Solved: Re: AP AIR-CAP3502I-N-K9 is not joining wlc (8.3.143) after giving dhcp option 43 on switch although... - Page 2

CSCO11844255 · ‎07-17-2019

SW configuration-

ip dhcp pool AP_Pool
network 172.16.64.0 255.255.255.0
default-router 172.16.64.1
option 43 hex f104.ac10.2068
dns-server 172.16.32.40

interface Vlan64
description AP_Mgmt
ip address 172.16.64.1 255.255.255.0

Logs on AP

*Mar 1 00:00:16.231: %LINK-6-UPDOWN: Interface GigabitEthernet0, changed state to up
*Mar 1 00:00:17.622: %SOAP_FIPS-2-SELF_TEST_RAD_SUCCESS: RADIO crypto FIPS self test passed on interface Dot11Radio 0 (4)
*Mar 1 00:00:17.628: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0, changed state to up
*Mar 1 00:00:17.748: loading Power Tables from ram:/Z2.bin. Class = A
*Mar 1 00:00:17.748: record size of 2ss: 404 read_ptr: 274D1B8

*Mar 1 00:00:20.953: %SOAP_FIPS-2-SELF_TEST_RAD_SUCCESS: RADIO crypto FIPS self test passed on interface Dot11Radio 1 (4)
*Mar 1 00:00:21.000: loading Power Tables from ram:/Z5.bin. Class = N
*Mar 1 00:00:21.000: record size of 2ss: 404 read_ptr: 274D1B8

*Mar 1 00:00:21.026: %LWAPP-3-CLIENTERRORLOG: Load nvram:/lwapp_ap.cfg config failed, trying backup...
*Mar 1 00:00:21.029: %LWAPP-3-CLIENTERRORLOG: Load nvram:/lwapp_ap.cfg.bak config failed...
*Jul 14 10:15:16.091: %SYS-5-RESTART: System restarted --
Cisco IOS Software, C3500 Software (AP3G1-K9W8-M), Version 15.3(3)JD16, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2018 by Cisco Systems, Inc.
Compiled Tue 05-Jun-18 01:49 by prod_rel_team
*Jul 14 10:15:16.091: %SNMP-5-COLDSTART: SNMP agent on host ap is undergoing a cold start
*Jul 14 10:15:16.220: %LWAPP-3-CLIENTERRORLOG: Load nvram:/lwapp_ap.cfg config failed, trying backup...
*Jul 14 10:15:16.223: %LWAPP-3-CLIENTERRORLOG: Load nvram:/lwapp_ap.cfg.bak config failed...
*Jul 14 10:15:16.226: %DOT11-5-EXPECTED_RADIO_RESET: Restarting Radio interface Dot11Radio0 due to hostname change
*Jul 14 10:15:16.226: %DOT11-5-EXPECTED_RADIO_RESET: Restarting Radio interface Dot11Radio1 due to hostname change
*Jul 14 10:15:16.251: %DOT11-5-EXPECTED_RADIO_RESET: Restarting Radio interface Dot11Radio0 due to interface reset
*Jul 14 10:15:16.254: %LINK-6-UPDOWN: Interface Dot11Radio0, changed state to up
*Jul 14 10:15:16.257: %DOT11-5-EXPECTED_RADIO_RESET: Restarting Radio interface Dot11Radio1 due to interface resetlwapp_crypto_init: MIC Present and Parsed Successfully

*Jul 14 10:15:17.157: %LINEPROTO-5-UPDOWN: Line protocol on Interface BVI1, changed state to up
*Jul 14 10:15:25.276: %DHCP-6-ADDRESS_ASSIGN: Interface BVI1 assigned DHCP address 172.16.64.139, mask 255.255.255.0, hostname AP44d3.ca59.7b25

*Jul 14 10:15:33.600: Currently running a Release Image
validate_sha2_block: Failed to get certificate chain
*Jul 14 10:15:33.622: Using SHA-1 signed certificate for image signing validation.%Default route without gateway, if not a point-to-point interface, may impact performance
*Jul 14 10:15:39.325: AP image integrity check PASSED

*Jul 14 10:15:39.379: Non-recovery image. PNP Not required.

*Jul 14 10:15:39.394: validate_sha2_block:No SHA2 Block present on this AP.

*Jul 14 10:15:39.426: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to reset
*Jul 14 10:15:39.426: %LINK-5-CHANGED: Interface Dot11Radio1, changed state to reset
%Error opening flash:/capwap-saved-config (No such file or directory)
%Error opening flash:/capwap-saved-config-bak (No such file or directory)
*Jul 14 10:15:49.451: %SYS-6-LOGGINGHOST_STARTSTOP: Logging to host 255.255.255.255 port 0 CLI Request Triggered
*Jul 14 10:15:50.452: %SYS-6-LOGGINGHOST_STARTSTOP: Logging to host 255.255.255.255 port 514 started - CLI initiated%No matching route to delete
Translating "CISCO-CAPWAP-CONTROLLER"...domain server (172.16.32.40)
*Jul 14 10:16:00.468: %CAPWAP-5-DHCP_OPTION_43: Controller address 172.16.32.104 obtained through DHCP
*Jul 14 10:16:08.146: %DOT11-5-EXPECTED_RADIO_RESET: Restarting Radio interface Dot11Radio0 due to interface reset
*Jul 14 10:16:08.146: %DOT11-5-EXPECTED_RADIO_RESET: Restarting Radio interface Dot11Radio1 due to interface reset
*Jul 14 10:16:08.146: %CDP_PD-4-POWER_OK: Full power - NEGOTIATED inline power source
*Jul 14 10:16:09.238: %LINK-6-UPDOWN: Interface Dot11Radio0, changed state to up
*Jul 14 10:16:10.238: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to up
*Jul 14 10:16:10.333: %LINK-6-UPDOWN: Interface Dot11Radio1, changed state to up
*Jul 14 10:16:11.333: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio1, changed state to up

*Jul 14 10:17:08.528: %CDP_PD-4-POWER_OK: Full power - NEGOTIATED inline power source
Not in Bound state.
*Jul 14 10:17:13.986: %CAPWAP-3-DHCP_RENEW: Could not discover WLC. Either IP address is not assigned or assigned IP is wrong. Renewing DHCP IP.
*Jul 14 10:17:24.182: %DHCP-6-ADDRESS_ASSIGN: Interface BVI1 assigned DHCP address 172.16.64.140, mask 255.255.255.0, hostname AP44d3.ca59.7b25

Translating "CISCO-CAPWAP-CONTROLLER"...domain server (172.16.32.40)
*Jul 14 10:17:34.987: %CAPWAP-5-DHCP_OPTION_43: Controller address 172.16.32.104 obtained through DHCP

Not in Bound state.
*Jul 14 10:18:28.502: %CAPWAP-3-DHCP_RENEW: Could not discover WLC. Either IP address is not assigned or assigned IP is wrong. Renewing DHCP IP.
*Jul 14 10:18:38.694: %DHCP-6-ADDRESS_ASSIGN: Interface BVI1 assigned DHCP address 172.16.64.141, mask 255.255.255.0, hostname AP44d3.ca59.7b25

Logs on WLC:

Nothing I am getting expect these logs after enabling both packet and event debug -

(Cisco Controller) >*osapiBsnTimer: Jul 18 00:50:28.129: Same gateway prevails
*osapiBsnTimer: Jul 18 00:50:38.305: Same gateway prevails
*osapiBsnTimer: Jul 18 00:50:48.545: Same gateway prevails
*osapiBsnTimer: Jul 18 00:50:58.771: Same gateway prevails
*osapiBsnTimer: Jul 18 00:51:09.021: Same gateway prevails
*osapiBsnTimer: Jul 18 00:51:19.131: Same gateway prevails
*osapiBsnTimer: Jul 18 00:51:29.397: Same gateway prevails
*osapiBsnTimer: Jul 18 00:51:39.555: Same gateway prevails
*osapiBsnTimer: Jul 18 00:51:49.769: Same gateway prevails
*osapiBsnTimer: Jul 18 00:51:59.943: Same gateway prevails

patoberli · ‎07-19-2019

Sorry am out of office till Monday.

Leo Laohoo · ‎07-19-2019

@CSCO11844255 wrote:

Index NTP Key Index NTP Server Status NTP Msg Auth Status
------- ----------------------------------------------------------------------------------------------
1 1 172.16.32.1 Not Synched AUTH SUCCESS

Time and date are wrong because NTP is not configured. AP won't join a controller if the time and date is wrong.

CSCO11844255 · ‎07-20-2019

Hi Leo & All,

Thanks for your all reply. I did a very silly mistake. I did not enable routing on my Physical switch thats the reason why my AP was not abler to communicate with WLC. After making that change everything is working fine.
Thanks for your time and sharing your all stuff.

Regards,
Sumit Singh

Daniel Ordóñez Flores · ‎07-18-2019

Hi @CSCO11844255

Your APs that are in the same subnet that your WLC are the same model that you have in your remote site?

Please share the output that @Leo Laohoo is asking.

if its possible try with: debug capwap event enable

debug capwap error enable

Thanks

Espero que la información haya sido útil y si no tienes más preguntas recuerda cerrar el topic, seleccionando la respuesta como "Respuesta correcta"
**Please rate the answer if this information was useful***
**Por favor si la información fue util marca esta respuesta como correcta**

CSCO11844255 · ‎07-18-2019

The main issue is my AP is not communicating to WLC. I dont know why ? It is very simple setup. thats the reason I dont see any debugs logs on WLC.

WLC(172.16.32.104 part of vlan 32(172.16.32.0/24)) ----(Trunk)Switch(access vlan 64(172.16.64.0/24))----AP

patoberli · ‎07-19-2019

You wrote that you can't ping the WLC ip address from the AP and the WLC can't ping the IP of the AP, correct?
That must be possible. Otherwise there is an ACL/firewall or no router between the AP and the WLC.

CSCO11844255 · ‎07-19-2019

It very simple network connectivity. Both of my WLC and AP are connected with single 3750 switch. there is no firewall placed in between those.

patoberli · ‎07-19-2019

And is the 3750 the router for your network? The Wlc is no router.

omz · ‎07-18-2019

Hi

Why do you have dots " . " in the HEX string?

option 43 hex f104.ac10.2068

I think the HEX string should be

f104ac102068

option 43 hex f104ac102068

https://www.cisco.com/c/en/us/support/docs/wireless-mobility/wireless-lan-wlan/97066-dhcp-option-43-00.html

Although it is being translated to 172.16.32.104 .. so may be not the string issue..

Daniel Ordóñez Flores · ‎07-18-2019

Hi @omz

I think when you do "show run" the output add the dots.

Espero que la información haya sido útil y si no tienes más preguntas recuerda cerrar el topic, seleccionando la respuesta como "Respuesta correcta"
**Please rate the answer if this information was useful***
**Por favor si la información fue util marca esta respuesta como correcta**

CSCO11844255 · ‎07-18-2019

I gave in the same format then switch automatically covert that into the dot format..however this is irrelevant to my issue. But just for your information :)

Daniel Ordóñez Flores · ‎07-18-2019

Hi @CSCO11844255

can you share the output of " "show license capacity"

regards

Espero que la información haya sido útil y si no tienes más preguntas recuerda cerrar el topic, seleccionando la respuesta como "Respuesta correcta"
**Please rate the answer if this information was useful***
**Por favor si la información fue util marca esta respuesta como correcta**

CSCO11844255 · ‎07-19-2019

(Cisco Controller) >show license capacity

Licensed Feature Max Count Current Count Remaining Count
-----------------------------------------------------------------------
AP Count 200 0 200

(Cisco Controller) >

AP AIR-CAP3502I-N-K9 is not joining wlc (8.3.143) after giving dhcp option 43 on switch although it was working when AP are in the same subnet.. Please help me