WLC 4402 cannot register APs

hey
my wireless network has 20 LAPS,recently my controller lost 11 LAPS,i did a reboot on the controller and the remaining 9 LAPS were also lost.
i have tried several suggestions but nothing has workd
i upgraded the controller from 3.2.119. image to 4.0.219.0.i also changed to LAPS from LAPS to APS and back but nothing seem to work.
does anyone have an idea as to what the problem might be.

Hello,
your topology is not trivial. I would say :
1) be sure about propper IP layer configuration - ping from the controller to LAPs
2) what about the controller discovery on LAPs ? If the LAPs know the right conntroller you must see a registration attempts. Try to switch on "debug lwapp events", "debug lwapp packets" and "debug lwapp errors". Best to try on only one LAP.
3) on older converted APs there can be a problem with a certificate. It can be watched on the WLC by "debug pm pki"
I have had LAP registration problems many times but it was always some stupid mistake.

Similar Messages

  • Wlc 4402 and 1010 Aps

    Hi,
    I have 2 vlans (wired-side) in my corporation: the first one for Data (vlan 1, native) and the second one for voice (vlan 2). We've just get a wlc 4402 with 1010 Aps and I would like to know one thing:
    Could I create 2 Ssids(one for voice and another for Data) and map each one to its wired Vlan?.
    Does the 1010 Ap support 802.1q?
    Thanks in advance for your help

    The 1010 aps connect to the switches as hosts
    (switchport mode access; switchport access vlan ...)
    The controller has 2 ports that connect to the network as trunks. You can connect them as port 1 and 2, or put them in a lag group [aka etherchannel)
    All the vlan trunking is done at the controller port to switch port. The AP sends the info down to the controller over the vlan specified for the aps
    In your case, you should create another vlan for the APS.
    The 4402 controller mgmt interface would sit in the same vlan as the APs. You would then create dynamic interfaces on the controller that have a vlan id and ip address for the desired network per your needs. You would then create a wlan on the controller and then bind it to the dynamic interface you just created.
    I am oversimplfying this process quite a bit, but it should get you started. There is now a good bit of info on cisco.com for the wireless products

  • Rolling upgrade of WLC 4402 controllers and APs

    In need to upgrade the software on two WLC 4402 controller in a hospital.   Both WLCs have the same config and one is primary (has all APs connected) and the other backup (no APs connected.)  The APs are placed so there is still coverage if one goes down in an area.    My question - is it possible to do a rolling upgrade to have no downtime for the wireless clients?  My plan would be to upgrade the backup WLC then selectively move APs to it.  If I swap the primary and secondary controllers in the high availability tab on each AP, do I need to do a reset (General - Hardware Reset) or will it automatically reboot and connect to the upgraded backup controller?   When I'm done, I'd upgrade the primary controller and now call that backup.   Does this make sense? 

    I've done this same sort of thing on a slightly larger scale about 5 times now at the hospital I work at.  Quick answer is "Yes, it is possible to do a rolling upgrade and have no downtime for wireless clients."
    I've got 5 WLC's, and I use the high availability tab to move all the AP's off one, upgrade it, and move all the AP's from the next WLC over to it, upgrade that one, etc.
    The thing you need to be careful of is your timing and your choice of APs to move.
    It generally takes about a minute to move an AP between WLCs running the same version.  But if there's a version change that makes the AP upgrade, you're looking at about 6 minutes.
    I do them one at a time, and when they show up in the WLC as being up, running and happy for 1 minute, I do the next one.  And so on.  Takes me about 3 days to go through all 5 WLCs and 375 APs.  Not once have I had a user notice the move.
    Also, in order to test, after I do the first upgrade, I move just one area's APs into that WLC for a day and then test the various flavors of gear we have (phones, infusion pumps, laptops, etc.) to confirm that the new version doesn't have any trouble.  Sometimes it does and I work with TAC to get things resolved before I do the whole hospital.
    jh

  • Ap 1231G cannot register to WLC

    Hi friends:
    my wlc version is 7.2.115.2.
    ap 1231G version is c1200-rcvk9w8-tar.124-21a.JA2
    the ap cannot register to WLC.
    the lap is used stats ip address,its can pinged to wlc.
    Version does not support?
    and the other ap is 1241 version is 12.4<13d>JA.its can register to wlc
    only this 1231G can not register.
    this picture is my WLC ap join stats detail.
    Thanks
    cena

    HI Cena,
    This error message means that the controller received a discovery request through a broadcast IP address that has a source IP address (given), which is not in any configured subnets on the controller. It also means that the controller dropped the packet. This typically happens when the u trunks all allowed VLANs instead of restricted them to wireless VLANs.
    Please allow only specific vlans.
    Complete these steps in order to resolve this problem:
    1.If the controller is on another subnet, the APs must be primed for the controller IP address, or the APs must receive the controllers IP address using any one of the discovery methods.
    2.The switch is configured to allow some VLANs that are not on the controller. Restrict the allowed VLANs on the trunks.
    Regards
    Dont forget to rate helpful posts.

  • WLC 4402 Update 7.0.253.3: all 17 APs use channel 1

    Since the update of our WLC 4402 to v 7.0.253.3 all 17 accesspoints are using channel 1 !!
    Has anyone an idea to solve this channel-fixing?
    Thx
    Markus

    Thanks Scott,
    your were right: Channel Assignment Method of RRM was turned OFF since the update of the firmware! I have now changed the setting to AUTOMATIC and now, the APs are again using different channels :-)
    THX
    Markus

  • WLC 4402, LAP1242AG APs and Layer 2 Switch Network Design

    Hi Every One,
    I am new designer in the Wireless technology. During design i came accros through a confusing/complex existing topology which i have to integrate with WLC 4402 as below;
    Existing:
    1: I have 12 Switches; all vtp mode server. all in single vlan 1 with single subnet 192.168.0.0/24. All users ports in this single vlan 1.
    2: All of these are old switches including 2950G, 350GXL, 4912.
    3: All the switches gateway is Pix Firewall (192.168.0.1).
    To Do:
    1: I have to implement 1 * WLC 4402, 22 *LAP1242AG Access Points.
    2: WLC will be connected to 350GXL or 4912 through Fiber.
    3: Access Points will be connected to all other 20 switches randomely.
    Confusion:
    1: In my design i created separate vlan 450 for WLC and APs management. But this is not doable in this current setup because all the switches are vtp mode server. Also the gateway is Firewall. Which will require configuration on all existing switches + Pix.(I DONT WANT TO GO FOR THIS OPTION).
    2: To make my work easy, is this possible to Put the WLC, APs in the same vlan 1 (192.168.0.0/24) that is currently used by the existing switches? The gateway for these WLC and APs will be Pix (192.168.0.1).
    3: I tried to search Cisco examples, but in every example Cisco has made a separate vlan for WLC, APs management. So will Point 2 worK?
    4: Do i require any specific changes for this?
    5: ANY OTHER DESIGN SUGGESTION?????????
    Please find the attached Diagram for more information.

    Thanks for the reply.
    1: U mean dat the switch port config will be as below;
    int g0/10
    description connected to WLAN Controller
    switch mode access
    switch access vlan 1
    int g0/23
    description connected to AP
    switchport mode access
    switchport access vlan 1
    so below wil b the sumary of config:
    All switches, WLC, APs, Wireless users and Wired users will be in the same subnet (192.168.0.0/24). Is it ok??
    2: Wat do u mean by vtp config; Please clarify???
    As i mentioned all switches are in vtp mode server. vtp domain name is configred on 12 out of 15 switch. Do i need to config same vtp domain name on all switches? I also have to check vtp pass??

  • Register APs at remote site with WLCs at the core via Metro E.

    All,
    I have problem with register APs at the remote site with WLCs at the core.
    All of my WLCs are on main site; and the majority of APs are on same subnet and same site with the WLCs. This works just fine.
    However I have a remote site with connected to the core via metro E. And I am unable to make the APs at this site register to the controllers at the core.
    On remote site APs and PCs are on subnet. And PCs are work just fine. I have the DHCP scope options 43 set for the ip address of the WLCs.
    Metro E interfaces are on 192.168.0.0 /24.
    Clients (PCs and APs) at remote are on 192.168.56.0 /24
    I have the configuration on the Metro E and and remote site on the attachment.
    Thank in advantage.

    To get APs registered, make sure AP is getting an ip address and can ping WLC
    Once this is verified, run the following debugs on WLC CLI and attach it to the thread:
    - debug mac addr
    - debug capwap OR lwapp events enable
    - debug capwap OR lwapp errors enable
    - debug pm pki enable
    To stop debug
    - debug  disable-all
    In case you have 'console' access to remote site AP, capture AP boot up and then run "debug ip udp" on AP CLI
    To stop this debug
    AP# undebug all

  • Problem to register upgraded AP 1242 to WLC 4402

    Hi,
    I am running a small Cisco WLAN with about 20 APs (all 1242) that are managed by two WLC 4402 (running v4.0.155.0).
    WLCs are in Mobility group, serveral WLANs/VLANs are configured (including 802.1x, guest access with WebAuthentication etc.). All APs are configured for the same WLC as primary and the other as secondary. Everthing was working fine until I tried to upgrade another AP from IOS to LWAPP using the Cisco Upgrade tool.
    After the AP was flashed and rebooted it started to discover a WLC but fails. The console messages look like this:
    *Mar 1 00:00:05.962: %CDP_PD-4-POWER_OK: Full power - AC_ADAPTOR inline power source
    *Mar 1 00:00:06.952: %LINK-3-UPDOWN: Interface FastEthernet0, changed state to up
    *Mar 1 00:00:07.952: %LINEPROTO-5-UPDOWN:
    ap> Line protocol on Interface FastEthernet0, changed state to up
    *Mar 1 00:00:25.960: %LWAPP-5-CHANGED: LWAPP changed state to DISCOVERY
    Translating "CISCO-LWAPP-CONTROLLER.xxx.yyy"...domain server (10.x.y.z)
    *Mar 1 00:00:35.348: %DHCP-6-ADDRESS_ASSIGN: Interface FastEthernet0 assigned DHCP address 10.x.y.z, mask 255.255.254.0, hostname AP0019.3076.fe30
    *Mar 1 00:00:36.349: LWAPP_CLIENT_ERROR: lwapp_name_lookup - Could Not resolve CISCO-LWAPP-CONTROLLER.xxx.yyy
    *Mar 1 00:00:46.398: %LWAPP-5-CHANGED: LWAPP changed state to JOIN
    *Mar 1 00:00:54.397: LWAPP_CLIENT_ERROR_DEBUG: spamHandleJoinTimer: Did not recieve the Join response
    *Mar 1 00:00:54.397: LWAPP_CLIENT_ERROR_DEBUG: No more AP manager IP addresses remain.
    *Mar 1 00:00:54.397: %SYS-5-RELOAD: Reload requested by LWAPP CLIENT. Reload Reason: DID NOT GET JOIN RESPONSE.
    *Mar 1 00:00:54.398: %LWAPP-5-CHANGED: LWAPP changed state to DOWN
    The switchport of the AP is configured for the same VLAN as the management and ap-management interface of the controller (not native VLAN), the primary controller is set to master controller mode and I see no other error messages (e. g. on the WLC).
    Does anyone know how to fix this problem?
    (even adding a "CISCO-LWAPP-CONTROLLER" host in the DNS does not help!!!)

    Hi Ankur,
    here the output of "dir flash:"
    dir flash:
    Directory of flash:/
    2 -rwx 1048 Aug 14 2007 14:29:38 +00:00 private-multiple-fs
    3 -rwx 314 Mar 1 2002 00:00:57 +00:00 env_vars
    156 drwx 128 Aug 14 2007 14:29:32 +00:00 c1240-rcvk9w8-mx
    10 drwx 256 Aug 15 2007 07:15:47 +00:00 c1240-k9w8-mx.123-11.JX
    15998976 bytes total (11196416 bytes free)
    AP0019.3076.fe30#
    Is there something wrong?
    Kind regards,
    Hagen

  • WLC 4402 - APs last reboot reason power loss

    st1\:*{behavior:url(#ieooui) }
    /* Style Definitions */
    table.MsoNormalTable
    {mso-style-name:"Normale Tabelle";
    mso-tstyle-rowband-size:0;
    mso-tstyle-colband-size:0;
    mso-style-noshow:yes;
    mso-style-parent:"";
    mso-padding-alt:0cm 5.4pt 0cm 5.4pt;
    mso-para-margin:0cm;
    mso-para-margin-bottom:.0001pt;
    mso-pagination:widow-orphan;
    font-size:10.0pt;
    font-family:"Times New Roman";
    mso-ansi-language:#0400;
    mso-fareast-language:#0400;
    mso-bidi-language:#0400;}
    Hi,
    we have a Wireless LAN Controller WLC 4402, Software Version 4.1.192.22M (Mesh).
    At the moment there are 6 Access Points in one house, one of them is the root AP. The others are only connected via electrical socket.
    AP’s are: AIR-LAP1131AG-E-K9 / Boot Version 12.3.8.0 / IOS Version 12.4(3g)JMC1
    I think the configuration worked fine over a period of 2 years.
    Now the problem is that the number of access points connected to the controller is changing nearly every minute. At times there is only one AP connected to the controller. So it is impossible for the clients to build up a steady connection. They have to log in via the guest user web interface at short intervals or they can’t see the wireless lan.
    First we thought it would be a problem of one or two “defect” access points. But we replaced 4 of the 6 access points and the problem is still there.
    An example, yesterday:
    13:17 o’clock – 2 AP’s
    13:19 o’clock – 4 AP’s
    13:21 o’clock – 5 AP’s
    13:23 o’clock – 4 AP’s
    13:25 o’clock – 5 AP’s
    13:25 o’clock – 4 AP’s
    13:26 o’clock – 5 AP’s
    13:26 o’clock – 6 AP’s
    13:28 o’clock – 4 AP’s
    13:28 o’clock – 2 AP’s
    Eye-catching is the following message of the log, which appears often: “52       Mon May 16 13:21:56 2011        AP 'AP001d.e557.6fd8', MAC: 00:1d:70:01:bc:20 disassociated previously due to AP Reset. Last reboot reason: power loss
    Also eye-catching is the AP up time. The Root AP is up for over 80 days. But all the other access points show an up time of a few minutes until some hours…but not more.
    Does anybody know what the problem could be?? I read some similar threads but no solution.
    In the following an abstract of the log:
    21        Mon May 16 13:25:43 2011        AP 'AP0021.d847.ffca', MAC: 00:23:5e:49:9d:e0 disassociated previously due to AP Reset. Last reboot reason: power loss
    22        Mon May 16 13:25:30 2011        AP Disassociated. Base Radio MAC:00:1d:70:01:b5:a0
    23        Mon May 16 13:25:30 2011        AP's Interface:1(802.11a) Operation State Down: Base Radio MAC:00:1d:70:01:b5:a0 Cause=Heartbeat Timeout
    24        Mon May 16 13:25:30 2011        AP's Interface:0(802.11b) Operation State Down: Base Radio MAC:00:1d:70:01:b5:a0 Cause=Heartbeat Timeout
    25        Mon May 16 13:25:05 2011        Mesh child node '00:23:5e:49:9d:ef' has changed its parent to mesh node '00:1f:ca:cc:b7:40' from mesh node '00:1d:70:01:bc:20'.
    26        Mon May 16 13:24:10 2011        AP Disassociated. Base Radio MAC:00:23:5e:49:9d:e0
    27        Mon May 16 13:24:10 2011        AP's Interface:1(802.11a) Operation State Down: Base Radio MAC:00:23:5e:49:9d:e0 Cause=New Discovery
    28        Mon May 16 13:24:10 2011        AP's Interface:0(802.11b) Operation State Down: Base Radio MAC:00:23:5e:49:9d:e0 Cause=New Discovery
    29        Mon May 16 13:23:59 2011        AP's Interface:0(802.11b) Operation State Up: Base Radio MAC:00:1d:71:e1:b2:20 Cause=Admin Configured
    30        Mon May 16 13:23:59 2011        AP's Interface:0(802.11b) Operation State Down: Base Radio MAC:00:1d:71:e1:b2:20 Cause=Admin Configured
    31        Mon May 16 13:23:59 2011        AP's Interface:1(802.11a) Operation State Up: Base Radio MAC:00:1d:71:e1:b2:20 Cause=Admin Configured
    32        Mon May 16 13:23:59 2011        AP's Interface:0(802.11b) Operation State Up: Base Radio MAC:00:1d:71:e1:b2:20 Cause=Admin Configured
    33        Mon May 16 13:23:58 2011        AP 'AP001d.45d8.4ea6', MAC: 00:1d:71:e1:b2:20 disassociated previously due to AP Reset. Last reboot reason: power loss
    34        Mon May 16 13:23:31 2011        AP's Interface:0(802.11b) Operation State Up: Base Radio MAC:00:1d:70:01:b5:a0 Cause=Admin Configured
    35        Mon May 16 13:23:31 2011        AP's Interface:0(802.11b) Operation State Down: Base Radio MAC:00:1d:70:01:b5:a0 Cause=Admin Configured
    36        Mon May 16 13:23:31 2011        AP's Interface:1(802.11a) Operation State Up: Base Radio MAC:00:1d:70:01:b5:a0 Cause=Admin Configured
    37        Mon May 16 13:23:31 2011        AP's Interface:0(802.11b) Operation State Up: Base Radio MAC:00:1d:70:01:b5:a0 Cause=Admin Configured
    38        Mon May 16 13:23:30 2011        AP 'AP001d.e557.6f0c', MAC: 00:1d:70:01:b5:a0 disassociated previously due to AP Reset. Last reboot reason: power loss
    39        Mon May 16 13:23:13 2011        Client Association: Client MAC:00:1d:71:e1:b2:2f Base Radio MAC :00:1d:70:01:bc:20 Slot: 1 User Name:c1130-001D45D84EA6
    40        Mon May 16 13:23:13 2011        Mesh child node '00:1d:71:e1:b2:2f' has changed its parent to mesh node '00:1d:70:01:bc:20' from mesh node '00:1f:ca:cc:b7:40'.
    41        Mon May 16 13:23:04 2011        Mesh child node '00:1d:70:01:b5:af' has changed its parent to mesh node '00:23:5e:49:9d:e0' from mesh node '00:1f:ca:cc:b7:40'.
    42        Mon May 16 13:22:57 2011        AP 'AP0021.d847.ffca', MAC: 00:23:5e:49:9d:e0 disassociated previously due to AP Reset. Last reboot reason: power loss
    43        Mon May 16 13:22:39 2011        AP Disassociated. Base Radio MAC:00:23:5e:49:9d:e0
    44        Mon May 16 13:22:39 2011        AP's Interface:1(802.11a) Operation State Down: Base Radio MAC:00:23:5e:49:9d:e0 Cause=New Discovery
    45        Mon May 16 13:22:39 2011        AP's Interface:0(802.11b) Operation State Down: Base Radio MAC:00:23:5e:49:9d:e0 Cause=New Discovery
    46        Mon May 16 13:22:39 2011        AP 'AP0021.d847.ffca', MAC: 00:23:5e:49:9d:e0 disassociated previously due to AP Reset. Last reboot reason: power loss
    47        Mon May 16 13:22:17 2011        Mesh child node '00:23:5e:49:9d:ef' has changed its parent to mesh node '00:1d:70:01:bc:20' from mesh node '00:1f:ca:cc:b7:40'.
    48        Mon May 16 13:21:57 2011        AP's Interface:0(802.11b) Operation State Up: Base Radio MAC:00:1d:70:01:bc:20 Cause=Admin Configured
    49        Mon May 16 13:21:57 2011        AP's Interface:0(802.11b) Operation State Down: Base Radio MAC:00:1d:70:01:bc:20 Cause=Admin Configured
    50        Mon May 16 13:21:57 2011        AP's Interface:1(802.11a) Operation State Up: Base Radio MAC:00:1d:70:01:bc:20 Cause=Admin Configured
    51        Mon May 16 13:21:57 2011        AP's Interface:0(802.11b) Operation State Up: Base Radio MAC:00:1d:70:01:bc:20 Cause=Admin Configured
    52        Mon May 16 13:21:56 2011        AP 'AP001d.e557.6fd8', MAC: 00:1d:70:01:bc:20 disassociated previously due to AP Reset. Last reboot reason: power loss
    53        Mon May 16 13:21:39 2011        Client Association: Client MAC:00:23:5e:49:9d:ef Base Radio MAC :00:1f:ca:cc:b7:40 Slot: 1 User Name:c1130-0021D847FFCA
    54        Mon May 16 13:21:32 2011        Client Association: Client MAC:00:23:5e:49:9d:ef Base Radio MAC :00:1f:ca:cc:b7:40 Slot: 1 User Name:c1130-0021D847FFCA
    55        Mon May 16 13:21:12 2011        Mesh child node '00:1d:71:e1:b2:2f' has changed its parent to mesh node '00:1f:ca:cc:b7:40' from mesh node '00:1d:70:01:b5:a0'.
    56        Mon May 16 13:21:05 2011        Client Association: Client MAC:00:1d:70:01:bc:2f Base Radio MAC :00:1f:ca:cc:b7:40 Slot: 1 User Name:c1130-001DE5576FD8
    57        Mon May 16 13:20:32 2011        Mesh child node '00:23:5e:49:9d:ef' has changed its parent to mesh node '00:1f:ca:cc:b7:40' from mesh node '00:1d:70:01:bc:20'.
    58        Mon May 16 13:20:11 2011        Mesh child node '00:1d:70:01:bc:2f' is no longer associated with mesh node '00:1f:ca:cc:b7:40'.
    59        Mon May 16 13:20:06 2011        Mesh child node '00:1d:70:01:b5:af' has changed its parent to mesh node '00:1f:ca:cc:b7:40' from mesh node '00:1d:70:01:bc:20'.
    60        Mon May 16 13:19:57 2011        AP Disassociated. Base Radio MAC:00:1d:70:01:b5:a0
    61        Mon May 16 13:19:57 2011        AP's Interface:1(802.11a) Operation State Down: Base Radio MAC:00:1d:70:01:b5:a0 Cause=Heartbeat Timeout
    62        Mon May 16 13:19:57 2011        AP's Interface:0(802.11b) Operation State Down: Base Radio MAC:00:1d:70:01:b5:a0 Cause=Heartbeat Timeout
    63        Mon May 16 13:19:49 2011        AP Disassociated. Base Radio MAC:00:1d:70:01:bc:20
    64        Mon May 16 13:19:49 2011        AP's Interface:1(802.11a) Operation State Down: Base Radio MAC:00:1d:70:01:bc:20 Cause=Heartbeat Timeout
    65        Mon May 16 13:19:49 2011        AP's Interface:0(802.11b) Operation State Down: Base Radio MAC:00:1d:70:01:bc:20 Cause=Heartbeat Timeout
    66        Mon May 16 13:19:39 2011        AP Disassociated. Base Radio MAC:00:23:5e:49:9d:e0
    67        Mon May 16 13:19:39 2011        AP's Interface:1(802.11a) Operation State Down: Base Radio MAC:00:23:5e:49:9d:e0 Cause=Heartbeat Timeout
    68        Mon May 16 13:19:39 2011        AP's Interface:0(802.11b) Operation State Down: Base Radio MAC:00:23:5e:49:9d:e0 Cause=Heartbeat Timeout
    69        Mon May 16 13:19:36 2011        AP Disassociated. Base Radio MAC:00:1d:71:e1:b2:20
    70        Mon May 16 13:19:36 2011        AP's Interface:1(802.11a) Operation State Down: Base Radio MAC:00:1d:71:e1:b2:20 Cause=Heartbeat Timeout
    71        Mon May 16 13:19:36 2011        AP's Interface:0(802.11b) Operation State Down: Base Radio MAC:00:1d:71:e1:b2:20 Cause=Heartbeat Timeout
    Greetings Lydia

    st1\:*{behavior:url(#ieooui) }
    /* Style Definitions */
    table.MsoNormalTable
    {mso-style-name:"Normale Tabelle";
    mso-tstyle-rowband-size:0;
    mso-tstyle-colband-size:0;
    mso-style-noshow:yes;
    mso-style-parent:"";
    mso-padding-alt:0cm 5.4pt 0cm 5.4pt;
    mso-para-margin:0cm;
    mso-para-margin-bottom:.0001pt;
    mso-pagination:widow-orphan;
    font-size:10.0pt;
    font-family:"Times New Roman";
    mso-ansi-language:#0400;
    mso-fareast-language:#0400;
    mso-bidi-language:#0400;}
    Hey,
    last week I tried to upgrade the controller step-by-step.
    Under the software 4.1.192.35M the problem was still there… access points were often disassociated from the controller.
    There were problems with Software 4.2.207.54M too. The access points couldn’t reach the download-status. The log of the access point said that it could not open the tar-file.
    So I went back to 4.1.192.35M. Of course the controller lost some of its configuration. I configured it new with the same settings as before.
    After it the wireless connection seemed to be a little bit more robust. I asked the users to test the connection at the weekend and this is the answer:
    “so we tested the WLAN during the weekend. The situation definitely improved with respect to before. Authetication is much faster and the connection (when active) is sensibly faster.
    However the connection is still very unstable and it is necessary every five-ten minutes to reconnect (especially for intense network traffic like when watching a streaming content or using VOIP applications. Actually switching off and on again the WLAN card (Airport) often a new authentication is not required. However, without doing so the connection would not resume alone to a working state.
    So what to say? Better than before (thanks) but far from being fixed. From last September to January we did not experience any problem, so it must be something that chronologically happened at the beginning of the year, it is not a systemic problem.
    But there were no changes or anything else at the beginning of the year.
    Do you mean it makes sense to resume upgrading? I’m a little bit afraid of more problems like under 4.2.207.54M
    Greetings Lydia

  • 1131 LWAP not join WLC 4402

    I am deploying WLC 4402 with LWAP 1131 but AP fail to join the WLC .The resone that I dont have DNS server.The error message in the AP is :
    AP001d.451f.8582>
    *Mar 1 00:00:38.005: %DHCP-6-ADDRESS_ASSIGN: Interface FastEthernet0 assigned D
    HCP address 172.26.5.12, mask 255.255.255.0, hostname AP001d.451f.8582
    Translating "CISCO-LWAPP-CONTROLLER"...domain server (255.255.255.255)
    *Mar 1 00:00:49.371: LWAPP_CLIENT_ERROR: lwapp_name_lookup - Could Not resolve
    I tried to configure the Controller address in LAP but I fail ,The error when I tried to configure AP is below:
    AP001d.451f.8582#lwapp ap controller ip address 172.26.5.10
    ERROR!!! Command is disabled.
    my question is :
    is it possible to make LAP join WLC with out DNS,if yes how ?

    Hi Yhab,
    There are other ways besides DNS to help in the AP and WLC Discovery process. Have a look in this good doc;
    Lightweight AP (LAP) Registration to a Wireless LAN Controller (WLC)
    http://www.cisco.com/en/US/tech/tk722/tk809/technologies_tech_note09186a00806c9e51.shtml#topic2
    For the Static entry problem;
    If this AP was ever registered you can use this command from the LAP CLI to clear the LWAPP configuration on the LAP:
    clear lwapp private-config
    This allows you to use the AP LWAPP static configuration commands again.
    Here is an example:
    Enable (enter password)
    AP1240#clear lwapp private-config
    AP1240#lwapp ap hostname AP1240
    AP1240#lwapp ap ip address 10.77.244.199 255.255.255.224
    AP1240#lwapp ap ip default-gateway 10.77.244.220
    AP1240#lwapp ap controller ip address 172.16.1.50
    Note: You cannot use the clear lwapp private-config command when the LAP is registered with the controller.
    http://www.cisco.com/en/US/products/hw/wireless/ps430/products_tech_note09186a00808e2d27.shtml#t2
    Hope this helps!
    Rob

  • WLC 4402 vlan questions

    I am trying to implement a Cisco Wireless solution. I have some Cisco knowledge, but it is limited. I did successfully configure the WLC 4402 with 1200 series APs. Created two WLANs, each with its own SSID. SSID ?guest? uses WEP, and gets addresses via the internal DHCP server. The DCHP range I chose exists within out current network, something I need to change according to the documentation I have read. This network should not see our network, but can browse the internet. SSID ?secure? uses WPA with MAC authentication. I can connect to either SSID and access all network resources. However this only works with two caveats.
    1) I have to use the management interface
    2) The DHCP range for the guest network needs to fall within our network
    Trying to implement any kind of security for the ?guest? network has not gone so well. I have problems just about at every point. After reading some documents, I decided I needed to add 2 interfaces for the 2 WLANs. My interface info is below.
    Interface Name Mgr Port Vlan Id IP Address Type Ap
    ap-manager LAG untagged 10.1.104.154 Static Yes
    guest LAG 10 192.168.10.10 Dynamic No
    management LAG untagged 10.1.104.153 Static No
    production LAG 20 192.168.20.20 Dynamic No
    service-port N/A N/A 192.168.1.1 Static No
    virtual N/A N/A 1.1.1.1 Static No
    My intention was to apply an access list the guest VLAN so as to limit its traffic. If I apply the guest interface ?VLAN 10 (instead of the management-VLAN 0) it doesn?t work. I found a doc that addresses this so I added trunking to the interface the WLC is attached to on our 6509 (CatOS)switch.
    MySwitch (enable) set trunk 2/6 on dot1q
    Trunking is enabled, but no dice. I thought this might be a routing issue between my switch and my gateway. So I changed the VLAN on the management interface. I thought this would at the very least allow me to ping the switch, but I was wrong. I changed that back and added this entry into our gateway
    interface Vlan10
    ip address 192.168.20.1 255.255.255.0
    I thought that way the wireless controller would be able to see the IP address, on the router, but it didn?t work.
    Also I cannot use the new DHCP range I chose (192.168.10.x), I assume because it is not 10.1.x.x, so it can?t find it.
    I would really appreciate some help from someone who has done this. I am very confused.

    Hi
    Okay number of things here.
    Firstly you are correct about needing a trunk interface between the WLC and your switch. Make sure that all the vlans you have created are allowed on the trunk link.
    On the 6509 run
    "sh int trunk" and confirm that the status is up.
    You will need to create vlan interfaces for each of your WLC vlans on the 6500. You say you have created vlan 10 interface on the 6500.
    What is the default gateway on the WLC set to ?
    For DHCP addressing to work you will need to us eth "ip helper-address "DHCP IP address" under the vlan interface eg
    vlan 10
    ip address 192.168.20.1 255.255.255.0
    ip helper-address "DHCP server address"
    You need to do this for all vlan interfaces you want to pick IP addresses up for clients.
    HTH
    Jon

  • Cisco AIR-LAP1041N-E-K9 not working with WLC 4402 version 7.0.116.0

    Hi All,
    appreciate your support for a problem i started facing today. i have a Cisco WLC 4402 running version 7.0.116.0 and it is working great with 25 Cisco 1252 APs. we have recieved a new 20 Cisco 1041N APs today and i installed one in our site but it doesn't work. it worked fine and loaded the image from flash and got the WLC ip address through DHCP option and started showing the below error:
    *Mar  1 00:00:10.021: %SOAP_FIPS-2-SELF_TEST_IOS_SUCCESS: IOS crypto FIPS self test passed
    *Mar  1 00:00:10.033: *** CRASH_LOG = YES
    *Mar  1 00:00:10.333: Port 1 is not presentSecurity Core found.
    Base Ethernet MAC address: C8:9C:1D:53:57:5E
    *Mar  1 00:00:11.373: %SOAP_FIPS-2-SELF_TEST_RAD_SUCCESS: RADIO crypto FIPS self test passed on interface Dot11Radio 0
    *Mar  1 00:00:11.465: %LWAPP-3-CLIENTEVENTLOG: Read and initialized AP event log (contains, 1088 messages)
    *Mar  1 00:00:11.494:  status of voice_diag_test from WLC is false
    *Mar  1 00:00:12.526: %LINK-3-UPDOWN: Interface GigabitEthernet0, changed state to up
    *Mar  1 00:00:13.594: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0, changed state to up
    *Mar  1 00:00:13.647: %SYS-5-RESTART: System restarted --
    Cisco IOS Software, C1040 Software (C1140-K9W8-M), Version 12.4(23c)JA2, RELEASE SOFTWARE (fc3)
    Technical Support: http://www.cisco.com/techsupport
    Copyright (c) 1986-2011 by Cisco Systems, Inc.
    Compiled Wed 13-Apr-11 12:50 by prod_rel_team
    *Mar  1 00:00:13.647: %SNMP-5-COLDSTART: SNMP agent on host APc89c.1d53.575e is undergoing a cold start
    *Mar  1 00:08:59.062: %CAPWAP-5-CHANGED: CAPWAP changed state to DISCOVERY
    *Mar  1 00:08:59.062: bsnInitRcbSlot: slot 1 has NO radio
    *Mar  1 00:08:59.138: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to reset
    *Mar  1 00:08:59.837: %SSH-5-ENABLED: SSH 2.0 has been enabled
    *Mar  1 00:09:00.145: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to down
    *Mar  1 00:09:09.136: %DHCP-6-ADDRESS_ASSIGN: Interface GigabitEthernet0 assigned DHCP address 172.16.26.81, mask 255.255.255.0, hostname APc89c.1d53.575e
    *Mar  1 00:09:17.912: %PARSER-4-BADCFG: Unexpected end of configuration file.
    *Mar  1 00:09:17.912:  status of voice_diag_test from WLC is false
    *Mar  1 00:09:17.984: Logging LWAPP message to 255.255.255.255.
    *Mar  1 00:09:19.865: %CDP_PD-4-POWER_OK: Full power - NEGOTIATED inline power source
    *Mar  1 00:09:19.886: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to up
    *Mar  1 00:09:20.873: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to up
    *Mar  1 00:09:20.874: %SYS-6-LOGGINGHOST_STARTSTOP: Logging to host 255.255.255.255 started - CLI initiated
    Translating "CISCO-CAPWAP-CONTROLLER.atheertele.com"...domain server (172.16.40.240)
    *Mar  1 00:09:29.029: %CAPWAP-5-DHCP_OPTION_43: Controller address 172.16.100.102 obtained through DHCP
    *May 25 08:27:02.000: %CAPWAP-5-DTLSREQSEND: DTLS connection request sent peer_ip: 172.16.100.101 peer_port: 5246
    *May 25 08:27:02.001: %CAPWAP-5-CHANGED: CAPWAP changed state to
    *May 25 08:27:03.175: %CAPWAP-5-DTLSREQSUCC: DTLS connection created sucessfully peer_ip: 172.16.100.101 peer_port: 5246
    *May 25 08:27:03.177: %CAPWAP-5-SENDJOIN: sending Join Request to 172.16.100.101
    *May 25 08:27:03.177: %CAPWAP-5-CHANGED: CAPWAP changed state to JOIN
    *May 25 08:27:03.329: %CAPWAP-5-CHANGED: CAPWAP changed state to CFG
    *May 25 08:27:03.333: %DTLS-5-ALERT: Received WARNING : Close notify alert from 172.16.100.101
    *May 25 08:27:03.333: %DTLS-5-PEER_DISCONNECT: Peer 172.16.100.101 has closed connection.
    *May 25 08:27:03.333: %DTLS-5-SEND_ALERT: Send FATAL : Close notify Alert to 172.16.100.101:5246
    *May 25 08:27:03.378: %CAPWAP-5-CHANGED: CAPWAP changed state to DISCOVERY
    *May 25 08:27:03.378: %CAPWAP-5-CHANGED: CAPWAP changed state to DISCOVERY
    *May 25 08:27:03.378: bsnInitRcbSlot: slot 1 has NO radio
    *May 25 08:27:03.448:  status of voice_diag_test from WLC is false
    *May 25 08:27:14.000: %CAPWAP-5-DTLSREQSEND: DTLS connection request sent peer_ip: 172.16.100.101 peer_port: 5246
    *May 25 08:27:14.001: %CAPWAP-5-CHANGED: CAPWAP changed state to
    *May 25 08:27:15.185: %CAPWAP-5-DTLSREQSUCC: DTLS connection created sucessfully peer_ip: 172.16.100.101 peer_port: 5246
    *May 25 08:27:15.186: %CAPWAP-5-SENDJOIN: sending Join Request to 172.16.100.101
    *May 25 08:27:15.186: %CAPWAP-5-CHANGED: CAPWAP changed state to JOIN
    *May 25 08:27:15.330: %CAPWAP-5-CHANGED: CAPWAP changed state to CFG
    *May 25 08:27:15.333: %DTLS-5-ALERT: Received WARNING : Close notify alert from 172.16.100.101
    *May 25 08:27:15.334: %DTLS-5-PEER_DISCONNECT: Peer 172.16.100.101 has closed connection.
    *May 25 08:27:15.334: %DTLS-5-SEND_ALERT: Send FATAL : Close notify Alert to 172.16.100.101:5246
    *May 25 08:27:15.379: %CAPWAP-5-CHANGED: CAPWAP changed state to DISCOVERY
    *May 25 08:27:15.379: %CAPWAP-5-CHANGED: CAPWAP changed state to DISCOVERY
    *May 25 08:27:15.379: bsnInitRcbSlot: slot 1 has NO radio
    *May 25 08:27:15.450:  status of voice_diag_test from WLC is false
    *May 25 08:27:26.000: %CAPWAP-5-DTLSREQSEND: DTLS connection request sent peer_ip: 172.16.100.101 peer_port: 5246
    *May 25 08:27:26.001: %CAPWAP-5-CHANGED: CAPWAP changed state to
    *May 25 08:27:27.182: %CAPWAP-5-DTLSREQSUCC: DTLS connection created sucessfully peer_ip: 172.16.100.101 peer_port: 5246
    *May 25 08:27:27.183: %CAPWAP-5-SENDJOIN: sending Join Request to 172.16.100.101
    *May 25 08:27:27.184: %CAPWAP-5-CHANGED: CAPWAP changed state to JOIN
    *May 25 08:27:27.329: %CAPWAP-5-CHANGED: CAPWAP changed state to CFG
    *May 25 08:27:27.333: %DTLS-5-ALERT: Received WARNING : Close notify alert from 172.16.100.101
    *May 25 08:27:27.333: %DTLS-5-PEER_DISCONNECT: Peer 172.16.100.101 has closed connection.
    *May 25 08:27:27.333: %DTLS-5-SEND_ALERT: Send FATAL : Close notify Alert to 172.16.100.101:5246
    *May 25 08:27:27.377: %CAPWAP-5-CHANGED: CAPWAP changed state to DISCOVERY
    *May 25 08:27:27.377: %CAPWAP-5-CHANGED: CAPWAP changed state to DISCOVERY
    *May 25 08:27:27.377: bsnInitRcbSlot: slot 1 has NO radio
    *May 25 08:27:27.433: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to administratively down
    *May 25 08:27:27.446: %PARSER-4-BADCFG: Unexpected end of configuration file.
    *May 25 08:27:27.447:  status of voice_diag_test from WLC is false
    *May 25 08:27:27.448: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to up
    *May 25 08:27:27.456: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to reset
    *May 25 08:27:38.000: %CAPWAP-5-DTLSREQSEND: DTLS connection request sent peer_ip: 172.16.100.101 peer_port: 5246
    *May 25 08:27:38.001: %CAPWAP-5-CHANGED: CAPWAP changed state to
    *May 25 08:27:39.183: %CAPWAP-5-DTLSREQSUCC: DTLS connection created sucessfully peer_ip: 172.16.100.101 peer_port: 5246
    *May 25 08:27:39.184: %CAPWAP-5-SENDJOIN: sending Join Request to 172.16.100.101
    *May 25 08:27:39.184: %CAPWAP-5-CHANGED: CAPWAP changed state to JOIN
    *May 25 08:27:39.326: %CAPWAP-5-CHANGED: CAPWAP changed state to CFG
    *May 25 08:27:39.329: %DTLS-5-ALERT: Received WARNING : Close notify alert from 172.16.100.101
    *May 25 08:27:39.329: %DTLS-5-PEER_DISCONNECT: Peer 172.16.100.101 has closed connection.
    *May 25 08:27:39.330: %DTLS-5-SEND_ALERT: Send FATAL : Close notify Alert to 172.16.100.101:5246
    *May 25 08:27:39.375: %CAPWAP-5-CHANGED: CAPWAP changed state to DISCOVERY
    *May 25 08:27:39.375: %CAPWAP-5-CHANGED: CAPWAP changed state to DISCOVERY
    *May 25 08:27:39.375: bsnInitRcbSlot: slot 1 has NO radio
    *May 25 08:27:39.446:  status of voice_diag_test from WLC is false
    *May 25 08:27:49.000: %CAPWAP-5-DTLSREQSEND: DTLS connection request sent peer_ip: 172.16.100.101 peer_port: 5246
    *May 25 08:27:49.001: %CAPWAP-5-CHANGED: CAPWAP changed state to
    *May 25 08:27:50.179: %CAPWAP-5-DTLSREQSUCC: DTLS connection created sucessfully peer_ip: 172.16.100.101 peer_port: 5246
    *May 25 08:27:50.180: %CAPWAP-5-SENDJOIN: sending Join Request to 172.16.100.101
    *May 25 08:27:50.180: %CAPWAP-5-CHANGED: CAPWAP changed state to JOIN
    *May 25 08:27:50.323: %CAPWAP-5-CHANGED: CAPWAP changed state to CFG
    *May 25 08:27:50.326: %DTLS-5-ALERT: Received WARNING : Close notify alert from 172.16.100.101
    *May 25 08:27:50.326: %DTLS-5-PEER_DISCONNECT: Peer 172.16.100.101 has closed connection.
    *May 25 08:27:50.326: %DTLS-5-SEND_ALERT: Send FATAL : Close notify Alert to 172.16.100.101:5246
    *May 25 08:27:50.370: %CAPWAP-5-CHANGED: CAPWAP changed state to DISCOVERY
    *May 25 08:27:50.370: %CAPWAP-5-CHANGED: CAPWAP changed state to DISCOVERY
    *May 25 08:27:50.370: bsnInitRcbSlot: slot 1 has NO radio
    *May 25 08:27:50.425: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to administratively down
    *May 25 08:27:50.438: %PARSER-4-BADCFG: Unexpected end of configuration file.
    i searched for the regulatory domains difference between  AIR-LAP1041N-E-K9 and  AIR-LAP1041N-A-K9 and didn't find any difference that may affect the operation of this AP.
    just to mention that our configuration in WLC for regulatory domains is:
    Configured Country Code(s) AR 
    Regulatory Domain  802.11a:  -A
                                 802.11bg: -A
    My question is, should i only include my country in the WLC (IQ) to add the requlatry domain (-E) to solve this problem? or changing the country will affect the operation of all working APs??
    Appreciate your kind support,
    Wisam Q.

    Hi Ramon,
    thank you for the reply but as shown in the below link:
    http://www.cisco.com/en/US/docs/wireless/controller/release/notes/crn7.0.html#wp233793
    the WLC in version 7.0.116.0 supports Cisco 1040 seiries APs.
    Thanks,
    Wisam Q.

  • WLC 4402-50 with ACS 3.3

    Hi,
    We want to use ACS to authenticate an ssh or http connection to a WLC 4403-50 4.2.99 using TACACS+. On our ACS 4.2 test server it works fine. Configured identically on an ACS 3.3 appliance we are not able to log in although we do see a successful login in the Passed Authentications report withing ACS.
    Is there an incompatability between the WLC 4402-50 with ACS 3.3?
    thanks
    Bob

    The Cisco Secure Access Control Server (ACS) provides authentication, authorization, and accounting (AAA) services for users of the wireless network.
    It is also possible to employ a WLC controller strategy that uses an N+1 approach. When using N+1 architecture, each WLC is configured with a WLC that is designated as a backup WLC in the event of a failure. This controller is not used until there is a failure event upon which all APs using the failed controller switch to the backup WLC. This cost-effective approach provides a high level of availability in the event of a single WLC failure scenario.

  • Wireless controller ha between wlc5508 and wlc 4402

    We have 2 wlc:  a wlc 5508 ( license 100 AP ) and  wlc 4402 ( license 12AP).
    We try to setup when 5508 down, 12 identify AP (important AP -Group A) will join 4402 and all other AP (not improtan AP -Group B)
    wont joint  wlc 4402.
    First, all AP join wlc 5508, 2 WLC have same mobility group.
    After that, we  config 12 APs belongto group A have primary and secondary wlc, group B only has primary wlc.
    When wlc 5508 down, some of APs of GroupA and   some of APs of GroupB join wlc 4402. We test many times and we have differnet result each times.
    is theare any way to resolve our problem?
    Thanks.

    Just to add, make sure that the WLC is running the same code, if not, then make sure the ap is supported on the code that is running on the 5508. The issue with mixed code is the ap will upgrade and downgrade very time they switch to a different WLC.
    http://www.cisco.com/en/US/docs/wireless/controller/5500/tech_notes/Wireless_Software_Compatibility_Matrix.html
    Sent from Cisco Technical Support iPhone App

  • Bonjour / iChat working across wlc 4402

    I have a L3 switched LAN (Cat4510 at the core with 3560 to the edge), and a WLC 4402 [s/w 4.0.217.0] providing wireless access. There is a multitude a PC's and MACs that sit on the wired and wireless network.
    I currently am having issues getting a Apple tool called Bonjour working across the wireless network.
    I have done some reading and from what I can gather it uses mdns (which uses udp 5353 / 5354). I have enabled Multicast Routing on the Cat4510 and enabled on the WLC 4402 Ethernet Multicast Mode with a group address of 224.0.0.1, however still cannot get Bonjour clients talking.
    Admittedly the blogs I have read and Tech pages on Apple do not give up anymore info than this. Has anyone had experience or come across this before?

    Found something interesting on this.
    Apparently, apples do not like multicast using IANA Administratively Scoped Block range of 239.0.0.0-239.255.255.255.
    I was using 239.0.1.100 and nothing was connecting, I then changed it to 235.0.0.1 and all is well.
    Go figure.
    ref: http://www.cisco.com/en/US/tech/tk828/technologies_white_paper09186a00802d4643.shtml#wp1011111

Maybe you are looking for

  • Link PDF in Data Manager

    Hi, Do one of you know if it is necessary to installe Adobe Acrobat to be able to link a PDF document to the PDF table in Data Manager? Kind regards Jonna

  • Lumia 520 eating phone credit/balance

    Hey. I recently bought Nokia Lumia 520. It's quite awesome phone. But there's one problem. My phone credit/balance keeps somehow decreasing a bit even though I haven't called or sent any messages. It eats about 10 cents in 6 hours. I have shut every

  • Function Modules for Actual, Plan, Budget Cost over internal orders

    Dear All, I need a function module for getting the Actual, Plan, Budget Costs for the internal orders assigned. I want to fetch the cost related to internal order which is assigned to project C projects in PLM.

  • XI 3.0  Sender Agreement error during Configuration Wizard

    Hi During the Sender Agreement generation of the Configuration Wizard an error occurs because it takes the value of "" for Receiver Party and Service.  This was discuused during the XI252 Session at the San Diego SAP TechEd.  The proposed solution wa

  • How can I put my webpage on google?

    I created some time ago a web page with iWeb, and now, I can´t put it in google, are there a way to do it?