WLC- Vlan
Hello
I have WLC connect to MLS and 30 AP connect to Access SW, my question is the best practice is to put WLC in separate vlan [means this vlan have two IP only, one for WLC and another for SVI], and separate vlan to AP?
Also should to be AP Manager IP for WLC in same vlan for WLC or AP VLAN?
Thanks in advanced...
AP manager interface required only in 44xx, WiSM1 (old hardware). In these platforms ap manager & management interface should be on the same vlan.
5508/2504/etc you only required the management interface.
AP vlan does not have any relation to those. So it can be completely different vlan. If it is a small deployment you can put AP on the same vlan as wlc management. Then AP will discover WLC using L3 broadcast. If you put AP on different vlan to wlc management, you have to use WLC discovery method (like DHCP option 43, DNS, etc) for AP to find the WLC.
HTH
Rasika
**** Pls rate all useful responses ****
Similar Messages
-
Hello,
Designing a configuration for a Wireless solution. Have a 2951 with SRE-WLC and 4 port switch module. The documentation at
http://www.cisco.com/en/US/docs/wireless/controller/controller_modules/sre/installation/guide/wlcsreinst.html#wp1072942 arised couple of questions. Exact part of diagram from documentation is attached.
The question is that VLANs configured on SRE-WLC and ones configured on local switched belong to different subnets. Why? For example on SRE-WLC VLAN 20 - 55.20.0.0/24, but on switch - VLAN 20 - 20.1.1.0/24. Why?
Thanks!Hi George,
Today i tried implementing APs on different VLAN than MGMT. Here is what I got:
1. New out-of-box APs didnt join to WLC once placed directly to APs VLAN. However they were able to join the WLC once I put them back to MGMT Vlan. They upgraded their IOS from WLC, joined compeletely. After that I moved them back to APs VLAN and they started to join. So, here is the procedure - Open new AP from box, connect it to MGMT VLAN, wait for joining to WLC and then move them to APs VLAN. This is a little bit strange. Also I noticed that they were unable to join teh WLC even on MGMT vlan if MGMT vlan is tagged on WLC and that tagged vlan is allowed on trunk. I have WLC on SRE, MGF trunk, VLANS and DHCP pools with option 43 configured. Will continue to investigate tomorrow.
2. What was the most difficult and problematic issue is that the LED was disabled on all APs after joining the WLC. I have been thinking that there is an error but only then found that APs by default turned off LED after joining the WLC. Issuing config ap led-status enable all on wlc solved the problem.
3. Also I regularly have been receiving
%PARSER-4-BADCFG: Unexpected end of configuration file.
during the AP joining to WLC. Dont know why. My APs are LAP1041n.
ANyways, will continue digging tomorrow, hopefully will find a stable solution. My ideal solution will be:
1. WLC Management is on MGMT VLAN - tagged vlan 20, static IP assignments.
2. APs on separate AP VLAN - tagged vlan 15 - dynamic IP assignments from DHCP pool on ISR with option 43.
3. Clients are on separate USERS VLAN - tagged vlan 10
The native VLAN will be other VLAN - VLAN 25. -
I am trying to implement a Cisco Wireless solution. I have some Cisco knowledge, but it is limited. I did successfully configure the WLC 4402 with 1200 series APs. Created two WLANs, each with its own SSID. SSID ?guest? uses WEP, and gets addresses via the internal DHCP server. The DCHP range I chose exists within out current network, something I need to change according to the documentation I have read. This network should not see our network, but can browse the internet. SSID ?secure? uses WPA with MAC authentication. I can connect to either SSID and access all network resources. However this only works with two caveats.
1) I have to use the management interface
2) The DHCP range for the guest network needs to fall within our network
Trying to implement any kind of security for the ?guest? network has not gone so well. I have problems just about at every point. After reading some documents, I decided I needed to add 2 interfaces for the 2 WLANs. My interface info is below.
Interface Name Mgr Port Vlan Id IP Address Type Ap
ap-manager LAG untagged 10.1.104.154 Static Yes
guest LAG 10 192.168.10.10 Dynamic No
management LAG untagged 10.1.104.153 Static No
production LAG 20 192.168.20.20 Dynamic No
service-port N/A N/A 192.168.1.1 Static No
virtual N/A N/A 1.1.1.1 Static No
My intention was to apply an access list the guest VLAN so as to limit its traffic. If I apply the guest interface ?VLAN 10 (instead of the management-VLAN 0) it doesn?t work. I found a doc that addresses this so I added trunking to the interface the WLC is attached to on our 6509 (CatOS)switch.
MySwitch (enable) set trunk 2/6 on dot1q
Trunking is enabled, but no dice. I thought this might be a routing issue between my switch and my gateway. So I changed the VLAN on the management interface. I thought this would at the very least allow me to ping the switch, but I was wrong. I changed that back and added this entry into our gateway
interface Vlan10
ip address 192.168.20.1 255.255.255.0
I thought that way the wireless controller would be able to see the IP address, on the router, but it didn?t work.
Also I cannot use the new DHCP range I chose (192.168.10.x), I assume because it is not 10.1.x.x, so it can?t find it.
I would really appreciate some help from someone who has done this. I am very confused.Hi
Okay number of things here.
Firstly you are correct about needing a trunk interface between the WLC and your switch. Make sure that all the vlans you have created are allowed on the trunk link.
On the 6509 run
"sh int trunk" and confirm that the status is up.
You will need to create vlan interfaces for each of your WLC vlans on the 6500. You say you have created vlan 10 interface on the 6500.
What is the default gateway on the WLC set to ?
For DHCP addressing to work you will need to us eth "ip helper-address "DHCP IP address" under the vlan interface eg
vlan 10
ip address 192.168.20.1 255.255.255.0
ip helper-address "DHCP server address"
You need to do this for all vlan interfaces you want to pick IP addresses up for clients.
HTH
Jon -
Wlc management port can't trunk other than native vlan
Hello,
Ihave installed my first WLC 5508 with this topology :
WLC Connected trought distrubtion SFP 1Gb port to Core Switch port configured as Trunk port permetting 3 Wireless VLAN :
- Management WLC, Wireless Voice and Wireless Data Vlan (native Vlan is management WLAN).
- I have created 2 dynamic interface on WLC regarding my Wireless VLAN :
10.7.1.0/24 : Defaut Management Virtual Interface when installing WLC +
10.7.6.0/24 : Voice Virtual Interface and
10.7.2.0/24 : Wireless Data Virtual Interface trought GUI.
DHCP configured on each dynamic interface is the L3 vlan interface for equal VLAN subent for CORE SWITCH contining IP DHCP Pool.
WLC Management Inerface IP adress is : 10.7.1.10/24
I Have create 2 WLAN with SSID named Data ID 1 & Voice ID2.
I have create and AP Groupe named APGRP1 containing the AP registered on WLC and using both SSID WLAN.
Both AP are connected to Switch acess port configured as access port to native management WLC VLAN.
I have create 3 IP DHCP pool on Core switch with related L3 Interfaces for Inter VLAN routing.
Problem: when I try to connect from laptop to Data SSID I get IP Address from management WLC VLAN a non DATA VLAN.
the same case from Wireless IP Phone configured with Voice SSID.
What can I modifie that permet to both device to get IP address from the correct VLAN?
ThnksHi Adil,
Q1 >> AP access port on the switch must be configured on an Access port mode or trunk mode?
ANS - The LWAPP/ CAPWAP APs connected to the switchport should be a Access port not trunk.
Q2>> if the first case, setting the port on, the same VLAN like WLC Management VLAN will support other WLAN Vlans (voice and data)?
ANS - Yes it does support, since the traffic which involes the WLAN will be inside the LWAPP/CAPWAP logical tunnel.
Q3>> I will verify the interface mapping between WLAN and Dynamic Interfaces and i will tell you.
ANS - I will be waiting for your response!!
lemme know if this answered your question..
Regards
Surendra
====
Please dont forget to rate the posts which answered your question and mark it as answered or was helpfull -
Hi guys,
Let’s say I want to put WLC’s management interface and APs in a separate VLAN than the native/untagged one as Cisco recommends that as a good design practice to use only tagged VLANs on the WLC:
Management Interface VLAN Identifier (0 = untagged): 60
Now on the switchport which connects to the WLC, can I just do the following:
interface GigabitEthernet1/0/1
description Trunk Port to Cisco WLC
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 2-4,60
switchport mode trunk
no shutdown
or I need to add this command as well to make it work? :
switchport trunk native vlan 60
In other word, can I put the management interface in a tagged VLAN but not changing the native/untagged VLAN? The reason that I don’t want to touch native VLAN is that the non-Cisco L3 device in the network doesn’t let me to change its untagged VLAN.
Regards,
Samanf you are setting the wlc vlan to 0 which is untagged, then you need the switchport trunk native vlan 60
If I'm using default untagged 0, then why do I bother changing naive VLAN to 60 on the switch?
where did you get that VLAN 60 from? Am I missing something or you made a typo?
By the way, here is my point of confusion:
Please go to this link . You'll see the following on WLC:
Management Interface VLAN Identifier (0 = untagged): 60
and the following on the switch:
interface GigabitEthernet1/0/1
description Trunk Port to Cisco WLC
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 2-4,60
switchport mode trunk
no shutdown
Now go to this link and you will see this on WLC:
Management Interface VLAN Identifier (0 = untagged): 60
and this on the Switch:
interface GigabitEthernet1/0/1
description Trunk Port to Cisco WLC
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 3-4,60
switchport mode trunk
switchport trunk native vlan 60
no shutdown -
Hello,
Let me first start out by saying I am new to configuring WLC's.
Our small business (5-15 wireless devices + 15ish wired) is trying to use a hand-me-down WLC and AP for our office wifi.
We have a WLC2106 directly connected to a 1231G-A-K9 via the WLC's port 8 POE. I am aware Cisco does not recommend this method, but we do not have a configurable switch at our disposal. We do not need separate VLAN's therefore I have left everything untagged. The AP has a static IP setup to allow communication to the WLC since it did not pull one from the WLC. The AP is getting the correct network information and is showing up on the WLC monitoring page. I am able to connect to the new wireless network and able to ping between devices connected to the same AP. Now here is my question/issue. I cannot get communication from the WLC/AP to the rest of our network via an unconfigurable Netgear switch (FS605v3). After connecting an open switch port from the Netgear switch to port 4 on the WLC, I am lost. I tried giving port 4 on the WLC an address on the office network, but I receive an error stating "the IP information conflicts with another device". ANY help would be greatly appreciated.
Here is what I have setup on WLC
Virtual - 1.1.1.1
MNG IP-192.168.10.10
AP MNG Ip- 192.168.10.11
Subnet - /24
Gateway - 192.168.10.1
DHCP - 192.168.10.250
DNS - 192.168.10.250
Static Address on the AP's fa0-192.168.10.15
Attempted port 4 setup on WLC
VLAN identifier 0
IP- 192.168.10.25
Mask - /24
Gateway - 192.168.10.1
Port - 4
Our office network setup:
Subnet - /24
Gateway-192.168.10.1
DHCP - 192.168.10.250
DNS - 192.168.10.250Plug one WLC interface (lets say Port 1) in to your netgear switch and configure the WLC as;
Management Interface - Port 1, 192.168.10.10, 255.255.255.0 GW=.1 VLAN=0, DHCP Server = 192.168.10.250
AP Manager Interface - 192.168.10.11, 255.255.255.0 GW=.1 VLAN=0
Virtual Interface 192.0.2.1 (or 1.1.1.1 will be fine, but it is a routable address these days)
Make sure these addresses aren't in use and are not part of your DHCP IP Address pools. Delete any other interfaces you have created during your play time with the WLC.
Plug the AP in to your netgear switch and configure it as;
192.168.10.12 /24
Configure the WLAN on your WLC to use the "Management" Interface
At this point, you should be in business
If not, Telnet/SSH to the WLC and grab a "show run" output... Post it on here and somebody will help.
Richard -
Scenario for single WLAN to multiple VLANs
Hi there,
I read from this forum some discussion about the WLC VLAN Select feature.
http://www.cisco.com/image/gif/paws/113465/vlan-select-dg-00.pdf
I see that you can use this feature to have multiple VLANS (interfaces) to map to the same WLAN (SSID).
What I try to learn is under what scenarios would people need to have mutliple vlan mapped to single SSID?
In my environment, I have 50+ AP int he campus on 20+ Cisco 4500 switches. I have single WLAN and it is mapped to one subnet. All wireless users would be on that subnets, whereas wired users are on 20+ subnets of their own.
Can someone help me to see under what scenarior (or requirement) that I would want to have multiple vlans mapped to single SSID?
Thanks.having a large number of users in single subnet is not the best in all designs, since you will have a large single broadcast domain which is a true disaster with dense networks. If you the company policy states that we need only one single ssid
for the whole employees within the company, it doesn't make sense to have them all on the same subnet.
A lot of options are available to overcome such issues :
for example, we might have AP groups feature , dynamic vlan assignment given that we have radius server in place, and vlan pooling.
It might not be feasible to have RADIUS server all the time, and AP groups might be kind of administrtive overhead as well as it might induce a lot of issues when aps fail over from controller to controller --> Vlan select is a good soultion considering the previously mentioned reasons.
Please Make sure to rate correct answers -
WLC Guest Access Internet Routing
Not sure if this the right forum, but i'm wondering if anyone can explain this.
I have a trunk from the wlc to my router with one switch in between.
wlc---trunk----3560---trunk---2821
The interface on the wlc and the 2821 both have an ip address and can ping each other. When a wireless client connects to the guest network they cannot access the internet unless the 3560 switch has an ip address set on the vlan that is trunked from the wlc to the router
wlc(vlan 825 - 10.7.200.2)----trunk-----3560(vlan 825 - 10.7.200.3)-----trunk-----2821(vlan825 - 10.7.200.1)
The gateway for the clients is 10.7.200.1 which is the router. If i take the ip address off of the vlan interface on the 3560 the trunk is still there, but the clients on the guest network cannot get through. The gateway on the interface on the wlc is also set to 10.7.200.1
Any ideas why I need that ip address on the 3560?
Dan.Hi Dan,
you may send the switch "show tech" and the WLC "show run-config" taken with the problematic config for a quick look.
Regards,
Federico -
Hi all,
I'm running a 2106 with version 6.0.196.0. I'm running a couple indoor 1131s on it for regular client access successfully, but my problem is with trying to Ethernet Bridge Wireless Mesh two 1522s. I have placed the 1522 MAC addresses in the MAC Filter. I have Ethernet Bridging radio set on both the RAP and the MAP. I have the RAP and MAP connecting(They see each other as AWAPP neighbors, I can ping the MAP from the wired LAN, and it registers to the WLC, but I can't seem to bridge through these APs. I tried setting the Switchport attached to the RAP as an access port were the WLC and other APs sit as well as tried trunking it, making that same WLC vlan the native vlan. I also tried creating a separate AP group for the 1522s...no joy. Can anyone point me in the right direction on this?/* Style Definitions */
table.MsoNormalTable
{mso-style-name:"Table Normal";
mso-tstyle-rowband-size:0;
mso-tstyle-colband-size:0;
mso-style-noshow:yes;
mso-style-priority:99;
mso-style-qformat:yes;
mso-style-parent:"";
mso-padding-alt:0cm 5.4pt 0cm 5.4pt;
mso-para-margin-top:0cm;
mso-para-margin-right:0cm;
mso-para-margin-bottom:10.0pt;
mso-para-margin-left:0cm;
line-height:115%;
mso-pagination:widow-orphan;
font-size:11.0pt;
font-family:"Calibri","sans-serif";
mso-ascii-font-family:Calibri;
mso-ascii-theme-font:minor-latin;
mso-hansi-font-family:Calibri;
mso-hansi-theme-font:minor-latin;
mso-bidi-font-family:"Times New Roman";
mso-bidi-theme-font:minor-bidi;}
Indoor WLAN and outdoor mesh is not supported on the same WLC at the same time.
So you cannot mix 1131s and 1522s on the same controller.
Regards,
André -
Hi,
I have a 1142N which does not join the WLC when connected via a 2960 switch. When I connect a different lap 1142N to the same port on the same switch using the same cables, it does join the lap to the WLC. And when I connect the first lap directly to the WLC it also works fine.
Resetting the failing lap does not fix the problem. All software levels on the lap are the same.
Anyone an idea what could be wrong?
Thanks in advance.
Regards
Jeroenthnx for your support so far.
All the AP's are the same, AIR-LAP1142N-E-K9 v05. I have two AP's which work fine when connected via the 2960 therefore I assume that the switch, wlc, vlan and dhcp configuration is fine.The thirth one is giving me some challenges ;-)
Note: the non working AP is only not working when connected via de 2960, it is working fine when directly connected to the WLC2106.
@David, where can i find the regulatory domain setting?
working AP
NAME: "AP1140", DESCR: "Cisco Aironet 1140 Series (IEEE 802.11n) Access Point"
PID: AIR-LAP1142N-E-K9
failing AP
NAME: "AP1140", DESCR: "Cisco Aironet 1140 Series (IEEE 802.11n) Access Point"
PID: AIR-LAP1142N-E-K9
AP manager subnet
192.168.1.0/24
Management subnet
192.168.2.0/24
WLC2106 sysinfo
==================================================================================
(Cisco Controller) >show sysinfo
Manufacturer's Name.............................. Cisco Systems Inc.
Product Name..................................... Cisco Controller
Product Version.................................. 7.0.220.0
RTOS Version..................................... 7.0.220.0
Bootloader Version............................... 4.0.191.0
Emergency Image Version.......................... 6.0.199.4
Build Type....................................... DATA + WPS
System Name...................................... CiscoWLC1
System Location..................................
System Contact...................................
System ObjectID.................................. 1.3.6.1.4.1.9.1.828
IP Address....................................... 192.168.2.2
System Up Time................................... 10 days 0 hrs 31 mins 36 secs
System Timezone Location.........................
Configured Country............................... NL - Netherlands
Operating Environment............................ Commercial (0 to 40 C)
Internal Temp Alarm Limits....................... 0 to 65 C
Internal Temperature............................. +48 C
--More-- or (q)uit
State of 802.11b Network......................... Enabled
State of 802.11a Network......................... Enabled
Number of WLANs.................................. 2
Number of Active Clients......................... 0
Burned-in MAC Address............................ 70:81:05:AE:F9:C0
Maximum number of APs supported.................. 6
DHCP pool configured on core switch
==================================================================================
ip dhcp pool AP-Pool
network 192.168.1.0 255.255.255.0
default-router 192.168.1.254
dns-server 192.168.1.1
Boot info failing WAP
==================================================================================
using eeprom values
WRDTR,CLKTR: 0x85000800 0x40000000
RQDC ,RFDC : 0x80000037 0x0000020f
using ÿÿÿÿ ddr static values from serial eeprom
ddr init done
Running Normal Memtest...
Passed.
IOS Bootloader - Starting system.
FLASH CHIP: Numonyx P33
Checking for Over Erased blocks
Xmodem file system is available.
DDR values used from system serial eeprom.
WRDTR,CLKTR: 0x85000800, 0x40000000
RQDC, RFDC : 0x80000037, 0x0000020f
PCIE0: link is up.
PCIE0: VC0 is active
PCIE1: link is up.
PCIE1: VC0 is active
PCIEx: initialization done
flashfs[0]: 28 files, 8 directories
flashfs[0]: 0 orphaned files, 0 orphaned directories
% Please define a domain-name first.
Press RETURN to get started!
*Mar 1 00:00:08.197: %SOAP_FIPS-2-SELF_TEST_IOS_SUCCESS: IOS crypto FIPS self test passed
*Mar 1 00:00:08.208: *** CRASH_LOG = YES
Security Core found.
Base Ethernet MAC address: 64:9E:F3:B3:5F:88
*Mar 1 00:00:09.787: %SOAP_FIPS-2-SELF_TEST_RAD_SUCCESS: RADIO crypto FIPS self test passed on interface Dot11Radio 0
*Mar 1 00:00:10.359: %SOAP_FIPS-2-SELF_TEST_RAD_SUCCESS: RADIO crypto FIPS self test passed on interface Dot11Radio 1
*Mar 1 00:00:10.393: %LWAPP-3-CLIENTEVENTLOG: Read and initialized AP event log (contains, 215 messages)
*Mar 1 00:00:10.416: status of voice_diag_test from WLC is false
*Mar 1 00:00:11.459: %LINK-3-UPDOWN: Interface GigabitEthernet0, changed state to up
*Mar 1 00:00:12.536: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0, changed state to up
*Mar 1 00:00:12.573: %SYS-5-RESTART: System restarted --
Cisco IOS Software, C1140 Software (C1140-K9W8-M), Version 12.4(23c)JA3, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2011 by Cisco Systems, Inc.
Compiled Tue 18-Oct-11 14:52 by prod_rel_team
*Mar 1 00:00:12.573: %SNMP-5-COLDSTART: SNMP agent on host AP649e.f3b3.5f88 is undergoing a cold start
*Mar 1 00:11:43.044: %CAPWAP-5-CHANGED: CAPWAP changed state to DISCOVERY
*Mar 1 00:11:43.105: %LINK-5-CHANGED: Interface Dot11Radio1, changed state to reset
*Mar 1 00:11:43.105: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to reset
*Mar 1 00:11:44.106: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio1, changed state to down
*Mar 1 00:11:44.106: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to down
*Mar 1 00:11:44.297: %SSH-5-ENABLED: SSH 2.0 has been enabled
*Mar 1 00:11:52.102: %DHCP-6-ADDRESS_ASSIGN: Interface GigabitEthernet0 assigned DHCP address 192.168.1.44, mask 255.255.255.0, hostname AP649e.f3b3.5f88
*Mar 1 00:12:01.917: status of voice_diag_test from WLC is false
*Mar 1 00:12:01.972: Logging LWAPP message to 255.255.255.255.
*Mar 1 00:12:04.769: %CDP_PD-4-POWER_OK: Full power - NEGOTIATED inline power source
*Mar 1 00:12:04.792: %LINK-3-UPDOWN: Interface Dot11Radio1, changed state to up
*Mar 1 00:12:04.816: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to up
*Mar 1 00:12:05.776: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio1, changed state to up
*Mar 1 00:12:05.776: %SYS-6-LOGGINGHOST_STARTSTOP: Logging to host 255.255.255.255 started - CLI initiated
*Mar 1 00:12:05.802: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to up
Translating "CISCO-CAPWAP-CONTROLLER"...domain server (192.168.1.1)
*Mar 1 00:13:13.006: %CAPWAP-3-DHCP_RENEW: Could not discover WLC using DHCP IP. Renewing DHCP IP.
Not in Bound state.
*Mar 1 00:13:23.524: %CAPWAP-3-ERRORLOG: Invalid event 38 & state 2 combination.
*Mar 1 00:13:23.637: %DHCP-6-ADDRESS_ASSIGN: Interface GigabitEthernet0 assigned DHCP address 192.168.1.45, mask 255.255.255.0, hostname AP649e.f3b3.5f88
Translating "CISCO-CAPWAP-CONTROLLER"...domain server (192.168.1.1)
*Mar 1 00:14:19.511: %CAPWAP-3-DHCP_RENEW: Could not discover WLC using DHCP IP. Renewing DHCP IP.
Not in Bound state.
*Mar 1 00:14:30.030: %CAPWAP-3-ERRORLOG: Invalid event 38 & state 2 combination.
*Mar 1 00:14:30.139: %DHCP-6-ADDRESS_ASSIGN: Interface GigabitEthernet0 assigned DHCP address 192.168.1.46, mask 255.255.255.0, hostname AP649e.f3b3.5f88
Translating "CISCO-CAPWAP-CONTROLLER"...domain server (192.168.1.1)
*Mar 1 00:15:26.013: %CAPWAP-3-DHCP_RENEW: Could not discover WLC using DHCP IP. Renewing DHCP IP.
Not in Bound state.
*Mar 1 00:15:36.532: %CAPWAP-3-ERRORLOG: Invalid event 38 & state 2 combination.
*Mar 1 00:15:36.640: %DHCP-6-ADDRESS_ASSIGN: Interface GigabitEthernet0 assigned DHCP address 192.168.1.47, mask 255.255.255.0, hostname AP649e.f3b3.5f88
Show version failing wap
==================================================================================
Cisco IOS Software, C1140 Software (C1140-K9W8-M), Version 12.4(23c)JA3, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2011 by Cisco Systems, Inc.
Compiled Tue 18-Oct-11 14:52 by prod_rel_team
ROM: Bootstrap program is C1140 boot loader
BOOTLDR: C1140 Boot Loader (C1140-BOOT-M) Version 12.4(23c)JA3, RELEASE SOFTWARE (fc1)
uptime is 6 minutes
System returned to ROM by power-on
System image file is "flash:/c1140-k9w8-mx.124-23c.JA3/c1140-k9w8-mx.124-23c.JA3"
This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.
A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html
If you require further assistance please contact us by sending email to
[email protected].
cisco AIR-LAP1142N-E-K9 (PowerPC405ex) processor (revision A0) with 98294K/32768K bytes of memory.
Processor board ID FCZ1548W0GJ
PowerPC405ex CPU at 586Mhz, revision number 0x147E
Last reset from power-on
LWAPP image version 7.0.220.0
1 Gigabit Ethernet interface
2 802.11 Radio(s)
32K bytes of flash-simulated non-volatile configuration memory.
Base ethernet MAC Address: 64:9E:F3:B3:5F:88
Part Number : 73-12836-03
PCA Assembly Number : 800-33767-03
PCA Revision Number : A0
PCB Serial Number : FOC15443W5A
Top Assembly Part Number : 800-33775-02
Top Assembly Serial Number : FCZ1548W0GJ
Top Revision Number : A0
Product/Model Number : AIR-LAP1142N-E-K9
Configuration register is 0xF
show inventory failing wap
==================================================================================
NAME: "AP1140", DESCR: "Cisco Aironet 1140 Series (IEEE 802.11n) Access Point"
PID: AIR-LAP1142N-E-K9
Message was edited by: Jeroen -
Can't ping wireless controller
I can figure out why I cant ping controller management interface 10.1.99.100 even from Native Vlan. Here is my controller config. It is connect to H3C 5800 switch. I have the switch config below as well. The port on the switch is on Native Vlan 1 untagged. Any help would be appreciated.
(Cisco Controller) show>interface summary
Interface Name Port Vlan Id IP Address Type Ap Mgr Guest
ap-manager 1 untagged 10.1.99.101 Static Yes No
external 1 8 10.0.1.250 Dynamic No No
internal 1 93 10.42.156.66 Dynamic No No
management 1 untagged 10.1.99.100 Static No No
virtual
H3C port configuration
Interface GigabitEthernet1/0/16
port link-mode bridge
port link-type hybrid
port hybrid vlan 2 8 92 to 93 tagged
port hybrid vlan 1 3 199 untagged
speed 100
duplex fullChange the WLC vlan id to 0. Zero is untagged.
Sent from Cisco Technical Support iPhone App -
I have a Problem with Romming Between SSIDs withing the same WLC but with deferent VLAN .
HI All,
I have a Problem with Romming Between SSIDs withing the same WLC but with deferent VLAN . the WLC are providing the HQ and one of the Branches the Wireless services .
Am using all the available 9 SSIDs at the HQ , and am using only 4 of it at the Brnche.
The problem that i have are happening only at the Branch office as i cant room between the SSIDs within Diferent VLANs but i can do it with the one that pointing to the same VLAN. Once the client ( Laptop/Phone ) connected to one of the SSIDs. it imposiible to have him connected to the other ones with Different VLAN. meanwhile, It says its connected to the other SSID but its not getting IP from that pool.
here is the Show Run-Config from my WLC .. and the Problem happening between the SSID AMOBILE and ASTAFF. i have the Debug while am switching between the SSIDs if needed .
=~=~=~=~=~=~=~=~=~=~=~= PuTTY log 2013.11.04 10:20:47 =~=~=~=~=~=~=~=~=~=~=~=
show run-config
Press Enter to continue...
System Inventory
NAME: "Chassis" , DESCR: "Cisco 5500 Series Wireless LAN Controller"
PID: AIR-CT5508-K9, VID: V01, SN: FCW1535L01G
Burned-in MAC Address............................ 30:E4:DB:1B:99:80
Power Supply 1................................... Present, OK
Power Supply 2................................... Absent
Maximum number of APs supported.................. 12
Press Enter to continue or <ctrl-z> to abort
System Information
Manufacturer's Name.............................. Cisco Systems Inc.
Product Name..................................... Cisco Controller
Product Version.................................. 7.0.235.0
Bootloader Version............................... 1.0.1
Field Recovery Image Version..................... 6.0.182.0
Firmware Version................................. FPGA 1.3, Env 1.6, USB console 1.27
Build Type....................................... DATA + WPS
System Name...................................... WLAN Controller 5508
System Location..................................
System Contact...................................
System ObjectID.................................. 1.3.6.1.4.1.9.1.1069
IP Address....................................... 10.125.18.15
Last Reset....................................... Software reset
System Up Time................................... 41 days 5 hrs 14 mins 42 secs
System Timezone Location......................... (GMT -5:00) Eastern Time (US and Canada)
Current Boot License Level....................... base
Current Boot License Type........................ Permanent
Next Boot License Level.......................... base
Next Boot License Type........................... Permanent
Configured Country............................... US - United States
--More or (q)uit current module or <ctrl-z> to abort
Operating Environment............................ Commercial (0 to 40 C)
Internal Temp Alarm Limits....................... 0 to 65 C
Internal Temperature............................. +36 C
External Temperature............................. +20 C
Fan Status....................................... OK
State of 802.11b Network......................... Enabled
State of 802.11a Network......................... Enabled
Number of WLANs.................................. 10
Number of Active Clients......................... 61
Burned-in MAC Address............................ 30:E4:DB:1B:99:80
Power Supply 1................................... Present, OK
Power Supply 2................................... Absent
Maximum number of APs supported.................. 12
Press Enter to continue or <ctrl-z> to abort
AP Bundle Information
Primary AP Image Size
ap3g1 5804
ap801 5192
ap802 5232
c1100 3096
c1130 4972
c1140 4992
c1200 3364
c1240 4812
c1250 5512
c1310 3136
c1520 6412
c3201 4324
c602i 3716
Secondary AP Image Size
ap801 4964
c1100 3036
--More or (q)uit current module or <ctrl-z> to abort
c1130 4884
c1140 4492
c1200 3316
c1240 4712
c1250 5064
c1310 3084
c1520 5244
c3201 4264
Press Enter to continue or <ctrl-z> to abort
Switch Configuration
802.3x Flow Control Mode......................... Disable
FIPS prerequisite features....................... Disabled
secret obfuscation............................... Enabled
Strong Password Check Features:
case-check ...........Enabled
consecutive-check ....Enabled
default-check .......Enabled
username-check ......Enabled
Press Enter to continue or <ctrl-z> to abort
Network Information
RF-Network Name............................. OGR
Web Mode.................................... Disable
Secure Web Mode............................. Enable
Secure Web Mode Cipher-Option High.......... Disable
Secure Web Mode Cipher-Option SSLv2......... Enable
OCSP........................................ Disabled
OCSP responder URL..........................
Secure Shell (ssh).......................... Enable
Telnet...................................... Disable
Ethernet Multicast Forwarding............... Disable
Ethernet Broadcast Forwarding............... Disable
AP Multicast/Broadcast Mode................. Unicast
IGMP snooping............................... Disabled
IGMP timeout................................ 60 seconds
IGMP Query Interval......................... 20 seconds
User Idle Timeout........................... 300 seconds
ARP Idle Timeout............................ 300 seconds
Cisco AP Default Master..................... Enabled
AP Join Priority............................ Disable
Mgmt Via Wireless Interface................. Disable
Mgmt Via Dynamic Interface.................. Disable
--More or (q)uit current module or <ctrl-z> to abort
Bridge MAC filter Config.................... Enable
Bridge Security Mode........................ EAP
Mesh Full Sector DFS........................ Enable
AP Fallback ................................ Enable
Web Auth Redirect Ports .................... 80
Web Auth Proxy Redirect ................... Disable
Fast SSID Change ........................... Enabled
AP Discovery - NAT IP Only ................. Enabled
IP/MAC Addr Binding Check .................. Enabled
Press Enter to continue or <ctrl-z> to abort
Port Summary
STP Admin Physical Physical Link Link
Pr Type Stat Mode Mode Status Status Trap POE SFPType
1 Normal Forw Enable Auto 1000 Full Up Enable N/A 1000BaseTX
2 Normal Disa Enable Auto Auto Down Enable N/A Not Present
3 Normal Disa Enable Auto Auto Down Enable N/A Not Present
4 Normal Disa Enable Auto Auto Down Enable N/A Not Present
5 Normal Disa Enable Auto Auto Down Enable N/A Not Present
6 Normal Disa Enable Auto Auto Down Enable N/A Not Present
7 Normal Disa Enable Auto Auto Down Enable N/A Not Present
8 Normal Disa Enable Auto Auto Down Enable N/A Not Present
Press Enter to continue or <ctrl-z> to abort
AP Summary
Number of APs.................................... 8
Global AP User Name.............................. Not Configured
Global AP Dot1x User Name........................ Not Configured
AP Name Slots AP Model Ethernet MAC Location Port Country Priority
KNOWLOGY_DC01 2 AIR-LAP1131AG-A-K9 00:1d:45:86:ed:4e KNOWLOGY_DC_Serv 1 US 1
KNOWLOGY_DC02 2 AIR-LAP1131AG-A-K9 00:21:d8:36:c5:c4 KNOWLOGY_DC_Serv 1 US 1
KN1252_AP01 2 AIR-LAP1252AG-A-K9 00:21:d8:ef:06:50 Knowlogy Confere 1 US 1
KN1252_AP02 2 AIR-LAP1252AG-A-K9 00:22:55:8e:2e:d4 Server Room Side 1 US 1
Anham_AP03 2 AIR-LAP1142N-A-K9 70:81:05:88:15:b5 default location 1 US 1
ANHAM_AP01 2 AIR-LAP1142N-A-K9 70:81:05:b0:e4:62 Small Conference 1 US 1
ANHAM_AP04 2 AIR-LAP1131AG-A-K9 00:1d:45:86:e1:b8 Conference room 1 US 1
ANHAM_AP02 2 AIR-LAP1142N-A-K9 70:81:05:96:7a:49 Copy Room 1 US 1
AP Tcp-Mss-Adjust Info
AP Name TCP State MSS Size
KNOWLOGY_DC01 disabled -
KNOWLOGY_DC02 disabled -
--More or (q)uit current module or <ctrl-z> to abort
KN1252_AP01 disabled -
KN1252_AP02 disabled -
Anham_AP03 disabled -
ANHAM_AP01 disabled -
ANHAM_AP04 disabled -
ANHAM_AP02 disabled -
Press Enter to continue or <ctrl-z> to abort
AP Location
Total Number of AP Groups........................ 3
Site Name........................................ ANHAM8075
Site Description................................. ANHAM 8075 Location
WLAN ID Interface Network Admission Control Radio Policy
1 knowlogy_ogr Disabled None
6 knowlogy_ogr Disabled None
9 knowlogy_ogr Disabled None
7 knowlogy_ogr Disabled None
AP Name Slots AP Model Ethernet MAC Location Port Country Priority
Anham_AP03 2 AIR-LAP1142N-A-K9 70:81:05:88:15:b5 default location 1 US 1
ANHAM_AP01 2 AIR-LAP1142N-A-K9 70:81:05:b0:e4:62 Small Conference 1 US 1
ANHAM_AP04 2 AIR-LAP1131AG-A-K9 00:1d:45:86:e1:b8 Conference room 1 US 1
ANHAM_AP02 2 AIR-LAP1142N-A-K9 70:81:05:96:7a:49 Copy Room 1 US 1
Site Name........................................ Knowlogy_DC
--More or (q)uit current module or <ctrl-z> to abort
Site Description................................. DC Center Access points
WLAN ID Interface Network Admission Control Radio Policy
2 knowlogy_ogr Disabled None
4 knowlogy_ogr Disabled None
3 knowlogy_ogr Disabled None
AP Name Slots AP Model Ethernet MAC Location Port Country Priority
KNOWLOGY_DC01 2 AIR-LAP1131AG-A-K9 00:1d:45:86:ed:4e KNOWLOGY_DC_Serv 1 US 1
KNOWLOGY_DC02 2 AIR-LAP1131AG-A-K9 00:21:d8:36:c5:c4 KNOWLOGY_DC_Serv 1 US 1
Site Name........................................ OGR
Site Description................................. 1934 OGR Office
WLAN ID Interface Network Admission Control Radio Policy
1 knowlogy_ogr Disabled None
2 knowlogy_ogr Disabled None
4 knowlogy_ogr Disabled None
6 knowlogy_ogr Disabled None
--More or (q)uit current module or <ctrl-z> to abort
7 knowlogy_ogr Disabled None
9 knowlogy_ogr Disabled None
8 knowlogy_ogr Disabled None
AP Name Slots AP Model Ethernet MAC Location Port Country Priority
KN1252_AP01 2 AIR-LAP1252AG-A-K9 00:21:d8:ef:06:50 Knowlogy Confere 1 US 1
KN1252_AP02 2 AIR-LAP1252AG-A-K9 00:22:55:8e:2e:d4 Server Room Side 1 US 1
Site Name........................................ default-group
Site Description................................. <none>
WLAN ID Interface Network Admission Control Radio Policy
1 knowlogy_ogr Disabled None
2 knowlogy_ogr Disabled None
3 knowlogy_ogr Disabled None
4 knowlogy_ogr Disabled None
5 knowlogy_ogr Disabled None
6 knowlogy_ogr Disabled None
7 knowlogy_ogr Disabled None
8 knowlogy_ogr Disabled None
--More or (q)uit current module or <ctrl-z> to abort
9 knowlogy_ogr Disabled None
10 management Disabled None
AP Name Slots AP Model Ethernet MAC Location Port Country Priority
Press Enter to continue or <ctrl-z> to abort
AP Config
Cisco AP Identifier.............................. 6
Cisco AP Name.................................... KNOWLOGY_DC01
Country code..................................... US - United States
Regulatory Domain allowed by Country............. 802.11bg:-A 802.11a:-A
AP Country code.................................. US - United States
AP Regulatory Domain............................. -A
Switch Port Number .............................. 1
MAC Address...................................... 00:1d:45:86:ed:4e
IP Address Configuration......................... DHCP
IP Address....................................... 10.22.1.100
Gateway IP Addr.................................. 10.22.1.1
NAT External IP Address.......................... None
CAPWAP Path MTU.................................. 1485
Telnet State..................................... Disabled
Ssh State........................................ Disabled
Cisco AP Location................................ KNOWLOGY_DC_ServerRoom
Cisco AP Group Name.............................. Knowlogy_DC
Primary Cisco Switch Name........................ wireless.knowlogy.com
Primary Cisco Switch IP Address.................. 10.125.18.15
Secondary Cisco Switch Name......................
Secondary Cisco Switch IP Address................ Not Configured
--More or (q)uit current module or <ctrl-z> to abortIP Address.................. 10.125.18.15
Tertiary Cisco Switch Name.......................
Tertiary Cisco Switch IP Address................. Not Configured
Administrative State ............................ ADMIN_ENABLED
Operation State ................................. REGISTERED
Mirroring Mode .................................. Disabled
AP Mode ......................................... H-Reap
Public Safety ................................... Disabled
AP SubMode ...................................... Not Configured
Remote AP Debug ................................. Disabled
Logging trap severity level ..................... informational
Logging syslog facility ......................... kern
S/W Version .................................... 7.0.235.0
Boot Version ................................... 12.3.8.0
Mini IOS Version ................................ 3.0.51.0
Stats Reporting Period .......................... 180
LED State........................................ Enabled
PoE Pre-Standard Switch.......................... Disabled
PoE Power Injector MAC Addr...................... Disabled
Power Type/Mode.................................. Power injector / Normal mode
Number Of Slots.................................. 2
AP Model......................................... AIR-LAP1131AG-A-K9
AP Image......................................... C1130-K9W8-M
IOS Version...................................... 12.4(23c)JA5
--More or (q)uit current module or <ctrl-z> to abort
Reset Button..................................... Enabled
AP Serial Number................................. FTX1134T0QG
AP Certificate Type.............................. Manufacture Installed
H-REAP Vlan mode :............................... Enabled
Native ID :..................................... 22
WLAN 2 :........................................ 21
WLAN 4 :........................................ 25
WLAN 3 :........................................ 25
H-REAP Backup Auth Radius Servers :
Static Primary Radius Server.................... Disabled
Static Secondary Radius Server.................. Disabled
Group Primary Radius Server..................... Disabled
Group Secondary Radius Server................... Disabled
AP User Mode..................................... AUTOMATIC
AP User Name..................................... Not Configured
AP Dot1x User Mode............................... Not Configured
AP Dot1x User Name............................... Not Configured
Cisco AP system logging host..................... 255.255.255.255
AP Up Time....................................... 48 days, 20 h 19 m 18 s
AP LWAPP Up Time................................. 40 days, 13 h 58 m 18 s
Join Date and Time............................... Tue Sep 24 21:24:33 2013
Join Taken Time.................................. 0 days, 00 h 10 m 47 s
--More or (q)uit current module or <ctrl-z> to abort
Attributes for Slot 0
Radio Type................................... RADIO_TYPE_80211b
Administrative State ........................ ADMIN_ENABLED
Operation State ............................. UP
Radio Role .................................. ACCESS
CellId ...................................... 0
Station Configuration
Configuration ............................. AUTOMATIC
Number Of WLANs ........................... 3
Medium Occupancy Limit .................... 100
CFP Period ................................ 4
CFP MaxDuration ........................... 60
BSSID ..................................... 00:1d:71:09:8f:90
Operation Rate Set
1000 Kilo Bits........................... MANDATORY
2000 Kilo Bits........................... MANDATORY
5500 Kilo Bits........................... MANDATORY
11000 Kilo Bits.......................... MANDATORY
Beacon Period ............................. 100
Fragmentation Threshold ................... 2346
Multi Domain Capability Implemented ....... TRUE
--More or (q)uit current module or <ctrl-z> to abort
Multi Domain Capability Enabled ........... TRUE
Country String ............................ US
Multi Domain Capability
Configuration ............................. AUTOMATIC
First Chan Num ............................ 1
Number Of Channels ........................ 11
MAC Operation Parameters
Configuration ............................. AUTOMATIC
Fragmentation Threshold ................... 2346
Packet Retry Limit ........................ 64
Tx Power
Num Of Supported Power Levels ............. 8
Tx Power Level 1 .......................... 20 dBm
Tx Power Level 2 .......................... 17 dBm
Tx Power Level 3 .......................... 14 dBm
Tx Power Level 4 .......................... 11 dBm
Tx Power Level 5 .......................... 8 dBm
Tx Power Level 6 .......................... 5 dBm
Tx Power Level 7 .......................... 2 dBm
Tx Power Level 8 .......................... -1 dBm
--More or (q)uit current module or <ctrl-z> to abort
Tx Power Configuration .................... AUTOMATIC
Current Tx Power Level .................... 1
Phy DSSS parameters
Configuration ............................. AUTOMATIC
Current Channel ........................... 11
Extension Channel ......................... NONE
Channel Width.............................. 20 Mhz
Allowed Channel List....................... 1,2,3,4,5,6,7,8,9,10,11
Current CCA Mode .......................... 0
ED Threshold .............................. -50
Antenna Type............................... INTERNAL_ANTENNA
Internal Antenna Gain (in .5 dBi units).... 8
Diversity.................................. DIVERSITY_ENABLED
Performance Profile Parameters
Configuration ............................. AUTOMATIC
Interference threshold..................... 10 %
Noise threshold............................ -70 dBm
RF utilization threshold................... 80 %
Data-rate threshold........................ 1000000 bps
Client threshold........................... 12 clients
Coverage SNR threshold..................... 12 dB
--More or (q)uit current module or <ctrl-z> to abort
Coverage exception level................... 25 %
Client minimum exception level............. 3 clients
Rogue Containment Information
Containment Count............................ 0
CleanAir Management Information
CleanAir Capable......................... No
Cisco AP Identifier.............................. 6
Cisco AP Name.................................... KNOWLOGY_DC01
Country code..................................... US - United States
Regulatory Domain allowed by Country............. 802.11bg:-A 802.11a:-A
AP Country code.................................. US - United States
AP Regulatory Domain............................. -A
Switch Port Number .............................. 1
MAC Address...................................... 00:1d:45:86:ed:4e
IP Address Configuration......................... DHCP
IP Address....................................... 10.22.1.100
Gateway IP Addr.................................. 10.22.1.1
NAT External IP Address.......................... None
CAPWAP Path MTU.................................. 1485
Telnet State..................................... Disabled
Ssh State........................................ Disabled
--More or (q)uit current module or <ctrl-z> to abort
Cisco AP Location................................ KNOWLOGY_DC_ServerRoom
Cisco AP Group Name.............................. Knowlogy_DC
Primary Cisco Switch Name........................ wireless.knowlogy.com
Primary Cisco Switch Secondary Cisco Switch Name......................
Secondary Cisco Switch IP Address................ Not Configured
Tertiary Cisco Switch Name.......................
Tertiary Cisco Switch IP Address................. Not Configured
Administrative State ............................ ADMIN_ENABLED
Operation State ................................. REGISTERED
Mirroring Mode .................................. Disabled
AP Mode ......................................... H-Reap
Public Safety ................................... Disabled
AP SubMode ...................................... Not Configured
Remote AP Debug ................................. Disabled
Logging trap severity level ..................... informational
Logging syslog facility ......................... kern
S/W Version .................................... 7.0.235.0
Boot Version ................................... 12.3.8.0
Mini IOS Version ................................ 3.0.51.0
Stats Reporting Period .......................... 180
LED State........................................ Enabled
PoE Pre-Standard Switch.......................... Disabled
PoE Power Injector MAC Addr...................... Disabled
--More or (q)uit current module or <ctrl-z> to abort
Power Type/Mode.................................. Power injector / Normal mode
Number Of Slots.................................. 2
AP Model......................................... AIR-LAP1131AG-A-K9
AP Image......................................... C1130-K9W8-M
IOS Version...................................... 12.4(23c)JA5
Reset Button..................................... Enabled
AP Serial Number................................. FTX1134T0QG
AP Certificate Type.............................. Manufacture Installed
H-REAP Vlan mode :............................... Enabled
Native ID :..................................... 22
WLAN 2 :........................................ 21
WLAN 4 :........................................ 25
WLAN 3 :........................................ 25
H-REAP Backup Auth Radius Servers :
Static Primary Radius Server.................... Disabled
Static Secondary Radius Server.................. Disabled
Group Primary Radius Server..................... Disabled
Group Secondary Radius Server................... Disabled
AP User Mode..................................... AUTOMATIC
AP User Name..................................... Not Configured
AP Dot1x User Mode............................... Not Configured
AP Dot1x User Name............................... Not Configured
Cisco AP system logging host..................... 255.255.255.255
--More or (q)uit current module or <ctrl-z> to abort
AP Up Time....................................... 48 days, 20 h 19 m 18 s
AP LWAPP Up Time................................. 40 days, 13 h 58 m 18 s
Join Date and Time............................... Tue Sep 24 21:24:33 2013
Join Taken Time.................................. 0 days, 00 h 10 m 47 s
Attributes for Slot 1
Radio Type................................... RADIO_TYPE_80211a
Radio Subband................................ RADIO_SUBBAND_ALL
Administrative State ........................ ADMIN_ENABLED
Operation State ............................. UP
Radio Role .................................. ACCESS
CellId ...................................... 0
Station Configuration
Configuration ............................. AUTOMATIC
Number Of WLANs ........................... 3
Medium Occupancy Limit .................... 100
CFP Period ................................ 4
CFP MaxDuration ........................... 60
BSSID ..................................... 00:1d:71:09:8f:90
Operation Rate Set
6000 Kilo Bits........................... MANDATORY
--More or (q)uit current module or <ctrl-z> to abort
9000 Kilo Bits........................... SUPPORTED
12000 Kilo Bits.......................... MANDATORY
18000 Kilo Bits.......................... SUPPORTED
24000 Kilo Bits.......................... MANDATORY
36000 Kilo Bits.......................... SUPPORTED
48000 Kilo Bits.......................... SUPPORTED
54000 Kilo Bits.......................... SUPPORTED
Beacon Period ............................. 100
Fragmentation Threshold ................... 2346
Multi Domain Capability Implemented ....... TRUE
Multi Domain Capability Enabled ........... TRUE
Country String ............................ US
Multi Domain Capability
Configuration ............................. AUTOMATIC
First Chan Num ............................ 36
Number Of Channels ........................ 20
MAC Operation Parameters
Configuration ............................. AUTOMATIC
Fragmentation Threshold ................... 2346
Packet Retry Limit ........................ 64
--More or (q)uit current module or <ctrl-z> to abort
Tx Power
Num Of Supported Power Levels ............. 7
Tx Power Level 1 .......................... 15 dBm
Tx Power Level 2 .......................... 14 dBm
Tx Power Level 3 .......................... 11 dBm
Tx Power Level 4 .......................... 8 dBm
Tx Power Level 5 .......................... 5 dBm
Tx Power Level 6 .......................... 2 dBm
Tx Power Level 7 .......................... -1 dBm
Tx Power Configuration .................... AUTOMATIC
Current Tx Power Level .................... 1
Phy OFDM parameters
Configuration ............................. AUTOMATIC
Current Channel ........................... 44
Extension Channel ......................... NONE
Channel Width.............................. 20 Mhz
Allowed Channel List....................... 36,40,44,48,52,56,60,64,100,
......................................... 104,108,112,116,132,136,140,
......................................... 149,153,157,161
TI Threshold .............................. -50
Antenna Type............................... INTERNAL_ANTENNA
Internal Antenna Gain (in .5 dBi units).... 8
--More or (q)uit current module or <ctrl-z> to abort
Diversity.................................. DIVERSITY_ENABLED
Performance Profile Parameters
Configuration ............................. AUTOMATIC
Interference threshold..................... 10 %
Noise threshold............................ -70 dBm
RF utilization threshold................... 80 %
Data-rate threshold........................ 1000000 bps
Client threshold........................... 12 clients
Coverage SNR threshold..................... 16 dB
Coverage exception level................... 25 %
Client minimum exception level............. 3 clients
Rogue Containment Information
Containment Count............................ 0
CleanAir Management Information
CleanAir Capable......................... No
Press Enter to continue or <ctrl-z> to abort
Cisco AP Identifier.............................. 3
Cisco AP Name.................................... KNOWLOGY_DC02
Country code..................................... US - United States
Regulatory Domain allowed by Country............. 802.11bg:-A 802.11a:-A
AP Country code.................................. US - United States
AP Regulatory Domain............................. -A
Switch Port Number .............................. 1
MAC Address...................................... 00:21:d8:36:c5:c4
IP Address Configuration......................... DHCP
IP Address....................................... 10.22.1.101
Gateway IP Addr.................................. 10.22.1.1
NAT External IP Address.......................... None
CAPWAP Path MTU.................................. 1485
Telnet State..................................... Disabled
Ssh State........................................ Disabled
Cisco AP Location................................ KNOWLOGY_DC_ServerRoom
Cisco AP Group Name.............................. Knowlogy_DC
Primary Cisco Switch Name........................
Primary Cisco Switch IP Address.................. Not Configured
Secondary Cisco Switch Name......................
Secondary Cisco Switch IP Address................ Not Configured
Tertiary Cisco Switch Name.......................
--More or (q)uit current module or <ctrl-z> to abort
Tertiary Cisco Switch IP Address................. Not Configured
Administrative State ............................ ADMIN_ENABLED
Operation State ................................. REGISTERED
Mirroring Mode .................................. Disabled
AP Mode ......................................... H-Reap
Public Safety ................................... Disabled
AP SubMode ...................................... Not Configured
Remote AP Debug ................................. Disabled
Logging trap severity level ..................... informational
Logging syslog facility ......................... kern
S/W Version .................................... 7.0.235.0
Boot Version ................................... 12.3.8.0
Mini IOS Version ................................ 3.0.51.0
Stats Reporting Period .......................... 180
LED State........................................ Enabled
PoE Pre-Standard Switch.......................... Enabled
PoE Power Injector MAC Addr...................... Disabled
Power Type/Mode.................................. Power injector / Normal mode
Number Of Slots.................................. 2
AP Model......................................... AIR-LAP1131AG-A-K9
AP Image......................................... C1130-K9W8-M
IOS Version...................................... 12.4(23c)JA5
Reset Button..................................... Enabled
--More or (q)uit current module or <ctrl-z> to abort
AP Serial Number................................. FTX1230T24F
AP Certificate Type.............................. Manufacture Installed
H-REAP Vlan mode :............................... Enabled
Native ID :..................................... 22
WLAN 2 :........................................ 21
WLAN 4 :........................................ 25
WLAN 3 :........................................ 25
H-REAP Backup Auth Radius Servers :
Static Primary Radius Server.................... Disabled
Static Secondary Radius Server.................. Disabled
Group Primary Radius Server..................... Disabled
Group Secondary Radius Server................... Disabled
AP User Mode..................................... AUTOMATIC
AP User Name..................................... Not Configured
AP Dot1x User Mode............................... Not Configured
AP Dot1x User Name............................... Not Configured
Cisco AP system logging host..................... 255.255.255.255
AP Up Time....................................... 48 days, 20 h 24 m 41 s
AP LWAPP Up Time................................. 40 days, 13 h 58 m 18 s
Join Date and Time............................... Tue Sep 24 21:24:35 2013
Join Taken Time.................................. 0 days, 00 h 10 m 48 s
--More or (q)uit current module or <ctrl-z> to abort
Attributes for Slot 0
Radio Type................................... RADIO_TYPE_80211b
Administrative State ........................ ADMIN_ENABLED
Operation State ............................. UP
Radio Role .................................. ACCESS
CellId ...................................... 0
Station Configuration
Configuration ............................. AUTOMATIC
Number Of WLANs ........................... 3
Medium Occupancy Limit .................... 100
CFP Period ................................ 4
CFP MaxDuration ........................... 60
BSSID ..................................... 00:22:55:a5:0c:30
Operation Rate Set
1000 Kilo Bits........................... MANDATORY
2000 Kilo Bits........................... MANDATORY
5500 Kilo Bits........................... MANDATORY
11000 Kilo Bits.......................... MANDATORY
Beacon Period ............................. 100
Fragmentation Threshold ................... 2346
Multi Domain Capability Implemented ....... TRUE
Multi Domain Capability Enabled ........... TRUE
--More or (q)uit current module or <ctrl-z> to abort
Country String ............................ US
Multi Domain Capability
Configuration ............................. AUTOMATIC
First Chan Num ............................ 1
Number Of Channels ........................ 11
MAC Operation Parameters
Configuration ............................. AUTOMATIC
Fragmentation Threshold ................... 2346
Packet Retry Limit ........................ 64
Tx Power
Num Of Supported Power Levels ............. 8
Tx Power Level 1 .......................... 20 dBm
Tx Power Level 2 .......................... 17 dBm
Tx Power Level 3 .......................... 14 dBm
Tx Power Level 4 .......................... 11 dBm
Tx Power Level 5 .......................... 8 dBm
Tx Power Level 6 .......................... 5 dBm
Tx Power Level 7 .......................... 2 dBm
Tx Power Level 8 .......................... -1 dBm
Tx Power Configuration .................... AUTOMATIC
--More or (q)uit current module or <ctrl-z> to abort
Current Tx Power Level .................... 1
Phy DSSS parameters
Configuration ............................. AUTOMATIC
Current Channel ........................... 1
Extension Channel ......................... NONE
Channel Width.............................. 20 Mhz
Allowed Channel List....................... 1,2,3,4,5,6,7,8,9,10,11
Current CCA Mode .......................... 0
ED Threshold .............................. -50
Antenna Type............................... INTERNAL_ANTENNA
Internal Antenna Gain (in .5 dBi units).... 8
Diversity.................................. DIVERSITY_ENABLED
Performance Profile Parameters
Configuration ............................. AUTOMATIC
Interference threshold..................... 10 %
Noise threshold............................ -70 dBm
RF utilization threshold................... 80 %
Data-rate threshold........................ 1000000 bps
Client threshold........................... 12 clients
Coverage SNR threshold..................... 12 dB
Coverage exception level................... 25 %
--More or (q)uit current module or <ctrl-z> to abort
Client minimum exception level............. 3 clients
Rogue Containment Information
Containment Count............................ 0
CleanAir Management Information
CleanAir Capable......................... No
Cisco AP Identifier.............................. 3
Cisco AP Name.................................... KNOWLOGY_DC02
Country code..................................... US - United States
Regulatory Domain allowed by Country............. 802.11bg:-A 802.11a:-A
AP Country code.................................. US - United States
AP Regulatory Domain............................. -A
Switch Port Number .............................. 1
MAC Address...................................... 00:21:d8:36:c5:c4
IP Address Configuration......................... DHCP
IP Address....................................... 10.22.1.101
Gateway IP Addr.................................. 10.22.1.1
NAT External IP Address.......................... None
CAPWAP Path MTU.................................. 1485
Telnet State..................................... Disabled
Ssh State........................................ Disabled
Cisco AP Location................................ KNOWLOGY_DC_ServerRoom
--More or (q)uit current module or <ctrl-z> to abort
Cisco AP Group Name.............................. Knowlogy_DC
Primary Cisco Switch Name........................
Primary Cisco Switch IP Address.................. Not Configured
Secondary Cisco Switch Name......................
Secondary Cisco Switch IP Address................ Not Configured
Tertiary Cisco Switch Name.......................
Tertiary Cisco Switch IP Address................. Not Configured
Administrative State ............................ ADMIN_ENABLED
Operation State ................................. REGISTERED
Mirroring Mode .................................. Disabled
AP Mode ......................................... H-Reap
Public Safety ................................... Disabled
AP SubMode ...................................... Not Configured
Remote AP Debug ................................. Disabled
Logging trap severity level ..................... informational
Logging syslog facility ......................... kern
S/W Version .................................... 7.0.235.0
Boot Version ................................... 12.3.8.0
Mini IOS Version ................................ 3.0.51.0
Stats Reporting Period .......................... 180
LED State........................................ Enabled
PoE Pre-Standard Switch.......................... Enabled
PoE Power Injector MAC Addr...................... Disabled
--More or (q)uit current module or <ctrl-z> to abort
Power Type/Mode.................................. Power injector / Normal mode
Number Of Slots.................................. 2
AP Model......................................... AIR-LAP1131AG-A-K9
AP Image......................................... C1130-K9W8-M
IOS Version...................................... 12.4(23c)JA5
Reset Button..................................... Enabled
AP Serial Number................................. FTX1230T24F
AP Certificate Type.............................. Manufacture Installed
H-REAP Vlan mode :............................... Enabled
Native ID :..................................... 22
WLAN 2 :........................................ 21
WLAN 4 :........................................ 25
WLAN 3 :........................................ 25
H-REAP Backup Auth Radius Servers :
Static Primary Radius Server.................... Disabled
Static Secondary Radius Server.................. Disabled
Group Primary Radius Server..................... Disabled
Group Secondary Radius Server................... Disabled
AP User Mode..................................... AUTOMATIC
AP User Name..................................... Not Configured
AP Dot1x User Mode............................... Not Configured
AP Dot1x User Name............................... Not Configured
Cisco AP system logging host..................... 255.255.255.255
--More or (q)uit current module or <ctrl-z> to abort
AP Up Time....................................... 48 days, 20 h 24 m 41 s
AP LWAPP Up Time................................. 40 days, 13 h 58 m 18 s
Join Date and Time............................... Tue Sep 24 21:24:35 2013
Join Taken Time.................................. 0 days, 00 h 10 m 48 s
Attributes for Slot 1
Radio Type................................... RADIO_TYPE_80211a
Radio Subband................................ RADIO_SUBBAND_ALL
Administrative State ........................ ADMIN_ENABLED
Operation State ............................. UP
Radio Role .................................. ACCESS
CellId ...................................... 0
Station Configuration
Configuration ............................. AUTOMATIC
Number Of WLANs ........................... 3
Medium Occupancy Limit .................... 100
CFP Period ................................ 4
CFP MaxDuration ........................... 60
BSSID ..................................... 00:22:55:a5:0c:30
Operation Rate Set
6000 Kilo Bits........................... MANDATORY
--More or (q)uit current module or <ctrl-z> to abort
9000 Kilo Bits........................... SUPPORTED
12000 Kilo Bits.......................... MANDATORY
18000 Kilo Bits.......................... SUPPORTED
24000 Kilo Bits.......................... MANDATORY
36000 Kilo Bits.......................... SUPPORTED
48000 Kilo Bits.......................... SUPPORTED
54000 Kilo Bits.......................... SUPPORTED
Beacon Period ............................. 100
Fragmentation Threshold ................... 2346
Multi Domain Capability Implemented ....... TRUE
Multi Domain Capability Enabled ........... TRUE
Country String ............................ US
Multi Domain Capability
Configuration ............................. AUTOMATIC
First Chan Num ............................ 36
Number Of Channels ........................ 20
MAC Operation Parameters
Configuration ............................. AUTOMATIC
Fragmentation Threshold ................... 2346
Packet Retry Limit ........................ 64
--More or (q)uit current module or <ctrl-z> to abort
Tx Power
Num Of Supported Power Levels ............. 7
Tx Power Level 1 .......................... 15 dBm
Tx Power Level 2 .......................... 14 dBm
Tx Power Level 3 .......................... 11 dBm
Tx Power Level 4 .......................... 8 dBm
Tx Power Level 5 .......................... 5 dBm
Tx Power Level 6 .......................... 2 dBm
Tx Power Level 7 .......................... -1 dBm
Tx Power Configuration .................... AUTOMATIC
Current Tx Power Level .................... 1
Phy OFDM parameters
Configuration ............................. AUTOMATIC
Current Channel ........................... 36
Extension Channel ......................... NONE
Channel Width.............................. 20 Mhz
Allowed Channel List....................... 36,40,44,48,52,56,60,64,100,
......................................... 104,108,112,116,132,136,140,
......................................... 149,153,157,161
TI Threshold .............................. -50
Antenna Type............................... INTERNAL_ANTENNA
Internal Antenna Gain (in .5 dBi units).... 8
--More or (q)uit current module or <ctrl-z> to abort
Diversity.................................. DIVERSITY_ENABLED
Performance Profile Parameters
Configuration ............................. AUTOMATIC
Interference threshold..................... 10 %
Noise threshold............................ -70 dBm
RF utilization threshold................... 80 %
Data-rate threshold........................ 1000000 bps
Client threshold........................... 12 clients
Coverage SNR threshold..................... 16 dB
Coverage exception level................... 25 %
Client minimum exception level............. 3 clients
Rogue Containment Information
Containment Count............................ 0
CleanAir Management Information
CleanAir Capable......................... No
Press Enter to continue or <ctrl-z> to abort
Cisco AP Identifier.............................. 5
Cisco AP Name.................................... KN1252_AP01
Country code..................................... US - United States
Regulatory Domain allowed by Country............. 802.11bg:-A 802.11a:-A
AP Country code.................................. US - United States
AP Regulatory Domain............................. -A
Switch Port Number .............................. 1
MAC Address...................................... 00:21:d8:ef:06:50
IP Address Configuration......................... DHCP
IP Address....................................... 10.125.18.101
IP NetMask....................................... 255.255.255.0
Gateway IP Addr.................................. 10.125.18.1
NAT External IP Address.......................... None
CAPWAP Path MTU.................................. 1485
Telnet State..................................... Enabled
Ssh State........................................ Disabled
Cisco AP Location................................ Knowlogy Conference Rooms Side
Cisco AP Group Name.............................. OGR
Primary Cisco Switch Name........................
Primary Cisco Switch IP Address.................. Not Configured
Secondary Cisco Switch Name......................
Secondary Cisco Switch IP Address................ Not Configured
--More or (q)uit current module or <ctrl-z> to abort
Tertiary Cisco Switch Name.......................
Tertiary Cisco Switch IP Address................. Not Configured
Administrative State ............................ ADMIN_ENABLED
Operation State ................................. REGISTERED
Mirroring Mode .................................. Disabled
AP Mode ......................................... H-Reap
Public Safety ................................... Disabled
AP SubMode ...................................... Not Configured
Remote AP Debug ................................. Disabled
Logging trap severity level ..................... informational
Logging syslog facility ......................... kern
S/W Version .................................... 7.0.235.0
Boot Version ................................... 12.4.10.0
Mini IOS Version ................................ 3.0.51.0
Stats Reporting Period .......................... 180
LED State........................................ Enabled
PoE Pre-Standard Switch.......................... Disabled
PoE Power Injector MAC Addr...................... Disabled
Power Type/Mode.................................. PoE/Medium Power (15.4 W)
Number Of Slots.................................. 2
AP Model......................................... AIR-LAP1252AG-A-K9
AP Image......................................... C1250-K9W8-M
IOS Version...................................... 12.4(23c)JA5
--More or (q)uit current module or <ctrl-z> to abort
Reset Button..................................... Enabled
AP Serial Number................................. FTX122990L5
AP Certificate Type.............................. Manufacture Installed
H-REAP Vlan mode :............................... Enabled
Native ID :..................................... 118
WLAN 1 :........................................ 111
WLAN 2 :........................................ 111
WLAN 4 :........................................ 112
WLAN 6 :........................................ 112
WLAN 7 :........................................ 111
WLAN 9 :........................................ 112
WLAN 8 :........................................ 112
H-REAP Backup Auth Radius Servers :
Static Primary Radius Server.................... Disabled
Static Secondary Radius Server.................. Disabled
Group Primary Radius Server..................... Disabled
Group Secondary Radius Server................... Disabled
AP User Mode..................................... AUTOMATIC
AP User Name..................................... Not Configured
AP Dot1x User Mode............................... Not Configured
AP Dot1x User Name............................... Not Configured
Cisco AP system logging host..................... 255.255.255.255
AP Up Time....................................... 26 days, 00 h 24 m 39 s
--More or (q)uit current module or <ctrl-z> to abort
AP LWAPP Up Time................................. 26 days, 00 h 23 m 48 s
Join Date and Time............................... Wed Oct 9 10:59:07 2013
Join Taken Time.................................. 0 days, 00 h 00 m 50 s
Attributes for Slot 0
Radio Type................................... RADIO_TYPE_80211n-2.4
Administrative State ........................ ADMIN_ENABLED
Operation State ............................. UP
Radio Role .................................. ACCESS
CellId ...................................... 0
Station Configuration
Configuration ............................. AUTOMATIC
Number Of WLANs ........................... 7
Medium Occupancy Limit .................... 100
CFP Period ................................ 4
CFP MaxDuration ........................... 60
BSSID ..................................... 00:22:55:df:a5:90
Operation Rate Set
1000 Kilo Bits........................... MANDATORY
2000 Kilo Bits........................... MANDATORY
5500 Kilo Bits........................... MANDATORY
--More or (q)uit current module or <ctrl-z> to abort
11000 Kilo Bits.......................... MANDATORY
MCS Set
MCS 0.................................... SUPPORTED
MCS 1.................................... SUPPORTED
MCS 2.................................... SUPPORTED
MCS 3.................................... SUPPORTED
MCS 4.................................... SUPPORTED
MCS 5.................................... SUPPORTED
MCS 6.................................... SUPPORTED
MCS 7.................................... SUPPORTED
MCS 8.................................... SUPPORTED
MCS 9.................................... SUPPORTED
MCS 10................................... SUPPORTED
MCS 11................................... SUPPORTED
MCS 12................................... SUPPORTED
MCS 13................................... SUPPORTED
MCS 14................................... SUPPORTED
MCS 15................................... SUPPORTED
Beacon Period ............................. 100
Fragmentation Threshold ................... 2346
Multi Domain Capability Implemented ....... TRUE
Multi Domain Capability Enabled ........... TRUE
Country String ............................ US
--More or (q)uit current module or <ctrl-z> to abort
Multi Domain Capability
Configuration ............................. AUTOMATIC
First Chan Num ............................ 1
Number Of Channels ........................ 11
MAC Operation Parameters
Configuration ............................. AUTOMATIC
Fragmentation Threshold ................... 2346
Packet Retry Limit ........................ 64
Tx Power
Num Of Supported Power Levels ............. 8
Tx Power Level 1 .......................... 20 dBm
Tx Power Level 2 .......................... 17 dBm
Tx Power Level 3 .......................... 14 dBm
Tx Power Level 4 ..........Well you need to understand the behavior of h-reap or what it's called now, FlexConnect. In this mode, the clients are still remembers on the WLC until the session timer/idle timer expires. So switching between SSID's in h-reap will not be the same when switching when the AP's are in local mode.
Take a look at the client when connected in FlexConnect in the WLC GUI monitor tab. Thus will show you what ssid and vlan the client is on. Now switch to a different ssid and compare this. It's probably the same because the client has not timed out. Now go back to the other ssid and look again. Now on the WLC, remove or delete the client and then switch to the other ssid at the same time. Or switch SSID's and then remove the client. The client will join the new ssid and in the monitor tab, you should see the info.
There is no need to have clients have multiple SSID's unless your testing. Devices should only have one ssid profile configured to eliminate any connectivity issues from the device wanting to switch SSID's.
Sent from Cisco Technical Support iPhone App -
3702i AP's not Joining WLC - Layer 3 discovery request not received on management VLAN
Hi Guys,
This is a follow up post to this thread: https://supportforums.cisco.com/discussion/12400481/3702i-not-joint-2504
Have been playing around with my AP's and made sure the time is correct on all the devices ( WLC and Switch). I have also moved the AP's to the same Vlan as the management IP of the WLC.
if I move the AP's to the same Vlan as the WLC they join and are happy, as soon as I move them to a different Vlan they cant join and there time goes back to the default plus they do not seem to save the WLC details to flash but still remember the test names I give them.
it appears that option 43 is working fine as I can see it look for the WLC IP and I have done some trouble shooting on the WLC and it looks like it see's the AP but doesn't except it.
please see below for the boot up of the AP and the WLC logs:
AP
IIOS Bootloader - Starting system.
*** deleted for breverity *****
Loading "flash:/ap3g2-k9w8-mx.153-3.JA1/ap3g2-k9w8-mx.153-3.JA1"...#########################
File "flash:/ap3g2-k9w8-mx.153-3.JA1/ap3g2-k9w8-mx.153-3.JA1" uncompressed and installed, entry point: 0x2003000
executing...
Secondary Bootloader - Starting system.
Montserrat Board
*** deleted for breverity *****
Boot CMD: 'boot flash:/ap3g2-k9w8-mx.153-3.JA1/ap3g2-k9w8-xx.153-3.JA1;flash:/ap3g2-k9w8-mx.153-3.JA1/ap3g2-k9w8-xx.153-3.JA1'
Loading "flash:/ap3g2-k9w8-mx.153-3.JA1/ap3g2-k9w8-xx.153-3.JA1"...###############################################
File "flash:/ap3g2-k9w8-mx.153-3.JA1/ap3g2-k9w8-xx.153-3.JA1" uncompressed and installed, entry point: 0x1003000
executing...
*** deleted for breverity *****
cisco AIR-CAP3702I-Z-K9 (PowerPC) processor (revision A0) with 376810K/134656K bytes of memory.
Processor board ID FGL1838X4T1
PowerPC CPU at 800Mhz, revision number 0x2151
Last reset from power-on
LWAPP image version 8.0.110.0
1 Gigabit Ethernet interface
2 802.11 Radios
32K bytes of flash-simulated non-volatile configuration memory.
Base ethernet MAC Address: F4:4E:05:B7:1E:84
Part Number : 73-15243-01
PCA Assembly Number : 000-00000-00
PCA Revision Number :
PCB Serial Number : FOC18343WPR
Top Assembly Part Number : 068-05054-03
Top Assembly Serial Number : FGL1838X4T1
Top Revision Number : A0
Product/Model Number : AIR-CAP3702I-Z-K9
% Please define a domain-name first.
Press RETURN to get started!
*Mar 1 00:00:19.295: %SOAP_FIPS-2-SELF_TEST_IOS_SUCCESS: IOS crypto FIPS self test passed (15)
*Mar 1 00:00:19.755: Registering HW DTLS
*Mar 1 00:00:19.763: APAVC: Initial WLAN Buffers Given to System is 2500
*Mar 1 00:00:19.815: APAVC: WlanPAKs 42878 RadioPaks 42270
*Mar 1 00:00:22.127: %LINK-6-UPDOWN: Interface GigabitEthernet0, changed state to up
*Mar 1 00:00:26.055: %SOAP_FIPS-2-SELF_TEST_RAD_SUCCESS: RADIO crypto FIPS self test passed on interface Dot11Radio 0 (4)
*Mar 1 00:00:26.167: Loading Power Tables from ram:/Q2.bin. Class = A
*Mar 1 00:00:26.167: record size of 3ss: 1168 read_ptr: 4F9698E
*Mar 1 00:00:31.207: %SOAP_FIPS-2-SELF_TEST_RAD_SUCCESS: RADIO crypto FIPS self test passed on interface Dot11Radio 1 (4)
*Mar 1 00:00:31.251: Loading Power Tables from ram:/Q5.bin. Class = Z
*Mar 1 00:00:31.251: record size of vht: 2904 read_ptr: 4F9698E
*Mar 1 00:00:31.407: Wait until the stile protocol list is initialized.
*Mar 1 00:00:32.651: Start STILE Activation
*Mar 1 00:00:34.571: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0, changed state to down
*Mar 1 00:00:35.447: %SYS-5-RESTART: System restarted --
Cisco IOS Software, C3700 Software (AP3G2-K9W8-M), Version 15.3(3)JA1, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2014 by Cisco Systems, Inc.
Compiled Fri 19-Dec-14 11:20 by prod_rel_team
*Mar 1 00:00:35.447: %SNMP-5-COLDSTART: SNMP agent on host Test_1 is undergoing a cold start
*Mar 1 00:00:36.563: %LINEPROTO-5-UPDOWN: Line protocol on Interface BVI1, changed state to up
*Mar 1 00:00:37.787: %LINK-6-UPDOWN: Interface Dot11Radio0, changed state to uplwapp_crypto_init: MIC Present and Parsed Successfully
*Mar 1 00:00:37.939: %SSH-5-ENABLED: SSH 2.0 has been enabled
*Mar 1 00:00:37.939: %LINK-6-UPDOWN: Interface Dot11Radio1, changed state to up
*Mar 1 00:00:38.987: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to down
*Mar 1 00:00:38.987: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio1, changed state to down
*Mar 1 00:00:47.567: %LINK-6-UPDOWN: Interface BVI1, changed state to down
*Mar 1 00:00:48.567: %LINEPROTO-5-UPDOWN: Line protocol on Interface BVI1, changed state to down
*Mar 1 00:00:50.431: %SOAP_FIPS-2-SELF_TEST_HW_SUCCESS: HW crypto FIPS self test passed (2-16)
*Mar 1 00:00:50.431: DPAA Initialization Complete
*Mar 1 00:00:50.431: %SYS-3-HARIKARI: Process DPAA INIT top-level routine exited
*Mar 1 00:00:51.431: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0, changed state to up
*Mar 1 00:00:53.435: %LINK-6-UPDOWN: Interface BVI1, changed state to up
*Mar 1 00:00:53.867: Currently running a Release Image
*Mar 1 00:00:54.287: Incorrect certificate in SHA2 PB !
*Mar 1 00:00:54.287: Using SHA-1 signed certificate for image signing validation.
*Mar 1 00:00:54.575: %LINEPROTO-5-UPDOWN: Line protocol on Interface BVI1, changed state to up
*Mar 1 00:00:59.787: %DHCP-6-ADDRESS_ASSIGN: Interface BVI1 assigned DHCP address 10.1.20.2, mask 255.255.255.0, hostname Test_1
*Mar 1 00:01:02.707: APAVC: Succeeded to activate all the STILE protocols.
*Mar 1 00:01:02.707: APAVC: Registering with CFT
*Mar 1 00:01:02.707: APAVC: CFT registration of delete callback succeeded
*Mar 1 00:01:02.707: APAVC: Reattaching Original Buffer pool for system use
*Mar 1 00:01:02.707: Pool-ReAtach: paks 42878 radio42270
%Default route without gateway, if not a point-to-point interface, may impact performance
*Mar 1 00:01:10.103: AP image integrity check PASSED
*Mar 1 00:01:10.187: Incorrect certificate in SHA2 PB !
*Mar 1 00:01:10.203: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to reset
*Mar 1 00:01:10.203: %LINK-5-CHANGED: Interface Dot11Radio1, changed state to reset
*Mar 1 00:01:11.591: %CDP_PD-4-POWER_OK: 15.4 W power - NEGOTIATED inline power source
*Mar 1 00:01:12.691: %LINK-6-UPDOWN: Interface Dot11Radio0, changed state to up
*Mar 1 00:01:13.691: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to up
*Mar 1 00:01:13.947: %LINK-6-UPDOWN: Interface Dot11Radio1, changed state to up
*Mar 1 00:01:14.947: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio1, changed state to up
*Mar 1 00:01:20.211: %SYS-6-LOGGINGHOST_STARTSTOP: Logging to host 255.255.255.255 port 514 CLI Request Triggered
Translating "CISCO-CAPWAP-CONTROLLER"...domain server (255.255.255.255)
*Mar 1 00:01:31.215: %CAPWAP-5-DHCP_OPTION_43: Controller address 10.1.1.231 obtained through DHCP
*Mar 1 00:02:11.599: %CDP_PD-4-POWER_OK: Full power - NEGOTIATED inline power source
*Mar 1 00:02:11.603: %LINK-6-UPDOWN: Interface Dot11Radio0, changed state to down
*Mar 1 00:02:11.611: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to reset
*Mar 1 00:02:12.603: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to down
*Mar 1 00:02:12.639: %LINK-6-UPDOWN: Interface Dot11Radio0, changed state to up
*Mar 1 00:02:12.647: %LINK-6-UPDOWN: Interface Dot11Radio1, changed state to down
*Mar 1 00:02:12.655: %LINK-5-CHANGED: Interface Dot11Radio1, changed state to reset
*Mar 1 00:02:13.639: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to up
*Mar 1 00:02:13.647: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio1, changed state to down
*Mar 1 00:02:13.699: %LINK-6-UPDOWN: Interface Dot11Radio1, changed state to up
*Mar 1 00:02:14.699: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio1, changed state to up
Not in Bound state.
*Mar 1 00:02:44.719: %CAPWAP-3-DHCP_RENEW: Could not discover WLC. Either IP address is not assigned or assigned IP is wrong. Renewing DHCP IP.
*Mar 1 00:02:49.839: %DHCP-6-ADDRESS_ASSIGN: Interface BVI1 assigned DHCP address 10.1.20.3, mask 255.255.255.0, hostname Test_1
Translating "CISCO-CAPWAP-CONTROLLER"...domain server (255.255.255.255)
*Mar 1 00:02:55.719: %CAPWAP-5-DHCP_OPTION_43: Controller address 10.1.1.231 obtained through DHCP
Not in Bound state.
*Mar 1 00:03:59.219: %CAPWAP-3-DHCP_RENEW: Could not discover WLC. Either IP address is not assigned or assigned IP is wrong. Renewing DHCP IP.
*Mar 1 00:04:04.343: %DHCP-6-ADDRESS_ASSIGN: Interface BVI1 assigned DHCP address 10.1.20.4, mask 255.255.255.0, hostname Test_1
Translating "CISCO-CAPWAP-CONTROLLER"...domain server (255.255.255.255)
*Mar 1 00:04:10.223: %CAPWAP-5-DHCP_OPTION_43: Controller address 10.1.1.231 obtained through DHCP
WLC:
isco Controller) >show time
Time............................................. Tue Jan 27 17:44:47 2015
Timezone delta................................... 0:0
Timezone location................................ (GMT +8:00) HongKong, Bejing, Chongquing
NTP Servers
NTP Polling Interval......................... 3600
Index NTP Key Index NTP Server NTP Msg Auth Status
1 0 150.101.176.226 AUTH DISABLED
(Cisco Controller) >show ap join stats summary
Incorrect input! Use 'show ap join stats summary [all/<ap-mac>]'
(Cisco Controller) >show ap join stats summary all
Number of APs.............................................. 2
Base Mac AP EthernetMac AP Name IP Address Status
f4:4e:05:aa:a6:a0 f4:4e:05:94:c3:98 APf44e.0594.c398 10.1.1.22 Joined
f4:4e:05:b6:ce:f0 N A Test_1 10.1.20.7 Not Joined
(Cisco Controller) >show ap join stats detailed f4:4e:05:b6:ce:f0
Sync phase statistics
- Time at sync request received............................ Not applicable
- Time at sync completed................................... Not applicable
Discovery phase statistics
- Discovery requests received.............................. 45
- Successful discovery responses sent...................... 21
- Unsuccessful discovery request processing................ 24
- Reason for last unsuccessful discovery attempt........... Layer 3 discovery request not received on management VLAN
- Time at last successful discovery attempt................ Jan 27 17:45:49.705
- Time at last unsuccessful discovery attempt.............. Jan 27 17:45:49.705
Join phase statistics
- Join requests received................................... 0
- Successful join responses sent........................... 0
- Unsuccessful join request processing..................... 0
- Reason for last unsuccessful join attempt................ Not applicable
- Time at last successful join attempt..................... Not applicable
- Time at last unsuccessful join attempt................... Not applicable
Configuration phase statistics
--More-- or (q)uit
- Configuration requests received.......................... 0
- Successful configuration responses sent.................. 0
- Unsuccessful configuration request processing............ 0
- Reason for last unsuccessful configuration attempt....... Not applicable
- Time at last successful configuration attempt............ Not applicable
- Time at last unsuccessful configuration attempt.......... Not applicable
Last AP message decryption failure details
- Reason for last message decryption failure............... Not applicable
Last AP disconnect details
- Reason for last AP connection failure.................... Not applicable
- Last AP disconnect reason................................ Not applicable
Last join error summary
- Type of error that occurred last......................... Lwapp discovery request rejected
- Reason for error that occurred last...................... Layer 3 discovery request not received on management VLAN
- Time at which the last join error occurred............... Jan 27 17:45:49.705
AP disconnect details
- Reason for last AP connection failure.................... Not applicable
Ethernet Mac : 00:00:00:00:00:00 Ip Address : 10.1.20.7
(Cisco Controller) >show interface summary
Number of Interfaces.......................... 4
Interface Name Port Vlan Id IP Address Type Ap Mgr Guest
ap LAG 20 10.1.20.231 Dynamic No No
guest LAG 30 10.1.30.231 Dynamic No No
management LAG 10 10.1.1.231 Static Yes No
virtual N/A N/A 1.1.1.1 Static No No
SWITCH
witch#show run
Building configuration...
*** deleted for breverity *****
no aaa new-model
clock timezone AWST 8
system mtu routing 1500
ip routing
ip dhcp pool WAP_Pool
network 10.1.20.0 255.255.255.0
default-router 10.1.20.1
option 43 hex f104.0a01.01e7
ip dhcp pool Clients
network 10.1.30.0 255.255.255.0
default-router 10.1.30.1
dns-server 203.0.178.191
ip dhcp pool test
network 10.1.1.0 255.255.255.0
default-router 10.1.1.1
crypto pki trustpoint TP-self-signed-4082587776
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-4082587776
revocation-check none
rsakeypair TP-self-signed-4082587776
*** deleted for breverity *****
*** deleted for breverity ***** !
interface FastEthernet0/3
description *** WLC ****
switchport trunk encapsulation dot1q
switchport mode trunk
interface FastEthernet0/4
description **** AP *****
switchport access vlan 20
switchport mode access
spanning-tree portfast
interface FastEthernet0/5
description **** AP ****
switchport access vlan 20
switchport mode access
spanning-tree portfast
interface FastEthernet0/6
i*** deleted for breverity ***** !
interface Vlan10
description *** Managment ***
ip address 10.1.1.230 255.255.255.0
interface Vlan20
description *** WIRELESS APS ***
ip address 10.1.20.1 255.255.255.0
interface Vlan30
ip address 10.1.30.1 255.255.255.0
ip classless
ip route 0.0.0.0 0.0.0.0 10.1.1.1
ip http server
ip http secure-server
ip sla enable reaction-alerts
l*** deleted for breverity *****
ntp clock-period 36028827
ntp source FastEthernet0/1
ntp server 121.0.0.42
ntp server 202.127.210.37
end
I have also placed a Device in Vlan 20 and it is able to ping the WLC and the WLC can ping it s routing is working.
ThanksHey Scott,
I gave that a shot and still no luck, log's from AP boot up:
IIOS Bootloader - Starting system.
flash is writable
Tide XL MB - 40MB of flash
Xmodem file system is available.
flashfs[0]: 67 files, 9 directories
flashfs[0]: 0 orphaned files, 0 orphaned directories
flashfs[0]: Total bytes: 41158656
flashfs[0]: Bytes used: 20894208
flashfs[0]: Bytes available: 20264448
flashfs[0]: flashfs fsck took 20 seconds.
Base Ethernet MAC address: f4:4e:05:b7:1e:84
Ethernet speed is 100 Mb - FULL Duplex
Loading "flash:/ap3g2-k9w8-mx.153-3.JA1/ap3g2-k9w8-mx.153-3.JA1"...#########################
File "flash:/ap3g2-k9w8-mx.153-3.JA1/ap3g2-k9w8-mx.153-3.JA1" uncompressed and installed, entry point: 0x2003000
executing...
Secondary Bootloader - Starting system.
Montserrat Board
40MB format
Tide XL MB - 40MB of flash
Xmodem file system is available.
flashfs[0]: 67 files, 9 directories
flashfs[0]: 0 orphaned files, 0 orphaned directories
flashfs[0]: Total bytes: 41158656
flashfs[0]: Bytes used: 20894208
flashfs[0]: Bytes available: 20264448
flashfs[0]: flashfs fsck took 21 seconds.
flashfs[1]: 0 files, 1 directories
flashfs[1]: 0 orphaned files, 0 orphaned directories
flashfs[1]: Total bytes: 12257280
flashfs[1]: Bytes used: 1024
flashfs[1]: Bytes available: 12256256
flashfs[1]: flashfs fsck took 1 seconds.
Base Ethernet MAC address: f4:4e:05:b7:1e:84
Boot CMD: 'boot flash:/ap3g2-k9w8-mx.153-3.JA1/ap3g2-k9w8-xx.153-3.JA1;flash:/ap3g2-k9w8-mx.153-3.JA1/ap3g2-k9w8-xx.153-3.JA1'
Loading "flash:/ap3g2-k9w8-mx.153-3.JA1/ap3g2-k9w8-xx.153-3.JA1"...###############################################
File "flash:/ap3g2-k9w8-mx.153-3.JA1/ap3g2-k9w8-xx.153-3.JA1" uncompressed and installed, entry point: 0x1003000
executing...
Restricted Rights Legend
Use, duplication, or disclosure by the Government is
subject to restrictions as set forth in subparagraph
(c) of the Commercial Computer Software - Restricted
Rights clause at FAR sec. 52.227-19 and subparagraph
(c) (1) (ii) of the Rights in Technical Data and Computer
Software clause at DFARS sec. 252.227-7013.
cisco Systems, Inc.
170 West Tasman Drive
San Jose, California 95134-1706
Cisco IOS Software, C3700 Software (AP3G2-K9W8-M), Version 15.3(3)JA1, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2014 by Cisco Systems, Inc.
Compiled Fri 19-Dec-14 11:20 by prod_rel_team
Montserrat Board
40MB format
Tide XL MB - 40MB of flash
Initializing flashfs...
flashfs[2]: 67 files, 9 directories
flashfs[2]: 0 orphaned files, 0 orphaned directories
flashfs[2]: Total bytes: 40900608
flashfs[2]: Bytes used: 20894208
flashfs[2]: Bytes available: 20006400
flashfs[2]: flashfs fsck took 14 seconds.
flashfs[2]: Initialization complete.
flashfs[4]: 0 files, 1 directories
flashfs[4]: 0 orphaned files, 0 orphaned directories
flashfs[4]: Total bytes: 11999232
flashfs[4]: Bytes used: 1024
flashfs[4]: Bytes available: 11998208
flashfs[4]: flashfs fsck took 0 seconds.
flashfs[4]: Initialization complete.
Copying radio files from flash: to ram:
Copy in progress...CCCCC
Copy in progress...CCC
Copy in progress...CCCC
Copy in progress...CCCC
Copy in progress...CC
Copy in progress...CCCC
Copy in progress...CC
Copy in progress...CCCCC
Copy in progress...CCCC
Copy in progress...CC
Uncompressing radio files...
...done Initializing flashfs.
Radio0 present 8764 8000 0 A8000000 A8010000 0
Rate table has 650 entries (20 legacy/224 11n/406 11ac)
POWER TABLE FILENAME = ram:/Q2.bin
Radio1 present 8864 8000 0 80000000 80100000 4
POWER TABLE FILENAME = ram:/Q5.bin
Radio2 not present 0 0 0 0 0 8
This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.
A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html
If you require further assistance please contact us by sending email to
[email protected].
cisco AIR-CAP3702I-Z-K9 (PowerPC) processor (revision A0) with 376810K/134656K bytes of memory.
Processor board ID FGL1838X4T1
PowerPC CPU at 800Mhz, revision number 0x2151
Last reset from power-on
LWAPP image version 8.0.110.0
1 Gigabit Ethernet interface
2 802.11 Radios
32K bytes of flash-simulated non-volatile configuration memory.
Base ethernet MAC Address: F4:4E:05:B7:1E:84
Part Number : 73-15243-01
PCA Assembly Number : 000-00000-00
PCA Revision Number :
PCB Serial Number : FOC18343WPR
Top Assembly Part Number : 068-05054-03
Top Assembly Serial Number : FGL1838X4T1
Top Revision Number : A0
Product/Model Number : AIR-CAP3702I-Z-K9
% Please define a domain-name first.
Press RETURN to get started!
*Mar 1 00:00:19.295: %SOAP_FIPS-2-SELF_TEST_IOS_SUCCESS: IOS crypto FIPS self test passed (15)
*Mar 1 00:00:19.755: Registering HW DTLS
*Mar 1 00:00:19.763: APAVC: Initial WLAN Buffers Given to System is 2500
*Mar 1 00:00:19.815: APAVC: WlanPAKs 42878 RadioPaks 42270
*Mar 1 00:00:22.127: %LINK-6-UPDOWN: Interface GigabitEthernet0, changed state to up
*Mar 1 00:00:26.055: %SOAP_FIPS-2-SELF_TEST_RAD_SUCCESS: RADIO crypto FIPS self test passed on interface Dot11Radio 0 (4)
*Mar 1 00:00:26.167: Loading Power Tables from ram:/Q2.bin. Class = A
*Mar 1 00:00:26.167: record size of 3ss: 1168 read_ptr: 4F9698E
*Mar 1 00:00:31.207: %SOAP_FIPS-2-SELF_TEST_RAD_SUCCESS: RADIO crypto FIPS self test passed on interface Dot11Radio 1 (4)
*Mar 1 00:00:31.251: Loading Power Tables from ram:/Q5.bin. Class = Z
*Mar 1 00:00:31.251: record size of vht: 2904 read_ptr: 4F9698E
*Mar 1 00:00:31.407: Wait until the stile protocol list is initialized.
*Mar 1 00:00:32.651: Start STILE Activation
*Mar 1 00:00:34.571: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0, changed state to down
*Mar 1 00:00:35.447: %SYS-5-RESTART: System restarted --
Cisco IOS Software, C3700 Software (AP3G2-K9W8-M), Version 15.3(3)JA1, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2014 by Cisco Systems, Inc.
Compiled Fri 19-Dec-14 11:20 by prod_rel_team
*Mar 1 00:00:35.447: %SNMP-5-COLDSTART: SNMP agent on host Test_1 is undergoing a cold start
*Mar 1 00:00:36.563: %LINEPROTO-5-UPDOWN: Line protocol on Interface BVI1, changed state to up
*Mar 1 00:00:37.787: %LINK-6-UPDOWN: Interface Dot11Radio0, changed state to uplwapp_crypto_init: MIC Present and Parsed Successfully
*Mar 1 00:00:37.939: %SSH-5-ENABLED: SSH 2.0 has been enabled
*Mar 1 00:00:37.939: %LINK-6-UPDOWN: Interface Dot11Radio1, changed state to up
*Mar 1 00:00:38.987: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to down
*Mar 1 00:00:38.987: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio1, changed state to down
*Mar 1 00:00:47.567: %LINK-6-UPDOWN: Interface BVI1, changed state to down
*Mar 1 00:00:48.567: %LINEPROTO-5-UPDOWN: Line protocol on Interface BVI1, changed state to down
*Mar 1 00:00:50.431: %SOAP_FIPS-2-SELF_TEST_HW_SUCCESS: HW crypto FIPS self test passed (2-16)
*Mar 1 00:00:50.431: DPAA Initialization Complete
*Mar 1 00:00:50.431: %SYS-3-HARIKARI: Process DPAA INIT top-level routine exited
*Mar 1 00:00:51.431: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0, changed state to up
*Mar 1 00:00:53.435: %LINK-6-UPDOWN: Interface BVI1, changed state to up
*Mar 1 00:00:53.867: Currently running a Release Image
*Mar 1 00:00:54.287: Incorrect certificate in SHA2 PB !
*Mar 1 00:00:54.287: Using SHA-1 signed certificate for image signing validation.
*Mar 1 00:00:54.575: %LINEPROTO-5-UPDOWN: Line protocol on Interface BVI1, changed state to up
*Mar 1 00:00:59.787: %DHCP-6-ADDRESS_ASSIGN: Interface BVI1 assigned DHCP address 10.1.20.2, mask 255.255.255.0, hostname Test_1
*Mar 1 00:01:02.707: APAVC: Succeeded to activate all the STILE protocols.
*Mar 1 00:01:02.707: APAVC: Registering with CFT
*Mar 1 00:01:02.707: APAVC: CFT registration of delete callback succeeded
*Mar 1 00:01:02.707: APAVC: Reattaching Original Buffer pool for system use
*Mar 1 00:01:02.707: Pool-ReAtach: paks 42878 radio42270
%Default route without gateway, if not a point-to-point interface, may impact performance
*Mar 1 00:01:10.103: AP image integrity check PASSED
*Mar 1 00:01:10.187: Incorrect certificate in SHA2 PB !
*Mar 1 00:01:10.203: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to reset
*Mar 1 00:01:10.203: %LINK-5-CHANGED: Interface Dot11Radio1, changed state to reset
*Mar 1 00:01:11.591: %CDP_PD-4-POWER_OK: 15.4 W power - NEGOTIATED inline power source
*Mar 1 00:01:12.691: %LINK-6-UPDOWN: Interface Dot11Radio0, changed state to up
*Mar 1 00:01:13.691: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to up
*Mar 1 00:01:13.947: %LINK-6-UPDOWN: Interface Dot11Radio1, changed state to up
*Mar 1 00:01:14.947: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio1, changed state to up
*Mar 1 00:01:20.211: %SYS-6-LOGGINGHOST_STARTSTOP: Logging to host 255.255.255.255 port 514 CLI Request Triggered
Translating "CISCO-CAPWAP-CONTROLLER"...domain server (255.255.255.255)
*Mar 1 00:01:31.215: %CAPWAP-5-DHCP_OPTION_43: Controller address 10.1.1.231 obtained through DHCP
*Mar 1 00:02:11.599: %CDP_PD-4-POWER_OK: Full power - NEGOTIATED inline power source
*Mar 1 00:02:11.603: %LINK-6-UPDOWN: Interface Dot11Radio0, changed state to down
*Mar 1 00:02:11.611: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to reset
*Mar 1 00:02:12.603: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to down
*Mar 1 00:02:12.639: %LINK-6-UPDOWN: Interface Dot11Radio0, changed state to up
*Mar 1 00:02:12.647: %LINK-6-UPDOWN: Interface Dot11Radio1, changed state to down
*Mar 1 00:02:12.655: %LINK-5-CHANGED: Interface Dot11Radio1, changed state to reset
*Mar 1 00:02:13.639: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to up
*Mar 1 00:02:13.647: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio1, changed state to down
*Mar 1 00:02:13.699: %LINK-6-UPDOWN: Interface Dot11Radio1, changed state to up
*Mar 1 00:02:14.699: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio1, changed state to up
Not in Bound state.
*Mar 1 00:02:44.719: %CAPWAP-3-DHCP_RENEW: Could not discover WLC. Either IP address is not assigned or assigned IP is wrong. Renewing DHCP IP.
*Mar 1 00:02:49.839: %DHCP-6-ADDRESS_ASSIGN: Interface BVI1 assigned DHCP address 10.1.20.3, mask 255.255.255.0, hostname Test_1
Translating "CISCO-CAPWAP-CONTROLLER"...domain server (255.255.255.255)
*Mar 1 00:02:55.719: %CAPWAP-5-DHCP_OPTION_43: Controller address 10.1.1.231 obtained through DHCP
Not in Bound state.
*Mar 1 00:03:59.219: %CAPWAP-3-DHCP_RENEW: Could not discover WLC. Either IP address is not assigned or assigned IP is wrong. Renewing DHCP IP.
*Mar 1 00:04:04.343: %DHCP-6-ADDRESS_ASSIGN: Interface BVI1 assigned DHCP address 10.1.20.4, mask 255.255.255.0, hostname Test_1
Translating "CISCO-CAPWAP-CONTROLLER"...domain server (255.255.255.255)
*Mar 1 00:04:10.223: %CAPWAP-5-DHCP_OPTION_43: Controller address 10.1.1.231 obtained through DHCP -
WLC, FlexConnect, ISE: Dynamic VLAN not working
Hi,
Not sure if this is a WLC or ISE problem, but since I am unsure of the WLC config I will try here first.
Equipment:
WiSM2 7.2.111.3
ISE 1.1.1.268
AP 3502 in FlexConnect
What I want to achive:
One SSID, multiple VLAN
Devices gets profiled in ISE and based on type of device it gets asigned to a VLAN
Problem:
When the device connects the first time it ends up in native VLAN and not switched to the right VLAN, but when I reconnect then it is added to the right VLAN.
WLC config (I know you like images so here you go ):
I must be missing something but I can't figure out what. I will be attaching a debug aaa event enable for when the client connect the first time.
In ISE I have an Authorization Profile that just say VLAN ID/Tag 158 (the VLAN that the device should go to) an it is added to the Authorization rule of the profiled device. CoA is set to Reauth.
When the client connects I get three events in ISE:
1.
Authentication failed :
22056 Subject not found in the applicable identity store(s)
2. Authentication Success. With the results:
UserName=00:18:DE:A2:BC:3A
User-Name=00-18-DE-A2-BC-3A
State=ReauthSession:c20e8b2f0000027e50ed27f8
Class=CACS:c20e8b2f0000027e50ed27f8:ISE01/144259326/671335
Termination-Action=RADIUS-Request
Tunnel-Type=(tag=1) VLAN
Tunnel-Medium-Type=(tag=1) 802
Tunnel-Private-Group-ID=(tag=1) 158
cisco-av-pair=profile-name=AX-Intel-Device
3.
Dynamic Authorization failed :
11213 No response received from Network Access Device
Has anyone got this to work? Do I need to add FlexConnect groups? If so then why?
Regards,
PhilipI think you're hitting CSCua58554
The bugtoolkit description is horrible.... From what I recall when I ran into it, I believe that Flex connect is having a problem with Mac filtering based AAA override on open wlans (and/or CWA based). In general, AAA override works fine when it is from like an eap authentication.
We had to use a 7.3 ES to resolve it.....
Looks like it is implemented in 7.4 though..... If you dont want to join the 7.4 bandwagon quite yet, you might could ask TAC for an ES of 7.3, don't think they have a 7.2 build. -
Using RSA RADIUS Server and WLC 7.4 to dynamically asssign users to VLAN
Hello,
What we are trying to do:
John logs on to wifi using RSA fob for password. RSA sends back auth request with attibutes to WLC 7.4 that magically knows how to interpret the attributes and puts John on vlan 10. Mary logs on with her fob and gets put on VLAN 20.
We dont have ISE. We dont have ACS. We have RSA Authentication Manager 7.0
We have looked high and low for documentation for this kind of setup and we find stuff that is close to a match but not quite.
Here is what we are seeing
1. dynamic vlan assignment is not working -- radius server is set with the attributes
2. RSA authentication works
3. John and Mary are always put into the VLAN where the MGMT interface is
4. I can see that attributes are making it back to the WLC by sniffing
We are stuck at this point. Any help would be much appreciated,
P.Here is a little more background:
We have created a dynamic interface in VLAN 157
Wireless LAN has been assigned to MGMT interface which is on VLAN 35
This is a VWLC ver 7.4.100
AP is attached to VWLC (only FlexConnect mode is supported)
RADIUS Server has been configured
Users are getting assigned to VLAN 35
Also I have attached some screenshots and two packet captures so you can see what the RSA is sending back with your own eyes
I dont see any atttributes in the capture when RSA sends to the VWLC
I see attributes in the capture when RSA send to my local RADIUS Client (My PC)
And to answer your question we have sending a VLAN ID (157)
Maybe you are looking for
-
How can I stop Acrobat 9 Pro from closing itself?
I recently installed a trial of the CS4 Master Collection. I already had a copy of Acrobat 8 Standard installed on my computer, during installation it said that my version would be upgraded. However, now, when I open Acrobat 9, after about 10-20 seco
-
NO-DISPLAY option for Radio buttons
Hi All, I want to hide the 2 radio buttons on the selection screen using the NO-DISPLAY option. when i worked with that its giving an error like 'no-display and radio button group can be specified together'. my question was is it possible to use NO-D
-
I can't get a JSP to run with XP. What gives?
I had an app that ran ok under 2000. I installed xp and now it does not work. IE opens but just sits there. I reinstalled jdev and the whole bit but no go. Is it IE or tomcat? Does anybody know? Thanks for any tips or advice Owen
-
HT5622 I need to edit my payment details for iPhone 3
I need to edit my payment details for iPhone 3 in app store ?
-
Evenings and weekend speed getting near unusable
So 6 months into my contract and things are starting to get a bit silly. I have a sync speed of about 14mb down and on an average day I get speeds anywhere between 12~13mbps which is fine, perfectly reasonable. Ever since about 3 months ago my speed