WLC 5508 Field Recovery Version N/A
Hello,
I have upgraded my new WLC to version 7.0.98.218
I noticed the N/A for the Field recovery version. On my old 4402 it is called the Emergency Image Version, and it is 5.2.157.0
How do i get a recovery version on the WLC?
Any help is appreciated.
Thanks
Tony
5500 platform doesn't have ER image rather it has FUS image which is similar to ER image on 4400.
5500 suppose to show 1.1 instead N/A for ER image, it was a bug on that 7.0 code.
FUS image & update producedure & guidelines on 5500:-
http://www.cisco.com/cisco/software/release.html?mdfid=282600534&flowid=7012&softwareid=284364857&release=1.7.0.0&relind=AVAILABLE&rellifecycle=&reltype=latest
http://www.cisco.com/en/US/docs/wireless/controller/release/notes/fus_rn_1_7_0_0.html#wp43732
Similar Messages
-
WLC 5508, SW 6.0.199.4, 1142 AP: Clients getting dropped intermittently
We have deployed a WLC 5508 w/ SW version 6.0.199.4, 1142 AP's & open authentication w/ MAC filtering. Clients are randomly getting dropped with "Limited Access" shown in Win 7. In this state, the client machine is unable to ping the gateway and sometimes lose their DHCP assigned IP as well. A manual disconnect/re-connect to the SSID is required everytime.
I ran a debug on one the clients stuck in the "Limited Access" state (debug client xx:xx:xx:xx):
*Apr 15 16:59:23.205: e0:91:53:60:1f:e4 Adding mobile on LWAPP AP 3c:ce:73:c5:1e:b0(0)
*Apr 15 16:59:23.205: e0:91:53:60:1f:e4 Scheduling deletion of Mobile Station: (callerId: 23) in 5 seconds
*Apr 15 16:59:23.205: e0:91:53:60:1f:e4 apfProcessProbeReq (apf_80211.c:4722) Changing state for mobile e0:91:53:60:1f:e4 on AP 3c:ce:73:c5:1e:b0 from Idle to Probe
*Apr 15 16:59:23.205: e0:91:53:60:1f:e4 Scheduling deletion of Mobile Station: (callerId: 24) in 5 seconds
*Apr 15 16:59:23.225: e0:91:53:60:1f:e4 Scheduling deletion of Mobile Station: (callerId: 24) in 5 seconds
*Apr 15 16:59:23.225: e0:91:53:60:1f:e4 Scheduling deletion of Mobile Station: (callerId: 24) in 5 seconds
*Apr 15 16:59:23.646: e0:91:53:60:1f:e4 Scheduling deletion of Mobile Station: (callerId: 24) in 5 seconds
*Apr 15 16:59:23.646: e0:91:53:60:1f:e4 Scheduling deletion of Mobile Station: (callerId: 24) in 5 seconds
*Apr 15 16:59:23.666: e0:91:53:60:1f:e4 Scheduling deletion of Mobile Station: (callerId: 24) in 5 seconds
*Apr 15 16:59:23.666: e0:91:53:60:1f:e4 Scheduling deletion of Mobile Station: (callerId: 24) in 5 seconds
*Apr 15 16:59:28.553: e0:91:53:60:1f:e4 apfMsExpireCallback (apf_ms.c:418) Expiring Mobile!
*Apr 15 16:59:28.554: e0:91:53:60:1f:e4 0.0.0.0 START (0) Deleted mobile LWAPP rule on AP [3c:ce:73:c5:1e:b0]
*Apr 15 16:59:28.554: e0:91:53:60:1f:e4 Deleting mobile on AP 3c:ce:73:c5:1e:b0(0)
On doing a manual re-connect, got the following logs:
*Apr 15 17:01:38.143: e0:91:53:60:1f:e4 Association received from mobile on AP b8:62:1f:e9:9f:30
*Apr 15 17:01:38.143: e0:91:53:60:1f:e4 Applying site-specific IPv6 override for station e0:91:53:60:1f:e4 - vapId 7, site 'Academy', interface 'students'
*Apr 15 17:01:38.143: e0:91:53:60:1f:e4 Applying IPv6 Interface Policy for station e0:91:53:60:1f:e4 - vlan 15, interface id 14, interface 'students'
*Apr 15 17:01:38.143: e0:91:53:60:1f:e4 Applying site-specific override for station e0:91:53:60:1f:e4 - vapId 7, site 'Academy', interface 'students'
*Apr 15 17:01:38.143: e0:91:53:60:1f:e4 0.0.0.0 START (0) Changing ACL 'none' (ACL ID 255) ===> 'none' (ACL ID 255) --- (caller apf_policy.c:1276)
*Apr 15 17:01:38.143: e0:91:53:60:1f:e4 STA - rates (8): 130 132 139 150 12 18 24 36 0 0 0 0 0 0 0 0
*Apr 15 17:01:38.143: e0:91:53:60:1f:e4 STA - rates (12): 130 132 139 150 12 18 24 36 48 72 96 108 0 0 0 0
*Apr 15 17:01:38.143: e0:91:53:60:1f:e4 0.0.0.0 START (0) Deleted mobile LWAPP rule on AP [b8:62:1f:e5:6a:90]
*Apr 15 17:01:38.144: e0:91:53:60:1f:e4 Updated location for station old AP b8:62:1f:e5:6a:90-0, new AP b8:62:1f:e9:9f:30-0
*Apr 15 17:01:38.144: e0:91:53:60:1f:e4 apfProcessAssocReq (apf_80211.c:4268) Changing state for mobile e0:91:53:60:1f:e4 on AP b8:62:1f:e9:9f:30 from Probe to AAA Pending
*Apr 15 17:01:38.144: e0:91:53:60:1f:e4 Scheduling deletion of Mobile Station: (callerId: 20) in 10 seconds
*Apr 15 17:01:38.144: e0:91:53:60:1f:e4 0.0.0.0 START (0) Initializing policy
*Apr 15 17:01:38.144: e0:91:53:60:1f:e4 0.0.0.0 START (0) Change state to AUTHCHECK (2) last state AUTHCHECK (2)
*Apr 15 17:01:38.144: e0:91:53:60:1f:e4 0.0.0.0 AUTHCHECK (2) Change state to L2AUTHCOMPLETE (4) last state L2AUTHCOMPLETE (4)
*Apr 15 17:01:38.144: e0:91:53:60:1f:e4 0.0.0.0 L2AUTHCOMPLETE (4) Plumbed mobile LWAPP rule on AP b8:62:1f:e9:9f:30 vapId 7 apVapId 2
*Apr 15 17:01:38.144: e0:91:53:60:1f:e4 0.0.0.0 L2AUTHCOMPLETE (4) Change state to DHCP_REQD (7) last state DHCP_REQD (7)
*Apr 15 17:01:38.144: e0:91:53:60:1f:e4 apfPemAddUser2 (apf_policy.c:213) Changing state for mobile e0:91:53:60:1f:e4 on AP b8:62:1f:e9:9f:30 from AAA Pending to Associated
*Apr 15 17:01:38.145: e0:91:53:60:1f:e4 Scheduling deletion of Mobile Station: (callerId: 49) in 65535 seconds
*Apr 15 17:01:38.145: e0:91:53:60:1f:e4 Including FT Mobility Domain IE (length 5) in Initial assoc Resp to mobile
*Apr 15 17:01:38.145: e0:91:53:60:1f:e4 Sending Assoc Response to station on BSSID b8:62:1f:e9:9f:30 (status 0) Vap Id 2 Slot 0
*Apr 15 17:01:38.145: e0:91:53:60:1f:e4 apfProcessRadiusAssocResp (apf_80211.c:1957) Changing state for mobile e0:91:53:60:1f:e4 on AP b8:62:1f:e9:9f:30 from Associated to Associated
*Apr 15 17:01:38.189: e0:91:53:60:1f:e4 DHCP received op BOOTREQUEST (1) (len 308, port 13, encap 0xec03)
*Apr 15 17:01:38.189: e0:91:53:60:1f:e4 DHCP dropping packet due to ongoing mobility handshake exchange, (siaddr 0.0.0.0, mobility state = 'apfMsMmQueryRequested'
*Apr 15 17:01:39.953: e0:91:53:60:1f:e4 0.0.0.0 DHCP_REQD (7) State Update from Mobility-Incomplete to Mobility-Complete, mobility role=Local, client state=APF_MS_STATE_ASSOCIATED
*Apr 15 17:01:39.954: e0:91:53:60:1f:e4 0.0.0.0 DHCP_REQD (7) pemAdvanceState2 4166, Adding TMP rule
*Apr 15 17:01:39.954: e0:91:53:60:1f:e4 0.0.0.0 DHCP_REQD (7) Adding Fast Path rule
type = Airespace AP - Learn IP address
on AP b8:62:1f:e9:9f:30, slot 0, interface = 13, QOS = 0
ACL Id = 255, Jumbo F
*Apr 15 17:01:39.954: e0:91:53:60:1f:e4 0.0.0.0 DHCP_REQD (7) Successfully plumbed mobile rule (ACL ID 255)
*Apr 15 17:01:39.954: e0:91:53:60:1f:e4 0.0.0.0 Added NPU entry of type 9, dtlFlags 0x0
*Apr 15 17:01:39.954: e0:91:53:60:1f:e4 Sent an XID frame
*Apr 15 17:01:40.807: e0:91:53:60:1f:e4 Orphan Packet from STA - IP 169.254.201.128
*Apr 15 17:01:43.234: e0:91:53:60:1f:e4 DHCP received op BOOTREQUEST (1) (len 308, port 13, encap 0xec03)
*Apr 15 17:01:43.234: e0:91:53:60:1f:e4 DHCP processing DHCP DISCOVER (1)
*Apr 15 17:01:43.234: e0:91:53:60:1f:e4 DHCP op: BOOTREQUEST, htype: Ethernet, hlen: 6, hops: 0
*Apr 15 17:01:43.234: e0:91:53:60:1f:e4 DHCP xid: 0x9b24c896 (2602879126), secs: 1280, flags: 0
*Apr 15 17:01:43.234: e0:91:53:60:1f:e4 DHCP chaddr: e0:91:53:60:1f:e4
*Apr 15 17:01:43.234: e0:91:53:60:1f:e4 DHCP ciaddr: 0.0.0.0, yiaddr: 0.0.0.0
*Apr 15 17:01:43.234: e0:91:53:60:1f:e4 DHCP siaddr: 0.0.0.0, giaddr: 0.0.0.0
*Apr 15 17:01:43.234: e0:91:53:60:1f:e4 DHCP successfully bridged packet to DS
*Apr 15 17:01:43.234: e0:91:53:60:1f:e4 DHCP received op BOOTREPLY (2) (len 308, port 13, encap 0xec00)
*Apr 15 17:01:43.234: e0:91:53:60:1f:e4 DHCP processing DHCP OFFER (2)
*Apr 15 17:01:43.234: e0:91:53:60:1f:e4 DHCP op: BOOTREPLY, htype: Ethernet, hlen: 6, hops: 0
*Apr 15 17:01:43.234: e0:91:53:60:1f:e4 DHCP xid: 0x9b24c896 (2602879126), secs: 0, flags: 0
*Apr 15 17:01:43.234: e0:91:53:60:1f:e4 DHCP chaddr: e0:91:53:60:1f:e4
*Apr 15 17:01:43.235: e0:91:53:60:1f:e4 DHCP ciaddr: 0.0.0.0, yiaddr: 10.6.2.160
*Apr 15 17:01:43.235: e0:91:53:60:1f:e4 DHCP siaddr: 0.0.0.0, giaddr: 0.0.0.0
*Apr 15 17:01:43.235: e0:91:53:60:1f:e4 DHCP server id: 10.6.15.254 rcvd server id: 10.6.15.254
*Apr 15 17:01:43.235: e0:91:53:60:1f:e4 DHCP successfully bridged packet to STA
*Apr 15 17:01:43.240: e0:91:53:60:1f:e4 DHCP received op BOOTREQUEST (1) (len 316, port 13, encap 0xec03)
*Apr 15 17:01:43.241: e0:91:53:60:1f:e4 DHCP processing DHCP REQUEST (3)
*Apr 15 17:01:43.241: e0:91:53:60:1f:e4 DHCP op: BOOTREQUEST, htype: Ethernet, hlen: 6, hops: 0
*Apr 15 17:01:43.241: e0:91:53:60:1f:e4 DHCP xid: 0x9b24c896 (2602879126), secs: 1280, flags: 0
*Apr 15 17:01:43.241: e0:91:53:60:1f:e4 DHCP chaddr: e0:91:53:60:1f:e4
*Apr 15 17:01:43.241: e0:91:53:60:1f:e4 DHCP ciaddr: 0.0.0.0, yiaddr: 0.0.0.0
*Apr 15 17:01:43.241: e0:91:53:60:1f:e4 DHCP siaddr: 0.0.0.0, giaddr: 0.0.0.0
*Apr 15 17:01:43.241: e0:91:53:60:1f:e4 DHCP requested ip: 10.6.2.160
*Apr 15 17:01:43.241: e0:91:53:60:1f:e4 DHCP server id: 10.6.15.254 rcvd server id: 10.6.15.254
*Apr 15 17:01:43.241: e0:91:53:60:1f:e4 DHCP successfully bridged packet to DS
*Apr 15 17:01:43.241: e0:91:53:60:1f:e4 DHCP received op BOOTREPLY (2) (len 308, port 13, encap 0xec00)
*Apr 15 17:01:43.241: e0:91:53:60:1f:e4 DHCP processing DHCP ACK (5)
*Apr 15 17:01:43.241: e0:91:53:60:1f:e4 DHCP op: BOOTREPLY, htype: Ethernet, hlen: 6, hops: 0
*Apr 15 17:01:43.241: e0:91:53:60:1f:e4 DHCP xid: 0x9b24c896 (2602879126), secs: 0, flags: 0
*Apr 15 17:01:43.241: e0:91:53:60:1f:e4 DHCP chaddr: e0:91:53:60:1f:e4
*Apr 15 17:01:43.241: e0:91:53:60:1f:e4 DHCP ciaddr: 0.0.0.0, yiaddr: 10.6.2.160
*Apr 15 17:01:43.241: e0:91:53:60:1f:e4 DHCP siaddr: 0.0.0.0, giaddr: 0.0.0.0
*Apr 15 17:01:43.241: e0:91:53:60:1f:e4 DHCP server id: 10.6.15.254 rcvd server id: 10.6.15.254
*Apr 15 17:01:43.242: e0:91:53:60:1f:e4 10.6.2.160 DHCP_REQD (7) Change state to RUN (20) last state RUN (20)
*Apr 15 17:01:43.242: e0:91:53:60:1f:e4 10.6.2.160 RUN (20) Reached PLUMBFASTPATH: from line 4972
*Apr 15 17:01:43.242: e0:91:53:60:1f:e4 10.6.2.160 RUN (20) Replacing Fast Path rule
type = Airespace AP Client
on AP b8:62:1f:e9:9f:30, slot 0, interface = 13, QOS = 0
ACL Id = 255, Jumbo Frames = NO,
*Apr 15 17:01:43.242: e0:91:53:60:1f:e4 10.6.2.160 RUN (20) Successfully plumbed mobile rule (ACL ID 255)
*Apr 15 17:01:43.242: e0:91:53:60:1f:e4 Assigning Address 10.6.2.160 to mobile
*Apr 15 17:01:43.242: e0:91:53:60:1f:e4 DHCP successfully bridged packet to STA
*Apr 15 17:01:43.242: e0:91:53:60:1f:e4 10.6.2.160 Added NPU entry of type 1, dtlFlags 0x0
*Apr 15 17:01:43.242: e0:91:53:60:1f:e4 Sending a gratuitous ARP for 10.6.2.160, VLAN Id 15
*Apr 15 17:01:46.428: e0:91:53:60:1f:e4 DHCP received op BOOTREQUEST (1) (len 308, port 13, encap 0xec03)
*Apr 15 17:01:46.428: e0:91:53:60:1f:e4 DHCP processing DHCP INFORM (8)
*Apr 15 17:01:46.429: e0:91:53:60:1f:e4 DHCP op: BOOTREQUEST, htype: Ethernet, hlen: 6, hops: 0
*Apr 15 17:01:46.429: e0:91:53:60:1f:e4 DHCP xid: 0xbb0d5d87 (3138215303), secs: 0, flags: 0
*Apr 15 17:01:46.429: e0:91:53:60:1f:e4 DHCP chaddr: e0:91:53:60:1f:e4
*Apr 15 17:01:46.429: e0:91:53:60:1f:e4 DHCP ciaddr: 10.6.2.160, yiaddr: 0.0.0.0
*Apr 15 17:01:46.429: e0:91:53:60:1f:e4 DHCP siaddr: 0.0.0.0, giaddr: 0.0.0.0
*Apr 15 17:01:46.429: e0:91:53:60:1f:e4 DHCP successfully bridged packet to DS
*Apr 15 17:01:46.429: e0:91:53:60:1f:e4 DHCP received op BOOTREPLY (2) (len 308, port 13, encap 0xec00)
*Apr 15 17:01:46.429: e0:91:53:60:1f:e4 DHCP processing DHCP ACK (5)
*Apr 15 17:01:46.429: e0:91:53:60:1f:e4 DHCP op: BOOTREPLY, htype: Ethernet, hlen: 6, hops: 0
*Apr 15 17:01:46.429: e0:91:53:60:1f:e4 DHCP xid: 0xbb0d5d87 (3138215303), secs: 0, flags: 0
*Apr 15 17:01:46.429: e0:91:53:60:1f:e4 DHCP chaddr: e0:91:53:60:1f:e4
*Apr 15 17:01:46.429: e0:91:53:60:1f:e4 DHCP ciaddr: 10.6.2.160, yiaddr: 0.0.0.0
*Apr 15 17:01:46.429: e0:91:53:60:1f:e4 DHCP siaddr: 0.0.0.0, giaddr: 0.0.0.0
*Apr 15 17:01:46.429: e0:91:53:60:1f:e4 DHCP server id: 10.6.15.254 rcvd server id: 10.6.15.254
show client e0:91:53:60:1f:e4 (after re-connect)
(Cisco Controller) >show client detail e0:91:53:60:1f:e4
Client MAC Address............................... e0:91:53:60:1f:e4
Client Username ................................. N/A
AP MAC Address................................... b8:62:1f:e9:9f:30
Client State..................................... Associated
Client NAC OOB State............................. Access
Wireless LAN Id.................................. 7
BSSID............................................ b8:62:1f:e9:9f:31
Connected For ................................... 105 secs
Channel.......................................... 11
IP Address....................................... 10.6.2.160
Association Id................................... 8
Authentication Algorithm......................... Open System
Reason Code...................................... 1
Status Code...................................... 0
Session Timeout.................................. 65535
Client CCX version............................... No CCX support
QoS Level........................................ Silver
Diff Serv Code Point (DSCP)...................... disabled
802.1P Priority Tag.............................. disabled
WMM Support...................................... Enabled
U-APSD Support................................... Disabled
Power Save....................................... OFF
Current Rate..................................... m7
Supported Rates.................................. 1.0,2.0,5.5,11.0,6.0,9.0,
............................................. 12.0,18.0,24.0,36.0,48.0,
............................................. 54.0
Mobility State................................... Local
Mobility Move Count.............................. 0
Security Policy Completed........................ Yes
Policy Manager State............................. RUN
Policy Manager Rule Created...................... Yes
ACL Name......................................... none
ACL Applied Status............................... Unavailable
Policy Type...................................... N/A
Encryption Cipher................................ None
Management Frame Protection...................... No
EAP Type......................................... Unknown
Interface........................................ students
VLAN............................................. 15
Quarantine VLAN.................................. 0
Access VLAN...................................... 15
Client Capabilities:
CF Pollable................................ Not implemented
CF Poll Request............................ Not implemented
Short Preamble............................. Implemented
PBCC....................................... Not implemented
Channel Agility............................ Not implemented
Listen Interval............................ 1
Fast BSS Transition........................ Not implemented
Fast BSS Transition Details:
Client Statistics:
Number of Bytes Received................... 36509
Number of Bytes Sent....................... 32902
Number of Packets Received................. 300
Number of Packets Sent..................... 66
Number of EAP Id Request Msg Timeouts...... 0
Number of EAP Request Msg Timeouts......... 0
Number of EAP Key Msg Timeouts............. 0
Number of Data Retries..................... 95
Number of RTS Retries...................... 0
Number of Duplicate Received Packets....... 1
Number of Decrypt Failed Packets........... 0
Number of Mic Failured Packets............. 0
Number of Mic Missing Packets.............. 0
Number of Policy Errors.................... 0
Radio Signal Strength Indicator............ -66 dBm
Signal to Noise Ratio...................... 29 dB
Nearby AP Statistics:
APSOEBFF_COR3(slot 0) .....................
antenna0: 50 seconds ago -91 dBm................. antenna1: 50 seconds ago -76 dBm
APSOEAFF_FAC(slot 0) ......................
antenna0: 108 seconds ago -89 dBm................ antenna1: 108 seconds ago -87 dBm
APSOEBGF_FAC(slot 0) ......................
antenna0: 50 seconds ago -82 dBm................. antenna1: 50 seconds ago -71 dBm
APSOEBGF_STAFF(slot 0) ....................
antenna0: 49 seconds ago -74 dBm................. antenna1: 49 seconds ago -58 dBm
WLAN config
WLAN Identifier.................................. 9
Profile Name..................................... STAFF
Network Name (SSID).............................. STAFF
Status........................................... Enabled
MAC Filtering.................................... Enabled
Broadcast SSID................................... Enabled
AAA Policy Override.............................. Disabled
Network Admission Control
NAC-State...................................... Disabled
Quarantine VLAN................................ 0
Number of Active Clients......................... 32
Exclusionlist.................................... Disabled
Session Timeout.................................. Infinity
CHD per WLAN..................................... Disabled
Webauth DHCP exclusion........................... Disabled
Interface........................................ staff
WLAN ACL......................................... unconfigured
DHCP Server...................................... Default
DHCP Address Assignment Required................. Disabled
Quality of Service............................... Silver (best effort)
Scan Defer Priority.............................. 5,6
Scan Defer Time.................................. 100 milliseconds
WMM.............................................. Allowed
Media Stream Multicast-direct.................... Disabled
CCX - AironetIe Support.......................... Enabled
CCX - Gratuitous ProbeResponse (GPR)............. Disabled
CCX - Diagnostics Channel Capability............. Disabled
Dot11-Phone Mode (7920).......................... Disabled
Wired Protocol................................... None
IPv6 Support..................................... Disabled
Peer-to-Peer Blocking Action..................... Disabled
Radio Policy..................................... All
DTIM period for 802.11a radio.................... 1
DTIM period for 802.11b radio.................... 1
Radius Servers
Authentication................................ Disabled
Accounting.................................... Disabled
Dynamic Interface............................. Disabled
Local EAP Authentication......................... Disabled
Security
802.11 Authentication:........................ Open System
Static WEP Keys............................... Disabled
802.1X........................................ Disabled
Wi-Fi Protected Access (WPA/WPA2)............. Disabled
CKIP ......................................... Disabled
Web Based Authentication...................... Disabled
Web-Passthrough............................... Disabled
Conditional Web Redirect...................... Disabled
Splash-Page Web Redirect...................... Disabled
Auto Anchor................................... Disabled
H-REAP Local Switching........................ Disabled
H-REAP Learn IP Address....................... Enabled
Infrastructure MFP protection................. Enabled (Global Infrastructure MFP Disabled)
Client MFP.................................... Optional but inactive (WPA2 not configured)
Tkip MIC Countermeasure Hold-down Timer....... 60
Call Snooping.................................... Disabled
Band Select...................................... Disabled
Load Balancing................................... Disabled
HELPPPP!We have 75 evenly distributed AP's servicing the 500 odd users. Found the below traps on WLC. I was making some changes in the WLAN settings at the time:
Tue Apr 16 00:03:45 2013 Client Excluded: MACAddress:8c:a9:82:5d:d2:dc Base Radio MAC :3c:ce:73:c6:fe:00 Slot: 0 User Name: unknown Ip Address: unknown Reason:802.11 Association failed repeatedly. ReasonCode: 2
106 Tue Apr 16 00:03:45 2013 Client Excluded: MACAddress:58:94:6b:f2:24:c8 Base Radio MAC :c8:f9:f9:4c:01:30 Slot: 1 User Name: unknown Ip Address: unknown Reason:802.11 Association failed repeatedly. ReasonCode: 2
107 Tue Apr 16 00:03:45 2013 Client Excluded: MACAddress:bc:77:37:72:dc:0b Base Radio MAC :3c:ce:73:c6:53:10 Slot: 0 User Name: unknown Ip Address: unknown Reason:802.11 Association failed repeatedly. ReasonCode: 2
108 Tue Apr 16 00:03:45 2013 Client Excluded: MACAddress:00:26:c7:7d:12:76 Base Radio MAC :3c:ce:73:c4:79:80 Slot: 0 User Name: unknown Ip Address: unknown Reason:802.11 Association failed repeatedly. ReasonCode: 2
109 Tue Apr 16 00:03:45 2013 Client Excluded: MACAddress:bc:77:37:75:1f:93 Base Radio MAC :c8:f9:f9:2b:85:30 Slot: 0 User Name: unknown Ip Address: unknown Reason:802.11 Association failed repeatedly. ReasonCode: 2
110 Tue Apr 16 00:03:45 2013 Client Excluded: MACAddress:ac:72:89:58:8e:b9 Base Radio MAC :3c:ce:73:c6:53:10 Slot: 0 User Name: unknown Ip Address: unknown Reason:802.11 Association failed repeatedly. ReasonCode: 2
111 Tue Apr 16 00:03:44 2013 Client Excluded: MACAddress:bc:77:37:26:cd:e3 Base Radio MAC :3c:ce:73:c5:1f:10 Slot: 0 User Name: unknown Ip Address: unknown Reason:802.11 Association failed repeatedly. ReasonCode: 2
112 Tue Apr 16 00:03:44 2013 Client Excluded: MACAddress:ac:72:89:25:ea:e0 Base Radio MAC :3c:ce:73:c6:77:70 Slot: 0 User Name: unknown Ip Address: unknown Reason:802.11 Association failed repeatedly. ReasonCode: 2
113 Tue Apr 16 00:03:44 2013 Client Excluded: MACAddress:00:24:2c:6a:85:3d Base Radio MAC :3c:ce:73:c6:6a:50 Slot: 0 User Name: unknown Ip Address: unknown Reason:802.11 Association failed repeatedly. ReasonCode: 2
114 Tue Apr 16 00:03:44 2013 Client Excluded: MACAddress:68:5d:43:61:16:51 Base Radio MAC :3c:ce:73:f6:0c:20 Slot: 0 User Name: unknown Ip Address: unknown Reason:802.11 Association failed repeatedly. ReasonCode: 2
115 Tue Apr 16 00:03:44 2013 Client Excluded: MACAddress:7c:d1:c3:8a:64:f6 Base Radio MAC :3c:ce:73:c4:74:20 Slot: 1 User Name: unknown Ip Address: unknown Reason:802.11 Association failed repeatedly. ReasonCode: 2 -
EAP-TLS with WLC 5508, Microsoft NPS and custom EKU OID´s
We are trying to implement EAP-TLS with client certificates that have a custom EKU OID to distinguish the WLAN clients. The Microsoft Press Book
Windows Server 2008 PKI and Certificate Security gives an example on how to configure a policy in NPS that matches specific EKU OID´s. At the moment we have two policies that have an allowed-certificate-oid configured that matches the OID´s in our certificates, but our setup is not working as expected. Authentications will only be successful, if the client authenticates with the certificate that is matched by the first policy rule.
For example:
Policy 1: allowed-certificate-OID --> corporate
Policy 2: allowed-certificate-OID --> private
Client authenticates with EKU corporate --> success
Client authenticates with EKU private --> reject
My expectation was, that if Policy 1 will not match the NPS goes over to Policy 2 and tries to authenticate the client.
Has anyone a simmilar setup or can help to figure out what is going wrong?
We have a WLC 5508 with Software Version 7.4.100.0 and a NPS on a Windows Server 2008 R2
regards
FabianThe policy rejects and the NPS goes to the next policy, only if the user does not belong to the configured group.
This means I need to have one AD group per application policy, but that will not solve my problem. A user could belong to more than one group, depending on how many devices he/she has. It will work with one group only for each user, because the first policy that matches a AD group, the user belongs to, could have a OID that is not in the certificate. This would cause a recejct with reason code 73:
The purposes that are configured in the Application Policies extensions, also called Enhanced Key Usage (EKU) extensions, section of the user or computer certificate are not valid or are missing. The user or computer certificate must be configured with the Client Authentication purpose in Application Policies extensions. The object identifier for Client Authentication is 1.3.6.1.5.5.7.3.2.
The certificate does include this OID but not the custom EKU. -
Should I upgrade field recovery image version on WLC 5508? One of WLC 5508 has software 7.2.111.3 and field recovery image version is 6.0.182.0.
Thanks,Yes you should. Upload the FUS image and reboot the WLC. Read the release notes also.
Sent from Cisco Technical Support iPhone App -
Emergency Version for WLC 5508 with 6.0.188
The release notes for 6.0.188 talks abt 5.2.157.0 ER.aes. But 5508 does not like the file AIR-WLC4400-K9-5-2-157-0-ER.aes.
How can I get the boot loader on WLC 5508?
On WLC 5508...
Product Version.................................. 6.0.188.0
Bootloader Version............................... 1.0.1
Field Recovery Image Version..................... 6.0.182.0
On WLC 4404
Product Version.................................. 6.0.188.0
RTOS Version..................................... 6.0.188.0
Bootloader Version............................... 4.2.205.0
Emergency Image Version.......................... N/A ----------> Even though I installed 5-2-157-0-ER.aes it does not show here... Bug???Ok. In the release notes of 6.0.188 they should have seperated for 5508.
On WLC 4404
Product Version.................................. 6.0.188.0
RTOS Version..................................... 6.0.188.0
Bootloader Version............................... 4.2.205.0
Emergency Image Version.......................... N/A
When u say "The n/a issue is a bug but its with the primary image, not the ER image"
Do you mean that because my primary image is 6.0.188 which has bug to not take or show the ER image? -
Format WLC-5508 Flash and IOS recovery guide
Dear Support Cummunity,
i have a WLC-5508 where by i am unable to join any kind of AIR-LAP1x00 Access-Points.
They can't join in the local management ip of the controller within same L2 or via routed network thereby using the APs CLi by
"lwapp ap controller ip addr xx.xx.xx.xx".
I upgraded from: 6.0.188.0 to
AIR-CT5500-K9-6-0-199-0.aes
AIR-CT5500-K9-7-0-98-0.aes
thereby catching the same logs every time.
The main error message from the WLCs log i catched first is:
"maximum number of downloads (0) exceeded"
*sntpReceiveTask: Jul 16 07:40:58.827: %LOG-3-Q_IND: capwap_ac_sm.c:1683 Ignoring discovery request from AP 00:26:99:86:c9:b9 - maximum number of downloads (0) exceeded
*spamApTask1: Jul 16 07:40:58.343: %CAPWAP-3-DISC_MAX_DOWNLOAD: capwap_ac_sm.c:1683 Ignoring discovery request from AP 00:26:99:86:c9:b9 - maximum number of downloads (0) exceeded
*sntpReceiveTask: Jul 16 07:40:48.822: %LOG-3-Q_IND: capwap_ac_sm.c:1683 Ignoring discovery request from AP 00:26:99:86:c9:b9 - maximum number of downloads (0) exceeded
*spamApTask1: Jul 16 07:40:48.342: %CAPWAP-3-DISC_MAX_DOWNLOAD: capwap_ac_sm.c:1683 Ignoring discovery request from AP 00:26:99:86:c9:b9 - maximum number of downloads (0) exceeded
Later on i found some more logging infos:
*Aug 16 04:12:07.188: %SYSTEM-3-FILE_READ_FAIL: nvstore.c:422 Failed to read configuration file 'cliWebInitParms.cfg'
*Aug 16 04:12:07.188: %CNFGR-3-INV_COMP_ID: cnfgr.c:2080 Invalid Component Id : Unrecognized (81) in cfgConfiguratorInit.
*Aug 16 04:12:07.139: %SYSTEM-3-FILE_READ_FAIL: nvstore.c:422 Failed to read configuration file 'rfidInitParms.cfg'
*Aug 16 04:12:07.126: %SYSTEM-3-FILE_READ_FAIL: nvstore.c:422 Failed to read configuration file 'dhcpParms.cfg'
*Aug 16 04:12:07.113: %SYSTEM-3-FILE_READ_FAIL: nvstore.c:422 Failed to read configuration file 'bcastInitParms.cfg'
*Aug 16 04:12:07.047: %SYSTEM-3-FILE_READ_FAIL: nvstore.c:422 Failed to read configuration file 'rrmInitParms.cfg'
*Aug 16 04:12:06.906: %SYSTEM-3-FILE_READ_FAIL: nvstore.c:422 Failed to read configuration file 'apfInitParms.cfg'
*Aug 16 04:12:06.801: %MM-3-MEMBER_ADD_FAILED: mm_dir.c:860 Could not add Mobility Member. Reason: IP already assigned, Member-Count:1,MAC: 00:00:00:00:00:00, IP: 0.0.0.0
*Aug 16 04:12:06.599: %SYSTEM-3-FILE_READ_FAIL: nvstore.c:422 Failed to read configuration file 'mmInitParms.cfg'
*Aug 16 04:12:06.589: %SYSTEM-3-FILE_READ_FAIL: nvstore.c:422 Failed to read configuration file 'aaaapiInitParms.cfg'
*Aug 16 04:12:06.587: %SYSTEM-3-FILE_READ_FAIL: nvstore.c:422 Failed to read configuration file 'pemInitParms.cfg'
*Aug 16 04:12:06.474: %SYSTEM-3-FILE_READ_FAIL: nvstore.c:422 Failed to read configuration file 'dot1xInitParms.cfg'
*Aug 16 04:12:06.446: %SYSTEM-3-FILE_READ_FAIL: nvstore.c:422 Failed to read configuration file 'capwapInitParms.cfg'
*Aug 16 04:12:06.301: %SYSTEM-3-FILE_READ_FAIL: nvstore.c:422 Failed to read configuration file 'spamInitParms.cfg'
*Aug 16 04:12:06.298: %LICENSE-1-REQUEST_FAILED: license_syslog_notify:564 License request for feature base-ap-count 1.0 failed in this device, UDI=AIR-CT5508-K9:FCW1341L530
*Aug 16 04:12:05.221: %SSHPM-3-FREAD_FAILED: sshpmlscscep.c:1268 Error reading file /mnt/application/lscca_pem.crt
*Aug 16 04:11:46.121: %SYSTEM-3-FILE_READ_FAIL: nvstore.c:422 Failed to read configuration file 'sshpmInitParms.cfg'
as for me it looks like my filesystem is kind of corrupted since several files can not be read.
now at power up one can choose 5 in order to format flash/disk. unfortuanitly i have not found some documentation about formatting flash procedures.
please guide me to the appropriate documentation.
============================================================
Boot Loader Menu
============================================================
1. Run primary image (7.0.98.0) - Active
2. Run backup image (6.0.199.0)
3. Change active boot image
4. Clear configuration
5. Format FLASH Drive
6. Manually update images
Enter selection: 5
Launching...
WARNING! Choose this option may render the device warranty invalid
and/or make the device unusable.
what are my next steps going to be from here in order to format/restore?
thank you
colin(Cisco Controller) >show sys
Incorrect usage. Use the '?' or key to list commands.
(Cisco Controller) >show sysinfo
Manufacturer's Name.............................. Cisco Systems Inc.
Product Name..................................... Cisco Controller
Product Version.................................. 7.0.98.0
Bootloader Version............................... 1.0.1
Field Recovery Image Version..................... N/A
Firmware Version................................. FPGA 1.3, Env 1.6, USB console 1.27
Build Type....................................... DATA + WPS
System Name...................................... WLC
System Location..................................
System Contact...................................
System ObjectID.................................. 1.3.6.1.4.1.9.1.1069
IP Address....................................... 192.168.11.16
Last Reset....................................... Software reset
System Up Time................................... 0 days 0 hrs 4 mins 41 secs
System Timezone Location......................... (GMT +1:00) Amsterdam, Berlin, Rome, Vienna
Current Boot License Level....................... base
Current Boot License Type........................ Permanent
Next Boot License Level.......................... base
Next Boot License Type........................... Permanent
Configured Country............................... CH - Switzerland
--More-- or (q)uit
Operating Environment............................ Commercial (0 to 40 C)
Internal Temp Alarm Limits....................... 0 to 65 C
Internal Temperature............................. +39 C
External Temperature............................. +25 C
Fan Status....................................... OK
State of 802.11b Network......................... Enabled
State of 802.11a Network......................... Enabled
Number of WLANs.................................. 1
Number of Active Clients......................... 0
Burned-in MAC Address............................ 00:24:97:CE:E0:40
Power Supply 1................................... Present, OK
Power Supply 2................................... Absent
Maximum number of APs supported.................. 0 ç ???
why is it that it tells me i've got 0 APs supported on a permanent base license witch ships per default?
i tried to install a evaluation License but without success.. -
WLC 5508 with version 7.0.98.0 and AIR-LAP1242ag
hi, recently i have deployed wlc 5508 with ap 1262. initially i had trouble with the existing version on the wlc (6..0.199.0) which AIR-LAP1262N-E-K9 was not registering with wlc. i have upgraded the wlc to 6.0.199.4 ver still it was not registering. finally i have upgraded to 7.0.98.0 and all the 40 AP's ( AIR-LAP1262N-E-K9 ) are addedd and its working fine.
Now my issue is, at the same site i have 12 nos of AIR-LAP1242ag autnomous AP's which i need to convert to lightweight ap and register with wlc. where i am stuck currently. after loading the recovery image (c1240-rcvk9w8-tar.123-7.JX9.tar) the ap reboots and can see it register with wlc within seconds contollers pushed the new image and once the ap reboots, never register again.
does anyone has any idea?After adding the country codes GB and RU.. in my test setup 1242 is registered...i will have it run for couple hours and see the result
ref: below
(Cisco Controller) >show ap uptime
Number of APs.................................... 2
Global AP User Name.............................. Not Configured
Global AP Dot1x User Name........................ Not Configured
AP Name Ethernet MAC AP Up Time Association Up Time
AP1cdf.0f66.79ca 1c:df:0f:66:79:ca 0 days, 00 h 43 m 35 s 0 days, 00 h 42 m 36 s
AP001e.be27.a7e6 00:1e:be:27:a7:e6 0 days, 00 h 16 m 56 s 0 days, 00 h 07 m 15
This issue sorted...thanks -
Cisco 5500 Series WLC Field Recovery Compatibility
Is Software Version 7.2.111.3 compatible with Field Recovery Image Version 7.6.95.16.
Duplicate posts.
Go here: http://supportforums.cisco.com/discussion/12154556/cisco-5500-series-wlc-field-recovery-compatibility -
WLC 5508 software version working with ISE1.1.2
Hi,
My understanding is that for fully WLC 5508 integration with ISE 1.1.2, it needs Version 7.2.103.0. Question is if customer has 5508 with either 7.0.230 or 7.0.98, and ISE 1.1.2, can AAA part work? what part will not work, any potential issue if they don't upgrade 5508 to 7.2.103?
Thanks in advance!
TinaPlease check the below Table:
Table 1 Supported Network Access Devices
Device
Minimum OS Version
MAB
802.1X
Web Auth
Session CoA
VLAN
DACL
SGA
IOS Sensor
CWA
LWA
Wireless LAN Controller (WLC) 2500, 5500
7.2.103.0
No6
Yes
Yes
Yes
Yes
Yes
Yes
Yes
No
Ref. Link: http://www.cisco.com/en/US/docs/security/ise/1.1.1/compatibility/ise_sdt.html#wp55038 -
7925 Phones voice quality issues with wlc 5508 version 7.6
Hi all,
I have a mix environment with 1 WLC 5508 and more or less 6 sites with several Access Points ( all AIR-LAP1242AG and all in FlexConnect mode Hreap ) and several wireless phones (all CP7925G) . My Ap's have antennas 2.4GHz in all sites except 1 site ( the one i'm talking for now) with 2.4GHz and 5GHz , because of the problems we suggest to have all phone in A BAND (5Ghz) . In this site we force the phones just to A (802.11a only) , power safe NONE , Continuous scan mode , i fallow all in http://www.cisco.com/en/US/docs/voice_ip_comm/cuipph/7925g/7_0/english/deployment/guide/7925dply.pdf , one thing i didn’t do it was apply QoS because I can’t apply several ios commands in that 2960 with lan lite ios.
So I have 3 SSID for data and 2 for VOICE ( one is common to all environment and supports 2.4 and 5Ghz , and other just to test one site , with only 5Ghz with “[WPA2][Auth(802.1X + CCKM)][Auth(FT 802.1X)]”, because I read that problem can be phone rooming , and in FlexConnect only have fast-roaming in a CCKM or a PKM key-management solution , but even like this the problem still exist) .
I have another sites with phones in 2.4GHz running well and others with problems.
i read here in forums lots and lots of people with similar problems , i tried several solutions ( WLC upgrades versions and phones firmware's , …. ) tried all my best of solving the problems mas now I’m running without any ideas , i did also some site surveys and detect some interferers that why I change phones to 5Ghz , and I run also WLC Config analyser to help me , but all without good success. Some changes solve temporarily problems , but after some time , people reclaim about problems.
I can open a TAC case but first I want be sure if did all already.
Can someone try to help me?
ip phone 7925G firmware : CP7925G-1.4.5SR1.3
CUCM 8.6.2
WLC 5508 : 7.6.120.0
AP : AIR-LAP1242AG-E-K9 7.6.120.0 (flexconnect)
Best RegardsHi Serge,
Thanks for the suggestions. I have taken care of all the settings. Problem is , the user is seated in his office cabin and using the 7925 and there is around 50db signal strength in his room from an AP which is just outside the cabin. And this doesnt occur often, when we go to check and make calls, everything is fine whereas the user says it happens sometimes in the morning, evening etc... randomly... where the fone goes blank while in a call.... since the problem never happens when we go to troubleshoot the issue, we really dont know what is going on. This is happening when calling PSTN.
AP's are not restarting and there is no logs indicating that. Wireless infrastructure looks very much OK cos there are other users who are not experiencing this problem and there is ample coverage all over the floor. I am baffled why only one user has this problem even when he is seated in his office cabin.
Tried changing phones also, but still remains.
Question : i tried to do a linktest from WLC to his phone, but it failed, while linktest to laptops are working fine. Does wlc linktest not working for wireless phones ?
regards
Joe -
Wlc 5508 inaccessible after upgrade to version 8
dear all,
I have a problem after upgrading wlc 5508,
at first after upgrade everything works fine, but while waiting for APs to rejoin, wlc suddenly inaccessible either via SSH, telnet or console
I have restart the wlc with no luck
LED indicator for SYS and ALR are off
any suggestion will be highly appreciated
thanks
regardsIf the appliance failed in the first month after delivery, you might be able to squeeze off an RMA.
If the appliance failed in the first year after delivery, I don't care what is written in the "warranty", you can't do anything until you have a valid Service Contract. -
Hello everyone!
I have a controller of the 5508 series and Ap 1602.
Ap manage to obtain IP addresses from the DHCP server that is the 5508 controller.
but the Rev fail to register, please I really vesoin help.
Below are some show:
1. AP: sh version
AP0006.f6d5.ea9c#sh version
Cisco IOS Software, C1600 Software (AP1G2-RCVK9W8-M), Version 15.2(2)JB, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2012 by Cisco Systems, Inc.
Compiled Tue 11-Dec-12 04:52 by prod_rel_team
ROM: Bootstrap program is C1600 boot loader
BOOTLDR: C1600 Boot Loader (AP1G2-BOOT-M) LoaderVersion 15.2(2)JAX, RELEASE SOFTWARE (fc1)
AP0006.f6d5.ea9c uptime is 38 minutes
System returned to ROM by power-on
System image file is "flash:/ap1g2-rcvk9w8-mx/ap1g2-rcvk9w8-mx"
Last reload reason:
This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.
A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html
If you require further assistance please contact us by sending email to
[email protected].
cisco AIR-CAP1602E-E-K9 (PowerPC) processor (revision A0) with 98294K/32768K bytes of memory.
Processor board ID FGL1709Z6PC
PowerPC CPU at 533Mhz, revision number 0x2151
Last reset from power-on
LWAPP image version 7.4.1.37
1 Gigabit Ethernet interface
32K bytes of flash-simulated non-volatile configuration memory.
Base ethernet MAC Address: 00:06:F6:D5:EA:9C
Part Number : 73-14508-04
PCA Assembly Number : 000-00000-00
PCA Revision Number :
PCB Serial Number : FOC17020MTR
Top Assembly Part Number : 800-38553-01
Top Assembly Serial Number : FGL1709Z6PC
Top Revision Number : A0
Product/Model Number : AIR-CAP1602E-E-K9
Configuration register is 0xF
2. AP: sh ip interface brief
Interface IP-Address OK? Method Status Protocol
BVI1 unassigned YES DHCP up up
GigabitEthernet0 unassigned NO unset up up
GigabitEthernet0.1 unassigned YES unset up up
3. AP: sh inventory
---nothing---
4. WLC: sh sysinfo
(Cisco Controller) >show sysinfo
Manufacturer's Name.............................. Cisco Systems Inc.
Product Name..................................... Cisco Controller
Product Version.................................. 7.3.101.0
Bootloader Version............................... 1.0.1
Field Recovery Image Version..................... 6.0.182.0
Firmware Version................................. FPGA 1.3, Env 1.6, USB console 1.27
Build Type....................................... DATA + WPS
System Name...................................... WLC-EEML
System Location..................................
System Contact...................................
System ObjectID.................................. 1.3.6.1.4.1.9.1.1069
Redundancy Mode.................................. Disabled
IP Address....................................... 10.10.10.1
Last Reset....................................... Software reset
System Up Time................................... 1 days 1 hrs 13 mins 37 secs
System Timezone Location.........................
Configured Country............................... US - United States
Operating Environment............................ Commercial (0 to 40 C)
Internal Temp Alarm Limits....................... 0 to 65 C
Internal Temperature............................. +39 C
--More-- or (q)uit
External Temperature............................. +25 C
Fan Status....................................... OK
State of 802.11b Network......................... Enabled
State of 802.11a Network......................... Enabled
Number of WLANs.................................. 1
Number of Active Clients......................... 0
Burned-in MAC Address............................ E0:2F:6D:5D:7D:C0
Power Supply 1................................... Present, OK
Power Supply 2................................... Absent
Maximum number of APs supported.................. 25
5. WLC: sh time
Time............................................. Fri Jan 3 12:21:37 2014
Timezone delta................................... 0:0
Timezone location................................
NTP Servers
NTP Polling Interval......................... 86400
Index NTP Key Index NTP Server NTP Msg Auth Status
also, I'm in africa but
I can not change the country or the time zone
thank you in advance for your helpHi,
By CLI:
Before change the country code on wlc , You must disable
WLC > config 802.11a disable network
WLC >config 802.11b disable network
WLC >config country SA (...or wtever country u are in)
And then enable both network again.
WLC >config 802.11a enable network
WLC >config 802.11b enable network
By GUI:
First disable both network 802.11a and 802.11b
Follow these steps to disable the 802.11a and 802.11b/g networks as follows:
a. Choose Wireless> 802.11a/n > Network.
b. Unselect the 802.11a Network Status check box.
c. Click Apply to commit your changes.
d. Choose Wireless > 802.11b/g/n > Network.
e. Unselect the 802.11b/g Network Status check box.
f. Click Apply to commit your changes.
Change country code on WLC now:
Choose Wireless > Country
after changing the country code please enable both networks(802.11a and 802.11b)
Hope it helps.
Regards
Dont forget to rate helpful posts. -
WLC 5508 running 7.4.110.0 unable to tftp upload config from controller
Hi,
Two WLC 5508 running identical code version. One is 50 license Primary, the second is HA. Identical config on both. HA WLC can upload its config to the TFTP or FTP server but Primary cannot. The operation fails for both CLI and GUI and for different protocols i.e. TFTP, FTP.
#### Primary Controller
(Cisco Controller) >show sysinfo
Manufacturer's Name.............................. Cisco Systems Inc.
Product Name..................................... Cisco Controller
Product Version.................................. 7.4.110.0
Bootloader Version............................... 1.0.20
Field Recovery Image Version..................... 7.6.95.16
Firmware Version................................. FPGA 1.7, Env 1.8, USB console 2.2
Build Type....................................... DATA + WPS
System Name...................................... PRODWC7309
System Location..................................
System Contact...................................
System ObjectID.................................. 1.3.6.1.4.1.9.1.1069
Redundancy Mode.................................. Disabled
IP Address....................................... 10.1.30.210
Last Reset....................................... Power on reset
System Up Time................................... 18 days 18 hrs 51 mins 35 secs
System Timezone Location......................... (GMT+10:00) Sydney, Melbourne, Canberra
System Stats Realtime Interval................... 5
System Stats Normal Interval..................... 180
Configured Country............................... AU - Australia
Operating Environment............................ Commercial (0 to 40 C)
--More-- or (q)uit
Internal Temp Alarm Limits....................... 0 to 65 C
Internal Temperature............................. +34 C
External Temperature............................. +17 C
Fan Status....................................... OK
State of 802.11b Network......................... Enabled
State of 802.11a Network......................... Enabled
Number of WLANs.................................. 8
Number of Active Clients......................... 138
Memory Current Usage............................. Unknown
Memory Average Usage............................. Unknown
CPU Current Usage................................ Unknown
CPU Average Usage................................ Unknown
Burned-in MAC Address............................ 3C:08:F6:CA:52:20
Power Supply 1................................... Present, OK
Power Supply 2................................... Present, OK
Maximum number of APs supported.................. 50
(Cisco Controller) >debug transfer trace enable
(Cisco Controller) >transfer upload start
Mode............................................. TFTP
TFTP Server IP................................... 10.1.22.2
TFTP Path........................................ /
TFTP Filename.................................... PRODWC7309-tmp.cfg
Data Type........................................ Config File
Encryption....................................... Disabled
*** WARNING: Config File Encryption Disabled ***
Are you sure you want to start? (y/N) Y
*TransferTask: Jun 02 10:41:15.183: Memory overcommit policy changed from 0 to 1
*TransferTask: Jun 02 10:41:15.183: RESULT_STRING: TFTP Config transfer starting.
TFTP Config transfer starting.
*TransferTask: Jun 02 10:41:15.183: RESULT_CODE:1
*TransferTask: Jun 02 10:41:24.309: Locking tftp semaphore, pHost=10.1.22.2 pFilename=/PRODWC7309-tmp.cfg
*TransferTask: Jun 02 10:41:24.393: Semaphore locked, now unlocking, pHost=10.1.22.2 pFilename=/PRODWC7309-tmp.cfg
*TransferTask: Jun 02 10:41:24.393: Semaphore successfully unlocked, pHost=10.1.22.2 pFilename=/PRODWC7309-tmp.cfg
*TransferTask: Jun 02 10:41:24.394: tftp rc=-1, pHost=10.1.22.2 pFilename=/PRODWC7309-tmp.cfg
pLocalFilename=/mnt/application/xml/clis/clifile
*TransferTask: Jun 02 10:41:24.394: RESULT_STRING: % Error: Config file transfer failed - Unknown error - refer to log
*TransferTask: Jun 02 10:41:24.394: RESULT_CODE:12
*TransferTask: Jun 02 10:41:24.394: Memory overcommit policy restored from 1 to 0
% Error: Config file transfer failed - Unknown error - refer to log
(Cisco Controller) >show logging
*TransferTask: Jun 02 10:41:24.393: #UPDATE-3-FILE_OPEN_FAIL: updcode.c:4579 Failed to open file /mnt/application/xml/clis/clifile.
*sshpmReceiveTask: Jun 02 10:41:24.315: #OSAPI-3-MUTEX_FREE_INFO: osapi_sem.c:1087 Sema 0x2b32def8 time=142 ulk=1621944 lk=1621802 Locker(sshpmReceiveTask sshpmrecv.c:1662 pc=0x10b07938) unLocker(sshpmReceiveTask sshpmReceiveTaskEntry:1647 pc=0x10b07938)
-Traceback: 0x10af9500 0x1072517c 0x10b07938 0x12020250 0x12080bfc
*TransferTask: Jun 02 10:39:01.789: #UPDATE-3-FILE_OPEN_FAIL: updcode.c:4579 Failed to open file /mnt/application/xml/clis/clifile.
*sshpmReceiveTask: Jun 02 10:39:01.713: #OSAPI-3-MUTEX_FREE_INFO: osapi_sem.c:1087 Sema 0x2b32def8 time=5598 ulk=1621801 lk=1616203 Locker(sshpmReceiveTask sshpmrecv.c:1662 pc=0x10b07938) unLocker(sshpmReceiveTask sshpmReceiveTaskEntry:1647 pc=0x10b07938)
-Traceback: 0x10af9500 0x1072517c 0x10b07938 0x12020250 0x12080bfc
#### HA Controller
(Cisco Controller) >show sysinfo
Manufacturer's Name.............................. Cisco Systems Inc.
Product Name..................................... Cisco Controller
Product Version.................................. 7.4.110.0
Bootloader Version............................... 1.0.20
Field Recovery Image Version..................... 7.6.95.16
Firmware Version................................. FPGA 1.7, Env 1.8, USB console 2.2
Build Type....................................... DATA + WPS
System Name...................................... PRODWC7310
System Location..................................
System Contact...................................
System ObjectID.................................. 1.3.6.1.4.1.9.1.1069
Redundancy Mode.................................. Disabled
IP Address....................................... 10.1.31.210
Last Reset....................................... Software reset
System Up Time................................... 18 days 19 hrs 1 mins 27 secs
System Timezone Location......................... (GMT+10:00) Sydney, Melbourne, Canberra
System Stats Realtime Interval................... 5
System Stats Normal Interval..................... 180
Configured Country............................... AU - Australia
Operating Environment............................ Commercial (0 to 40 C)
--More-- or (q)uit
Internal Temp Alarm Limits....................... 0 to 65 C
Internal Temperature............................. +34 C
External Temperature............................. +17 C
Fan Status....................................... OK
State of 802.11b Network......................... Enabled
State of 802.11a Network......................... Enabled
Number of WLANs.................................. 4
Number of Active Clients......................... 0
Memory Current Usage............................. Unknown
Memory Average Usage............................. Unknown
CPU Current Usage................................ Unknown
CPU Average Usage................................ Unknown
Burned-in MAC Address............................ 3C:08:F6:CA:53:C0
Power Supply 1................................... Present, OK
Power Supply 2................................... Present, OK
Maximum number of APs supported.................. 500
(Cisco Controller) >debug transfer trace enable
(Cisco Controller) >transfer upload start
Mode............................................. FTP
FTP Server IP.................................... 10.1.22.2
FTP Server Port.................................. 21
FTP Path......................................... /
FTP Filename..................................... 10_1_31_210_140602_1050.cfg
FTP Username..................................... ftpuser
FTP Password..................................... *********
Data Type........................................ Config File
Encryption....................................... Disabled
*** WARNING: Config File Encryption Disabled ***
Are you sure you want to start? (y/N) y
*TransferTask: Jun 02 10:51:31.278: Memory overcommit policy changed from 0 to 1
*TransferTask: Jun 02 10:51:31.278: RESULT_STRING: FTP Config transfer starting.
FTP Config transfer starting.
*TransferTask: Jun 02 10:51:31.278: RESULT_CODE:1
*TransferTask: Jun 02 10:52:05.468: ftp operation returns 0
*TransferTask: Jun 02 10:52:05.477: RESULT_STRING: File transfer operation completed successfully.
*TransferTask: Jun 02 10:52:05.477: RESULT_CODE:11
File transfer operation completed successfully.
Not upgrading to 7.4.121.0 because of bug CSCuo63103. Have not restarted the controller yet.
Any one else had this issue ? Is there a workaround ?
Thanks,
Rick.Thanks Stephen, In my deployments of 7.4.110.0 version I have not seen this issue so may be controller reboot will fix it (we do have HA to minimize the impact). I will keep the thread updated with findings and may request TAC for the special release 7.4.121.0 if the still not happy with 7.4.110.0
Rick. -
What I am trying to configure is Mobility Groups.
My understanding is that this will allow AP to successfully register and fail over over seamlessly if any of the WLC had to fail ?
It could be I am confusing two things into one :( & I am totally confused and not understanding the benefits of mobility group mentioned above.
Also when a AP starts up and registers with the WLC ......I click on a registered AP > High Availability ( Primary / Sec / Tertiary ) all fields are blank...
Initially I also thought that once my SSO is all setup and working than those options "AP > High Availability" will get populated automatically but clearly not unless something is not working.
My current config is as follows:-
WLC 5508 * 2
WLC 1 - Primary
WLC 2 - HA SKU (Secondary )
Redundancy = SSO (Both AP and Client SSO)
=============
(Cisco Controller) >show sysinfo
Manufacturer's Name.............................. Cisco Systems Inc.
Product Name..................................... Cisco Controller
Product Version.................................. 7.6.130.0
Bootloader Version............................... 1.0.20
Field Recovery Image Version..................... 7.6.101.1
Firmware Version................................. FPGA 1.7, Env 1.8, USB console 2.2
Build Type....................................... DATA + WPS
System Name...................................... WLC5508
System Location..................................
System Contact...................................
System ObjectID.................................. 1.3.6.1.4.1.9.1.1069
Redundancy Mode.................................. SSO (Both AP and Client SSO)
IP Address....................................... 10.31.66.21
Last Reset....................................... Software reset
System Up Time................................... 0 days 22 hrs 39 mins 57 secs
System Timezone Location......................... (GMT) London, Lisbon, Dublin, Edinburgh
System Stats Realtime Interval................... 5
System Stats Normal Interval..................... 180
Configured Country............................... GB - United Kingdom
Operating Environment............................ Commercial (0 to 40 C)
--More-- or (q)uit
Internal Temp Alarm Limits....................... 0 to 65 C
Internal Temperature............................. +38 C
External Temperature............................. +21 C
Fan Status....................................... OK
State of 802.11b Network......................... Enabled
State of 802.11a Network......................... Enabled
Number of WLANs.................................. 1
Number of Active Clients......................... 0
Burned-in MAC Address............................ F8:72:EA:EE:5B:B2
Power Supply 1................................... Present, OK
Power Supply 2................................... Absent
Maximum number of APs supported.................. 500
============================================
TATA,
Mobility and mobility groups are used for the wireless users roaming. What we know that a wireless users can roam between different APs within the same WLC, but when the SSID is used within multiple WLCs, and the client wanted to roam to an AP joined to another WLC, you would need to configure WLC mobility to maintain seamless roaming. For more info:
http://www.cisco.com/c/en/us/td/docs/wireless/controller/8-0/configuration-guide/b_cg80/b_cg80_chapter_010001101.html
Now, I understand that your purpose is to have high availability for your APs. No this is done traditionally from the AP page, under HA tab, where you configure the WLCs names and IPs there. This can be done manually on each AP (you can use CLI to make it easier) or you can push a configuration template using a management server (WCS/NCS/CPI).
Configuring HA on the AP:
http://www.cisco.com/c/en/us/td/docs/wireless/controller/8-0/configuration-guide/b_cg80/b_cg80_chapter_01110000.html
http://www.cisco.com/c/en/us/td/docs/wireless/controller/8-0/configuration-guide/b_cg80/b_cg80_chapter_01110001.html
Using CPI to push AP configuration templates:
http://www.cisco.com/c/en/us/td/docs/wireless/prime_infrastructure/2-0/configuration/guide/pi_20_cg/temp.html
Now mobility may play a role in this, as if you have already configured mobility for your WLCs, then you won't need to configure a "name" for the WLCs when you add them under the HA tab in AP configuration page. That's it.
BR, Ala -
Trouble getting Cisco 2600 Series AP to stay joined to WLC 5508
Hi,
I have recently been tasked with upgrading our old Autonomous APs to LWAPs. We have a 5508 WLC at our Virtual Co-Lo and I am using Flexconnect to accomadate local switching and dhcp at our sites. I have upgraded over 50 APs and joined them to the controller. These include only 1130AG and 1240AG models. However they are working flawlessly and staying connected to the controller. The issue I'm having is with a new batch of 2600 series APs staying connected to the controller. I have attempted to do research into what may be causing the disconnects but have yet to find a solution. I am using DNS to resolve the CAPWAP & LWAPP queries from the APs to the controller accross our WAN. In reading other posts I thought it may be an issue with packets getting dropped but have had our Vendor who manages Sonicwalls at both ends of the WAN confirm for me there is no packet loss. Below are logs I gathered using puttty from the AP & WLC. Any help would be greatly appreciated.
AP I'm doing the testing on:
NAME: "AP2600", DESCR: "Cisco Aironet 2600 Series (IEEE 802.11n) Access Point"
PID: AIR-CAP2602I-A-K9 , VID: V01, SN: FTX1740J8V1
WLC in question:
Manufacturer's Name.............................. Cisco Systems Inc.
Product Name..................................... Cisco Controller
Product Version.................................. 7.3.112.0
Bootloader Version............................... 1.0.1
Field Recovery Image Version..................... 6.0.182.0
Firmware Version................................. FPGA 1.3, Env 1.6, USB console 1.27
Build Type....................................... DATA + WPS
System Name...................................... wificontroller
System Location.................................. Corp
System Contact................................... Net Engineer
System ObjectID.................................. 1.3.6.1.4.1.9.1.1069
Redundancy Mode.................................. Disabled
IP Address....................................... 10.250.32.8
Last Reset....................................... Software reset
System Up Time................................... 190 days 3 hrs 34 mins 24 secs
System Timezone Location......................... (GMT -5:00) Eastern Time (US and Canada)
Configured Country............................... US - United States
Operating Environment............................ Commercial (0 to 40 C)
Internal Temp Alarm Limits....................... 0 to 65 C
--More-- or (q)uit
Internal Temperature............................. +38 C
External Temperature............................. +20 C
Fan Status....................................... OK
State of 802.11b Network......................... Enabled
State of 802.11a Network......................... Enabled
Number of WLANs.................................. 14
Number of Active Clients......................... 71
Burned-in MAC Address............................ C8:9C:1D:8C:52:E0
Power Supply 1................................... Present, OK
Power Supply 2................................... Absent
Maximum number of APs supported.................. 100
Here is the output that keeps on occuring as the AP joins the WLC for a brief time and then changes to standalone mode
WT-4thFlr-AP3#
*Dec 14 15:42:04.419: %CAPWAP-3-ERRORLOG: Retransmission count for packet exceeded max(CAPWAP_WTP_EVENT_REQUEST
., 3)
*Dec 14 15:42:11.443: %EVT-4-WRN: Write of flash:/event.capwap done
*Dec 14 15:42:11.483: %LWAPP-3-CLIENTERRORLOG: Switching to Standalone mode
*Dec 14 15:42:11.487: %CAPWAP-3-ERRORLOG: GOING BACK TO DISCOVER MODE
*Dec 14 15:42:11.487: %DTLS-5-SEND_ALERT: Send FATAL : Close notify Alert to 10.250.32.8:5246
*Dec 14 15:42:11.571: %WIDS-6-DISABLED: IDS Signature is removed and disabled.
*Dec 14 15:42:21.575: %CAPWAP-3-ERRORLOG: Selected MWAR 'wificontroller'(index 0).
*Dec 14 15:42:21.575: %CAPWAP-3-ERRORLOG: Go join a capwap controller
*Dec 14 15:42:12.000: %CAPWAP-5-DTLSREQSEND: DTLS connection request sent peer_ip: 10.250.32.8 peer_port: 5246
*Dec 14 15:42:14.303: %CAPWAP-5-DTLSREQSUCC: DTLS connection created sucessfully peer_ip: 10.250.32.8 peer_port: 5246
*Dec 14 15:42:14.303: %CAPWAP-5-SENDJOIN: sending Join Request to 10.250.32.8
*Dec 14 15:42:15.127: Starting Ethernet promiscuous mode
*Dec 14 15:42:15.535: %LWAPP-4-CLIENTEVENTLOG: OfficeExtend Localssid saved in AP flash
*Dec 14 15:42:15.667: ac_first_hop_mac - IP:10.1.2.250 Hop IP:10.1.2.250 IDB:BVI1
*Dec 14 15:42:15.667: Setting AC first hop MAC: 0017.c575.a23c
*Dec 14 15:42:15.855: %CAPWAP-5-JOINEDCONTROLLER: AP has joined controller wificontroller
*Dec 14 15:42:15.911: %LWAPP-4-CLIENTEVENTLOG: No Flex ACL map configuration file to load. Connect to controller to get configuration file
*Dec 14 15:42:15.911: %LWAPP-4-CLIENTEVENTLOG: No Flex ACL map configuration file to load. Connect to controller to get configuration file
*Dec 14 15:42:15.911: %LWAPP-4-CLIENTEVENTLOG: No LS Flex ACL map configuration file to load. Connect to controller to get configuration file
*Dec 14 15:42:15.915: %LWAPP-4-CLIENTEVENTLOG: No Central Dhcp map configuration file to load. Connect to controller to get configuration file
*Dec 14 15:42:15.915: %LWAPP-3-CLIENTERRORLOG: Switching to Connected mode
*Dec 14 15:42:23.639: %WIDS-6-ENABLED: IDS Signature is loaded and enabled
*Dec 14 15:42:34.615: %CLEANAIR-6-STATE: Slot 0 disabled
*Dec 14 15:42:34.615: %CLEANAIR-6-STATE: Slot 1 disabled
*Dec 14 15:45:43.783: %CAPWAP-3-ERRORLOG: Retransmission count for packet exceeded max(CAPWAP_WTP_EVENT_REQUEST
., 11)
*Dec 14 15:45:43.787: %LWAPP-3-CLIENTERRORLOG: Switching to Standalone mode
*Dec 14 15:45:43.787: %CAPWAP-3-ERRORLOG: GOING BACK TO DISCOVER MODE
*Dec 14 15:45:43.787: %DTLS-5-SEND_ALERT: Send FATAL : Close notify Alert to 10.250.32.8:5246
*Dec 14 15:45:43.867: %WIDS-6-DISABLED: IDS Signature is removed and disabled.
*Dec 14 15:45:53.867: %CAPWAP-3-ERRORLOG: Selected MWAR 'wificontroller'(index 0).
*Dec 14 15:45:53.867: %CAPWAP-3-ERRORLOG: Go join a capwap controller
*Dec 14 15:45:44.000: %CAPWAP-5-DTLSREQSEND: DTLS connection request sent peer_ip: 10.250.32.8 peer_port: 5246
*Dec 14 15:45:46.315: %CAPWAP-5-DTLSREQSUCC: DTLS connection created sucessfully peer_ip: 10.250.32.8 peer_port: 5246
*Dec 14 15:45:46.315: %CAPWAP-5-SENDJOIN: sending Join Request to 10.250.32.8
*Dec 14 15:45:46.487: Starting Ethernet promiscuous mode
*Dec 14 15:45:49.903: %LWAPP-4-CLIENTEVENTLOG: OfficeExtend Localssid saved in AP flash
*Dec 14 15:45:50.031: ac_first_hop_mac - IP:10.1.2.250 Hop IP:10.1.2.250 IDB:BVI1
*Dec 14 15:45:50.031: Setting AC first hop MAC: 0017.c575.a23c
Here are the results of debug capwap client event on the AP:
WT-4thFlr-AP3#debug capwap client event
CAPWAP Client EVENT display debugging is on
WT-4thFlr-AP3#
*Dec 14 15:54:58.335: %CAPWAP-3-EVENTLOG: Echo Interval Expired.
*Dec 14 15:54:58.335: %CAPWAP-3-EVENTLOG: Sending packet to AC
*Dec 14 15:54:58.335: %CAPWAP-3-EVENTLOG: Echo Request sent to 10.250.32.8
*Dec 14 15:54:58.343: %CAPWAP-3-EVENTLOG: Resetting reTransmissionCnt to 0
*Dec 14 15:54:58.343: %CAPWAP-3-EVENTLOG: Queue Empty.
*Dec 14 15:54:58.343: %CAPWAP-3-EVENTLOG: Echo Response from 10.250.32.8
*Dec 14 15:55:08.000: %CAPWAP-3-EVENTLOG: Setting time to 15:55:08 UTC Dec 14 2013
*Dec 14 15:55:25.579: %CAPWAP-3-EVENTLOG: Sending packet to AC
*Dec 14 15:55:25.587: %CAPWAP-3-EVENTLOG: Resetting reTransmissionCnt to 0
*Dec 14 15:55:25.587: %CAPWAP-3-EVENTLOG: Queue Empty.
*Dec 14 15:55:25.587: %CAPWAP-3-EVENTLOG: Wtp Event Response from 10.250.32.8
*Dec 14 15:55:25.827: %CAPWAP-3-EVENTLOG: Sending packet to AC
*Dec 14 15:55:25.835: %CAPWAP-3-EVENTLOG: Resetting reTransmissionCnt to 0
*Dec 14 15:55:25.835: %CAPWAP-3-EVENTLOG: Queue Empty.
*Dec 14 15:55:25.835: %CAPWAP-3-EVENTLOG: Wtp Event Response from 10.250.32.8
*Dec 14 15:55:55.835: %CAPWAP-3-EVENTLOG: Echo Interval Expired.
*Dec 14 15:55:55.835: %CAPWAP-3-EVENTLOG: Sending packet to AC
*Dec 14 15:55:55.835: %CAPWAP-3-EVENTLOG: Echo Request sent to 10.250.32.8
*Dec 14 15:55:55.843: %CAPWAP-3-EVENTLOG: Resetting reTransmissionCnt to 0
*Dec 14 15:55:55.843: %CAPWAP-3-EVENTLOG: Queue Empty.
*Dec 14 15:55:55.843: %CAPWAP-3-EVENTLOG: Echo Response from 10.250.32.8
*Dec 14 15:55:56.000: %CAPWAP-3-EVENTLOG: Setting time to 15:55:56 UTC Dec 14 2013
*Dec 14 15:56:25.735: %CAPWAP-3-EVENTLOG: Sending packet to AC
*Dec 14 15:56:25.743: %CAPWAP-3-EVENTLOG: Resetting reTransmissionCnt to 0
*Dec 14 15:56:25.743: %CAPWAP-3-EVENTLOG: Queue Empty.
*Dec 14 15:56:25.743: %CAPWAP-3-EVENTLOG: Wtp Event Response from 10.250.32.8
*Dec 14 15:56:25.983: %CAPWAP-3-EVENTLOG: Sending packet to AC
*Dec 14 15:56:25.991: %CAPWAP-3-EVENTLOG: Resetting reTransmissionCnt to 0
*Dec 14 15:56:25.991: %CAPWAP-3-EVENTLOG: Queue Empty.
*Dec 14 15:56:25.991: %CAPWAP-3-EVENTLOG: Wtp Event Response from 10.250.32.8
*Dec 14 15:56:55.991: %CAPWAP-3-EVENTLOG: Echo Interval Expired.
*Dec 14 15:56:55.991: %CAPWAP-3-EVENTLOG: Sending packet to AC
*Dec 14 15:56:55.991: %CAPWAP-3-EVENTLOG: Echo Request sent to 10.250.32.8
*Dec 14 15:56:55.999: %CAPWAP-3-EVENTLOG: Resetting reTransmissionCnt to 0
*Dec 14 15:56:55.999: %CAPWAP-3-EVENTLOG: Queue Empty.
*Dec 14 15:56:55.999: %CAPWAP-3-EVENTLOG: Echo Response from 10.250.32.8
*Dec 14 15:56:56.000: %CAPWAP-3-EVENTLOG: Setting time to 15:56:56 UTC Dec 14 2013
Here are the results of debug capwap client packet detail:
WT-4thFlr-AP3#
*Dec 14 15:59:01.823: <<<< Start of CAPWAP Packet >>>>
*Dec 14 15:59:01.823: CAPWAP Control mesg Sent to 10.250.32.8, Port 5246
*Dec 14 15:59:01.823: Msg Type : CAPWAP_ECHO_REQUEST
*Dec 14 15:59:01.823: Msg Length : 0
*Dec 14 15:59:01.823: Msg SeqNum : 44
*Dec 14 15:59:01.823: <<<< End of CAPWAP Packet >>>>
*Dec 14 15:59:01.831: <<<< Start of CAPWAP Packet >>>>
*Dec 14 15:59:01.831: CAPWAP Control mesg Recd from 10.250.32.8, Port 5246
*Dec 14 15:59:01.831: HLEN 2, Radio ID 0, WBID 1
*Dec 14 15:59:01.831: Msg Type : CAPWAP_ECHO_RESPONSE
*Dec 14 15:59:01.831: Msg Length : 15
*Dec 14 15:59:01.831: Msg SeqNum : 44
*Dec 14 15:59:01.831:
*Dec 14 15:59:01.831: Type : CAPWAP_MSGELE_VENDOR_SPECIFIC_PAYLOAD, Length 11
*Dec 14 15:59:01.831: Vendor Identifier : 0x00409600
*Dec 14 15:59:01.831:
*Dec 14 15:59:01.831:
IE : UNKNOWN IE 151
*Dec 14 15:59:01.831: IE Length : 5
*Dec 14 15:59:01.831: Decode routine not available, Printing Hex Dump
*Dec 14 15:59:01.831:
52 AC 80 46 00
*Dec 14 15:59:01.831: <<<< End of CAPWAP Packet >>>>
*Dec 14 15:59:20.931: <<<< Start of CAPWAP Packet >>>>
*Dec 14 15:59:20.931: CAPWAP Control mesg Recd from 10.250.32.8, Port 5246
*Dec 14 15:59:20.931: HLEN 2, Radio ID 0, WBID 1
*Dec 14 15:59:20.931: Msg Type : CAPWAP_CONFIGURATION_UPDATE_REQUEST
*Dec 14 15:59:20.931: Msg Length : 93
*Dec 14 15:59:20.931: Msg SeqNum : 38
*Dec 14 15:59:20.931:
*Dec 14 15:59:20.931: Type : CAPWAP_MSGELE_VENDOR_SPECIFIC_PAYLOAD, Length 89
*Dec 14 15:59:20.931: Vendor Identifier : 0x00409600
*Dec 14 15:59:20.931:
*Dec 14 15:59:20.931:
IE : RRM_NEIGHBOR_CTRL_PAYLOAD
*Dec 14 15:59:20.931: IE Length : 83
*Dec 14 15:59:20.931: Decode routine not available, Printing Hex Dump
*Dec 14 15:59:20.931:
00 0A FA 20 08 01 F4 00 07 0A FA 20 08 03 00 01
01 00 3C 00 B4 2E 06 2E E7 B4 94 51 B2 C7 79 25
22 FD BE 04 F6 00 00 00 00 00 00 00 00 4F 50 52
53 2D 57 69 46 69 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 01 06 0B
01 01 01
*Dec 14 15:59:20.931: <<<< End of CAPWAP Packet >>>>
*Dec 14 15:59:20.931: <<<< Start of CAPWAP Packet >>>>
*Dec 14 15:59:20.931: CAPWAP Control mesg Sent to 10.250.32.8, Port 5246
*Dec 14 15:59:20.931: Msg Type : CAPWAP_CONFIGURATION_UPDATE_RESPONSE
*Dec 14 15:59:20.931: Msg Length : 8
*Dec 14 15:59:20.931: Msg SeqNum : 38
*Dec 14 15:59:20.931:
*Dec 14 15:59:20.931: Type : CAPWAP_MSGELE_RESULT_CODE, Length 4
*Dec 14 15:59:20.931: Result Code : CAPWAP_SUCCESS
*Dec 14 15:59:20.931: <<<< End of CAPWAP Packet >>>>
*Dec 14 15:59:21.139: <<<< Start of CAPWAP Packet >>>>
*Dec 14 15:59:21.139: CAPWAP Control mesg Recd from 10.250.32.8, Port 5246
*Dec 14 15:59:21.139: HLEN 2, Radio ID 0, WBID 1
*Dec 14 15:59:21.139: Msg Type : CAPWAP_CONFIGURATION_UPDATE_REQUEST
*Dec 14 15:59:21.139: Msg Length : 111
*Dec 14 15:59:21.139: Msg SeqNum : 39
*Dec 14 15:59:21.139:
*Dec 14 15:59:21.139: Type : CAPWAP_MSGELE_VENDOR_SPECIFIC_PAYLOAD, Length 107
*Dec 14 15:59:21.139: Vendor Identifier : 0x00409600
*Dec 14 15:59:21.139:
*Dec 14 15:59:21.139:
IE : RRM_NEIGHBOR_CTRL_PAYLOAD
*Dec 14 15:59:21.139: IE Length : 101
*Dec 14 15:59:21.139: Decode routine not available, Printing Hex Dump
*Dec 14 15:59:21.143:
01 0A FA 20 08 01 F4 00 07 0A FA 20 08 0C 00 01
01 00 3C 00 B4 2E 06 2E E7 B4 94 51 B2 C7 79 25
22 FD BE 04 F6 00 00 00 00 00 00 00 00 4F 50 52
53 2D 57 69 46 69 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 24 28 2C
30 34 38 3C 40 95 99 9D A1 01 01 01 01 01 01 01
01 01 01 01 01
*Dec 14 15:59:21.143: <<<< End of CAPWAP Packet >>>>
*Dec 14 15:59:21.143: <<<< Start of CAPWAP Packet >>>>
*Dec 14 15:59:21.143: CAPWAP Control mesg Sent to 10.250.32.8, Port 5246
*Dec 14 15:59:21.143: Msg Type : CAPWAP_CONFIGURATION_UPDATE_RESPONSE
*Dec 14 15:59:21.143: Msg Length : 8
*Dec 14 15:59:21.143: Msg SeqNum : 39
*Dec 14 15:59:21.143:
*Dec 14 15:59:21.143: Type : CAPWAP_MSGELE_RESULT_CODE, Length 4
*Dec 14 15:59:21.143: Result Code : CAPWAP_SUCCESS
*Dec 14 15:59:21.143: <<<< End of CAPWAP Packet >>>>
*Dec 14 15:59:25.547: <<<< Start of CAPWAP Packet >>>>
*Dec 14 15:59:25.547: CAPWAP Control mesg Sent to 10.250.32.8, Port 5246
*Dec 14 15:59:25.547: Msg Type : CAPWAP_WTP_EVENT_REQUEST
*Dec 14 15:59:25.547: Msg Length : 14
*Dec 14 15:59:25.547: Msg SeqNum : 45
*Dec 14 15:59:25.547:
*Dec 14 15:59:25.547: Type : CAPWAP_MSGELE_VENDOR_SPECIFIC_PAYLOAD, Length 10
*Dec 14 15:59:25.547: Vendor Identifier : 0x00409600
*Dec 14 15:59:25.547:
*Dec 14 15:59:25.547:
IE : RRM_LOAD_DATA_PAYLOAD
*Dec 14 15:59:25.547: IE Length : 4
*Dec 14 15:59:25.547: slot 0 rxLoad 0 txLoad 0 ccaLoad 33
*Dec 14 15:59:25.547: <<<< End of CAPWAP Packet >>>>
*Dec 14 15:59:25.555: <<<< Start of CAPWAP Packet >>>>
*Dec 14 15:59:25.555: CAPWAP Control mesg Recd from 10.250.32.8, Port 5246
*Dec 14 15:59:25.555: HLEN 2, Radio ID 0, WBID 1
*Dec 14 15:59:25.555: Msg Type : CAPWAP_WTP_EVENT_RESPONSE
*Dec 14 15:59:25.555: Msg Length : 0
*Dec 14 15:59:25.555: Msg SeqNum : 45
*Dec 14 15:59:25.555: <<<< End of CAPWAP Packet >>>>
*Dec 14 15:59:25.795: <<<< Start of CAPWAP Packet >>>>
*Dec 14 15:59:25.795: CAPWAP Control mesg Sent to 10.250.32.8, Port 5246
*Dec 14 15:59:25.795: Msg Type : CAPWAP_WTP_EVENT_REQUEST
*Dec 14 15:59:25.795: Msg Length : 14
*Dec 14 15:59:25.795: Msg SeqNum : 46
*Dec 14 15:59:25.795:
*Dec 14 15:59:25.795: Type : CAPWAP_MSGELE_VENDOR_SPECIFIC_PAYLOAD, Length 10
*Dec 14 15:59:25.795: Vendor Identifier : 0x00409600
*Dec 14 15:59:25.795:
*Dec 14 15:59:25.795:
IE : RRM_LOAD_DATA_PAYLOAD
*Dec 14 15:59:25.795: IE Length : 4
*Dec 14 15:59:25.795: slot 1 rxLoad 0 txLoad 0 ccaLoad 0
*Dec 14 15:59:25.795: <<<< End of CAPWAP Packet >>>>
*Dec 14 15:59:25.803: <<<< Start of CAPWAP Packet >>>>
*Dec 14 15:59:25.803: CAPWAP Control mesg Recd from 10.250.32.8, Port 5246
*Dec 14 15:59:25.803: HLEN 2, Radio ID 0, WBID 1
*Dec 14 15:59:25.803: Msg Type : CAPWAP_WTP_EVENT_RESPONSE
*Dec 14 15:59:25.803: Msg Length : 0
*Dec 14 15:59:25.803: Msg SeqNum : 46
*Dec 14 15:59:25.803: <<<< End of CAPWAP Packet >>>>
*Dec 14 15:59:30.375: <<<< Start of CAPWAP Packet >>>>
*Dec 14 15:59:30.375: CAPWAP Control mesg Recd from 10.250.32.8, Port 5246
*Dec 14 15:59:30.375: HLEN 2, Radio ID 0, WBID 1
*Dec 14 15:59:30.375: Msg Type : CAPWAP_CONFIGURATION_UPDATE_REQUEST
*Dec 14 15:59:30.375: Msg Length : 17
*Dec 14 15:59:30.375: Msg SeqNum : 40
*Dec 14 15:59:30.375:
*Dec 14 15:59:30.375: Type : CAPWAP_MSGELE_VENDOR_SPECIFIC_PAYLOAD, Length 13
*Dec 14 15:59:30.375: Vendor Identifier : 0x00409600
SlotId : 0
Mobile Mac Addr : BC:52:B7:E3:17:CB
*Dec 14 15:59:30.375: <<<< End of CAPWAP Packet >>>>
*Dec 14 15:59:30.375: <<<< Start of CAPWAP Packet >>>>
*Dec 14 15:59:30.375: CAPWAP Control mesg Sent to 10.250.32.8, Port 5246
*Dec 14 15:59:30.375: Msg Type : CAPWAP_CONFIGURATION_UPDATE_RESPONSE
*Dec 14 15:59:30.379: Msg Length : 8
*Dec 14 15:59:30.379: Msg SeqNum : 40
*Dec 14 15:59:30.379:
*Dec 14 15:59:30.379: Type : CAPWAP_MSGELE_RESULT_CODE, Length 4
*Dec 14 15:59:30.379: Result Code : CAPWAP_SUCCESS
*Dec 14 15:59:30.379: <<<< End of CAPWAP Packet >>>>
*Dec 14 15:59:30.387: <<<< Start of CAPWAP Packet >>>>
*Dec 14 15:59:30.387: CAPWAP Control mesg Recd from 10.250.32.8, Port 5246
*Dec 14 15:59:30.387: HLEN 2, Radio ID 0, WBID 1
*Dec 14 15:59:30.387: Msg Type : CAPWAP_WTP_EVENT_RESPONSE
*Dec 14 15:59:30.387: Msg Length : 0
*Dec 14 15:59:30.387: Msg SeqNum : 47
*Dec 14 15:59:30.387: <<<< End of CAPWAP Packet >>>>
*Dec 14 16:00:00.387: <<<< Start of CAPWAP Packet >>>>
*Dec 14 16:00:00.387: CAPWAP Control mesg Sent to 10.250.32.8, Port 5246
*Dec 14 16:00:00.387: Msg Type : CAPWAP_ECHO_REQUEST
*Dec 14 16:00:00.387: Msg Length : 0
*Dec 14 16:00:00.387: Msg SeqNum : 48
*Dec 14 16:00:00.387: <<<< End of CAPWAP Packet >>>>
*Dec 14 16:00:00.395: <<<< Start of CAPWAP Packet >>>>
*Dec 14 16:00:00.395: CAPWAP Control mesg Recd from 10.250.32.8, Port 5246
*Dec 14 16:00:00.395: HLEN 2, Radio ID 0, WBID 1
*Dec 14 16:00:00.395: Msg Type : CAPWAP_ECHO_RESPONSE
*Dec 14 16:00:00.395: Msg Length : 15
*Dec 14 16:00:00.395: Msg SeqNum : 48
*Dec 14 16:00:00.395:
*Dec 14 16:00:00.395: Type : CAPWAP_MSGELE_VENDOR_SPECIFIC_PAYLOAD, Length 11
*Dec 14 16:00:00.395: Vendor Identifier : 0x00409600
*Dec 14 16:00:00.395:
*Dec 14 16:00:00.395:
IE : UNKNOWN IE 151
*Dec 14 16:00:00.395: IE Length : 5
*Dec 14 16:00:00.395: Decode routine not available, Printing Hex Dump
*Dec 14 16:00:00.395:
52 AC 80 81 00
*Dec 14 16:00:00.395: <<<< End of CAPWAP Packet >>>>Under my AP Policies I only have "Accept Manufactured Installed Certificate (MIC)" checked. I attempted to add the AP based on MAC Address (c0:67:af:6f:25:70) with this certificate type but still have the same issue. I then ran the following debug on my controller and this is the output I recieve regarding that MAC. I tried to cut the output short because it get's somewhat redundant but was unsure what exactly to look for in the output. Should I be selecting a different certificate type? I am somewhat new to wireless technologies but doing my best to pick things up so if this seems trivial please forgive my ignorance.
debug pm pki enable
*sshpmLscTask: Dec 14 20:42:56.450: sshpmLscTask: LSC Task received a message 4
*spamApTask6: Dec 14 20:42:58.840: sshpmGetIssuerHandles: locking ca cert table
*spamApTask6: Dec 14 20:42:58.841: sshpmGetIssuerHandles: calling x509_alloc() for user cert
*spamApTask6: Dec 14 20:42:58.841: sshpmGetIssuerHandles: calling x509_decode()
*spamApTask6: Dec 14 20:42:58.845: sshpmGetIssuerHandles: C=US, ST=California, L=San Jose, O=Cisco Systems, CN=AP3G2-c067af6f2570, [email protected]
*spamApTask6: Dec 14 20:42:58.845: sshpmGetIssuerHandles: O=Cisco Systems, CN=Cisco Manufacturing CA
*spamApTask6: Dec 14 20:42:58.845: sshpmGetIssuerHandles: Mac Address in subject is c0:67:af:6f:25:70
*spamApTask6: Dec 14 20:42:58.845: sshpmGetIssuerHandles: Cert Name in subject is AP3G2-c067af6f2570
*spamApTask6: Dec 14 20:42:58.845: sshpmGetIssuerHandles: Cert is issued by Cisco Systems.
*spamApTask6: Dec 14 20:42:58.845: sshpmGetCID: called to evaluate
*spamApTask6: Dec 14 20:42:58.845: sshpmGetCID: comparing to row 0, CA cert >bsnOldDefaultCaCert<
*spamApTask6: Dec 14 20:42:58.845: sshpmGetCID: comparing to row 1, CA cert >bsnDefaultRootCaCert<
*spamApTask6: Dec 14 20:42:58.845: sshpmGetCID: comparing to row 2, CA cert >bsnDefaultCaCert<
*spamApTask6: Dec 14 20:42:58.845: sshpmGetCID: comparing to row 3, CA cert >bsnDefaultBuildCert<
*spamApTask6: Dec 14 20:42:58.845: sshpmGetCID: comparing to row 4, CA cert >cscoDefaultNewRootCaCert<
*spamApTask6: Dec 14 20:42:58.845: sshpmGetCID: comparing to row 5, CA cert >cscoDefaultMfgCaCert<
*spamApTask6: Dec 14 20:42:58.845: sshpmGetCertFromCID: called to get cert for CID 282aef7e
*spamApTask6: Dec 14 20:42:58.845: sshpmGetCertFromCID: comparing to row 0, certname >bsnOldDefaultCaCert<
*spamApTask6: Dec 14 20:42:58.845: sshpmGetCertFromCID: comparing to row 1, certname >bsnDefaultRootCaCert<
*spamApTask6: Dec 14 20:42:58.845: sshpmGetCertFromCID: comparing to row 2, certname >bsnDefaultCaCert<
*spamApTask6: Dec 14 20:42:58.845: sshpmGetCertFromCID: comparing to row 3, certname >bsnDefaultBuildCert<
*spamApTask6: Dec 14 20:42:58.845: sshpmGetCertFromCID: comparing to row 4, certname >cscoDefaultNewRootCaCert<
*spamApTask6: Dec 14 20:42:58.845: sshpmGetCertFromCID: comparing to row 5, certname >cscoDefaultMfgCaCert<
*spamApTask6: Dec 14 20:42:58.845: ssphmUserCertVerify: calling x509_decode()
*spamApTask6: Dec 14 20:42:58.856: ssphmUserCertVerify: user cert verfied using >cscoDefaultMfgCaCert<
*spamApTask6: Dec 14 20:42:58.856: sshpmGetIssuerHandles: ValidityString (current): 2013/12/15/01:42:58
*spamApTask6: Dec 14 20:42:58.856: sshpmGetIssuerHandles: ValidityString (NotBefore): 2013/08/25/13:01:22
*spamApTask6: Dec 14 20:42:58.856: sshpmGetIssuerHandles: ValidityString (NotAfter): 2023/08/25/13:11:22
*spamApTask6: Dec 14 20:42:58.856: sshpmGetIssuerHandles: getting cisco ID cert handle...
*spamApTask6: Dec 14 20:42:58.856: sshpmGetCID: called to evaluate
*spamApTask6: Dec 14 20:42:58.856: sshpmGetCID: comparing to row 0, CA cert >bsnOldDefaultCaCert<
*spamApTask6: Dec 14 20:42:58.856: sshpmGetCID: comparing to row 1, CA cert >bsnDefaultRootCaCert<
*spamApTask6: Dec 14 20:42:58.856: sshpmGetCID: comparing to row 2, CA cert >bsnDefaultCaCert<
*spamApTask6: Dec 14 20:42:58.856: sshpmGetCID: comparing to row 3, CA cert >bsnDefaultBuildCert<
*spamApTask6: Dec 14 20:42:58.856: sshpmGetCID: comparing to row 4, CA cert >cscoDefaultNewRootCaCert<
*spamApTask6: Dec 14 20:42:58.856: sshpmGetCID: comparing to row 5, CA cert >cscoDefaultMfgCaCert<
*spamApTask6: Dec 14 20:42:58.856: sshpmGetCID: comparing to row 0, ID cert >bsnOldDefaultIdCert<
*spamApTask6: Dec 14 20:42:58.856: sshpmGetCID: comparing to row 1, ID cert >bsnDefaultIdCert<
*spamApTask6: Dec 14 20:42:58.856: sshpmGetCID: comparing to row 2, ID cert >cscoDefaultIdCert<
*spamApTask6: Dec 14 20:42:58.857: sshpmFreePublicKeyHandle: called with 0x2c5f0cb8
*spamApTask6: Dec 14 20:42:58.857: sshpmFreePublicKeyHandle: freeing public key
*spamApTask0: Dec 14 20:43:17.451: sshpmGetCID: called to evaluate
*spamApTask0: Dec 14 20:43:17.451: sshpmGetCID: comparing to row 0, CA cert >bsnOldDefaultCaCert<
*spamApTask0: Dec 14 20:43:17.451: sshpmGetCID: comparing to row 1, CA cert >bsnDefaultRootCaCert<
*spamApTask0: Dec 14 20:43:17.451: sshpmGetCID: comparing to row 2, CA cert >bsnDefaultCaCert<
*spamApTask0: Dec 14 20:43:17.451: sshpmGetCID: comparing to row 3, CA cert >bsnDefaultBuildCert<
*spamApTask0: Dec 14 20:43:17.451: sshpmGetCID: comparing to row 4, CA cert >cscoDefaultNewRootCaCert<
*spamApTask0: Dec 14 20:43:17.451: sshpmGetCID: comparing to row 5, CA cert >cscoDefaultMfgCaCert<
*spamApTask0: Dec 14 20:43:17.451: sshpmGetCID: comparing to row 0, ID cert >bsnOldDefaultIdCert<
*spamApTask0: Dec 14 20:43:17.451: sshpmGetCID: comparing to row 1, ID cert >bsnDefaultIdCert<
*spamApTask0: Dec 14 20:43:17.451: sshpmGetCID: comparing to row 2, ID cert >cscoDefaultIdCert<
*spamApTask0: Dec 14 20:43:17.451: sshpmGetCertFromCID: called to get cert for CID 183fd2b6
*spamApTask0: Dec 14 20:43:17.451: sshpmGetCertFromCID: comparing to row 0, certname >bsnOldDefaultCaCert<
*spamApTask0: Dec 14 20:43:17.451: sshpmGetCertFromCID: comparing to row 1, certname >bsnDefaultRootCaCert<
*spamApTask0: Dec 14 20:43:17.451: sshpmGetCertFromCID: comparing to row 2, certname >bsnDefaultCaCert<
*spamApTask0: Dec 14 20:43:17.451: sshpmGetCertFromCID: comparing to row 3, certname >bsnDefaultBuildCert<
*spamApTask0: Dec 14 20:43:17.451: sshpmGetCertFromCID: comparing to row 4, certname >cscoDefaultNewRootCaCert<
*spamApTask0: Dec 14 20:43:17.451: sshpmGetCertFromCID: comparing to row 5, certname >cscoDefaultMfgCaCert<
*spamApTask0: Dec 14 20:43:17.451: sshpmGetCertFromCID: comparing to row 0, certname >bsnOldDefaultIdCert<
*spamApTask0: Dec 14 20:43:17.451: sshpmGetCertFromCID: comparing to row 1, certname >bsnDefaultIdCert<
*spamApTask0: Dec 14 20:43:17.451: sshpmGetCertFromCID: comparing to row 2, certname >cscoDefaultIdCert<
*spamApTask0: Dec 14 20:43:17.451: sshpmGetCID: called to evaluate
Maybe you are looking for
-
How to set up loopback# as source fro NTP and/or built-in DNS server ?
I have created a loopback# interface which I would like to be used as the router source interface for the NTP client and/or built-in DNS server so everything originating whithin the router has only one and unique IP address (such as: logging source-i
-
Can't Play Games or iBooks from apple store...
I have downloaded from the apple store, free games & free ibook app, plus ebook manual for OS 7 for iphone. I have an iphone 4s with OS 7. I am using my computer (PC XP) to download & transfer as i DO NOT have wi-fi. I am doing everything legit, but
-
Library sharing not working from all accounts
I am using iTunes Library sharing from my iMac to enable access to mucis & movies on ios devices on my local network. From my login on the iMac this works fine and the shared library appears on the "more" menu in the music app on my ipad whenever it
-
TypeError: Error #1009 A.S 3.0
Sorry i am bad in English...In this case, I'm still new.I have this error "TypeError: Error #1009: Cannot access a property or method of a null object reference. at Monster/hurtPlayer() at flash.events::EventDispatcher/dispatchEventFunction() at flas
-
Is there any script in S1AS which generates Web services from ejbs in jar?
I'm porting a J2EE app from WebLogic to S1AS7. The ISV uses Ant/XDoclet to do some code generation and build. One of targets in the build scripts is to take as input an EJB JAR file and create all the needed web service components and package them in