cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
3567
Views
5
Helpful
14
Replies

More than one AP is not joint WLC 9800

Dear All,

One Access Point (2802i) has been joined to the controller already and working fine. But when I try to join other AP to the same controller it is not joining.

 

WLC-9800 IOS : 16.12.1

 

14 Replies 14

balaji.bandi
Hall of Fame
Hall of Fame

Connect to console cable to AP and post complete logs, also look at 9800 Logs do you see is the AP tried to join ?

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

marce1000
VIP
VIP

 

 - Make sure the ap has the same regulatory domain as the working one.

 M.



-- ' 'Good body every evening' ' this sentence was once spotted on a logo at the entrance of a Weight Watchers Club !

Jades
Level 1
Level 1

Hi buddy,

 

Check the WLC9800 "Troubleshooting > Radioactive Tracing" the see AP join issues and also check the discover and join process via AP console.

https://www.cisco.com/c/en/us/support/docs/wireless/catalyst-9800-series-wireless-controllers/213949-wireless-debugging-and-log-collection-on.html#anc13

Scott Fella
Hall of Fame
Hall of Fame
Just to add. What other AP’s are you trying to add? The 9800 only supports wave 2 access points (x802’s and 9100’s). On the code you are running, you need to upload the APDP for 9130’s to join. If you are running a supported AP version, then like what was mentioned, capture the boot up from the console and attach that to the thread. Also make it simple by placing the AP on the same subnet as the 9800 management.
-Scott
*** Please rate helpful posts ***

AP Model (Cisco 2802i). Both APs are same model. One AP has been joined and working fine but other AP is not joining the controller.

Here are the logs from AP console below :

 

Starting kernel ...

[01/01/1970 00:00:00.0000] Built 1 zonelists in Zone order, mobility grouping on . Total pages: 260096
[01/01/1970 00:00:00.0000] Memory: 1025848K/1048576K available (5743K kernel cod e, 407K rwdata, 2476K rodata, 359K init, 478K bss, 22728K reserved)
[01/01/1970 00:00:00.1200] CPU1: Booted secondary processor
[01/01/1970 00:00:01.4100] buginf tty flushing thread started, ttyport=bf13bc00
[01/01/1970 00:00:01.5300] m25p80 spi1.0: found s25sl032p, expected n25q032
[01/01/1970 00:00:02.5900] UBI warning: print_rsvd_warning: cannot reserve enoug h PEBs for bad PEB handling, reserved 20, need 32
[*01/01/1970 00:00:02.7323] buginf() enabled.
[*01/01/1970 00:00:02.7410] Made it into bootsh: May 25 2020 21:24:10 T-1ffe7a1d cdc70c976f3270715f1ba2494e77a88d-g1ffe7a1d-aut
Verify returns 0
[*01/01/1970 00:00:10.4512] bootsh mini ramfs booted /bootpart/part1/ramfs_data_ cisco.cpio.lzma


Welcome to Cisco.

Usage of this device is governed by Cisco's End User License Agreement,
available at:
http://www.cisco.com/c/en/us/td/docs/general/warranty/English/EU1KEN_.html.


Restricted Rights Legend

Use, duplication, or disclosure by the Government is subject to
restrictions as set forth in subparagraph (c) of the Commercial
Computer Software - Restricted Rights clause at FAR sec. 52.227-19 and
subparagraph (c) (1) (ii) of the Rights in Technical Data and Computer
Software clause at DFARS sec. 252.227-7013.

Cisco Systems, Inc.
170 West Tasman Drive
San Jose, California 95134-1706

This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.

A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html

If you require further assistance please contact us by sending email to
export@cisco.com.


This product contains some software licensed under the
"GNU General Public License, version 2" provided with
ABSOLUTELY NO WARRANTY under the terms of
"GNU General Public License, version 2", available here:
http://www.gnu.org/licenses/old-licenses/gpl-2.0.html


This product contains some software licensed under the
"GNU Library General Public License, version 2" provided
with ABSOLUTELY NO WARRANTY under the terms of "GNU Library
General Public License, version 2", available here:
http://www.gnu.org/licenses/old-licenses/lgpl-2.0.html


This product contains some software licensed under the
"GNU Lesser General Public License, version 2.1" provided
with ABSOLUTELY NO WARRANTY under the terms of "GNU Lesser
General Public License, version 2.1", available here:
http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html


This product contains some software licensed under the
"GNU General Public License, version 3" provided with
ABSOLUTELY NO WARRANTY under the terms of
"GNU General Public License, Version 3", available here:
http://www.gnu.org/licenses/gpl.html.


This product contains some software licensed under the
"GNU Affero General Public License, version 3" provided
with ABSOLUTELY NO WARRANTY under the terms of
"GNU Affero General Public License, version 3", available here:
http://www.gnu.org/licenses/agpl-3.0.html.

[ OK ] Reached target Cisco File Systems (Pre).
[ OK ] Created slice -.slice.
[ OK ] Listening on Delayed Shutdown Socket.
[ OK ] Listening on udev Kernel Socket.
[ OK ] Listening on udev Control Socket.
[ OK ] Reached target Sockets.
[ OK ] Created slice system.slice.
Starting udev Kernel Device Manager...
[ OK ] Created slice system-serial\x2dgetty.slice.
Starting Cisco UBIFS reformat/mount...
[ OK ] Reached target Slices.
Starting udev Coldplug all Devices...
[ OK ] Started udev Kernel Device Manager.
[ OK ] Started Cisco UBIFS reformat/mount.
Starting Cisco early mount...
[ OK ] Started Cisco early mount.
[ OK ] Reached target Local File Systems (Pre).
Starting Cisco fips check...
Starting Cisco seed generation...
Starting Cisco platform file generation...
Starting Cisco system time setup...
[ OK ] Started Cisco seed generation.
[*12/07/2019 23:59:59.0740] Last reload time: Dec 8 00:01:15 2019
[*05/25/2020 21:26:41.0006] Setting system time Mon May 25 21:26:41 UTC 2020
[ OK ] Started Cisco system time setup.
[ OK ] Started Cisco fips check.
[ OK ] Started Cisco platform file generation.
Starting Cisco btldr service...
[ OK ] Started Cisco btldr service.
[ OK ] Reached target Local File Systems.
[*05/25/2020 21:26:41.9157] GCM-128 POST passed
[*05/25/2020 21:26:41.9157] GCM-256 POST passed
Starting Cisco S10 boot service...
Starting Cisco pkg install service...
[ OK ] Started Cisco system time saving.
Starting Cisco system time saving...
Starting Cisco act2 check...
Starting Security Auditing Service...
[*05/25/2020 21:26:44.0297] parameter passed without an option given
[ OK ] Started Security Auditing Service.
[ OK ] Started udev Coldplug all Devices.
[05/25/2020 21:26:45.3200] PCI: enabling device 0000:00:02.0 (0140 -> 0143)
[05/25/2020 21:26:45.4000] PCI: enabling device 0000:02:00.0 (0140 -> 0142)
[ OK ] Started Cisco pkg install service.
[ OK ] Started Cisco act2 check.
[05/25/2020 21:26:52.4900] PCI: enabling device 0000:00:03.0 (0140 -> 0143)
[05/25/2020 21:26:52.5800] PCI: enabling device 0000:03:00.0 (0140 -> 0142)
[ OK ] Started Cisco S10 boot service.
Starting Cisco watchdog...
Starting Cisco nss service...
[*05/25/2020 21:26:44.2155] 1
[*05/25/2020 21:26:44.7033] Active version: 17.2.1.15
[*05/25 Starting Cisco nolan service...
[ OK ] Started Cisco watchdog.
[ OK ] Started Cisco nolan service.
Starting Cisco nolan USB service...
[ OK ] Started Cisco nolan USB service.
Starting Cisco pre-PoE negotiation...
[ OK ] Started Cisco pre-PoE negotiation.
[ OK ] Started Cisco nss service.
Starting Cisco S15platform...
Starting Cisco Kclick...
[05/25/2020 21:27:03.2600] Disabling lock debugging due to kernel taint
[ OK ] Started Cisco S15platform.
[ OK ] Started Cisco Kclick.
Starting Cisco certificate create service...
Starting Cisco Sku service...
[*05/25/2020 21:27:03.3553] init ft module
[*05/25/2020 21:27:03.5044] stile module dp init successfully
[*05/25/2020 21:27:03.5044] NBAR Label:BLD_V171_THROTTLE_LATEST_20190830_170454 Module timestamp: May 25 2020 at 21:13:30 User: aut
[*05/25/2020 21:27:04.4224] Last reload reason : 0: unknown
[*05/25/2020 21:27:05.7326] SKU to radio FW
[*05/25/2020 21:27:05.7830] wifi2 no private ioctls.
[*05/25/2020 21:27:05.7830]
[*05/25/2020 21:27:06.1465] Create symlink /dev/mic_cert result 0
[*05/25/2020 21:27:06.1465] Loading certificates from storage...
[*05/25/2020 21:27:06.1701] barbados /tmp/SC4_1dbm.txt
Starting Cisco ME service...
Starting Cisco Kclick...
[ OK ] Started Cisco certificate create service.
[ OK ] Started Cisco Sku service.
[ OK ] Started Cisco ME service.
[ OK ] Started Cisco Tam service.
Starting Cisco Tam service...
Starting Cisco certtime service...
[ OK ] Started Cisco Kclick.
Starting rsyslog client...
[*05/25/2020 21:27:07.5344] xt_tcpudp is already loaded
Starting Cisco brain service...
Starting Cisco S16platfomm...
Starting Cisco syslog service...
[ OK ] Started rsyslog client.
[ OK ] Started Cisco S16platfomm.
[ OK ] Started Cisco syslog service.
Starting Cisco synclogd...
[ OK ] Started Cisco synclogd.
[ OK ] Started Cisco brain service.
[05/25/2020 21:27:08.9500] wired0 emac 2: link up
[05/25/2020 21:27:09.0100] wired0: link up
[ OK ] Started Cisco certtime service.
[ OK ] Reached target System Initialization.
[ OK ] Reached target Timers.
[ OK ] Reached target Paths.
[ OK ] Reached target Basic System.
Starting Cisco printkd...
Starting Hostapd process...
Starting gRPC server daemon...
[*05/25/2020 21:27:12.0395] starting tam services using ACT2...
[*05/25/2020 21:27:12.0395]
[*05/25/2020 21:27:12.0395] TAM init done
[*05/25/2020 21:27:13.2472]
[*05/25/2020 21:27:13.2472] Click sched monitor: schedulers = 1
Starting capwapd...
Starting Fast CGI daemon...
Starting OpenSSH server daemon...
[ OK ] Started Serial Getty on ttyS0.
Starting Serial Getty on ttyS0...
[ OK ] Reached target Login Prompts.
Starting WCPD process...
[ OK ] Started NTP_PROC daemon.
Starting NTP_PROC daemon...
Starting Cisco rtd service...
Starting Cisco kexec...
Starting Cisco led service...
Starting Marvell Forwarding daemon...
Starting Cisco klogd...
Starting Clean Air daemon...
[ OK ] Started System Monitor service.
Starting System Monitor service...
Starting AP Trace daemon...
[ OK ] Started Cisco kexec.
[ OK ] Started Cisco printkd.
[ OK ] Started Cisco klogd.
[ OK ] Started Hostapd process.
[ OK ] Started Fast CGI daemon.
[ OK ] Started Cisco rtd service.
[ OK ] Started Cisco led service.
[ OK ] Started AP Trace daemon.
[ OK ] Started OpenSSH server daemon.
Starting dnsmasq watcher...
Starting DNSmasq...
[ OK ] Started DNSmasq.
[ OK ] Started dnsmasq watcher.
[05/25/2020 21:27:18.9200] wired0 emac 2: link up
[5/25/2020 21:27:18.9700] wired0: link up

[*05/25/2020 21:27:19.8078] ip6_port srcr2, ip6local fe80::3e51:eff:fe3d:f174, ip6 ::, plen 0, gw6 ::, gw6_mac 00:00:00:00:00:00, mtu 1500, vid 0, mode6 2(slaac)
[*05/25/2020 21:27:19.8360] pid 7349's current affinity mask: 3
[*05/25/2020 21:27:19.8360] pid 7349's new affinity mask: 1

 

User Access Verification
Username: [*05/25/2020 21:27:21.0708] SYS-COND: AP is in good condition
[*05/25/2020 21:27:21.1131] ethernet_port wired0, ip 192.168.97.12, netmask 255.255.255.0, gw 192.168.97.2, mtu 1500, bcast 192.168.97.255, dns1 0.0.0.0, is_static true, vid 0, static_ip_failover false, dhcp_vlan_failover false
[*05/25/2020 21:27:22.0021] chpasswd: password for user changed
[*05/25/2020 21:27:22.4902] DOT11_TXP[2]:Domain configured: 1 class:E
[*05/25/2020 21:27:22.5782] DOT11_TXP[0]:Domain configured: 22 class:C
[*05/25/2020 21:27:22.9239] DOT11_TXP[1]:Domain configured: 22 class:C
[*05/25/2020 21:27:23.2786] DOT11_TXP[2]:Domain configured: 22 class:C
[*05/25/2020 21:27:23.6372] DOT11_TXP[0]:Domain configured: 1 class:E
[*05/25/2020 21:27:24.1759] AP IPv4 Address updated from 0.0.0.0 to 192.168.97.12
[*05/25/2020 21:27:24.1882] send CAPWAP ctrl msg to the socket: Socket operation on non-socket
[*05/25/2020 21:27:24.5372] DOT11_DRV[0]: Stopped Radio 0
[*05/25/2020 21:27:24.5663] DOT11_DRV[0]: DOT11_DRV[0]: set_channel Channel set to 6
[*05/25/2020 21:27:25.5852] DOT11_DRV[1]: Stopped Radio 1
[*05/25/2020 21:27:25.6124] DOT11_DRV[1]: DOT11_DRV[1]: set_channel Channel set to 149
[*05/25/2020 21:27:26.7045] DOT11_DRV[0]: DOT11_DRV[0]: set_channel Channel set to 1
[*05/25/2020 21:27:27.3438] DOT11_DRV[0]: DOT11_DRV[0]: set_channel Channel set to 1
[*05/25/2020 21:27:27.3641] DOT11_DRV[0]: DOT11_DRV[0]: set_channel Channel set to 1
[*05/25/2020 21:27:28.3595] bftype is 6
[*05/25/2020 21:27:28.3862] DOT11_DRV[0]: DOT11_DRV[0]: set_channel Channel set to 1
[*05/25/2020 21:27:29.1506] DOT11_DRV[0]: DOT11_DRV[0]: set_channel Channel set to 1
[*05/25/2020 21:27:29.3132] failed wlconfig_commit netdev = wifi1
[*05/25/2020 21:27:29.3133] Error for wireless request "Commit changes" (8B00) :
[*05/25/2020 21:27:29.3133] SET failed on device wifi1 ; Operation not permitted.
[*05/25/2020 21:27:29.8548] DOT11_DRV[1]: DOT11_DRV[1]: set_channel Channel set to 149
[*05/25/2020 21:27:30.5087] DOT11_DRV[1]: DOT11_DRV[1]: set_channel Channel set to 149
[*05/25/2020 21:27:31.1581] DOT11_DRV[1]: DOT11_DRV[1]: set_channel Channel set to 149
[*05/25/2020 21:27:31.1786] DOT11_DRV[1]: DOT11_DRV[1]: set_channel Channel set to 149
[*05/25/2020 21:27:32.1671] bftype is 6
[*05/25/2020 21:27:32.1939] DOT11_DRV[1]: DOT11_DRV[1]: set_channel Channel set to 149
[*05/25/2020 21:27:32.9426] DOT11_DRV[1]: DOT11_DRV[1]: set_channel Channel set to 149
[*05/25/2020 21:27:33.6809] DOT11_DRV[1]: DOT11_DRV[1]: set_channel Channel set to 149
[*05/25/2020 21:27:34.4575] device aptrace0 entered promiscuous mode
[*05/25/2020 21:27:34.5073] device to_container entered promiscuous mode
[*05/25/2020 21:27:45.2338] dtls_init: Use SUDI certificate
[*05/25/2020 21:27:45.2359]
[*05/25/2020 21:27:45.2359] CAPWAP State: Init
[*05/25/2020 21:27:45.2380]
[*05/25/2020 21:27:45.2380] CAPWAP State: Discovery
[*05/25/2020 21:27:45.2411] Discovery Request sent to 10.10.205.31, discovery type STATIC_CONFIG(1)
[*05/25/2020 21:27:45.2599] Discovery Request sent to 10.10.205.31, discovery type STATIC_CONFIG(1)
[*05/25/2020 21:27:45.2618] Discovery Request sent to 255.255.255.255, discovery type UNKNOWN(0)
[*05/25/2020 21:27:45.2623]
[*05/25/2020 21:27:45.2623] CAPWAP State: Discovery
[*05/25/2020 21:27:46.2343] Start: RPC thread 1954245616 created.

 

 

 

Seems like the output is not all there. Did you start the capture prior to powering up the AP? What you should also do is factory rest the AP unless it’s brand new out of the box. Hold the reset button and power up the AP. Hold the reset for >20 seconds until the led flashes red.
-Scott
*** Please rate helpful posts ***

Dear Scott,

This is the current log as per your suggestion.

 

BootROM - 1.78
Booting from SPI flash, Secure mode
BootROM: RSA Public key verification PASSED
BootROM: CSK block signature verification PASSED
BootROM: Boot header signature verification PASSED
BootROM: Box ID verification PASSED
BootROM: JTAG is disabled


General initialization - Version: 1.0.0
Detected Device ID 6920
Master bootloder version 1.34
High speed PHY - Version: 2.0
BoardId = 0x21board SerDes lanes topology details:
| Lane # | Speed| Type |
------------------------------|
| 1 | 0 | SGMII1 |
| 2 | 5 | PCIe1 |
| 4 | 5 | PCIe2 |
| 5 | 0 | SGMII2 |
-------------------------------
:** Link is Gen1, check the EP capability
PCIe, Idx 1: Link upgraded to Gen2 based on client cpabilities
:** Link is Gen1, check the EP capability
PCIe, Idx 2: Link upgraded to Gen2 based on client cpabilities
High speed PHY - Ended Successfully
DDR4 Training Sequence - Ver TIP-0.23.(Sublib 0.8)0
DDR4 Training Sequence - Switching XBAR Window to FastPath Window
DDR4 Training Sequence - Ended Successfully
BootROM: Image checksum verification PASSED
BootROM: Boot image signature verification PASSED

____ _
/ ___|(_) ___ ___ ___
| | | |/ __| / __|/ _ \
| |___ | |\__ \| (__| (_) |
\____||_||___/ \___|\___/
_ _ ____ _
| | | | | __ ) ___ ___ | |_
| | | |___| _ \ / _ \ / _ \| __|
| |_| |___| |_) | (_) | (_) | |_
\___/ |____/ \___/ \___/ \__|
** LOADER **


U-Boot 2013.01-gacaad15 (Aug 18 2019 - 20:12:19) SDK version: 2015_T2.0p10

Board: Barbados-2K
SoC: MV88F6920 Rev A1
running 2 CPUs
CPU: ARM Cortex A9 MPCore (Rev 1) LE
CPU 0
CPU @ 1800 [MHz]
L2 @ 900 [MHz]
TClock @ 250 [MHz]
DDR4 @ 900 [MHz]
DDR4 32 Bit Width,FastPath Memory Access, DLB Enabled, ECC Disabled
DRAM: 1 GiB

RST I2C0
NAND: 256 MiB
SF: Detected S25FL032P with page size 64 KiB, total 4 MiB
PCI-e 1 (IF 0 - bus 0) Root Complex Interface, Detected Link X1, GEN 2.0
PCI-e 2 (IF 1 - bus 1) Root Complex Interface, Detected Link X1, GEN 2.0

Map: Code: 0x3fed9000:0x3ffadc40
BSS: 0x3ffef704
Stack: 0x3f9c8f20
Heap: 0x3f9c9000:0x3fed9000
U-Boot Environment: 0x00100000:0x00110000 (SPI)

Board configuration:
| port | Interface | PHY address |
|--------|------------|--------------|
| egiga1 | SGMII | 0x01 |
| egiga2 | SGMII | 0x00 |
Net: , egiga1, egiga2 [PRIME]
Hit ESC key to stop autoboot: 0
Creating 1 MTD partitions on "nand0":
0x000000200000-0x000010000000 : "mtd=2"
UBI: attaching mtd1 to ubi0
UBIFS: mounted UBI device 0, volume 0, name "part1"
Loading file 'part1/part.bin' to addr 0x02000000 with size 6323981 (0x00607f0d). ..
Done
SF: Detected S25FL032P with page size 64 KiB, total 4 MiB

Checking image signing.
Image signing verification success, continue to run...
## Booting kernel from Legacy Image at 02000000 ...
Image Name: Barbados Firmware Image
Created: 2020-05-26 4:32:16 UTC
Image Type: ARM Linux Multi-File Image (uncompressed)
Data Size: 6322973 Bytes = 6 MiB
Load Address: 00008000
Entry Point: 00008000
Contents:
Image 0: 4203256 Bytes = 4 MiB
Image 1: 2103635 Bytes = 2 MiB
Image 2: 16065 Bytes = 15.7 KiB
Verifying Checksum ... OK
## Loading init Ramdisk from multi component Legacy Image at 02000000 ...
## Flattened Device Tree from multi component Image at 02000000
Booting using the fdt at 0x02603c9c
Loading Multi-File Image ... OK
OK
reserving fdt memory region: addr=0 size=4000
Loading Device Tree to 01ff9000, end 01fffec0 ... OK

Starting Device Tree update ('fdt_skip_update' = no)

Limit DDR size at 3GB due to power of 2 requirement of Address decoding
Updating device tree successful

Starting kernel ...

[01/01/1970 00:00:00.0000] Built 1 zonelists in Zone order, mobility grouping on . Total pages: 260096
[01/01/1970 00:00:00.0000] Memory: 1025848K/1048576K available (5743K kernel cod e, 407K rwdata, 2476K rodata, 359K init, 478K bss, 22728K reserved)
[01/01/1970 00:00:00.1200] CPU1: Booted secondary processor
[01/01/1970 00:00:01.4400] buginf tty flushing thread started, ttyport=be8e4c00
[01/01/1970 00:00:01.5600] m25p80 spi1.0: found s25sl032p, expected n25q032
[01/01/1970 00:00:02.6300] UBI warning: print_rsvd_warning: cannot reserve enoug h PEBs for bad PEB handling, reserved 20, need 32
[*01/01/1970 00:00:02.7730] buginf() enabled.
[*01/01/1970 00:00:02.7817] Made it into bootsh: May 25 2020 21:24:10 T-1ffe7a1d cdc70c976f3270715f1ba2494e77a88d-g1ffe7a1d-aut
Verify returns 0
[*01/01/1970 00:00:10.4884] bootsh mini ramfs booted /bootpart/part1/ramfs_data_ cisco.cpio.lzma


Welcome to Cisco.

Usage of this device is governed by Cisco's End User License Agreement,
available at:
http://www.cisco.com/c/en/us/td/docs/general/warranty/English/EU1KEN_.html.


Restricted Rights Legend

Use, duplication, or disclosure by the Government is subject to
restrictions as set forth in subparagraph (c) of the Commercial
Computer Software - Restricted Rights clause at FAR sec. 52.227-19 and
subparagraph (c) (1) (ii) of the Rights in Technical Data and Computer
Software clause at DFARS sec. 252.227-7013.

Cisco Systems, Inc.
170 West Tasman Drive
San Jose, California 95134-1706

This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.

A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html

If you require further assistance please contact us by sending email to
export@cisco.com.


This product contains some software licensed under the
"GNU General Public License, version 2" provided with
ABSOLUTELY NO WARRANTY under the terms of
"GNU General Public License, version 2", available here:
http://www.gnu.org/licenses/old-licenses/gpl-2.0.html


This product contains some software licensed under the
"GNU Library General Public License, version 2" provided
with ABSOLUTELY NO WARRANTY under the terms of "GNU Library
General Public License, version 2", available here:
http://www.gnu.org/licenses/old-licenses/lgpl-2.0.html


This product contains some software licensed under the
"GNU Lesser General Public License, version 2.1" provided
with ABSOLUTELY NO WARRANTY under the terms of "GNU Lesser
General Public License, version 2.1", available here:
http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html


This product contains some software licensed under the
"GNU General Public License, version 3" provided with
ABSOLUTELY NO WARRANTY under the terms of
"GNU General Public License, Version 3", available here:
http://www.gnu.org/licenses/gpl.html.


This product contains some software licensed under the
"GNU Affero General Public License, version 3" provided
with ABSOLUTELY NO WARRANTY under the terms of
"GNU Affero General Public License, version 3", available here:
http://www.gnu.org/licenses/agpl-3.0.html.

[ OK ] Reached target Cisco File Systems (Pre).
[ OK ] Created slice -.slice.
[ OK ] Listening on Delayed Shutdown Socket.
[ OK ] Listening on udev Control Socket.
[ OK ] Created slice system.slice.
[ OK ] Created slice system-serial\x2dgetty.slice.
[ OK ] Reached target Slices.
Starting Cisco UBIFS reformat/mount...
[ OK ] Listening on udev Kernel Socket.
[ OK ] Reached target Sockets.
Starting udev Kernel Device Manager...
Starting udev Coldplug all Devices...
[ OK ] Started udev Kernel Device Manager.
[ OK ] Started Cisco UBIFS reformat/mount.
Starting Cisco early mount...
[ OK ] Started Cisco early mount.
[ OK ] Reached target Local File Systems (Pre).
Starting Cisco platform file generation...
Starting Cisco system time setup...
Starting Cisco fips check...
Starting Cisco seed generation...
[ OK ] Started Cisco system time setup.
[ OK ] Started Cisco seed generation.
[ OK ] Started Cisco fips check.
[ OK ] Started Cisco platform file generation.
Starting Cisco btldr service...
[ OK ] Started Cisco btldr service.
[ OK ] Reached target Local File Systems.
Starting Cisco S10 boot service...
Starting Cisco act2 check...
Starting Security Auditing Service...
[*12/07/2019 23:59:59.0718] Last reload time: Dec 8 00:01:15 2019
[*05/25/2020 21:26:41.0091] Setting system time Mon May 25 21:26:41 UTC 2020
[*05/25/2020 21:26:42.1627] GCM-128 POST passed
[*05/25/2020 21:26:42.1628] GCM-256 POST passed
[*05/25/2020 21:26:43.7892] parameter passed without an option given
[ OK ] Started Cisco system time saving.
[*05/25/2020 21:26:44.1693] 1
Starting Cisco system time saving...
Starting Cisco pkg install service...
[ OK ] Started Security Auditing Service.
[ OK ] Started udev Coldplug all Devices.
[05/25/2020 21:26:45.4700] PCI: enabling device 0000:00:02.0 (0140 -> 0143)
[05/25/2020 21:26:45.5600] PCI: enabling device 0000:02:00.0 (0140 -> 0142)
[ OK ] Started Cisco pkg install service.
[ OK ] Started Cisco [05/25/2020 21:26:52.8800] PCI: enabling device 0000:00:0 3.0 (0140 -> 0143)
act2 check.
[*0[05/25/2020 21:26:52.9700] PCI: enabling device 0000:03:00.0 (0140 -> 0142)
5/25/2020 21:26:44.6231] Active version: 17.2.1.15
[*05/25/2020 21:26:44.6349] Backup version: 0.0.0.0
[*05/25/2020 21:26:45.2503] device wired0 entered promiscuous mode
[*05/25/2020 21:26:45.6430] wifi0: Initializing TX ring
[*05/25/2020 21:26:45.6473] wifi0: Initializing RX ring
[*05/25/2020 21:26:45.6521] wifi0: prepare firmware downloading
[*05/25/2020 21:26:46.4086] wifi0: Firmware downloading
[*05/25/2020 21:26:47.6370]
[*05/25/2020 21:26:47.6370]
[*05/25/2020 21:26:47.6370]
[*05/25/2020 21:26:47.6370]
[*05/25/2020 21:26:47.6370] Authenticating ACT2 ID:AP2800
[*05/25/2020 21:26:47.6370] Authenticating SN:FOC23462NXZ
[*05/25/2020 21:26:47.6376]
[*05/25/2020 21:26:47.6377] (ACT2Boot) Hardware is Cisco (c) authentic :-)
[*05/25/2020 21:26:47.6377]
[*05/25/2020 21:26:47.6442] 0;Seeding /dev/urandom from ACT2
[*05/25/2020 21:26:48.2023] 0;<30>systemd[1]: Started Cisco pkg install service.
[*05/25/2020 21:26:48.7576] 0;Reading ACT2 SUDI certificates
[*05/25/2020 21:26:49.2683] 0;0;0;0;0;0;0;
[*05/25/2020 21:26:52.4098] Firmware download complete
[*05/25/2020 21:26:52.6023] wifi0: Getting HW specs. Retrying for 3
[*05/25/2020 21:26:52.6027] Mac_Init
[*05/25/2020 21:26:52.6030] Preparing to set HW specs
[*05/25/2020 21:26:52.6033] FIPS enc aes-ccmp Verified
[*05/25/2020 21:26:52.6034] FIPS dec aes-ccmp Verified
[*05/25/2020 21:26:52.6035] FIPS enc aes-ccmp-256 Verified
[*05/25/2020 21:26:52.6036] FIPS dec aes-ccmp-256 Verified
[*05/25/2020 21:26:52.6037] FIPS enc aes-gcmp Verified
[*05/25/2020 21:26:52.6038] FIPS dec aes-gcmp Verified
[*05/25/2020 21:26:52.6039] FIPS enc aes-gcmp-256 Verified
[*05/25/2020 21:26:52.6040] FIPS dec aes-gcmp-256 Verified
[*05/25/2020 21:26:53.0729] wifi1: Initializing TX ring
[*05/25/2020 21:26:53.0764] wifi1: Initializing RX ring
[*05/25/2020 21:26:53.0809] wifi1: prepare firmware downloading
[*05/25/2020 21:26:53.8053] wifi1: Firmware downloading
[*05/25/2020 21:26:54.6983] 0;[ OK ] Started Cisco S10 boot service.
Starting Cisco nolan service...
Starting Cisco watchdog...
Starting Cisco nss service...
<30>systemd[1]: Started Cisco act2 check.
[*05/25/2020 21:26:55.2083] 0;0;0;0;0;0;0;0;
[*05/25/2020 21:26:58.8483] Firmware download complete
[*05/25/2020 21:26:59.0423] wifi1: Getting HW specs. Retrying for 3
[*05/25/2020 21:26:59.0427] Mac_Init
[*05/25/2020 21:26:59.0430] Preparing to set HW specs
[*05/25/2020 21:26:59.0432] FIPS enc aes-ccmp Verified
[*05/25/2020 21:26:59.0434] FIPS dec aes-ccmp Verified
[*05/25/2020 21:26:59.0435] FIPS enc aes-ccmp-256 Verified
[*05/25/2020 21:26:59.0436] FIPS dec aes-ccmp-256 Verified
[*05/25/2020 21:26:59.0437] FIPS enc aes-gcmp Verified
[*05/25/2020 21:26:59.0438] FIPS dec aes-gcmp Verified
[*05/25/2020 21:26:59.0439] FIPS enc aes-gcmp-256 Verified
[*05/25/2020 21:26:59.0440] FIPS dec aes-gcmp-256 Verified
[*05/25/2020 21:27:00.1807] Initializing NSS Firmware
[ OK ] Started Cisco nolan service.
[ OK ] Started Cisco watchdog.
Starting Cisco nolan USB service...
[ OK ] Started Cisco nolan USB service.
Starting Cisco pre-PoE negotiation...
[ OK ] Started Cisco pre-PoE negotiation.
[ OK ] Started Cisco nss service.
Starting Cisco S15platform...
Starting Cisco Kclick...
[05/25/2020 21:27:03.6900] Disabling lock debugging due to kernel taint
[ OK ] Started Cisco S15platform.
[ OK ] Started Cisco Kclick.
Starting Cisco ME service...
Starting Cisco certificate create service...
[*05/25/2020 21:27:03.7765] init ft module
[*05/25/2020 21:27:03.9261] stile module dp init successfully
[*05/25/2020 21:27:03.9262] NBAR Label:BLD_V171_THROTTLE_LATEST_20190830_170454 Module timestamp: May 25 2020 at 21:13:30 User: aut
[*05/25/2020 21:27:04.8565] Last reload reason : 0: unknown
Starting Cisco Kclick...
Starting Cisco Sku service...
[*05/25/2020 21:27:06.6048] SKU to radio FW
[ OK ] Started Cisco ME service.
[*05/25/2020 21:27:06.7059] Create symlink /dev/mic_cert result 0
[*05/25/2020 21:27:06.7059] Loading certificates from storage...
[*05/25/2020 21:27:06.7074] wifi2 no private ioctls.
[*05/25/2020 21:27:06.7074]
[*05/25/2020 21:27:06.7416] barbados /tmp/SC4_1dbm.txt
[ OK ] Started Cisco certificate create service.
[ OK ] Started Cisco Sku service.
Starting Cisco certtime service...
[ OK ] Started Cisco Tam service.
Starting Cisco Tam service...
[ OK ] Started Cisco Kclick.
Starting Cisco brain service...
Starting Cisco syslog service...
[*05/25/2020 21:27:07.6941] xt_tcpudp is already loaded
Starting Cisco S16platfomm...
Starting rsyslog client...
[ OK ] Started Cisco syslog service.
[ OK ] Started Cisco S16platfomm.
[ OK ] Started rsyslog client.
Starting Cisco synclogd...
[ OK ] Started Cisco synclogd.
[ OK ] Started Cisco brain service.
[05/25/2020 21:27:09.0300] wired0 emac 2: link up
[05/25/2020 21:27:09.0800] wired0: link up
[ OK ] Started Cisco certtime service.
[ OK ] Reached target System Initialization.
[ OK ] Reached target Timers.
[ OK ] Reached target Paths.
[ OK ] Reached target Basic System.
Starting Cisco led service...
[*05/25/2020 21:27:12.5241] starting tam services using ACT2...
[*05/25/2020 21:27:12.5241] Starting Cisco rtd service...
[ OK ] Started System Monitor service.
Starting System Monitor service...
Starting Cisco kexec...
Starting Cisco klogd...
Starting Fast CGI daemon...
Starting OpenSSH server daemon...
Starting WCPD process...
Starting Marvell Forwarding daemon...
[ OK ] Started Serial Getty on ttyS0.
Starting Serial Getty on ttyS0...
[ OK ] Reached target Login Prompts.
Starting AP Trace daemon...
[ OK ] Started NTP_PROC daemon.
Starting NTP_PROC daemon...
Starting gRPC server daemon...
Starting capwapd...
Starting Cisco printkd...
Starting Clean Air daemon...
Starting Hostapd process...
[ OK ] Started Cisco led service.
[ OK ] Started Cisco kexec.
[ OK ] Started Cisco printkd.
[ OK ] Started Cisco klogd.
[ OK ] Started Cisco rtd service.
[ OK ] Started Fast CGI daemon.
[ OK ] Started AP Trace daemon.
[ OK ] Started Hostapd process.
[ OK ] Started OpenSSH server daemon.
Starting dnsmasq watcher...
Starting DNSmasq...
[ OK ] Started DNSmasq.
[ OK ] Started dnsmasq watcher.
[05/25/2020 21:27:18.9200] wired0 emac 2: link up
[05/25/2020 21:27:18.9700] wired0: link up
[*05/25/2020 21:27:19.4609] pid 7258's current affinity mask: 3
[*05/25/2020 21:27:19.4609] pid 7258's new affinity mask: 1
[*05/25/2020 21:27:19.7593] ip6_port srcr2, ip6local fe80::3e51:eff:fe3d:f174, i p6 ::, plen 0, gw6 ::, gw6_mac 00:00:00:00:00:00, mtu 1500, vid 0, mode6 2(slaac )

[*05/25/2020 21:27:20.8274] SYS-COND: AP is in good condition
[*05/25/2020 21:27:20.9681] ethernet_port wired0, ip 192.168.97.12, netmask 255. 255.255.0, gw 192.168.97.2, mtu 1500, bcast 192.168.97.255, dns1 0.0.0.0, is_sta tic true, vid 0, static_ip_failover false, dhcp_vlan_failover false


User Access Verification
Username: [*05/25/2020 21:27:21.8497] chpasswd: password for user changed
[*05/25/2020 21:27:22.6730] DOT11_TXP[0]:Domain configured: 22 class:C
[*05/25/2020 21:27:23.0191] DOT11_TXP[0]:Domain configured: 22 class:C
[*05/25/2020 21:27:23.3622] DOT11_TXP[0]:Domain configured: 22 class:C
[*05/25/2020 21:27:23.7127] DOT11_TXP[2]:Domain configured: 1 class:E
[*05/25/2020 21:27:23.8054] DOT11_TXP[0]:Domain configured: 1 class:E
[*05/25/2020 21:27:24.2467] AP IPv4 Address updated from 0.0.0.0 to 192.168.97.1 2
[*05/25/2020 21:27:24.2599] send CAPWAP ctrl msg to the socket: Socket operation on non-socket
[*05/25/2020 21:27:24.6822] DOT11_DRV[1]: Stopped Radio 1
[*05/25/2020 21:27:24.7117] DOT11_DRV[1]: DOT11_DRV[1]: set_channel Channel set to 149
[*05/25/2020 21:27:25.7376] DOT11_DRV[0]: Stopped Radio 0
[*05/25/2020 21:27:25.7648] DOT11_DRV[0]: DOT11_DRV[0]: set_channel Channel set to 6
[*05/25/2020 21:27:26.8592] DOT11_DRV[0]: DOT11_DRV[0]: set_channel Channel set to 1
[*05/25/2020 21:27:27.5024] DOT11_DRV[0]: DOT11_DRV[0]: set_channel Channel set to 1
[*05/25/2020 21:27:27.5227] DOT11_DRV[0]: DOT11_DRV[0]: set_channel Channel set to 1
[*05/25/2020 21:27:28.5083] bftype is 6
[*05/25/2020 21:27:28.5350] DOT11_DRV[0]: DOT11_DRV[0]: set_channel Channel set to 1
[*05/25/2020 21:27:29.3069] DOT11_DRV[0]: DOT11_DRV[0]: set_channel Channel set to 1
[*05/25/2020 21:27:29.4700] failed wlconfig_commit netdev = wifi1
[*05/25/2020 21:27:29.4701] Error for wireless request "Commit changes" (8B00) :
[*05/25/2020 21:27:29.4701] SET failed on device wifi1 ; Operation not permi tted.
[*05/25/2020 21:27:30.0146] DOT11_DRV[1]: DOT11_DRV[1]: set_channel Channel set to 149
[*05/25/2020 21:27:30.6625] DOT11_DRV[1]: DOT11_DRV[1]: set_channel Channel set to 149
[*05/25/2020 21:27:31.3048] DOT11_DRV[1]: DOT11_DRV[1]: set_channel Channel set to 149
[*05/25/2020 21:27:31.3347] DOT11_DRV[1]: DOT11_DRV[1]: set_channel Channel set to 149
[*05/25/2020 21:27:32.3252] bftype is 6
[*05/25/2020 21:27:32.3519] DOT11_DRV[1]: DOT11_DRV[1]: set_channel Channel set to 149
[*05/25/2020 21:27:33.0976] DOT11_DRV[1]: DOT11_DRV[1]: set_channel Channel set to 149
[*05/25/2020 21:27:33.8400] DOT11_DRV[1]: DOT11_DRV[1]: set_channel Channel set to 149
[*05/25/2020 21:27:35.3125] device aptrace0 entered promiscuous mode
[*05/25/2020 21:27:35.3525] device to_container entered promiscuous mode

Username: cisco
Password:
AP3C51.0E3D.F174>[*05/25/2020 21:27:45.4198] dtls_init: Use SUDI certificate
[*05/25/2020 21:27:45.4218]
[*05/25/2020 21:27:45.4218] CAPWAP State: Init
[*05/25/2020 21:27:45.4239]
[*05/25/2020 21:27:45.4239] CAPWAP State: Discovery
[*05/25/2020 21:27:45.4271] Discovery Request sent to 10.10.205.31, discovery ty pe STATIC_CONFIG(1)
[*05/25/2020 21:27:45.4294] Discovery Request sent to 10.10.205.31, discovery ty pe STATIC_CONFIG(1)
[*05/25/2020 21:27:45.4479] Discovery Request sent to 255.255.255.255, discovery type UNKNOWN(0)
[*05/25/2020 21:27:45.4483]
[*05/25/2020 21:27:45.4483] CAPWAP State: Discovery
[*05/25/2020 21:27:46.2893] Start: RPC thread 1953684464 created.

AP3C51.0E3D.F174>en
Password:
AP3C51.0E3D.F174#[*05/25/2020 21:28:14.7881]
[*05/25/2020 21:28:14.7881] CAPWAP State: Discovery
[*05/25/2020 21:28:14.7913] Discovery Request sent to 10.10.205.31, discovery ty pe STATIC_CONFIG(1)
[*05/25/2020 21:28:14.7974] Discovery Request sent to 10.10.205.31, discovery ty pe STATIC_CONFIG(1)
[*05/25/2020 21:28:14.8002] Discovery Request sent to 255.255.255.255, discovery type UNKNOWN(0)
[*05/25/2020 21:28:20.6366]
[*05/25/2020 21:28:20.6366] USB Device Disconnected from the AP
[*05/25/2020 21:28:20.6366]
[*05/25/2020 21:28:44.2470]
[*05/25/2020 21:28:44.2470] CAPWAP State: Discovery
[*05/25/2020 21:28:44.2502] Discovery Request sent to 10.10.205.31, discovery ty pe STATIC_CONFIG(1)
[*05/25/2020 21:28:44.2529] Discovery Request sent to 10.10.205.31, discovery ty pe STATIC_CONFIG(1)
[*05/25/2020 21:28:44.2578] Discovery Request sent to 255.255.255.255, discovery type UNKNOWN(0)

AP3C51.0E3D.F174#
AP3C51.0E3D.F174#
AP3C51.0E3D.F174#
AP3C51.0E3D.F174#
AP3C51.0E3D.F174#
AP3C51.0E3D.F174#[*05/25/2020 21:29:13.7062]
[*05/25/2020 21:29:13.7062] CAPWAP State: Discovery
[*05/25/2020 21:29:13.7094] Discovery Request sent to 10.10.205.31, discovery ty pe STATIC_CONFIG(1)
[*05/25/2020 21:29:13.7122] Discovery Request sent to 10.10.205.31, discovery ty pe STATIC_CONFIG(1)
[*05/25/2020 21:29:13.7175] Discovery Request sent to 255.255.255.255, discovery type UNKNOWN(0)

 

 

Last 3 lines are repeatedly coming from the AP console but can't discover the AP.

Factory reset the AP. Then make sure the ap is on the same subnet as the 9800 management. Make sure the ap gets a dhcp address and let’s see if the ap joins. Make sure that there is no option 43 or dns that points to an existing controller also.
-Scott
*** Please rate helpful posts ***

Is there any License related issue? How many AP can be joined in evaluation mode?

You should be able to use all the features in evaluation so that should not be an issue. Is this an appliance not a virtual? Just follow what I suggested and let’s see what happens. Can you also so the UI under monitor > access points. There is a previously joined stats, did you see the ap there? You need to isolate the issue. If our connect the AP to the same patch cable the other 2802 was connected to, what happens? Is the ap on the same subnet as the controller?
-Scott
*** Please rate helpful posts ***

Check out this thread also. The 2800 need to be on a specific version also to be compatible with the 9800.
https://community.cisco.com/t5/other-wireless-mobility-subjects/cisco-air-ap2802i-e-k9-failing-to-join-controller/m-p/4117819#M103598 <>
-Scott
*** Please rate helpful posts ***

Sorry everyone for late reply. Finally the issue was solved. Actually i have made two major changes. First of all, i have connected the AP through wireless management vlan. Then the AP was trying capwap discovery to get the WLC and it gets joined with the WLC. Another thing i noticed the when i try to join the ap with a controller the AP must be  configured with  the IP of wireless management vlan. I was initially trying with the other vlan which is reachable to the WLC. Once it gets joined with the controller and downloads the image from WLC, we can connect the AP to any other network which is reachable to the WLC. I did not find any issue with capwap image though, as i tried with existing image of AP. I have just executed the required commands as before just changed the capwap ip,netmask and gw. Wireless Management Vlan is only needed to join the AP for the first time. 

 

Another thing i noticed for the wireless vlan a specific SUDI  certificate must be tagged with the wireless management vlan to join the AP. Whenever i create any SSC or any other TrustPoint certificate the AP gets disassociated again   with the controller. I have also found from the cisco wlc 9800 document that for AP joining issue that SUDI certificate must be installed. I don’t know more  about this btw. 

 

Thanks a lot all.

There are various ways to setup the controller. The management can also be the wireless management or you can have the two separate, like what you have done. As far as ap join, as long as it’s a valid trust point certificate, you apply that to wireless management and that’s really it. Now that you have it working, maybe play around with it and factory reset and try to get it configured again so that you are familiar with how you want to setup the 9800.
-Scott
*** Please rate helpful posts ***

 

I saw that AP dont received return from WLC, try to static config and after that put here the output "show capwap ip config".

 

capwap ap ip address x.x.x.x x.x.x.x

capwap ap ip default-gateway x.x.x.x

capwap ap controller ip address x.x.x.x

show capwap ip config

 

Confirm if there are log´s join on the WLC from that AP, this indicate that AP reached WLC and you can see some log to help you identify the issue.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: