwarPort = 5246 mscb->apfMsLwappLradInet.ipv4.addr = -1062679163 mscb->apfMsLwappLradPort = 40089
*osapiBsnTimer: May 09 11:45:05.849: 00:1b:77:b4:34:e0 802.1x 'timeoutEvt' Timer expired for station 00:1b:77:b4:34:e0 and for message = M2
*dot1xMsgTask: May 09 11:45:05.849: 00:1b:77:b4:34:e0 Retransmit 1 of EAPOL-Key M1 (length 121) for mobile 00:1b:77:b4:34:e0
*dot1xMsgTask: May 09 11:45:05.849: 00:1b:77:b4:34:e0 mscb->apfMsLwappLradNhMac = 78:da:6e:59:c9:8c mscb->apfMsLradSlotId = 0 mscb->apfMsLradJumbo = 0 mscb->apfMsintIfNum = 1
*dot1xMsgTask: May 09 11:45:05.849: 00:1b:77:b4:34:e0 mscb->apfMsBssid = 18:9c:5d:71:34:50 mscb->apfMsAddress = 00:1b:77:b4:34:e0 mscb->apfMsApVapId = 1
*dot1xMsgTask: May 09 11:45:05.849: 00:1b:77:b4:34:e0 dot1xcb->snapOrg = 00 00 00 dot1xcb->eapolWepBit = 0 mscb->apfMsLwappLradVlanId = 0 mscb->apfMsLwappMwarInet.ipv4.addr = -1062679171
*dot1xMsgTask: May 09 11:45:05.849: 00:1b:77:b4:34:e0 mscb->apfMsLwappMwarPort = 5246 mscb->apfMsLwappLradInet.ipv4.addr = -1062679163 mscb->apfMsLwappLradPort = 40089
*osapiBsnTimer: May 09 11:45:07.848: 00:1b:77:b4:34:e0 802.1x 'timeoutEvt' Timer expired for station 00:1b:77:b4:34:e0 and for message = M2
*dot1xMsgTask: May 09 11:45:07.849: 00:1b:77:b4:34:e0 Retransmit 2 of EAPOL-Key M1 (length 121) for mobile 00:1b:77:b4:34:e0
*dot1xMsgTask: May 09 11:45:07.849: 00:1b:77:b4:34:e0 mscb->apfMsLwappLradNhMac = 78:da:6e:59:c9:8c mscb->apfMsLradSlotId = 0 mscb->apfMsLradJumbo = 0 mscb->apfMsintIfNum = 1
*dot1xMsgTask: May 09 11:45:07.849: 00:1b:77:b4:34:e0 mscb->apfMsBssid = 18:9c:5d:71:34:50 mscb->apfMsAddress = 00:1b:77:b4:34:e0 mscb->apfMsApVapId = 1
*dot1xMsgTask: May 09 11:45:07.849: 00:1b:77:b4:34:e0 dot1xcb->snapOrg = 00 00 00 dot1xcb->eapolWepBit = 0 mscb->apfMsLwappLradVlanId = 0 mscb->apfMsLwappMwarInet.ipv4.addr = -1062679171
*dot1xMsgTask: May 09 11:45:07.849: 00:1b:77:b4:34:e0 mscb->apfMsLwappMwarPort = 5246 mscb->apfMsLwappLradInet.ipv4.addr = -1062679163 mscb->apfMsLwappLradPort = 40089
*osapiBsnTimer: May 09 11:45:09.848: 00:1b:77:b4:34:e0 802.1x 'timeoutEvt' Timer expired for station 00:1b:77:b4:34:e0 and for message = M2
*dot1xMsgTask: May 09 11:45:09.849: 00:1b:77:b4:34:e0 Retransmit failure for EAPOL-Key M1 to mobile 00:1b:77:b4:34:e0, retransmit count 3, mscb deauth count 3
*dot1xMsgTask: May 09 11:45:09.849: 00:1b:77:b4:34:e0 Blacklisting (if enabled) mobile 00:1b:77:b4:34:e0
*dot1xMsgTask: May 09 11:45:09.849: 00:1b:77:b4:34:e0 0.0.0.0 8021X_REQD (3) Change state to START (0) last state 8021X_REQD (3)
*dot1xMsgTask: May 09 11:45:09.849: 00:1b:77:b4:34:e0 0.0.0.0 START (0) Reached FAILURE: from line 5274
*dot1xMsgTask: May 09 11:45:09.849: 00:1b:77:b4:34:e0 Scheduling deletion of Mobile Station: (callerId: 9) in 10 seconds
*apfMsConnTask_4: May 09 11:45:15.689: 00:1b:77:b4:34:e0 Reassociation received from mobile on BSSID 18:9c:5d:71:34:50
*apfMsConnTask_4: May 09 11:45:15.689: 00:1b:77:b4:34:e0 Global 200 Clients are allowed to AP radio
*apfMsConnTask_4: May 09 11:45:15.689: 00:1b:77:b4:34:e0 Max Client Trap Threshold: 0 cur: 1
*apfMsConnTask_4: May 09 11:45:15.689: 00:1b:77:b4:34:e0 Rf profile 600 Clients are allowed to AP wlan
*apfMsConnTask_4: May 09 11:45:15.689: 00:1b:77:b4:34:e0 Applying Interface policy on Mobile, role Unassociated. Ms NAC State 2 Quarantine Vlan 0 Access Vlan 1
*apfMsConnTask_4: May 09 11:45:15.689: 00:1b:77:b4:34:e0 Re-applying interface policy for client
*apfMsConnTask_4: May 09 11:45:15.689: 00:1b:77:b4:34:e0 0.0.0.0 START (0) Changing IPv4 ACL 'none' (ACL ID 255) ===> 'none' (ACL ID 255) --- (caller apf_policy.c:2202)
*apfMsConnTask_4: May 09 11:45:15.689: 00:1b:77:b4:34:e0 0.0.0.0 START (0) Changing IPv6 ACL 'none' (ACL ID 255) ===> 'none' (ACL ID 255) --- (caller apf_policy.c:2223)
*apfMsConnTask_4: May 09 11:45:15.689: 00:1b:77:b4:34:e0 apfApplyWlanPolicy: Apply WLAN Policy over PMIPv6 Client Mobility Type
*apfMsConnTask_4: May 09 11:45:15.689: 00:1b:77:b4:34:e0 In processSsidIE:4795 setting Central switched to TRUE
*apfMsConnTask_4: May 09 11:45:15.689: 00:1b:77:b4:34:e0 In processSsidIE:4798 apVapId = 1 and Split Acl Id = 65535
*apfMsConnTask_4: May 09 11:45:15.690: 00:1b:77:b4:34:e0 Applying site-specific Local Bridging override for station 00:1b:77:b4:34:e0 - vapId 1, site 'default-group', interface 'catodos'
*apfMsConnTask_4: May 09 11:45:15.690: 00:1b:77:b4:34:e0 Applying Local Bridging Interface Policy for station 00:1b:77:b4:34:e0 - vlan 1, interface id 12, interface 'catodos'
*apfMsConnTask_4: May 09 11:45:15.690: 00:1b:77:b4:34:e0 processSsidIE statusCode is 0 and status is 0
*apfMsConnTask_4: May 09 11:45:15.690: 00:1b:77:b4:34:e0 processSsidIE ssid_done_flag is 0 finish_flag is 0
*apfMsConnTask_4: May 09 11:45:15.690: 00:1b:77:b4:34:e0 STA - rates (8): 2 4 11 22 12 18 24 36 48 72 96 108 0 0 0 0
*apfMsConnTask_4: May 09 11:45:15.690: 00:1b:77:b4:34:e0 suppRates statusCode is 0 and gotSuppRatesElement is 1
*apfMsConnTask_4: May 09 11:45:15.690: 00:1b:77:b4:34:e0 STA - rates (12): 2 4 11 22 12 18 24 36 48 72 96 108 0 0 0 0
*apfMsConnTask_4: May 09 11:45:15.690: 00:1b:77:b4:34:e0 extSuppRates statusCode is 0 and gotExtSuppRatesElement is 1
*apfMsConnTask_4: May 09 11:45:15.690: 00:1b:77:b4:34:e0 Processing RSN IE type 48, length 20 for mobile 00:1b:77:b4:34:e0
*apfMsConnTask_4: May 09 11:45:15.690: 00:1b:77:b4:34:e0 0.0.0.0 START (0) Initializing policy
*apfMsConnTask_4: May 09 11:45:15.690: 00:1b:77:b4:34:e0 0.0.0.0 START (0) Change state to AUTHCHECK (2) last state START (0)
*apfMsConnTask_4: May 09 11:45:15.690: 00:1b:77:b4:34:e0 0.0.0.0 AUTHCHECK (2) Change state to 8021X_REQD (3) last state AUTHCHECK (2)
*apfMsConnTask_4: May 09 11:45:15.690: 00:1b:77:b4:34:e0 Central switch is TRUE
*apfMsConnTask_4: May 09 11:45:15.690: 00:1b:77:b4:34:e0 Not Using WMM Compliance code qosCap 00
*apfMsConnTask_4: May 09 11:45:15.690: 00:1b:77:b4:34:e0 0.0.0.0 8021X_REQD (3) Plumbed mobile LWAPP rule on AP 18:9c:5d:71:34:50 vapId 1 apVapId 1 flex-acl-name:
*apfMsConnTask_4: May 09 11:45:15.690: 00:1b:77:b4:34:e0 apfPemAddUser2 (apf_policy.c:333) Changing state for mobile 00:1b:77:b4:34:e0 on AP 18:9c:5d:71:34:50 from Associated to Associated
*apfMsConnTask_4: May 09 11:45:15.690: 00:1b:77:b4:34:e0 apfPemAddUser2:session timeout forstation 00:1b:77:b4:34:e0 - Session Tout 1800, apfMsTimeOut '1800' and sessionTimerRunning flag is 0
*apfMsConnTask_4: May 09 11:45:15.690: 00:1b:77:b4:34:e0 Scheduling deletion of Mobile Station: (callerId: 49) in 1800 seconds
*apfMsConnTask_4: May 09 11:45:15.690: 00:1b:77:b4:34:e0 Func: apfPemAddUser2, Ms Timeout = 1800, Session Timeout = 1800
*apfMsConnTask_4: May 09 11:45:15.690: 00:1b:77:b4:34:e0 Sending Assoc Response to station on BSSID 18:9c:5d:71:34:50 (status 0) ApVapId 1 Slot 0
*apfMsConnTask_4: May 09 11:45:15.691: 00:1b:77:b4:34:e0 apfProcessAssocReq (apf_80211.c:8292) Changing state for mobile 00:1b:77:b4:34:e0 on AP 18:9c:5d:71:34:50 from Associated to Associated
*spamApTask6: May 09 11:45:15.693: 00:1b:77:b4:34:e0 Sent 1x initiate message to multi thread task for mobile 00:1b:77:b4:34:e0
*Dot1x_NW_MsgTask_0: May 09 11:45:15.693: 00:1b:77:b4:34:e0 Creating a PKC PMKID Cache entry for station 00:1b:77:b4:34:e0 (RSN 2)
*Dot1x_NW_MsgTask_0: May 09 11:45:15.693: 00:1b:77:b4:34:e0 Resetting MSCB PMK Cache Entry 0 for station 00:1b:77:b4:34:e0
*Dot1x_NW_MsgTask_0: May 09 11:45:15.693: 00:1b:77:b4:34:e0 Removing BSSID 18:9c:5d:71:34:50 from PMKID cache of station 00:1b:77:b4:34:e0
*Dot1x_NW_MsgTask_0: May 09 11:45:15.693: 00:1b:77:b4:34:e0 Setting active key cache index 0 ---> 8
*Dot1x_NW_MsgTask_0: May 09 11:45:15.693: 00:1b:77:b4:34:e0 Setting active key cache index 8 ---> 0
*Dot1x_NW_MsgTask_0: May 09 11:45:15.693: 00:1b:77:b4:34:e0 Adding BSSID 18:9c:5d:71:34:50 to PMKID cache at index 0 for station 00:1b:77:b4:34:e0
*Dot1x_NW_MsgTask_0: May 09 11:45:15.693: New PMKID: (16)
*Dot1x_NW_MsgTask_0: May 09 11:45:15.693: [0000] f6 3d 52 9f 2a de 52 90 1d a2 46 49 0f 14 f6 69
*Dot1x_NW_MsgTask_0: May 09 11:45:15.693: 00:1b:77:b4:34:e0 Initiating RSN PSK to mobile 00:1b:77:b4:34:e0
*Dot1x_NW_MsgTask_0: May 09 11:45:15.693: 00:1b:77:b4:34:e0 EAP-PARAM Debug - eap-params for Wlan-Id :1 is disabled - applying Global eap timers and retries
*Dot1x_NW_MsgTask_0: May 09 11:45:15.693: 00:1b:77:b4:34:e0 dot1x - moving mobile 00:1b:77:b4:34:e0 into Force Auth state
*Dot1x_NW_MsgTask_0: May 09 11:45:15.693: 00:1b:77:b4:34:e0 EAPOL Header:
*Dot1x_NW_MsgTask_0: May 09 11:45:15.694: 00000000: 02 03 00 5f ..._
*Dot1x_NW_MsgTask_0: May 09 11:45:15.694: 00:1b:77:b4:34:e0 Found an cache entry for BSSID 18:9c:5d:71:34:50 in PMKID cache at index 0 of station 00:1b:77:b4:34:e0
*Dot1x_NW_MsgTask_0: May 09 11:45:15.694: 00:1b:77:b4:34:e0 Found an cache entry for BSSID 18:9c:5d:71:34:50 in PMKID cache at index 0 of station 00:1b:77:b4:34:e0
*Dot1x_NW_MsgTask_0: May 09 11:45:15.694: Including PMKID in M1 (16)
*Dot1x_NW_MsgTask_0: May 09 11:45:15.694: [0000] f6 3d 52 9f 2a de 52 90 1d a2 46 49 0f 14 f6 69
*Dot1x_NW_MsgTask_0: May 09 11:45:15.694: 00:1b:77:b4:34:e0 Starting key exchange to mobile 00:1b:77:b4:34:e0, data packets will be dropped
*Dot1x_NW_MsgTask_0: May 09 11:45:15.694: 00:1b:77:b4:34:e0 Sending EAPOL-Key Message to mobile 00:1b:77:b4:34:e0
state INITPMK (message 1), replay counter 00.00.00.00.00.00.00.00
*Dot1x_NW_MsgTask_0: May 09 11:45:15.694: 00:1b:77:b4:34:e0 Sending EAPOL-Key Message to mobile 00:1b:77:b4:34:e0
state INITPMK (message 1), replay counter 00.00.00.00.00.00.00.00
*Dot1x_NW_MsgTask_0: May 09 11:45:15.694: 00:1b:77:b4:34:e0 Reusing allocated memory for EAP Pkt for retransmission to mobile 00:1b:77:b4:34:e0
*Dot1x_NW_MsgTask_0: May 09 11:45:15.694: 00:1b:77:b4:34:e0 mscb->apfMsLwappLradNhMac = 78:da:6e:59:c9:8c mscb->apfMsLradSlotId = 0 mscb->apfMsLradJumbo = 0 mscb->apfMsintIfNum = 1
*Dot1x_NW_MsgTask_0: May 09 11:45:15.694: 00:1b:77:b4:34:e0 mscb->apfMsBssid = 18:9c:5d:71:34:50 mscb->apfMsAddress = 00:1b:77:b4:34:e0 mscb->apfMsApVapId = 1
*Dot1x_NW_MsgTask_0: May 09 11:45:15.694: 00:1b:77:b4:34:e0 dot1xcb->snapOrg = 00 00 00 dot1xcb->eapolWepBit = 0 mscb->apfMsLwappLradVlanId = 0 mscb->apfMsLwappMwarInet.ipv4.addr = -1062679171
*Dot1x_NW_MsgTask_0: May 09 11:45:15.694: 00:1b:77:b4:34:e0 mscb->apfMsLwappMwarPort = 5246 mscb->apfMsLwappLradInet.ipv4.addr = -1062679163 mscb->apfMsLwappLradPort = 40089
*apfMsConnTask_4: May 09 11:45:15.875: 00:1b:77:b4:34:e0 Reassociation received from mobile on BSSID 18:9c:5d:71:34:50
*apfMsConnTask_4: May 09 11:45:15.875: 00:1b:77:b4:34:e0 Global 200 Clients are allowed to AP radio
*apfMsConnTask_4: May 09 11:45:15.875: 00:1b:77:b4:34:e0 Max Client Trap Threshold: 0 cur: 1
*apfMsConnTask_4: May 09 11:45:15.875: 00:1b:77:b4:34:e0 Rf profile 600 Clients are allowed to AP wlan
*apfMsConnTask_4: May 09 11:45:15.876: 00:1b:77:b4:34:e0 Applying Interface policy on Mobile, role Unassociated. Ms NAC State 2 Quarantine Vlan 0 Access Vlan 1
*apfMsConnTask_4: May 09 11:45:15.876: 00:1b:77:b4:34:e0 Re-applying interface policy for client
*apfMsConnTask_4: May 09 11:45:15.876: 00:1b:77:b4:34:e0 0.0.0.0 8021X_REQD (3) Changing IPv4 ACL 'none' (ACL ID 255) ===> 'none' (ACL ID 255) --- (caller apf_policy.c:2202)
*apfMsConnTask_4: May 09 11:45:15.876: 00:1b:77:b4:34:e0 0.0.0.0 8021X_REQD (3) Changing IPv6 ACL 'none' (ACL ID 255) ===> 'none' (ACL ID 255) --- (caller apf_policy.c:2223)
*apfMsConnTask_4: May 09 11:45:15.876: 00:1b:77:b4:34:e0 apfApplyWlanPolicy: Apply WLAN Policy over PMIPv6 Client Mobility Type
*apfMsConnTask_4: May 09 11:45:15.876: 00:1b:77:b4:34:e0 In processSsidIE:4795 setting Central switched to TRUE
*apfMsConnTask_4: May 09 11:45:15.876: 00:1b:77:b4:34:e0 In processSsidIE:4798 apVapId = 1 and Split Acl Id = 65535
*apfMsConnTask_4: May 09 11:45:15.876: 00:1b:77:b4:34:e0 Applying site-specific Local Bridging override for station 00:1b:77:b4:34:e0 - vapId 1, site 'default-group', interface 'catodos'
*apfMsConnTask_4: May 09 11:45:15.876: 00:1b:77:b4:34:e0 Applying Local Bridging Interface Policy for station 00:1b:77:b4:34:e0 - vlan 1, interface id 12, interface 'catodos'
*apfMsConnTask_4: May 09 11:45:15.876: 00:1b:77:b4:34:e0 processSsidIE statusCode is 0 and status is 0
*apfMsConnTask_4: May 09 11:45:15.876: 00:1b:77:b4:34:e0 processSsidIE ssid_done_flag is 0 finish_flag is 0
*apfMsConnTask_4: May 09 11:45:15.876: 00:1b:77:b4:34:e0 STA - rates (8): 2 4 11 22 12 18 24 36 48 72 96 108 0 0 0 0
*apfMsConnTask_4: May 09 11:45:15.876: 00:1b:77:b4:34:e0 suppRates statusCode is 0 and gotSuppRatesElement is 1
*apfMsConnTask_4: May 09 11:45:15.876: 00:1b:77:b4:34:e0 STA - rates (12): 2 4 11 22 12 18 24 36 48 72 96 108 0 0 0 0
*apfMsConnTask_4: May 09 11:45:15.876: 00:1b:77:b4:34:e0 extSuppRates statusCode is 0 and gotExtSuppRatesElement is 1
*apfMsConnTask_4: May 09 11:45:15.876: 00:1b:77:b4:34:e0 Processing RSN IE type 48, length 20 for mobile 00:1b:77:b4:34:e0
*apfMsConnTask_4: May 09 11:45:15.876: 00:1b:77:b4:34:e0 0.0.0.0 8021X_REQD (3) Initializing policy
*apfMsConnTask_4: May 09 11:45:15.876: 00:1b:77:b4:34:e0 0.0.0.0 8021X_REQD (3) Change state to AUTHCHECK (2) last state 8021X_REQD (3)
*apfMsConnTask_4: May 09 11:45:15.876: 00:1b:77:b4:34:e0 0.0.0.0 AUTHCHECK (2) Change state to 8021X_REQD (3) last state AUTHCHECK (2)
*apfMsConnTask_4: May 09 11:45:15.876: 00:1b:77:b4:34:e0 Central switch is TRUE
*apfMsConnTask_4: May 09 11:45:15.876: 00:1b:77:b4:34:e0 Not Using WMM Compliance code qosCap 00
*apfMsConnTask_4: May 09 11:45:15.876: 00:1b:77:b4:34:e0 0.0.0.0 8021X_REQD (3) Plumbed mobile LWAPP rule on AP 18:9c:5d:71:34:50 vapId 1 apVapId 1 flex-acl-name:
*apfMsConnTask_4: May 09 11:45:15.876: 00:1b:77:b4:34:e0 apfPemAddUser2 (apf_policy.c:333) Changing state for mobile 00:1b:77:b4:34:e0 on AP 18:9c:5d:71:34:50 from Associated to Associated
*apfMsConnTask_4: May 09 11:45:15.877: 00:1b:77:b4:34:e0 apfPemAddUser2:session timeout forstation 00:1b:77:b4:34:e0 - Session Tout 1800, apfMsTimeOut '1800' and sessionTimerRunning flag is 0
*apfMsConnTask_4: May 09 11:45:15.877: 00:1b:77:b4:34:e0 Scheduling deletion of Mobile Station: (callerId: 49) in 1800 seconds
*apfMsConnTask_4: May 09 11:45:15.877: 00:1b:77:b4:34:e0 Func: apfPemAddUser2, Ms Timeout = 1800, Session Timeout = 1800
*apfMsConnTask_4: May 09 11:45:15.877: 00:1b:77:b4:34:e0 Sending Assoc Response to station on BSSID 18:9c:5d:71:34:50 (status 0) ApVapId 1 Slot 0
*apfMsConnTask_4: May 09 11:45:15.877: 00:1b:77:b4:34:e0 apfProcessAssocReq (apf_80211.c:8292) Changing state for mobile 00:1b:77:b4:34:e0 on AP 18:9c:5d:71:34:50 from Associated to Associated
*spamApTask6: May 09 11:45:15.878: 00:1b:77:b4:34:e0 Sent 1x initiate message to multi thread task for mobile 00:1b:77:b4:34:e0
*Dot1x_NW_MsgTask_0: May 09 11:45:15.879: 00:1b:77:b4:34:e0 Creating a PKC PMKID Cache entry for station 00:1b:77:b4:34:e0 (RSN 2)
*Dot1x_NW_MsgTask_0: May 09 11:45:15.879: 00:1b:77:b4:34:e0 Resetting MSCB PMK Cache Entry 0 for station 00:1b:77:b4:34:e0
*Dot1x_NW_MsgTask_0: May 09 11:45:15.879: 00:1b:77:b4:34:e0 Removing BSSID 18:9c:5d:71:34:50 from PMKID cache of station 00:1b:77:b4:34:e0
*Dot1x_NW_MsgTask_0: May 09 11:45:15.879: 00:1b:77:b4:34:e0 Setting active key cache index 0 ---> 8
*Dot1x_NW_MsgTask_0: May 09 11:45:15.879: 00:1b:77:b4:34:e0 Setting active key cache index 8 ---> 0
*Dot1x_NW_MsgTask_0: May 09 11:45:15.879: 00:1b:77:b4:34:e0 Adding BSSID 18:9c:5d:71:34:50 to PMKID cache at index 0 for station 00:1b:77:b4:34:e0
*Dot1x_NW_MsgTask_0: May 09 11:45:15.879: New PMKID: (16)
*Dot1x_NW_MsgTask_0: May 09 11:45:15.879: [0000] f6 3d 52 9f 2a de 52 90 1d a2 46 49 0f 14 f6 69
*Dot1x_NW_MsgTask_0: May 09 11:45:15.879: 00:1b:77:b4:34:e0 Initiating RSN PSK to mobile 00:1b:77:b4:34:e0
*Dot1x_NW_MsgTask_0: May 09 11:45:15.879: 00:1b:77:b4:34:e0 EAP-PARAM Debug - eap-params for Wlan-Id :1 is disabled - applying Global eap timers and retries
*Dot1x_NW_MsgTask_0: May 09 11:45:15.879: 00:1b:77:b4:34:e0 dot1x - moving mobile 00:1b:77:b4:34:e0 into Force Auth state
*Dot1x_NW_MsgTask_0: May 09 11:45:15.879: 00:1b:77:b4:34:e0 EAPOL Header:
*Dot1x_NW_MsgTask_0: May 09 11:45:15.879: 00000000: 02 03 00 5f ..._
*Dot1x_NW_MsgTask_0: May 09 11:45:15.879: 00:1b:77:b4:34:e0 Found an cache entry for BSSID 18:9c:5d:71:34:50 in PMKID cache at index 0 of station 00:1b:77:b4:34:e0
*Dot1x_NW_MsgTask_0: May 09 11:45:15.879: 00:1b:77:b4:34:e0 Found an cache entry for BSSID 18:9c:5d:71:34:50 in PMKID cache at index 0 of station 00:1b:77:b4:34:e0
*Dot1x_NW_MsgTask_0: May 09 11:45:15.879: Including PMKID in M1 (16)
*Dot1x_NW_MsgTask_0: May 09 11:45:15.879: [0000] f6 3d 52 9f 2a de 52 90 1d a2 46 49 0f 14 f6 69
*Dot1x_NW_MsgTask_0: May 09 11:45:15.879: 00:1b:77:b4:34:e0 Starting key exchange to mobile 00:1b:77:b4:34:e0, data packets will be dropped
*Dot1x_NW_MsgTask_0: May 09 11:45:15.879: 00:1b:77:b4:34:e0 Sending EAPOL-Key Message to mobile 00:1b:77:b4:34:e0
state INITPMK (message 1), replay counter 00.00.00.00.00.00.00.00
*Dot1x_NW_MsgTask_0: May 09 11:45:15.879: 00:1b:77:b4:34:e0 Sending EAPOL-Key Message to mobile 00:1b:77:b4:34:e0
state INITPMK (message 1), replay counter 00.00.00.00.00.00.00.00
*Dot1x_NW_MsgTask_0: May 09 11:45:15.879: 00:1b:77:b4:34:e0 Reusing allocated memory for EAP Pkt for retransmission to mobile 00:1b:77:b4:34:e0
*Dot1x_NW_MsgTask_0: May 09 11:45:15.879: 00:1b:77:b4:34:e0 mscb->apfMsLwappLradNhMac = 78:da:6e:59:c9:8c mscb->apfMsLradSlotId = 0 mscb->apfMsLradJumbo = 0 mscb->apfMsintIfNum = 1
*Dot1x_NW_MsgTask_0: May 09 11:45:15.879: 00:1b:77:b4:34:e0 mscb->apfMsBssid = 18:9c:5d:71:34:50 mscb->apfMsAddress = 00:1b:77:b4:34:e0 mscb->apfMsApVapId = 1
*Dot1x_NW_MsgTask_0: May 09 11:45:15.879: 00:1b:77:b4:34:e0 dot1xcb->snapOrg = 00 00 00 dot1xcb->eapolWepBit = 0 mscb->apfMsLwappLradVlanId = 0 mscb->apfMsLwappMwarInet.ipv4.addr = -1062679171
*Dot1x_NW_MsgTask_0: May 09 11:45:15.879: 00:1b:77:b4:34:e0 mscb->apfMsLwappMwarPort = 5246 mscb->apfMsLwappLradInet.ipv4.addr = -1062679163 mscb->apfMsLwappLradPort = 40089
*osapiBsnTimer: May 09 11:45:18.048: 00:1b:77:b4:34:e0 802.1x 'timeoutEvt' Timer expired for station 00:1b:77:b4:34:e0 and for message = M2
*dot1xMsgTask: May 09 11:45:18.049: 00:1b:77:b4:34:e0 Retransmit 1 of EAPOL-Key M1 (length 121) for mobile 00:1b:77:b4:34:e0
*dot1xMsgTask: May 09 11:45:18.049: 00:1b:77:b4:34:e0 mscb->apfMsLwappLradNhMac = 78:da:6e:59:c9:8c mscb->apfMsLradSlotId = 0 mscb->apfMsLradJumbo = 0 mscb->apfMsintIfNum = 1
*dot1xMsgTask: May 09 11:45:18.049: 00:1b:77:b4:34:e0 mscb->apfMsBssid = 18:9c:5d:71:34:50 mscb->apfMsAddress = 00:1b:77:b4:34:e0 mscb->apfMsApVapId = 1
*dot1xMsgTask: May 09 11:45:18.049: 00:1b:77:b4:34:e0 dot1xcb->snapOrg = 00 00 00 dot1xcb->eapolWepBit = 0 mscb->apfMsLwappLradVlanId = 0 mscb->apfMsLwappMwarInet.ipv4.addr = -1062679171
*dot1xMsgTask: May 09 11:45:18.049: 00:1b:77:b4:34:e0 mscb->apfMsLwappMwarPort = 5246 mscb->apfMsLwappLradInet.ipv4.addr = -1062679163 mscb->apfMsLwappLradPort = 40089
*osapiBsnTimer: May 09 11:45:20.049: 00:1b:77:b4:34:e0 802.1x 'timeoutEvt' Timer expired for station 00:1b:77:b4:34:e0 and for message = M2
*dot1xMsgTask: May 09 11:45:20.049: 00:1b:77:b4:34:e0 Retransmit 2 of EAPOL-Key M1 (length 121) for mobile 00:1b:77:b4:34:e0
*dot1xMsgTask: May 09 11:45:20.049: 00:1b:77:b4:34:e0 mscb->apfMsLwappLradNhMac = 78:da:6e:59:c9:8c mscb->apfMsLradSlotId = 0 mscb->apfMsLradJumbo = 0 mscb->apfMsintIfNum = 1
*dot1xMsgTask: May 09 11:45:20.049: 00:1b:77:b4:34:e0 mscb->apfMsBssid = 18:9c:5d:71:34:50 mscb->apfMsAddress = 00:1b:77:b4:34:e0 mscb->apfMsApVapId = 1
*dot1xMsgTask: May 09 11:45:20.049: 00:1b:77:b4:34:e0 dot1xcb->snapOrg = 00 00 00 dot1xcb->eapolWepBit = 0 mscb->apfMsLwappLradVlanId = 0 mscb->apfMsLwappMwarInet.ipv4.addr = -1062679171
*dot1xMsgTask: May 09 11:45:20.049: 00:1b:77:b4:34:e0 mscb->apfMsLwappMwarPort = 5246 mscb->apfMsLwappLradInet.ipv4.addr = -1062679163 mscb->apfMsLwappLradPort = 40089
*osapiBsnTimer: May 09 11:45:22.048: 00:1b:77:b4:34:e0 802.1x 'timeoutEvt' Timer expired for station 00:1b:77:b4:34:e0 and for message = M2
*dot1xMsgTask: May 09 11:45:22.049: 00:1b:77:b4:34:e0 Retransmit failure for EAPOL-Key M1 to mobile 00:1b:77:b4:34:e0, retransmit count 3, mscb deauth count 0
*dot1xMsgTask: May 09 11:45:22.049: 00:1b:77:b4:34:e0 Resetting MSCB PMK Cache Entry 0 for station 00:1b:77:b4:34:e0
*dot1xMsgTask: May 09 11:45:22.049: 00:1b:77:b4:34:e0 Removing BSSID 18:9c:5d:71:34:50 from PMKID cache of station 00:1b:77:b4:34:e0
*dot1xMsgTask: May 09 11:45:22.049: 00:1b:77:b4:34:e0 Setting active key cache index 0 ---> 8
*dot1xMsgTask: May 09 11:45:22.049: 00:1b:77:b4:34:e0 Sent Deauthenticate to mobile on BSSID 18:9c:5d:71:34:50 slot 0(caller 1x_ptsm.c:598)
*dot1xMsgTask: May 09 11:45:22.049: 00:1b:77:b4:34:e0 Setting active key cache index 8 ---> 8
*dot1xMsgTask: May 09 11:45:22.049: 00:1b:77:b4:34:e0 Deleting the PMK cache when de-authenticating the client.
*dot1xMsgTask: May 09 11:45:22.049: 00:1b:77:b4:34:e0 Global PMK Cache deletion failed.
*dot1xMsgTask: May 09 11:45:22.049: 00:1b:77:b4:34:e0 Scheduling deletion of Mobile Station: (callerId: 57) in 10 seconds
*dot1xMsgTask: May 09 11:45:22.049: 00:1b:77:b4:34:e0 Freeing EAP Retransmit Bufer for mobile 00:1b:77:b4:34:e0
*osapiBsnTimer: May 09 11:45:32.048: 00:1b:77:b4:34:e0 apfMsExpireCallback (apf_ms.c:625) Expiring Mobile!
*apfReceiveTask: May 09 11:45:32.049: 00:1b:77:b4:34:e0 apfMsExpireMobileStation (apf_ms.c:6632) Changing state for mobile 00:1b:77:b4:34:e0 on AP 18:9c:5d:71:34:50 from Associated to Disassociated
*apfReceiveTask: May 09 11:45:32.049: 00:1b:77:b4:34:e0 Scheduling deletion of Mobile Station: (callerId: 45) in 10 seconds
Thanks for any adviceIn some of the big name brands of wireless, there is "no such thing" as 802.11n on a 2.4 Ghz. No such thing because Cisco won't allow you (any more) to do channel bonding of 2.4 Ghz. It doesn't make any sense to bond an already restricted 2.4 Ghz non-overlapping channel (three) and squeeze this number down to two.
Can you check to ensure that the data rates for 802.11b are enabled? Maybe someone disabled data rates from 1 Mbps to 11 Mbps. -
Configure a second Wlan on WLC 2504
Hello,
I created a topic about this problem on the learningnetwork cisco site too. You can find it here: https://learningnetwork.cisco.com/thread/73201.
The problem is:
We have the Cisco WLC 2504 with a couple of access points. On this WLC we have a network connection via a radius server for our employees. The DHCP server for this connection is the server you see on the drawing. The connection from the switch to the WLC is connected on port 1 of the WLC. This connection works like a charm.
Now I want to create a second network (which is divorced from our internal network) for our guests, but it doesn’t work till now. What we have at the moment is:
A connection from the firewall via the router to the internet
A connected cable from the firewall to the WLC on port 2
A configured interface (port 2) on the WLC
A configured Wlan on the WLC (it is possible to connect to the guest Wlan with a static ip)
The SSID of the guest network is broadcasted via the AP’s which also broadcast the internal network SSID
The problem I have now is:
I have no connection between the WLC Port 2 (192.168.10.2) and the firewall (192.168.10.1). When I try to ping the firewall (192.168.10.1) I get a no reply received message.
How can I get this working? I hope someone can help me with this. Thanks in advance!
Screenshots:
Guest interface
Network layout
Show int sum
Show wlan sum
Wlan general
Wlan advancedFrank,
The issue is that the WLC will not route between VLANs. In order for the scenario that Rasika recommended to work, the switch needs to be a layer 3 switch or needs a layer 3 device attached to it to route between the VLANs.
In my WLC, I have a guest interface as well:
The gateway listed in the VLAN 50 Interface on my L3 Switch:
I then have a route established on my switch to send that traffic to my ASA:
Due to that, I can ping the ASA from my WLC:
Of course, my WLAN for guests only has access to the guest Interface Group:
Try these changes on your switch (or other Layer 3 Device) and let us know if it worked for you.
Please Rate Helpful posts and mark this question as answered if, in fact, this does answer your question. Otherwise, feel free to post follow-up questions.
Charles Moreton -
This might be a really stupid question but I need to ask just so that I get a definitive answer. I have a customer that is using a WLC 2112 and has maxed out the licenses for the WLC. I have suggested for him to purchase a 2504 with 30 or 40 licenses to replace the existing 2112. He doesn't want to purchase 30 to 40 licenses and doesn't want to remove the 2112 from the network environment. He would rather purchase a WLC 2504 with 15 licenses and just add that into the network.
My question is, will there be a problem running a 2504 and a 2112 on the same network? Or can I just make one a primary and one a secondary?That should be fine. Just make sure the WLCs are running the same code version and everything should work fine. This is required for APs failover from one WLC to another. You don't want the APs upgrading or downgrading code versions every time the ap moves from the primary to the secondary WLC.
Sent from Cisco Technical Support iPhone App -
LWAP 1231G can't join an WLC 2504 , Unsupported!!
Dear All,
I have WLC 2504 with 7.2.103.0 software version , & 2 different LWAP 1262n & 1231G with "c1200-rcvk9w8-mx.124-21a.JA" Image.
The 1262n is joined to the to the controller and working fine but the 1231G it cann't join the controller , the controller says "Join request received from an unsupported AP" !!
i will attaches the logs for this AP.
please can any one help.If you want to use 1230, then the "highest" WLC version you can run is the 7.0.235.3.
It says so in the Release Notes under the heading Software Release Support for Access Points, Table 1-1. -
I am using WLC 2504 with AP1242 to access LAN through wi-fi and below are the details/configuration i am using.
1. Using a belkin router with LAN IP 192.16.17.50 and DHCP 192.168.6.1
2. Connected WLC 2504 with belkin router [192.168.6.254] and enabled DHCP [192.168.6.200-250] on WLC 2504 for Access points.
3. All these devices [Belkin router, WLC 2504 and APs ] are connected on 8 port unmanaged switch.
wi-fi connectivity is working fine and we are able to access 192.16.17.X series from wi-fi [192.168.6.X] but can not access 192.16.17.X from wi-fi 192.168.6.X so is there any way to access wi-fi IP series 192.168.6.X from LAN 192.16.17.X.
Please share the information if anybody has the information.
Thanks
AshishIf you have different subnets defined on the 2504, then you need a managed switch that allows the port to be trunked. The WLC 2504 does not route and that is why. The WLC only bridges the traffic in which your switch has to pass the vlan tag and your router has to route the vlans. I don't think your home router can route multiple inside networks and your un managed switch for sure will not pass vlan tag.
-
WLC 2504 Connectivity Problems
This is a tricky one.
I installed a 2504 WLC with three AP's. Two SSID’s were configured, one with WPA2/AES-TIKIP and the other with Web Auth.
After installation, customers could connect to WLAN without problem and .
The problem that is occurring is that since the beginning of week, customers PDA's, cell phones and iPad and cannot access Internet with any of the two WLAN but clients who used laptop have no connection problems. Also the DHCP Server is assigning IP's correctly.
This problem also occurs with test SSID I created which is Open Auth. I see associated Cell phones and IPAD to the WLC but none of these answers ping from the WLC.
This is a WLC 2504 with IOS 7.4.100.Hello everyone!
Today I did a test with my Cell phone Samsung Note 2 and I have the same conectivity problem.
I have installed the APK ipconfig from the Play Store for Android in my cell phone and y see that I getting IP Address, Mask and Gateway.
This is what I´ve got from the APK:
IP ADDRESS 192.168.8.181
MASK: 255.255.255.0
GATEWAY: 192.168.8.2
DHCP SERVER: 192.168.8.16
DNS1: 192.168.6.16
DNS2: 192.168.2.16
I have connected my laptop to the WLAN with no issue and I´m getting this:
The IP address of the DHCP Server is 192.168.8.16 and 192.168.6.16 and is a Microsoft Server.
I´ve created a test WLAN with OPEN AUTH but the problem remains.
Here is the OUTPUT you requested:
show wlan 1
WLAN Identifier.................................. 1
Profile Name..................................... APS-PT-01
Network Name (SSID).............................. APS-PT-01
Status........................................... Enabled
MAC Filtering.................................... Disabled
Broadcast SSID................................... Enabled
AAA Policy Override.............................. Disabled
Network Admission Control
Client Profiling Status ....................... Disabled
DHCP ......................................... Disabled
HTTP ......................................... Disabled
Radius-NAC State............................... Disabled
SNMP-NAC State................................. Disabled
Quarantine VLAN................................ 0
Maximum number of Associated Clients............. 0
Maximum number of Clients per AP Radio........... 200
Number of Active Clients......................... 16
Exclusionlist Timeout............................ 60 seconds
Session Timeout.................................. 1800 seconds
User Idle Timeout................................ 300 seconds
User Idle Threshold.............................. 0 Bytes
NAS-identifier................................... APS-Admin-WLC-01
CHD per WLAN..................................... Enabled
Webauth DHCP exclusion........................... Disabled
Interface........................................ management
Multicast Interface.............................. Not Configured
WLAN IPv4 ACL.................................... unconfigured
WLAN IPv6 ACL.................................... unconfigured
mDNS Status...................................... Enabled
mDNS Profile Name................................ default-mdns-profile
DHCP Server...................................... Default
DHCP Address Assignment Required................. Disabled
Static IP client tunneling....................... Disabled
Quality of Service............................... Silver
Per-SSID Rate Limits............................. Upstream Downstream
Average Data Rate................................ 0 0
Average Realtime Data Rate....................... 0 0
Burst Data Rate.................................. 0 0
Burst Realtime Data Rate......................... 0 0
Per-Client Rate Limits........................... Upstream Downstream
Average Data Rate................................ 0 0
Average Realtime Data Rate....................... 0 0
Burst Data Rate.................................. 0 0
Burst Realtime Data Rate......................... 0 0
Scan Defer Priority.............................. 4,5,6
Scan Defer Time.................................. 100 milliseconds
WMM.............................................. Allowed
WMM UAPSD Compliant Client Support............... Disabled
Media Stream Multicast-direct.................... Disabled
CCX - AironetIe Support.......................... Enabled
CCX - Gratuitous ProbeResponse (GPR)............. Disabled
CCX - Diagnostics Channel Capability............. Disabled
Dot11-Phone Mode (7920).......................... Disabled
Wired Protocol................................... None
Passive Client Feature........................... Disabled
Peer-to-Peer Blocking Action..................... Disabled
Radio Policy..................................... All
DTIM period for 802.11a radio.................... 1
DTIM period for 802.11b radio.................... 1
Radius Servers
Authentication................................ Global Servers
Accounting.................................... Global Servers
Interim Update............................. Disabled
Dynamic Interface............................. Disabled
Dynamic Interface Priority.................... wlan
Local EAP Authentication......................... Disabled
Security
802.11 Authentication:........................ Open System
FT Support.................................... Disabled
Static WEP Keys............................... Disabled
802.1X........................................ Disabled
Wi-Fi Protected Access (WPA/WPA2)............. Enabled
WPA (SSN IE)............................... Enabled
TKIP Cipher............................. Enabled
AES Cipher.............................. Enabled
WPA2 (RSN IE).............................. Enabled
TKIP Cipher............................. Enabled
AES Cipher.............................. Enabled
Auth Key Management
802.1x.................................. Disabled
PSK..................................... Enabled
CCKM.................................... Disabled
FT-1X(802.11r).......................... Disabled
FT-PSK(802.11r)......................... Disabled
PMF-1X(802.11w)......................... Disabled
PMF-PSK(802.11w)........................ Disabled
FT Reassociation Timeout................... 20
FT Over-The-DS mode........................ Enabled
GTK Randomization.......................... Disabled
SKC Cache Support.......................... Disabled
CCKM TSF Tolerance......................... 1000
WAPI.......................................... Disabled
Wi-Fi Direct policy configured................ Disabled
EAP-Passthrough............................... Disabled
CKIP ......................................... Disabled
Web Based Authentication...................... Disabled
Web-Passthrough............................... Disabled
Conditional Web Redirect...................... Disabled
Splash-Page Web Redirect...................... Disabled
Auto Anchor................................... Disabled
FlexConnect Local Switching................... Disabled
flexconnect Central Dhcp Flag................. Disabled
flexconnect nat-pat Flag...................... Disabled
flexconnect Dns Override Flag................. Disabled
FlexConnect Vlan based Central Switching ..... Disabled
FlexConnect Local Authentication.............. Disabled
FlexConnect Learn IP Address.................. Enabled
Client MFP.................................... Optional
PMF........................................... Disabled
PMF Association Comeback Time................. 1
PMF SA Query RetryTimeout..................... 200
Tkip MIC Countermeasure Hold-down Timer....... 60
AVC Visibilty.................................... Disabled
AVC Profile Name................................. None
Flow Monitor Name................................ None
Call Snooping.................................... Disabled
Roamed Call Re-Anchor Policy..................... Disabled
SIP CAC Fail Send-486-Busy Policy................ Enabled
SIP CAC Fail Send Dis-Association Policy......... Disabled
KTS based CAC Policy............................. Disabled
Assisted Roaming Prediction Optimization......... Disabled
802.11k Neighbor List............................ Disabled
802.11k Neighbor List Dual Band.................. Disabled
Band Select...................................... Disabled
Load Balancing................................... Disabled
Multicast Buffer................................. Disabled
Mobility Anchor List
WLAN ID IP Address Status
802.11u........................................ Disabled
MSAP Services.................................. Disabled
(Cisco Controller) >
(Cisco Controller) >
(Cisco Controller) >show w?
wgb wlan wps
(Cisco Controller) >show wlan 2
WLAN Identifier.................................. 2
Profile Name..................................... APS-Visitas-PT
Network Name (SSID).............................. APS-Visitas-PT
Status........................................... Enabled
MAC Filtering.................................... Disabled
Broadcast SSID................................... Enabled
AAA Policy Override.............................. Disabled
Network Admission Control
Client Profiling Status ....................... Disabled
DHCP ......................................... Disabled
HTTP ......................................... Disabled
Radius-NAC State............................... Disabled
SNMP-NAC State................................. Disabled
Quarantine VLAN................................ 0
Maximum number of Associated Clients............. 0
Maximum number of Clients per AP Radio........... 200
Number of Active Clients......................... 1
Exclusionlist Timeout............................ 60 seconds
Session Timeout.................................. 1800 seconds
User Idle Timeout................................ 300 seconds
User Idle Threshold.............................. 0 Bytes
NAS-identifier................................... APS-Admin-WLC-01
CHD per WLAN..................................... Enabled
Webauth DHCP exclusion........................... Disabled
Interface........................................ management
Multicast Interface.............................. Not Configured
WLAN IPv4 ACL.................................... unconfigured
WLAN IPv6 ACL.................................... unconfigured
mDNS Status...................................... Enabled
mDNS Profile Name................................ default-mdns-profile
DHCP Server...................................... Default
DHCP Address Assignment Required................. Disabled
Static IP client tunneling....................... Disabled
Quality of Service............................... Silver
Per-SSID Rate Limits............................. Upstream Downstream
Average Data Rate................................ 0 0
Average Realtime Data Rate....................... 0 0
Burst Data Rate.................................. 0 0
Burst Realtime Data Rate......................... 0 0
Per-Client Rate Limits........................... Upstream Downstream
Average Data Rate................................ 0 0
Average Realtime Data Rate....................... 0 0
Burst Data Rate.................................. 0 0
Burst Realtime Data Rate......................... 0 0
Scan Defer Priority.............................. 4,5,6
Scan Defer Time.................................. 100 milliseconds
WMM.............................................. Allowed
WMM UAPSD Compliant Client Support............... Disabled
Media Stream Multicast-direct.................... Disabled
CCX - AironetIe Support.......................... Enabled
CCX - Gratuitous ProbeResponse (GPR)............. Disabled
CCX - Diagnostics Channel Capability............. Disabled
Dot11-Phone Mode (7920).......................... Disabled
Wired Protocol................................... None
Passive Client Feature........................... Disabled
Peer-to-Peer Blocking Action..................... Disabled
Radio Policy..................................... All
DTIM period for 802.11a radio.................... 1
DTIM period for 802.11b radio.................... 1
Radius Servers
Authentication................................ Global Servers
Accounting.................................... Global Servers
Interim Update............................. Disabled
Dynamic Interface............................. Disabled
Dynamic Interface Priority.................... wlan
Local EAP Authentication......................... Disabled
Security
802.11 Authentication:........................ Open System
FT Support.................................... Disabled
Static WEP Keys............................... Disabled
802.1X........................................ Disabled
Wi-Fi Protected Access (WPA/WPA2)............. Disabled
WAPI.......................................... Disabled
Wi-Fi Direct policy configured................ Disabled
EAP-Passthrough............................... Disabled
CKIP ......................................... Disabled
Web Based Authentication...................... Enabled
IPv4 ACL........................................ Unconfigured
IPv6 ACL........................................ Unconfigured
Web-Auth Flex ACL............................... Unconfigured
Web Authentication server precedence:
1............................................... local
2............................................... radius
3............................................... ldap
Web-Passthrough............................... Disabled
Conditional Web Redirect...................... Disabled
Splash-Page Web Redirect...................... Disabled
Auto Anchor................................... Disabled
FlexConnect Local Switching................... Disabled
flexconnect Central Dhcp Flag................. Disabled
flexconnect nat-pat Flag...................... Disabled
flexconnect Dns Override Flag................. Disabled
FlexConnect Vlan based Central Switching ..... Disabled
FlexConnect Local Authentication.............. Disabled
FlexConnect Learn IP Address.................. Enabled
Client MFP.................................... Optional but inactive (WPA2 not configured)
PMF........................................... Disabled
PMF Association Comeback Time................. 1
PMF SA Query RetryTimeout..................... 200
Tkip MIC Countermeasure Hold-down Timer....... 60
AVC Visibilty.................................... Disabled
AVC Profile Name................................. None
Flow Monitor Name................................ None
Call Snooping.................................... Disabled
Roamed Call Re-Anchor Policy..................... Disabled
SIP CAC Fail Send-486-Busy Policy................ Disabled
SIP CAC Fail Send Dis-Association Policy......... Disabled
KTS based CAC Policy............................. Disabled
Assisted Roaming Prediction Optimization......... Disabled
802.11k Neighbor List............................ Disabled
802.11k Neighbor List Dual Band.................. Disabled
Band Select...................................... Disabled
Load Balancing................................... Disabled
Multicast Buffer................................. Disabled
Mobility Anchor List
WLAN ID IP Address Status
802.11u........................................ Disabled
MSAP Services.................................. Disabled
(Cisco Controller) >
(Cisco Controller) >show wlan 3
WLAN Identifier.................................. 3
Profile Name..................................... Prueba
Network Name (SSID).............................. Prueba
Status........................................... Enabled
MAC Filtering.................................... Disabled
Broadcast SSID................................... Enabled
AAA Policy Override.............................. Disabled
Network Admission Control
Client Profiling Status ....................... Disabled
DHCP ......................................... Disabled
HTTP ......................................... Disabled
Radius-NAC State............................... Disabled
SNMP-NAC State................................. Disabled
Quarantine VLAN................................ 0
Maximum number of Associated Clients............. 0
Maximum number of Clients per AP Radio........... 200
Number of Active Clients......................... 0
Exclusionlist Timeout............................ 60 seconds
Session Timeout.................................. 1800 seconds
User Idle Timeout................................ 300 seconds
User Idle Threshold.............................. 0 Bytes
NAS-identifier................................... APS-Admin-WLC-01
CHD per WLAN..................................... Enabled
Webauth DHCP exclusion........................... Disabled
Interface........................................ management
Multicast Interface.............................. Not Configured
WLAN IPv4 ACL.................................... unconfigured
WLAN IPv6 ACL.................................... unconfigured
mDNS Status...................................... Enabled
mDNS Profile Name................................ default-mdns-profile
DHCP Server...................................... Default
DHCP Address Assignment Required................. Disabled
Static IP client tunneling....................... Disabled
Quality of Service............................... Silver
Per-SSID Rate Limits............................. Upstream Downstream
Average Data Rate................................ 0 0
Average Realtime Data Rate....................... 0 0
Burst Data Rate.................................. 0 0
Burst Realtime Data Rate......................... 0 0
Per-Client Rate Limits........................... Upstream Downstream
Average Data Rate................................ 0 0
Average Realtime Data Rate....................... 0 0
Burst Data Rate.................................. 0 0
Burst Realtime Data Rate......................... 0 0
Scan Defer Priority.............................. 4,5,6
Scan Defer Time.................................. 100 milliseconds
WMM.............................................. Allowed
WMM UAPSD Compliant Client Support............... Enabled
Media Stream Multicast-direct.................... Disabled
CCX - AironetIe Support.......................... Disabled
CCX - Gratuitous ProbeResponse (GPR)............. Disabled
CCX - Diagnostics Channel Capability............. Disabled
Dot11-Phone Mode (7920).......................... Disabled
Wired Protocol................................... None
Passive Client Feature........................... Disabled
Peer-to-Peer Blocking Action..................... Disabled
Radio Policy..................................... All
DTIM period for 802.11a radio.................... 1
DTIM period for 802.11b radio.................... 1
Radius Servers
Authentication................................ Global Servers
Accounting.................................... Global Servers
Interim Update............................. Disabled
Dynamic Interface............................. Disabled
Dynamic Interface Priority.................... wlan
Local EAP Authentication......................... Disabled
Security
802.11 Authentication:........................ Open System
FT Support.................................... Enabled
Static WEP Keys............................... Disabled
802.1X........................................ Disabled
Wi-Fi Protected Access (WPA/WPA2)............. Disabled
WAPI.......................................... Disabled
Wi-Fi Direct policy configured................ Disabled
EAP-Passthrough............................... Disabled
CKIP ......................................... Disabled
Web Based Authentication...................... Disabled
Web-Passthrough............................... Disabled
Conditional Web Redirect...................... Disabled
Splash-Page Web Redirect...................... Disabled
Auto Anchor................................... Disabled
FlexConnect Local Switching................... Disabled
flexconnect Central Dhcp Flag................. Disabled
flexconnect nat-pat Flag...................... Disabled
flexconnect Dns Override Flag................. Disabled
FlexConnect Vlan based Central Switching ..... Disabled
FlexConnect Local Authentication.............. Disabled
FlexConnect Learn IP Address.................. Enabled
Client MFP.................................... Disabled
PMF........................................... Disabled
PMF Association Comeback Time................. 1
PMF SA Query RetryTimeout..................... 200
Tkip MIC Countermeasure Hold-down Timer....... 60
AVC Visibilty.................................... Disabled
AVC Profile Name................................. None
Flow Monitor Name................................ None
Call Snooping.................................... Disabled
Roamed Call Re-Anchor Policy..................... Disabled
SIP CAC Fail Send-486-Busy Policy................ Disabled
SIP CAC Fail Send Dis-Association Policy......... Disabled
KTS based CAC Policy............................. Disabled
Assisted Roaming Prediction Optimization......... Disabled
802.11k Neighbor List............................ Disabled
802.11k Neighbor List Dual Band.................. Disabled
Band Select...................................... Disabled
Load Balancing................................... Disabled
Multicast Buffer................................. Disabled
Mobility Anchor List
WLAN ID IP Address Status
802.11u........................................ Disabled
MSAP Services.................................. Disabled -
WLC 2504 sudden network instability
Hello,
we're running a WLC 2504 with two SSIDs on it. It is connected to to a small PoE switch. Standard untagged vlan. A handfull APs connected to it. No DHCP, the APs have all static IP addresses.
All of a sudden we're having a number of issues with the network connection:
APs restarting
The APs restart every now and then reporting that their IP is being used by another device. Looking through the logs there are two MAC addresses that are reported as using the APs IP address. These two MAC addresses have unknown vendor IDs.
Warning: AP with Base Radio MAC f8:72:ea:7c:9d:e3 has found its IP Address 0.2.146.0 being used by a machine with MAC
Address 04:c6:f8:40:00:00 (The other mac that is reported is 04:cc:90:40:00:00)
AP 'AP5', MAC: 0c:68:03:dd:1b:80 disassociated previously due to Link Failure. Uptime: 4 days, 00 h 48 m 50 s . Reason: Capwap WTP Event request.
So: There are two MACs that use the IP addresses of 7 APs?!?! And there is no vendor to be found for these MACs?
Ping timouts on the webGUI and CLI
I have a ping running on the IP for managing the device. This is running fine for ages. As soon as I connect via webGUI or CLI I lose packets. Get timeouts etc. some packets get through some don't. More of the latter. So ping is fine but any other traffic seems to be impacted heavily.
What we have done for troubleshooting
Checked duplex/speed settings of the interfaces. Everything ok.
Connected to another switchport. Same.
Changed the IP address of the management port. Same.
Swapped places with a laptop with the same IP address --> Worked fine.
Plugged in a completely new device, installed the latest firmware (7.6) and uploaded the config from the other one. Same.
Restarted the default gateway for the subnet the controler is on.
So now we're at the end of our knowledge. It seems to be a non-physical network issue, but we're a small team and no one has changed anything they say :-/
Any ideas what we could check next?
KatHello,
thanks for your suggestions. It's hard to find those two MAC addresses. As they seem to be virtual I cannot get a hint from the vendor ID. A show mac-address table on the switch the WLC is connected to doesn't show those two
I found an error in the WLC AP config. AP1 had the same IP as AP5 and a wrong netmask. I changed that. Unfortunately that doesn't solve our problem.
Here are some more messages from the WLC's log:
AP 'AP3', MAC: 0c:68:03:dd:34:00 disassociated previously due to Link Failure. Uptime: 4 days, 15 h 04 m 15 s . Reason: Capwap WTP Event request.
AP Disassociated. Base Radio MAC:0c:68:03:dd:34:00
AP's Interface:1(802.11a) Operation State Down: Base Radio MAC:0c:68:03:dd:34:00 Cause=Heartbeat Timeout Status:NA
AP 'AP3', MAC: 0c:68:03:dd:34:00 disassociated previously due to Link Failure. Uptime: 4 days, 15 h 00 m 45 s . Reason: Capwap WTP Event request.
RF Manager updated TxPower for Base Radio MAC: 0c:68:03:dd:34:00 and slotNo: 0. New Tx Power is: 2
AP's Interface:0(802.11b) Operation State Down: Base Radio MAC:0c:68:03:dd:16:e0 Cause=Max Retransmission Status:NA
IDS Signature attack detected. Signature Type: Standard, Name: Deauth flood, Description: Deauthentication flood, Track: per-signature, Detecting AP Name: AP7, Radio Type: 802.11b/g, Preced: 9, Hits: 500, Channel: 6, srcMac: C2:9F:DB:21:47:60
This is the sh run-config of our WLC including one AP:
>show run-config
System Inventory
NAME: "Chassis" , DESCR: "Cisco 2500 Series Wireless LAN Controller"
PID: AIR-CT2504-K9, VID: V01, SN: PSZ17381EPZ
Burned-in MAC Address............................ 50:17:FF:27:12:80
Maximum number of APs supported.................. 15
System Information
Manufacturer's Name.............................. Cisco Systems Inc.
Product Name..................................... Cisco Controller
Product Version.................................. 7.4.110.0
Bootloader Version............................... 1.0.18
Field Recovery Image Version..................... 1.0.0
Firmware Version................................. PIC 16.0
Build Type....................................... DATA + WPS
System Name...................................... UK-BRI-WFAPC
System Location..................................
System Contact...................................
System ObjectID.................................. 1.3.6.1.4.1.9.1.1279
IP Address....................................... 172.17.128.12
Last Reset....................................... Power on reset
System Up Time................................... 4 days 0 hrs 46 mins 6 secs
System Timezone Location.........................
System Stats Realtime Interval................... 5
System Stats Normal Interval..................... 180
Configured Country............................... GB - United Kingdom
Operating Environment............................ Commercial (0 to 40 C)
Internal Temp Alarm Limits....................... 0 to 65 C
Internal Temperature............................. +20 C
External Temperature............................. +25 C
Fan Status....................................... 4000 rpm
State of 802.11b Network......................... Enabled
State of 802.11a Network......................... Enabled
Number of WLANs.................................. 3
Number of Active Clients......................... 6
Memory Current Usage............................. Unknown
Memory Average Usage............................. Unknown
CPU Current Usage................................ Unknown
CPU Average Usage................................ Unknown
Burned-in MAC Address............................ 50:17:FF:27:12:80
Maximum number of APs supported.................. 15
AP Bundle Information
Primary AP Image Size
ap1g2 9568
ap3g1 11288
ap3g2 11196
ap801 7164
ap802 8568
c1130 5072
c1140 9416
c1250 6944
c1520 8044
c602i 3736
Secondary AP Image Size
ap3g1 5792
ap801 5192
ap802 5232
c1100 3084
c1130 4964
c1140 4992
c1200 3364
c1240 4812
c1250 5504
c1310 3136
c1520 6404
c3201 4324
c602i 3716
Switch Configuration
802.3x Flow Control Mode......................... Disable
FIPS prerequisite features....................... Disabled
secret obfuscation............................... Enabled
Strong Password Check Features:
case-check ...........Enabled
consecutive-check ....Enabled
default-check .......Enabled
username-check ......Enabled
Network Information
RF-Network Name............................. RFGROUP
Web Mode.................................... Disable
Secure Web Mode............................. Enable
Secure Web Mode Cipher-Option High.......... Disable
Secure Web Mode Cipher-Option SSLv2......... Disable
Secure Web Mode RC4 Cipher Preference....... Disable
OCSP........................................ Disabled
OCSP responder URL..........................
Secure Shell (ssh).......................... Enable
Telnet...................................... Disable
Ethernet Multicast Forwarding............... Disable
Ethernet Broadcast Forwarding............... Disable
AP Multicast/Broadcast Mode................. Multicast Address : 0.0.0.0
IGMP snooping............................... Disabled
IGMP timeout................................ 60 seconds
IGMP Query Interval......................... 20 seconds
MLD snooping................................ Disabled
MLD timeout................................. 60 seconds
MLD query interval.......................... 20 seconds
User Idle Timeout........................... 300 seconds
ARP Idle Timeout............................ 300 seconds
Cisco AP Default Master..................... Disable
AP Join Priority............................ Disable
Mgmt Via Wireless Interface................. Disable
Mgmt Via Dynamic Interface.................. Disable
Bridge MAC filter Config.................... Enable
Bridge Security Mode........................ EAP
Mesh Full Sector DFS........................ Enable
AP Fallback ................................ Enable
Web Auth CMCC Support ...................... Disabled
Web Auth Redirect Ports .................... 80
Web Auth Proxy Redirect ................... Disable
Web Auth Captive-Bypass .................. Disable
Web Auth Secure Web ....................... Enable
Fast SSID Change ........................... Disabled
AP Discovery - NAT IP Only ................. Enabled
IP/MAC Addr Binding Check .................. Enabled
CCX-lite status ............................ Disable
oeap-600 dual-rlan-ports ................... Disable
oeap-600 local-network ..................... Enable
mDNS snooping............................... Disabled
mDNS Query Interval......................... 15 minutes
Port Summary
STP Admin Physical Physical Link Link
Pr Type Stat Mode Mode Status Status Trap POE
1 Normal Forw Enable Auto 1000 Full Up Enable N/A
2 Normal Forw Enable Auto 100 Full Up Enable N/A
3 Normal Forw Enable Auto 1000 Full Up Enable Enable (Power Off)
4 Normal Disa Enable Auto Auto Down Enable Enable (Power Off)
AP Summary
Number of APs.................................... 7
Global AP User Name.............................. Not Configured
Global AP Dot1x User Name........................ Not Configured
AP Name Slots AP Model Ethernet MAC Location Port Country Priority
AP7 2 AIR-CAP1602I-E-K9 f8:72:ea:e4:9a:81 default location 1 GB 1
AP1 2 AIR-CAP1602I-E-K9 f8:72:ea:7c:9d:e3 default location 1 GB 1
AP3 2 AIR-CAP1602I-E-K9 f8:72:ea:e4:9c:57 default location 1 GB 1
AP6 2 AIR-CAP1602I-E-K9 f8:72:ea:e4:9a:90 default location 1 GB 1
AP2 2 AIR-CAP1602I-E-K9 f8:72:ea:7c:9b:63 default location 1 GB 1
AP4 2 AIR-CAP1602I-E-K9 f8:72:ea:e4:9a:9b default location 1 GB 1
AP5 2 AIR-CAP1602I-E-K9 f8:72:ea:e4:9a:cb default location 1 GB 1
AP Tcp-Mss-Adjust Info
AP Name TCP State MSS Size
AP7 disabled -
AP1 disabled -
AP3 disabled -
AP6 disabled -
AP2 disabled -
AP4 disabled -
AP5 disabled -
AP Location
Total Number of AP Groups........................ 0
Site Name........................................ default-group
Site Description.................................
NAS-identifier................................... UK-BRI-WFAPC
AP Operating Class............................... Not-configured
RF Profile
2.4 GHz band.....................................
5 GHz band.......................................
WLAN ID Interface Network Admission Control Radio Policy
1 corporate Disabled None
2 dirtynetwork Disabled None
3 dirtynetwork Disabled None
AP Name Slots AP Model Ethernet MAC Location Port Country Priority
AP7 2 AIR-CAP1602I-E-K9 f8:72:ea:e4:9a:81 default location 1 GB 1
AP1 2 AIR-CAP1602I-E-K9 f8:72:ea:7c:9d:e3 default location 1 GB 1
AP3 2 AIR-CAP1602I-E-K9 f8:72:ea:e4:9c:57 default location 1 GB 1
AP6 2 AIR-CAP1602I-E-K9 f8:72:ea:e4:9a:90 default location 1 GB 1
AP2 2 AIR-CAP1602I-E-K9 f8:72:ea:7c:9b:63 default location 1 GB 1
AP4 2 AIR-CAP1602I-E-K9 f8:
RF Profile
Number of RF Profiles............................ 0
Out Of Box State................................. Disabled
RF Profile Name Band Description 11n-client-only
AP Config
Cisco AP Identifier.............................. 15
Cisco AP Name.................................... AP7
Country code..................................... GB - United Kingdom
Regulatory Domain allowed by Country............. 802.11bg:-E 802.11a:-E
AP Country code..................
................ GB - United Kingdom
AP Regulatory Domain............................. -E
Switch Port Number .............................. 1
MAC Address...................................... f8:72:ea:e4:9a:81
IP Address Configuration......................... Static IP assigned
IP Address....................................... 172.17.128.24
IP NetMask....................................... 255.255.128.0
Gateway IP Addr.................................. 172.17.128.1
Domain...............
Name Server......................................
NAT External IP Address.......................... None
CAPWAP Path MTU.................................. 1485
Telnet State..................................... Disabled
Ssh State........................................ Disabled
Cisco AP Location................................ default location
Cisco AP Floor Label............................. 0
Cisco AP Group Name.............................. default-group
Primary Cisco Switch Name........................
Primary Cisco Switch IP Address.................. Not Configured
Secondary Cisco Switch Name......................
Secondary Cisco Switch IP Address................ Not Configured
Tertiary Cisco Switch Name.......................
Tertiary Cisco Switch IP Address................. Not Configured
Administrative State ............................ ADMIN_ENABLED
Operation State ....
............................. REGISTERED
Mirroring Mode .................................. Disabled
AP Mode ......................................... Local
Public Safety ................................... Disabled
AP SubMode ...................................... Not Configured
Remote AP Debug ................................. Disabled
Logging trap severity level ..................... informational
Logging syslog facility ..
....................... kern
S/W Version .................................... 7.4.110.0
Boot Version ................................... 15.2.2.0
Mini IOS Version ................................ 7.4.1.37
Stats Reporting Period .......................... 180
Stats Collection Mode ........................... normal
LED State........................................
Enabled
PoE Pre-Standard Switch.......................... Disabled
PoE Power Injector MAC Addr...................... Disabled
Power Type/Mode.................................. Power injector / Normal mode
Number Of Slots.................................. 2
AP Model......................................... AIR-CAP1602I-E-K9
AP Image...............................
.......... C1600-K9W8-M
IOS Version...................................... 15.2(2)JB2$
Reset Button..................................... Enabled
AP Serial Number................................. FGL1725W7F7
AP Certificate Type.............................. Manufacture Installed
AP User Mode..................................... AUTOMATIC
AP User Name..................................... Not Configured
AP Dot1x User Mode............................... Not Configured
AP Dot1x User Name............................... Not Configured
Cisco AP system loggi
ng host..................... 255.255.255.255
AP Up Time....................................... 3 days, 23 h 26 m 50 s
AP LWAPP Up Time................................. 0 days, 00 h 14 m 12 s
Join Date and Time............................... Tue Jan 28 18:11:43 2014
Join Taken Time.................................. 0 days, 00 h 11 m 41 s
Attributes for Slot 0
Radio Type................................... RADIO_TYPE_80211n-2.4
Administrative State ........................ ADMIN_ENABLED
Operation State ............................. UP
Radio Role .................................. ACCESS
Radio Mode .................................. Local
CellId ...................................... 0
Station Configuration
Configuration ............................. AU
TOMATIC
Number Of WLANs ........................... 3
Medium Occupancy Limit .................... 100
CFP Period ................................ 4
CFP MaxDuration ........................... 60
BSSID ..................................... 0c:68:03:dd:16:e0
Operation Rate Set
1000 Kilo Bits........................... MANDATORY
2000 Kilo Bits........................... MANDATORY
5500 Kilo Bits........................... MANDATORY
11000 Kilo Bits.......................... MANDATORY
6000 Kilo Bits........................... SUPPORTED
9000 Kilo Bits........................... SUPPORTED
12000 Kilo Bits.......................... SUPPORTED
18000 Kilo Bits.......................... SUPPORTED
24000 Kilo Bits.......................... SUPPORTED
36000 Kilo Bits.......................... SUPPORTED
48000 Kilo Bits.......................... SUPPORTED
54000 Kilo Bits.......................... SUPPORTED
MCS Set
MCS 0.................................... SUPPORTED
MCS 1.................................... SUPPORTED
MCS 2.................................... SUPPORTED
MCS 3.................................... SUPPORTED
MCS 4.................................... SUPPORTED
MCS 5.................................... SUPPORTED
MCS 6.................................... SUPPORTED
MCS 7.................................... SUPPORTED
MCS 8.................................... SUPPORTED
MCS 9.................................... SUPPORTED
MCS 10................................... SUPPORTED
MCS 11................................... SUPPORTED
MCS 12..
................................. SUPPORTED
MCS 13................................... SUPPORTED
MCS 14................................... SUPPORTED
MCS 15................................... SUPPORTED
MCS 16................................... DISABLED
MCS 17................................... DISABLED
MCS 18................................... DISABLED
MCS 19................................... DISABLED
MCS 20................................... DISABLED
MCS 21................................... DISABLED
MCS 22................................... DISABLED
MCS 23................................... DISABLED
Beacon Period ............................. 100
Fragmentation Threshold ................... 2346
Multi Domain Capability Implemented ....... TRUE
Multi Domain Capability Enabled ........... TRUE
Country String ............................ GB
Multi Domain Capability
Configuration ............................. AUTOMATIC
First Chan Num ............................ 1
Number Of Channels ........................ 13
MAC Operation Parameters
Configuration ............................. AUTOMATIC
Fragmentation Threshold ................... 2346
Packet Retry Limit ........................ 64
Tx Power
Num Of Supported Power Levels ............. 4
Tx Power Level 1 .......................... 16 dBm
Tx Power Level 2 .......................... 13 dBm
Tx Power Level 3 .......................... 10 dBm
Tx Power Level 4 .......................... 7 dBm
Tx Power Configuration .................... AUTOMATIC
Current Tx Power Level .................... 3
Tx Power Assigned By ...................... DTPC
Phy OFDM parameters
Configuration ............................. AUTOMATIC
Current Channel ........................... 6
Channel Assigned By ....................... DCA
Extension Channel ......................... NONE
Channel Width.............................. 20 Mhz
Allowed Channel List....................... 1,2,3,4,5,6,7,8,9,10,11,12,
......................................... 13
TI Threshold .............................. -50
Legacy Tx Beamforming Configuration ....... CUSTOMIZED
Legacy Tx Beamforming ..................... ENABLED
Antenna Type............................... INTERNAL_ANTENNA
Internal Antenna Gain (in .5 dBi units).... 8
Diversity.................................. DIVERSITY_ENABLED
802.11n Antennas
A....................................... ENABLED
B....................................... ENABLED
C....................................... ENABLED
Performance Profile Parameters
Configuration ............................. AUTOMATIC
Interference threshold..................... 10 %
Noise threshold............................ -70 dBm
RF utilization threshold................... 80 %
Data-rate threshold........................ 1000000 bps
Client threshold........................... 12 clients
Coverage SNR threshold..................... 12 dB
Coverage exception level................... 25 %
Client minimum exception level............. 3 clients
Rogue Containment Information
Containment Count............................
CleanAir Management Information
CleanAir Capable......................... No
Radio Extended Configurations
Beacon period.............................. 100 milliseconds
Beacon range............................... AUTO
Multicast buffer........................... AUTO
Multicast data-rate........................ AUTO
RX SOP threshold........................... AUTO
CCA threshold.............................. AUTO -
Hi!
My idea is to have one active WLC 2504 with licencse for 50 APs and one standby (powered off) WLC with licence for 5 APs in case primary WLC stops working.
Is it possible to transfer licences from primary to standby WLC in such scenario?
Would you recommend any other solution?
JernejHi,
this is one approach I also think about for a design.
Unfortunately I am not able to answer the question and also wait for a better response.
M.Klar -
Hello All,
I am having difficulty connecting via gui to my 2504 WLC controller, with code 7.4 VIA a Lag link. i have configured a tagged vlan (vlan 40) on the WLC ap-management port.
I have configured a port-channel on a C2960s
interface Port-channel2
switchport trunk allowed vlan 1,40,45,50,55,60
switchport mode trunk
I have configured the interfaces on the C2960S
interface range GigabitEthernet1/0/1 - 4
description BH-C2960SPSL24-01 connection to BH-C2504WLC-01
switchport trunk allowed vlan 1,40,45,50,55,60
switchport mode trunk
channel-group 2 mode active
I can ping the interface, but cannot bring up a gui.=~=~=~=~=~=~=~=~=~=~=~= PuTTY log 2013.01.17 22:27:37 =~=~=~=~=~=~=~=~=~=~=~=
show run
Building configuration...
Current configuration : 10532 bytes
version 12.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
boot-start-marker
boot-end-marker
no aaa new-model
switch 1 provision ws-c2960s-24ps-l
crypto pki trustpoint TP-self-signed-131252096
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-131252096
revocation-check none
rsakeypair TP-self-signed-131252096
crypto pki certificate chain TP-self-signed-131252096
certificate self-signed 01
3082023D 308201A6 A0030201 02020101 300D0609 2A864886 F70D0101 04050030
30312E30 2C060355 04031325 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 31333132 35323039 36301E17 0D393330 33303130 30303830
355A170D 32303031 30313030 30303030 5A303031 2E302C06 03550403 1325494F
532D5365 6C662D53 69676E65 642D4365 72746966 69636174 652D3133 31323532
30393630 819F300D 06092A86 4886F70D 01010105 0003818D 00308189 02818100
D1D20BAE AE0D9EF4 049AF361 1FFAC404 33C7940F 0EC84FA3 52470085 11BE1B6F
EF7795D5 D81F0AD5 25D3668A 7004C157 BC4C4AE6 84A3302A CE774AAF E388A3BE
1249476C 396F042A 90DA38B8 5C413D4E 1C6A9405 80A12F74 50F6571E DC11306E
6AFFB6DF FB6E9292 96EE61A6 9EF87310 E4722DB3 3B10368D C737BAE4 93F3B759
02030100 01A36730 65300F06 03551D13 0101FF04 05300301 01FF3012 0603551D
11040B30 09820753 77697463 682E301F 0603551D 23041830 168014CE 95CAC648
8F3F96AE B382A38E 4AC7B6BF 9DEB9F30 1D060355 1D0E0416 0414CE95 CAC6488F
3F96AEB3 82A38E4A C7B6BF9D EB9F300D 06092A86 4886F70D 01010405 00038181
0063BCAE 64F7D969 244A07C3 B0D70FEF 00E78CF7 4EF017BE 72745FED 090AF5DA
7420B4BD EAB89849 C7241FAE A8496714 5BF6331F A6936762 A861756E A55A43D8
9366AAB5 C55DECEE F84AFC63 964834C0 E917FCF5 DA5B9043 FD0365B6 03351CA8
7C4EAB92 831BA642 DD210D4B 0C21E6A8 F0BDA231 3AF9652C D376DAC2 1E17ABFC DB
quit
spanning-tree mode pvst
spanning-tree extend system-id
auto qos srnd4
port-channel load-balance src-dst-ip
vlan internal allocation policy ascending
interface Port-channel1
switchport trunk allowed vlan 1,40,45,50,55,60
switchport mode trunk
interface Port-channel2
switchport trunk native vlan 99
switchport trunk allowed vlan 1,40,45,50,55,60
switchport mode trunk
interface FastEthernet0
no ip address
shutdown
interface GigabitEthernet1/0/1
switchport trunk native vlan 99
switchport trunk allowed vlan 1,40,45,50,55,60
switchport mode trunk
channel-group 2 mode on
interface GigabitEthernet1/0/2
switchport trunk native vlan 99
switchport trunk allowed vlan 1,40,45,50,55,60
switchport mode trunk
channel-group 2 mode on
interface GigabitEthernet1/0/3
switchport trunk native vlan 99
switchport trunk allowed vlan 1,40,45,50,55,60
switchport mode trunk
channel-group 2 mode on
interface GigabitEthernet1/0/4
switchport trunk native vlan 99
switchport trunk allowed vlan 1,40,45,50,55,60
switchport mode trunk
channel-group 2 mode on
interface GigabitEthernet1/0/21
description BH-C2960S-01 GI 1/0/21 trunk connection to Watchguard Firebox
switchport trunk native vlan 99
switchport mode trunk
interface GigabitEthernet1/0/22
description Switch connection to AP
interface GigabitEthernet1/0/23
description BH-2960S-01 GI 0/22-24 trunk connection to BH-HPJ9022A-01 gi 47-48
switchport trunk allowed vlan 1,40,45,50,55,60
switchport mode trunk
channel-group 1 mode active
interface GigabitEthernet1/0/24
description BH-2960S-01 GI 0/22-24 trunk connection to BH-HPJ9022A-01 gi 47-48
switchport trunk allowed vlan 1,40,45,50,55,60
switchport mode trunk
channel-group 1 mode active
interface GigabitEthernet1/0/25
interface GigabitEthernet1/0/26
interface GigabitEthernet1/0/27
interface GigabitEthernet1/0/28
interface Vlan1
ip address 192.168.87.14 255.255.255.0
interface Vlan40
ip address 172.16.10.3 255.255.255.0
no ip http server
ip http secure-server
line con 0
exec-timeout 30 0
password admin
line vty 0 4
access-class vty_ports in
exec-timeout 30 0
password admin
login
length 0
line vty 5 15
access-class vty_ports in
exec-timeout 30 0
password admin
login
end -
Acs 5.3 and wlc 2504 config with restricted network access
Hello,
i submit you the following issue that i'm actually facing:
i must configure a secured wireless network with access restriction based on SSID. the equipements are : cisco wlc 2504 (soft 7.3) cisco secure acs aplliance 1121 (soft 5.4) .
the users that will connect to the network are regrouped by identity groups, each identity group having it's own SSID. Clearly each group of users must access only one SSID.
i followed the procedure below to configure it:
-- creating user identity groups;
-- creating users and assigning them to the groups;
--- creating authorization profiles for each SSID under policy element/ authorization and permission/network access/authorization profiles and putting the Airespace-Wlan-Id(the SSID number) in the radius tab.
--- assigning the authorization profiles to the identity groups under access policies.
after all these config the users can access the network using there userid/password configured. But the problem is Every user can access every SSID, seems like the restriction is so not very well configured.
i found some documentation on this kind of config but the version of ACS used seems older than the one that i use, so menu are very different.
Please can someone provide with the right steps to follow to achieve this kind of config.
tkx in advanceYes.. you only have to add the end filter like what I posted... as far as the calling station id in the WLC security tab, it doesn't matter because that is not used when using 802.1x. I would also try to not enable everything that you have just to start from the basic and make sure it works first. The WAP Authentication Method might or might not work for you. Uncheck that for now and when you have a successful authentication, look at the monitor log and see what radius attributes are being sent, because those attributes is what you can use to build your policies.
Thanks,
Scott
Help out other by using the rating system and marking answered questions as "Answered"
Maybe you are looking for
-
Message Mapping errors in Integration Builders
Hi Our Developer trying to make changes to a message mapping in Integration Builder and when we try to compile the mapping to test it I'm getting the following error: 11:34:42 Start of test Compilation process error : CreateProcess: javac @G:/usr/
-
Is anyone else having problems with MAC OSX Leopard and CS3 Screens freeze. Cannot access or hide... cannot minimize... have to force quit Cannot hide program Program unexpectedly quits when printing or making .pdf Sandi Pufahl
-
I was in the process of altering the environment variables so that i could successfully use some classes under JDOM, but i actually managed to accidently delete a value in the path variable but forgot what it was and because of this my Visual studio
-
Hello to all, I have done a Formula Node with the next formula:B=(2*16/3.14159*(asin(sqrt(V/Ab))-3.14159/4))-(2*16/3.14159*(asin(sqrt(Uoffset/Ab))-3.14159/4)); Ab=3.269. V is the data entry to the formula node. Uoffset is the mean of the 100 first va
-
Get Embedded Quicktime Files to Load LAST?
This is a long standing issue for me and I haven't been able to find a solution. Is there a way to force embedded Quicktime media to load last on my iWeb created pages? Often, when I have an .mp3 or worse, an .mov; a few of the page elements load on