WLC 5508 H-REAP config problem

Hello,
I have a problem with H-REAP configuration.
I have a 5508 controller in HQ and a lot of 1242 lap in remote sites.
I have only one SSID (used only in remote sites) and only default vlan 1 in all sites.(a big subnet for every site).
I created only one WLAN on WLC, map it to the management interface (cause there is no need for a dynamic interface cause i will not use SSID locally, i want clients to receive an ip address from the subnet they are trying to connect to), I enabled "H-REAP switching local" from Advanced tab and also from Wireless Tab -> AP->Details-> enable vlan mapping with native vlan 1.
The problem is the AP are registered with the controller, i have L3 connectivity btw controller and AP and also clients cant see any SSID when trying to connect to AP.
The DHCP server is in HQ.
The port where APs are plugged in are trunk.
Am I missing smth?
Any help will be really appreciated.
Best regards,

The problem that we ran into was having the WLAN ID above 8 apparently the 1131, 1242, 1252 cant use WLAN IDs above 8 when utilizing HREAP.  Try pulling the WLAN ID down to 8 or below and see if that fixes things.
Local Switching:
A WLAN on H-REAP is said to operate in local switching mode if the data traffic of that WLAN terminates locally at the wired interface of the LAP itself, without getting tunneled to the WLC.
Note: Only WLANs 1 through 8 can be configured for H-REAP Local Switching because only these WLANs can be applied to the 1130, 1240 and 1250 Series APs that support H-REAP functionality.
http://www.cisco.com/en/US/tech/tk722/tk809/technologies_configuration_example09186a00807cc3b8.shtml#conf

Similar Messages

  • IPad & 3502i WAP wlc 5508 H-REAP

    I have a wierd situation occouring at a new remote location.
    Here is my scheme.
    At my phyiscal location =WHQ
    wlc 5508 (7.0.98.0)
    vlan 800
    ssid KWD-Guest
    open authentication
    wep 48bit key
    (ACL restricted to internet only access)
    Remote physical location = 80NY 
    2821 router (12.4ios) - routes and dhcp for the locations networks.
    3560-48 switch     - user connections and WAP connections.
    3502i WAP - H-REAP back to WHQ for management and configuration.
    Remote physical location = 1441NY
    3825 router (12.4ios) - routes and dhcp for the locations networks.
    3560-48 switch     - user connections and WAP connections.
    1131AG WAP - H-REAP back to WHQ for management and configuration.
    Here is the issue we are running into.
    At 80NY the users want to connect to the guest vlan 800 ssid KWD-Guest with iPads and smart phones (model unknown).
    They can see the ssid broadcasting. Try to connect to the ssid, input the wep key. wait, wait and time out on dhcp, giving themselves a 168.x.x.x addy
    From the router side, I can see the dhcp request on the correct vlan hitting the correct dhcp pool.
    The router hands out a valid ip address and associates it to the correct wireless devices Mac-Address
    But as I said the client times out waiting for the dhcp address.
    Now the kicker here is that the very same iPad and smart phone CAN connect to the guest ssid at 1441NY which is also hosted off the same 5508 at WHQ.
    The only difference I see is the WAP model and the network addresses I hand out at each location.
    To the best of my ability I have double checked my router/switch and controller/WAP configurations against each site to make sure there is a mirror in place.
    Any ideas?
    SR 617433573

    dmantill,
    Good morning and thank you for linking in the pdf.
    I read it and hit several of the hyperlinks included in the pdf.
    While I found the information useful and informative overall I did not really see anything that explained or covered the issue I am encountering.
    I have a SR open now and the TAC engineer wants me to capture some debugs on the client mac. Once I can get the local tech onsite again we will perform the connection attempt with the debugging enabled.
    FYI this is what the engineer wants to see.
    Here is the information that I need to see when the problem occurs:
    Disable/Disconnect the wireless client from the network – wait 1-2 mins
    Open Telnet/SSH session to the WLC CLI - (Use Putty/SecureCRT with logging enabled)
    type: Debug client
    Turn the wireless device back on and let it authenticate/associate to the wireless network.  Once the client experiences the problem, disable the debug process using the command: 
    debug disable-all
    Filename: DebugClient.TXT

  • WLC 5508 and GLC-T problems

    Hi,
    I have a big problem with my 5508 WLCs and GLC-T sfps:
    I'm currently using 2 ports of my WLC with GLC-T sfp I trieb using both LAG and multiple interface.
    When I have all my copper cables connected between my LAN and my WLC everithing is ok but if I cut the cable on WLC port number 1 still shows link UP and stop forwarding traffic.
    The apparatus works normally if I take away the sfp module when the cabel is cut.
    I thank you very much
    Johnny

    I have no idea what firmware you have but there is a known bug on the 6.0.182.0 in regards to some of the Cisco SFPs are considered as "fake" or something.

  • WLC 5508 and IPv6 strange problem

    Hi All,
    I recently migrated APs from a 4400 to 5508 which had the 7.4 code and encountered an issue that I haven't
    see before, in short the APs would never join the 5508 even when the selction rules said it should.
    The AP would get a discovery response from both controllers and even though the 4400 had 98 APs attached
    and the 5508 just 1 and a factory reset was made on the AP, it would always join the 4400.
    A packet capture showed that the first CAPWAP address from the 5508 was always an IPv6 whilst the 4400
    always sent IPv4 CAPWAP control adressess, disabling the global IPv6 option on the 5508 ensured that the the first CAPWAP control
    address was now an IPv4 and the AP then happily joined the controller, IPv6 addresses were still showing up in the discovery responses
    but since it was no longer the first one in the packet the AP didn't mind.
    Anyone else seen this kind of behaviour before ?

    That is weird because I have done many remotely with console access also. The image takes 35-40 minutes to complete so if you reboot the WLC within that time period, the FUS didn't complete. It will seem like the WLC is down, but it truly is until it completes.
    Sent from Cisco Technical Support iPhone App

  • WLC 5508 / 3750 Switch LAG Problems

    Hello Forum,
    for presenting to the client (customer wants to buy any Cisco) I have built up in our laboratory a WLAN environment.
    The structure is composed of: - WLC5508 HA cluster (7.6.110.0) - Some AP2602i - C3750E (12.2 (55) SE3)
    Which reminds me strange behavior with LAG noticed that I can not explain?
    The ports of the WLCs are in the LAG mode each WLC are connected with two cables at the switch. On the switch a port-channel are configured (no LACP = channel-group 8 mode on).
    Failure scenario:
    Deducted on the primary controller the cable from port 1 (it goes down), the port LED turns from green to orange >>>> no impact on the system, everything remains as it is and the system continues to operate. Deducted on the primary controller the cable from port 2 (goes down), the port LED remains green. HA >>>> the backup controller takes over? Primary controller boots?
    That can not be true that here changes the system to the redundant WLC. The system should, as yet just keep working at switch-switch LAG?
    Is this a configuration error or a BUG? Upon request, I can gladly send the WLC and Switch configuration.
    Best Regards, Alexander Weitzel 

    The HA kicks in when the primary looses gateway, do a small test, keep a continuous ping to WLC  from its gateway as source and break one of the link in the LAG and see if you drop any packet ?

  • Mapping Multiple VLANs to Multiple SSIDs as one-one in WLC 5508 via H-REAP?

    Hi All,
    Can anyone please show me how to map a SSID/WLAN ID to a local vlan of a LAP in WLC 5508 using H-REAP local switched? The reason of doing this is to separate Data subnet/traffic from Voice as currently all 7925 handsets using same SSID as PCs. I would like to create two VLANs on APs and map them to two SSIDs. I could not see any option in WLC5508 to do this. Also when I change the AP mode from H-REAP to local and configuring sub interface using dot1q on the interface Gi0 then unable write running-config to startup-config because I get NVRAM Verification Failed as WLC protects any local changes on any registered LAP at NVRAM.
    Your help is much appreciated.

    Mehdi:
    I am talking about HREAP groups, not AP groups.
    You can not achieve what you want if you are using the same SSID on same AP with only a WLC (same AP with same SSID is mapped to different VLANs). You may need a radius server to dynamically assign a VLAN to the clients if you are using same SSID for data and voice.
    If you are using different SSIDs for voice and data, you can map each SSID to its corresponding VLAN on the remote site using the VLAN mapping option under HREAP tab in the AP config page.
    You can not configure the AP from its console. Lightweight APs can only be configured from the controller. (a few exceptions are available that do not apply here) .
    HTH
    Amjad
    Rating useful replies is more useful than saying "Thank you"

  • WLC 5508 Problem with #DOT1X-3-INVALID_REPLAY_CTR

    Hi all,
    I have WLC 5508 with version 7.4.110.0 and with 13 AccessPoints.So 12 of this AP are  AIR-LAP1142N-E-K9 and 1 is AIR-CAP3602I-E-K9.
    Logs of my WLC are:
    *Dot1x_NW_MsgTask_1: Jan 11 01:15:05.167: #DOT1X-3-INVALID_REPLAY_CTR: 1x_eapkey.c:360 Invalid replay counter from client 90:c1:15:c6:c3:49 - got 00 00 00 00 00 00 00 01, expected 00 00 00 00 00 00 00 02
    *Dot1x_NW_MsgTask_4: Jan 11 01:09:41.015: #DOT1X-3-INVALID_REPLAY_CTR: 1x_eapkey.c:360 Invalid replay counter from client 5c:0a:5b:c1:16:34 - got 00 00 00 00 00 00 00 01, expected 00 00 00 00 00 00 00 02
    *Dot1x_NW_MsgTask_3: Jan 11 01:03:32.269: #DOT1X-3-INVALID_REPLAY_CTR: 1x_eapkey.c:360 Invalid replay counter from client 40:b3:95:13:da:cb - got 00 00 00 00 00 00 00 03, expected 00 00 00 00 00 00 00 04
    *Dot1x_NW_MsgTask_3: Jan 11 01:03:32.266: #DOT1X-3-INVALID_REPLAY_CTR: 1x_eapkey.c:360 Invalid replay counter from client 40:b3:95:13:da:cb - got 00 00 00 00 00 00 00 02, expected 00 00 00 00 00 00 00 04
    *Dot1x_NW_MsgTask_0: Jan 11 01:03:31.648: #DOT1X-3-INVALID_REPLAY_CTR: 1x_eapkey.c:360 Invalid replay counter from client 24:77:03:67:01:48 - got 00 00 00 00 00 00 00 02, expected 00 00 00 00 00 00 00 03
    *Dot1x_NW_MsgTask_5: Jan 11 01:03:31.638: #DOT1X-3-INVALID_REPLAY_CTR: 1x_eapkey.c:360 Invalid replay counter from client 14:10:9f:da:c1:cd - got 00 00 00 00 00 00 00 02, expected 00 00 00 00 00 00 00 03
    *Dot1x_NW_MsgTask_2: Jan 11 01:03:31.638: #DOT1X-3-INVALID_REPLAY_CTR: 1x_eapkey.c:360 Invalid replay counter from client cc:78:5f:29:cc:82 - got 00 00 00 00 00 00 00 02, expected 00 00 00 00 00 00 00 03
    *Dot1x_NW_MsgTask_4: Jan 11 01:03:31.633: #DOT1X-3-INVALID_REPLAY_CTR: 1x_eapkey.c:360 Invalid replay counter from client 08:11:96:55:81:c4 - got 00 00 00 00 00 00 00 02, expected 00 00 00 00 00 00 00 03
    *Dot1x_NW_MsgTask_0: Jan 11 01:03:31.631: #DOT1X-3-INVALID_REPLAY_CTR: 1x_eapkey.c:360 Invalid replay counter from client 84:3a:4b:56:36:50 - got 00 00 00 00 00 00 00 02, expected 00 00 00 00 00 00 00 03
    *Dot1x_NW_MsgTask_1: Jan 11 01:03:31.630: #DOT1X-3-INVALID_REPLAY_CTR: 1x_eapkey.c:360 Invalid replay counter from client 14:10:9f:e2:d4:91 - got 00 00 00 00 00 00 00 02, expected 00 00 00 00 00 00 00 03
    *Dot1x_NW_MsgTask_0: Jan 11 00:59:52.593: #DOT1X-3-INVALID_REPLAY_CTR: 1x_eapkey.c:360 Invalid replay counter from client a0:88:b4:60:20:f8 - got 00 00 00 00 00 00 00 01, expected 00 00 00 00 00 00 00 02
    *apfRogueTask_3: Jan 11 00:59:32.168: #APF-1-UNABLE_TO_CONTAIN_ROGUE: apf_rogue.c:4414 Unable to contain rogue 40:01:C6:11:F9:F1 - Not enough Container AP(s). Number of Container AP(s) 2, Requested containment level 4
    *apfRogueTask_3: Jan 11 00:58:38.635: #APF-1-UNABLE_TO_CONTAIN_ROGUE: apf_rogue.c:4414 Unable to contain rogue 40:01:C6:11:F9:F1 - Not enough Container AP(s). Number of Container AP(s) 1, Requested containment level 4
    *Dot1x_NW_MsgTask_0: Jan 11 00:50:06.885: #DOT1X-3-INVALID_REPLAY_CTR: 1x_eapkey.c:360 Invalid replay counter from client 10:68:3f:46:4e:e8 - got 00 00 00 00 00 00 00 01, expected 00 00 00 00 00 00 00 02
    *Dot1x_NW_MsgTask_0: Jan 11 00:50:06.883: #DOT1X-3-INVALID_REPLAY_CTR: 1x_eapkey.c:360 Invalid replay counter from client 10:68:3f:46:4e:e8 - got 00 00 00 00 00 00 00 00, expected 00 00 00 00 00 00 00 02
    *dot1xMsgTask: Jan 11 00:49:05.842: #DOT1X-3-PSK_CONFIG_ERR: 1x_ptsm.c:618 Client c8:e0:eb:19:2a:97 may be using an incorrect PSK
    *apfRogueTask_3: Jan 11 00:40:42.576: #APF-1-UNABLE_TO_CONTAIN_ROGUE: apf_rogue.c:4414 Unable to contain rogue 40:01:C6:11:F9:F1 - Not enough Container AP(s). Number of Container AP(s) 3, Requested containment level 4
    *Dot1x_NW_MsgTask_3: Jan 11 00:40:17.471: #DOT1X-3-INVALID_REPLAY_CTR: 1x_eapkey.c:360 Invalid replay counter from client c4:43:8f:f1:8c:8b - got 00 00 00 00 00 00 00 01, expected 00 00 00 00 00 00 00 02
    *Dot1x_NW_MsgTask_4: Jan 11 00:40:03.368: #DOT1X-3-INVALID_REPLAY_CTR: 1x_eapkey.c:360 Invalid replay counter from client f0:d1:a9:8e:1a:dc - got 00 00 00 00 00 00 00 02, expected 00 00 00 00 00 00 00 03
    *Dot1x_NW_MsgTask_1: Jan 11 00:39:30.528: #DOT1X-3-INVALID_REPLAY_CTR: 1x_eapkey.c:360 Invalid replay counter from client 14:10:9f:d8:84:09 - got 00 00 00 00 00 00 00 01, expected 00 00 00 00 00 00 00 02
    I already go to this link to check the Description of errors-
    http://www.cisco.com/en/US/docs/wireless/controller/message/guide/msgs4.html#wp1000139
    Appreciate all feedback. Thank you.

    Hi Ruben,
    a) After successful dot1x authentication, session keys are derived from pairwise master key.
    b) When the AP transmits a key to a station by default, it expects a response back within a set timeframe.
    c) If the station does not respond, the AP increments the counter and retransmits the key.
    d) If the AP receives a response to first message just after the retransmission of the key, a mismatch occurs in the counter.
    This in most of the cases will be a client driver problem.
    Solution :
    1) try to increase the EAPOL-Key Timeout ( config advanced eap ).
    2) Upgrade the client driver.
    *****Help out other by using the rating system and marking answered questions as "Answered"*****

  • WLC 5508 - wlan stability problems

    Hi.
    I have a WLC 5508 with half a dozen LAPs (AIR-CAP3502I-E-K9).
    They have been working but sometimes clients detect conectivity problems with the wlan.
    Here is the message log I can obtain from the controller:
    Nov 09 12:16:31.886: [ERROR] pemTimers.c 330: invalid interface name (john_doe) in mscb!!!*dot1xMsgTask: Nov 09 12:16:10.286: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 00:26:c6:12:e8:32Previous message occurred 7 times.Nov 09 11:55:24.682: [ERROR] pemTimers.c 330: invalid interface name (john_doe) in mscb!!!*apfReceiveTask: Nov 09 11:51:30.788: %RRM-3-RRM_LOGMSG: rrmChanUtils.c:290 RRM LOG: Airewave Director: Could not find valid channel lists for 802.11bg *spamApTask2: Nov 09 11:51:20.144: %DTLS-3-HANDSHAKE_FAILURE: openssl_dtls.c:631 Failed to complete DTLS handshake with peer 10.23.1.118*dot1xMsgTask: Nov 09 11:50:44.878: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client e0:ca:94:93:be:67*apfReceiveTask: Nov 09 11:50:40.672: %RRM-3-RRM_LOGMSG: rrmChanUtils.c:290 RRM LOG: Airewave Director: Could not find valid channel lists for 802.11bg *apfReceiveTask: Nov 09 11:50:38.625: %RRM-3-RRM_LOGMSG: rrmChanUtils.c:290 RRM LOG: Airewave Director: Could not find valid channel lists for 802.11bg *apfReceiveTask: Nov 09 11:50:35.531: %RRM-3-RRM_LOGMSG: rrmChanUtils.c:290 RRM LOG: Airewave Director: Could not find valid channel lists for 802.11bg *apfReceiveTask: Nov 09 11:50:31.068: %RRM-3-RRM_LOGMSG: rrmChanUtils.c:290 RRM LOG: Airewave Director: Could not find valid channel lists for 802.11bg *apfReceiveTask: Nov 09 11:50:29.257: %RRM-3-RRM_LOGMSG: rrmChanUtils.c:290 RRM LOG: Airewave Director: Could not find valid channel lists for 802.11bg *apfReceiveTask: Nov 09 11:50:28.707: %RRM-3-RRM_LOGMSG: rrmChanUtils.c:290 RRM LOG: Airewave Director: Could not find valid channel lists for 802.11bg *apfReceiveTask: Nov 09 11:50:24.065: %RRM-3-RRM_LOGMSG: rrmChanUtils.c:290 RRM LOG: Airewave Director: Could not find valid channel lists for 802.11bg
    Can somebody help me to understand these messages?
    1)
    *apfReceiveTask: Nov 09 11:50:24.065: %RRM-3-RRM_LOGMSG: rrmChanUtils.c:290 RRM LOG: Airewave Director: Could not find valid channel lists for 802.11bg
    2)
    Nov 09 11:55:24.682: [ERROR] pemTimers.c 330: invalid interface name (john_doe) in mscb!!!
    3)
    *dot1xMsgTask: Nov 09 11:50:44.878: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client e0:ca:94:93:be:67
    Thanks

    1)
    *apfReceiveTask: Nov 09 11:50:24.065: %RRM-3-RRM_LOGMSG: rrmChanUtils.c:290 RRM LOG: Airewave Director: Could not find valid channel lists for 802.11bg
    //APs are rebooting. don't panic, check the up time of AP. This message seen when AP rebooted/freshly joined and waiting for wlc to assign channel.
    2)
    Nov 09 11:55:24.682: [ERROR] pemTimers.c 330: invalid interface name (john_doe) in mscb!!!
    //It is cosmetic and can be ignored.
    3)
    *dot1xMsgTask: Nov 09 12:16:10.286: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:444 Max EAPOL-key M1 retransmissions exceeded for client 00:26:c6:12:e8:32
    //Keys M1-M5 used for wireless auth, here client having struggle completing the auth process.
    get output of, WLC>debug client

  • WLC 5508 running 7.4.110.0 unable to tftp upload config from controller

    Hi,
    Two WLC 5508 running identical code version. One is 50 license Primary, the second is HA. Identical config on both. HA WLC can upload its config to the TFTP or FTP server but Primary cannot. The operation fails for  both CLI and GUI and for different protocols i.e. TFTP, FTP.
    #### Primary Controller
    (Cisco Controller) >show sysinfo
    Manufacturer's Name.............................. Cisco Systems Inc.
    Product Name..................................... Cisco Controller
    Product Version.................................. 7.4.110.0
    Bootloader Version............................... 1.0.20
    Field Recovery Image Version..................... 7.6.95.16
    Firmware Version................................. FPGA 1.7, Env 1.8, USB console 2.2
    Build Type....................................... DATA + WPS
    System Name...................................... PRODWC7309
    System Location..................................
    System Contact...................................
    System ObjectID.................................. 1.3.6.1.4.1.9.1.1069
    Redundancy Mode.................................. Disabled
    IP Address....................................... 10.1.30.210
    Last Reset....................................... Power on reset
    System Up Time................................... 18 days 18 hrs 51 mins 35 secs
    System Timezone Location......................... (GMT+10:00) Sydney, Melbourne, Canberra
    System Stats Realtime Interval................... 5
    System Stats Normal Interval..................... 180
    Configured Country............................... AU - Australia
    Operating Environment............................ Commercial (0 to 40 C)
    --More-- or (q)uit
    Internal Temp Alarm Limits....................... 0 to 65 C
    Internal Temperature............................. +34 C
    External Temperature............................. +17 C
    Fan Status....................................... OK
    State of 802.11b Network......................... Enabled
    State of 802.11a Network......................... Enabled
    Number of WLANs.................................. 8
    Number of Active Clients......................... 138
    Memory Current Usage............................. Unknown
    Memory Average Usage............................. Unknown
    CPU Current Usage................................ Unknown
    CPU Average Usage................................ Unknown
    Burned-in MAC Address............................ 3C:08:F6:CA:52:20
    Power Supply 1................................... Present, OK
    Power Supply 2................................... Present, OK
    Maximum number of APs supported.................. 50
    (Cisco Controller) >debug transfer trace enable
    (Cisco Controller) >transfer upload start
    Mode............................................. TFTP
    TFTP Server IP................................... 10.1.22.2
    TFTP Path........................................ /
    TFTP Filename.................................... PRODWC7309-tmp.cfg
    Data Type........................................ Config File
    Encryption....................................... Disabled
    *** WARNING: Config File Encryption Disabled ***
    Are you sure you want to start? (y/N) Y
    *TransferTask: Jun 02 10:41:15.183: Memory overcommit policy changed from 0 to 1
    *TransferTask: Jun 02 10:41:15.183: RESULT_STRING: TFTP Config transfer starting.
    TFTP Config transfer starting.
    *TransferTask: Jun 02 10:41:15.183: RESULT_CODE:1
    *TransferTask: Jun 02 10:41:24.309: Locking tftp semaphore, pHost=10.1.22.2 pFilename=/PRODWC7309-tmp.cfg
    *TransferTask: Jun 02 10:41:24.393: Semaphore locked, now unlocking, pHost=10.1.22.2 pFilename=/PRODWC7309-tmp.cfg
    *TransferTask: Jun 02 10:41:24.393: Semaphore successfully unlocked, pHost=10.1.22.2 pFilename=/PRODWC7309-tmp.cfg
    *TransferTask: Jun 02 10:41:24.394: tftp rc=-1, pHost=10.1.22.2 pFilename=/PRODWC7309-tmp.cfg
    pLocalFilename=/mnt/application/xml/clis/clifile
    *TransferTask: Jun 02 10:41:24.394: RESULT_STRING: % Error: Config file transfer failed - Unknown error - refer to log
    *TransferTask: Jun 02 10:41:24.394: RESULT_CODE:12
    *TransferTask: Jun 02 10:41:24.394: Memory overcommit policy restored from 1 to 0
    % Error: Config file transfer failed - Unknown error - refer to log
    (Cisco Controller) >show logging
    *TransferTask: Jun 02 10:41:24.393: #UPDATE-3-FILE_OPEN_FAIL: updcode.c:4579 Failed to open file /mnt/application/xml/clis/clifile.
    *sshpmReceiveTask: Jun 02 10:41:24.315: #OSAPI-3-MUTEX_FREE_INFO: osapi_sem.c:1087 Sema 0x2b32def8 time=142 ulk=1621944 lk=1621802 Locker(sshpmReceiveTask sshpmrecv.c:1662 pc=0x10b07938) unLocker(sshpmReceiveTask sshpmReceiveTaskEntry:1647 pc=0x10b07938)
    -Traceback: 0x10af9500 0x1072517c 0x10b07938 0x12020250 0x12080bfc
    *TransferTask: Jun 02 10:39:01.789: #UPDATE-3-FILE_OPEN_FAIL: updcode.c:4579 Failed to open file /mnt/application/xml/clis/clifile.
    *sshpmReceiveTask: Jun 02 10:39:01.713: #OSAPI-3-MUTEX_FREE_INFO: osapi_sem.c:1087 Sema 0x2b32def8 time=5598 ulk=1621801 lk=1616203 Locker(sshpmReceiveTask sshpmrecv.c:1662 pc=0x10b07938) unLocker(sshpmReceiveTask sshpmReceiveTaskEntry:1647 pc=0x10b07938)
    -Traceback: 0x10af9500 0x1072517c 0x10b07938 0x12020250 0x12080bfc
    #### HA Controller
    (Cisco Controller) >show sysinfo
    Manufacturer's Name.............................. Cisco Systems Inc.
    Product Name..................................... Cisco Controller
    Product Version.................................. 7.4.110.0
    Bootloader Version............................... 1.0.20
    Field Recovery Image Version..................... 7.6.95.16
    Firmware Version................................. FPGA 1.7, Env 1.8, USB console 2.2
    Build Type....................................... DATA + WPS
    System Name...................................... PRODWC7310
    System Location..................................
    System Contact...................................
    System ObjectID.................................. 1.3.6.1.4.1.9.1.1069
    Redundancy Mode.................................. Disabled
    IP Address....................................... 10.1.31.210
    Last Reset....................................... Software reset
    System Up Time................................... 18 days 19 hrs 1 mins 27 secs
    System Timezone Location......................... (GMT+10:00) Sydney, Melbourne, Canberra
    System Stats Realtime Interval................... 5
    System Stats Normal Interval..................... 180
    Configured Country............................... AU - Australia
    Operating Environment............................ Commercial (0 to 40 C)
    --More-- or (q)uit
    Internal Temp Alarm Limits....................... 0 to 65 C
    Internal Temperature............................. +34 C
    External Temperature............................. +17 C
    Fan Status....................................... OK
    State of 802.11b Network......................... Enabled
    State of 802.11a Network......................... Enabled
    Number of WLANs.................................. 4
    Number of Active Clients......................... 0
    Memory Current Usage............................. Unknown
    Memory Average Usage............................. Unknown
    CPU Current Usage................................ Unknown
    CPU Average Usage................................ Unknown
    Burned-in MAC Address............................ 3C:08:F6:CA:53:C0
    Power Supply 1................................... Present, OK
    Power Supply 2................................... Present, OK
    Maximum number of APs supported.................. 500
    (Cisco Controller) >debug transfer trace enable
    (Cisco Controller) >transfer upload start
    Mode............................................. FTP
    FTP Server IP.................................... 10.1.22.2
    FTP Server Port.................................. 21
    FTP Path......................................... /
    FTP Filename..................................... 10_1_31_210_140602_1050.cfg
    FTP Username..................................... ftpuser
    FTP Password..................................... *********
    Data Type........................................ Config File
    Encryption....................................... Disabled
    *** WARNING: Config File Encryption Disabled ***
    Are you sure you want to start? (y/N) y
    *TransferTask: Jun 02 10:51:31.278: Memory overcommit policy changed from 0 to 1
    *TransferTask: Jun 02 10:51:31.278: RESULT_STRING: FTP Config transfer starting.
    FTP Config transfer starting.
    *TransferTask: Jun 02 10:51:31.278: RESULT_CODE:1
    *TransferTask: Jun 02 10:52:05.468: ftp operation returns 0
    *TransferTask: Jun 02 10:52:05.477: RESULT_STRING: File transfer operation completed successfully.
    *TransferTask: Jun 02 10:52:05.477: RESULT_CODE:11
    File transfer operation completed successfully.
    Not upgrading to 7.4.121.0 because of bug CSCuo63103. Have not restarted the controller yet.
    Any one else had this issue ? Is there a workaround ?
    Thanks,
    Rick.

    Thanks Stephen, In my deployments of 7.4.110.0 version I have not seen this issue so may be controller reboot will fix it (we do have HA to minimize the impact). I will keep the thread updated with findings and may request TAC for the special release 7.4.121.0 if the still not happy with 7.4.110.0
    Rick.

  • WLC 5508 HA Problem Soft.ver 7.4.100

    Dear Support,
    we are using two WLC 5508 software ver.7.4.100 with first 50AP license and in the next day we add 50AP license again to the primary WLC. when we activate HA base in the following guiden http://www.cisco.com/c/en/us/td/docs/wireless/controller/technotes/7-5/High_Availability_DG.html but when we doing test the failover we found a couple log message on the Secondary WLC like below and not for long time all AP on the Secondary WLC was drop off. 
    1. DP Critical Error
    2. *RRM-DCLNT-2_4: May 23 07:43:53.204: #RRM-3-RRM_LOGMSG: rrmTables.c:682 RRM LOG:  Could not retrieve  RRM Coverage Measurement DataKey BSSID:34:db:fd:dd:3e:20,Key SlotId:0
    *RRM-DCLNT-2_4: May 23 07:43:53.164: #RRM-3-RRM_LOGMSG: rrmTables.c:682 RRM LOG:  Could not retrieve  RRM Coverage Measurement DataKey BSSID:34:db:fd:dd:3e:20,Key SlotId:0
    *RRM-DCLNT-2_4: May 23 07:43:52.854: #RRM-3-RRM_LOGMSG: rrmTables.c:682 RRM LOG:  Could not retrieve  RRM Coverage Measurement DataKey BSSID:2c:36:f8:72:fc:c0,Key SlotId:0
    I also send a complete log for both problem above and enclose it with pdf file. need you advice and assistance,
    regard, afriansyah

    I agree go to version 7.4.121.0 I has some strange issues on prior releases. Personally I am running 7.6.120.0 right now but that's mainly due to support for the 3702 access points.
    http://www.cisco.com/c/en/us/td/docs/wireless/controller/technotes/7-5/High_Availability_DG.html#pgfId-74573
    that's a good guide just to double check yourself just in case. -

  • WLC 5508 7.0.98.0 problem with locpRxServerTask missed software watchdog

    Hi
    today my wlc 5508 crash. after trying to get access via sp. i doesnt reponds. so i rebooted. in the sh tech i saw this message which i gues indicates the RC of the failure.    ANY IDEAS...
    *             Start Cisco Crash Handler Serv               *
    Sys Name:       usa-5354-wlc-02
    Model:          AIR-CT5508-K9
    Version:        7.0.98.0
    Timestamp:      Thu Jan  5 05:43:13 2012
    SystemUpTime:   254 days 4 hrs 46 mins 24 secs
    pid:            1225
    TID:            944042816
    Task Name:      locpRxServerTask
    Reason:         Reaper Reset
    timer tcb:      0x2572
    timer cb:       0x10354e28 ('rrmTimerInit+600')
    timer arg1:     0x19b11010
    timer arg2:     0x0
    Long time taken timer call back inforamtion:
    --More-- or (q)uit
    Time Stamp:     Thu Sep 22 15:56:24 2011
    timer cb:       0x100d6f48 ('apfRldpScheduleSet+656')
    Duration  : 103753 usecs, cbCount= 15
    Analysis of Failure:
      Software was stopped by the reaper for the following reason:
         Reaper Reset: Task "locpRxServerTask" missed software watchdog

    May be here is the bug that u r hitting..
    http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCti21343
    Upgrade the image to the latest that we have (7.0.220)
    Please dont forget to rate the useful posts!!
    Regards
    Surendra

  • Upgrade WLC 5508 to 7.4.121.0 problem

    After I upgraded WLC 5508 from 7.2.111.3 to 7.4.121.0, all 3602i APs don't associate with the controller.  All APs were working/associating with controller on 7.2.111.3 at same setting.  IP address of APs are setup as DHCP.
    The error message is "AP couldn't get IP address".   
    Any one has this type of problem when you upgrade WLC 5508 from 7.2.111.3 to 7.4.121.0.
    Thanks,

    Hi,
    This doesn't look like software issue.
    You have to check why the APs are not able to get ip address. Try connecting a PC to a swtich port where one of these APs are connected and see if you are able to get IP on PC.
    Also check if the DHCP server is reachable and if there are IP address in the pool assigned for APs.
    HTH,
    Thanks & Regards,
    Ishant
    *** Please rate the post if you find it useful ***

  • WLC 5508, DHCP Problem after Update Cisco ASA(DHCP-Server)

    Hello,
    our Problem is, our Apple Devices get no ip adress from our Cisco ASA Cluster(ASA 9.1.2) over Wireless(Cisco WLC 5508). All other devices(Windows, Android,...) work correct, without problems. Our WLC is in HA-Mode.
    Does anybody have an Idea?
    Thank you very much and Best regards,
    Stefan

    Hello again,
    I hope this case is the solution.
    https://supportforums.cisco.com/message/3942112#3942112
    I will let you know after downgrade.
    Best regards,
    Stefan

  • WLC 5508 WPA Authentication Problems

    Hello,
    We have a WLC 5508 with 7.4.100.0 Firmware.
    We are using 1141 and 1142 APs and we are having authentication problems with clients that are connecting to our WLAN with WPA+AES autentication. The clients receive in her laptop a password error, and we receive the following log in wlc:
    Client Excluded: MACAddress:f8:f1:eb:dd:ff:cd Base Radio MAC :08:ad:dd:76:4d:30 Slot: 0 User Name: unknown Ip Address: unknown Reason:802.1x Authentication failed 3 times. ReasonCode: 4
    The strange thing is that the problem is solved restarting the Access-points.
    Anyone had this problem previusly?
    Thanks in advance.

    I made the configuration using the Cisco Recommended settings, the strange thing its that the users connect normally, until they starts with authentication problems. I restart the access points and the problem its solved.
    Cisco Recommended  and not recommended Authentication Settings
    Security encryption settings need to be identical for WPA and WPA2 for TKIP and AES as shown in this image:
    These images provide examples of incompatible settings for TKIP and AES:
    Note: Be aware that security settings permit unsupported features.
    These images provide examples of compatible settings:

  • Problem uploading SSL certificat on a WLC 5508

    Hello,
    I'm trying to upload a SSL-certificate (RSA:2048) on a WLC 5508 via the "Management->HTTP-HTTPS" - Tab and get the following problem :
    *TransferTask: Jul 18 16:36:14.487: %UPDATE-3-CERT_INST_FAIL: updcode.c:1276 Failed to install Webauth certificate. rc = 1
    *TransferTask: Jul 18 16:36:14.487: %SSHPM-3-KEYED_PEM_DECODE_FAILED: sshpmcert.c:4028 Cannot PEM decode private key
    I've generated it using the following commands:
    # openssl pkcs12 -export -in my.crt -inkey my.key -certfile my.ca-bundle -out CA.pfx
    # openssl pkcs12 -in CA.pfx -nodes -out CA.pem
    But it doesn't work...
    Does anyone have an idea?
    Best regards,
    Eric

    Hello Eric,
    I'm facing the same problem, when trying to upload a chained SSL certificate (2048bits) to the wlc version 7.0.116.0
    Did you use an unchained certificate and what size is your cert?
    According to a Cisco document, for controllers version 5.1.151.0 and later, only unchained certificates are supported for the management certificate.
    I'm just wondering, if this limitation still applies to the newer versions.
    Regards,
    Oliver

Maybe you are looking for

  • Solaris Management Console 2.1 in Solaris 10 x86 nv-b40 and nv-b42.....

    I have been Solaris 10 x86 on my Intel machines and never had any problem with SMC. However, things seems to have changed since nv-b40 release. SMC out-of-the-box does not work even the first time. I get a message like Server is not running, Toolbox

  • No longer can use bluetooth to phone

    Hi, I was transferring files to my phone a few days a ago, but since last update am unable to do so any more ;-( Phone asks for pin which I enter but it fails to connect Tried changing hcid.conf to none [security and pin!] Still nothing bluetooth-sen

  • New FAQ entry with common troubleshooting steps

    Durin gave these steps in a recent post, and I put them where we can all find them easily: "steps to troubleshoot and get past common problems with Audition"

  • WRT54G3G-ST and DDNS

    I am attempting to use the DDNS feature in the WRT54G3G-ST. It appears to be working but I cannot access camera from outside my LAN. If I tracert to the ddns domain name it correctly pulls up the correct IP address but seems to fail when it reaches t

  • How to excute a query in an other form

    hi, i created 2 ADF forms. the first one represents the table department. the 2 one represents the table employees and it contains a jtable. in the first form i have a button "employees" and i want when i click on it the jtable of 2 form will be auto