Buy or Renew
Buy or Renew
Cisco Virtual Engineer generative AI bot now active in Wireless Discussion Forum. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
6794
Views
0
Helpful
50
Replies

AP1131 can't connect to vWLAN Controller

John Bachman
Level 1
Level 1

‎02-01-2019 10:55 AM - edited ‎07-05-2021 09:47 AM

Hello experts,  I am setting up a new vWLAN Controller version 8.0.152.0  with AP1131AG access points.

The controller address is 172.16.10.5

 

 

the 2811 router is configured as

ip dhcp pool AP

network 172.16.10.0 255.255.255.0

default-gateway 172.16.10.1

option 43 hex f104.ac10.oa05

option 60 ascii "Cisco AP 1131"

dns-server 172.16.10.1

 

The error I get is: %CAPWAP-3-ERRORLOG: Did not get log server settings from DHCP.

 

here is the boot log: Can you please assist ? thank you.

 

Username:
Username: Xmodem file system is available.
flashfs[0]: 26 files, 8 directories
flashfs[0]: 0 orphaned files, 0 orphaned directories
flashfs[0]: Total bytes: 15998976
flashfs[0]: Bytes used: 5280256
flashfs[0]: Bytes available: 10718720
flashfs[0]: flashfs fsck took 28 seconds.
Base ethernet MAC Address: 00:24:97:6e:2d:74
Initializing ethernet port 0...
Reset ethernet port 0...
Reset done!
ethernet link up, 100 mbps, full-duplex
Ethernet port 0 initialized: link is up
Loading "flash:/c1130-k9w8-mx.124-25e.JAP12/c1130-k9w8-mx.124-25e.JAP12"...#########################################################################################################################################################################################################################################################################################################################################################################################################################################################################################

File "flash:/c1130-k9w8-mx.124-25e.JAP12/c1130-k9w8-mx.124-25e.JAP12" uncompressed and installed, entry point: 0x3000
executing...

              Restricted Rights Legend

Use, duplication, or disclosure by the Government is
subject to restrictions as set forth in subparagraph
(c) of the Commercial Computer Software - Restricted
Rights clause at FAR sec. 52.227-19 and subparagraph
(c) (1) (ii) of the Rights in Technical Data and Computer
Software clause at DFARS sec. 252.227-7013.

           cisco Systems, Inc.
           170 West Tasman Drive
           San Jose, California 95134-1706

 

Cisco IOS Software, C1130 Software (C1130-K9W8-M), Version 12.4(25e)JAP12, RELEASE SOFTWARE (fc3)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2017 by Cisco Systems, Inc.
Compiled Fri 20-Oct-17 23:02 by prod_rel_team


Proceeding with system init

Proceeding to unmask interrupts
Initializing flashfs...

flashfs[2]: 26 files, 8 directories
flashfs[2]: 0 orphaned files, 0 orphaned directories
flashfs[2]: Total bytes: 15740928
flashfs[2]: Bytes used: 5280256
flashfs[2]: Bytes available: 10460672
flashfs[2]: flashfs fsck took 4 seconds.
flashfs[2]: Initialization complete....done Initializing flashfs.

Radio0  present A506 7100 E8000000 A0000000 80000000 3
Rate table has 12 entries (0 SGI/0 BF variants)

Radio1  present A506 6700 E8000100 A0040000 80010000 2
This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.

A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html

If you require further assistance please contact us by sending email to
export@cisco.com.


%Error opening flash:/c1130-rcvk9w8-mx/info (No such file or directory)cisco AIR-LAP1131AG-A-K9 (PowerPCElvis) processor (revision B0) with 27638K/5120K bytes of memory.
Processor board ID FTX1315T21N
PowerPCElvis CPU at 262Mhz, revision number 0x0950
Last reset from power-on
LWAPP image version 8.0.141.32
1 FastEthernet interface
2 802.11 Radio(s)

32K bytes of flash-simulated non-volatile configuration memory.
Base ethernet MAC Address: 00:24:97:6E:2D:74
Part Number                          : 73-8962-14
PCA Assembly Number                  : 800-24818-13
PCA Revision Number                  : A0
PCB Serial Number                    : FOC13142Q02
Top Assembly Part Number             : 800-29230-02
Top Assembly Serial Number           : FTX1315T21N
Top Revision Number                  : A0
Product/Model Number                 : AIR-AP1131AG-A-K9
% Please define a domain-name first.


Press RETURN to get started!


*Mar  1 00:00:05.456: %SOAP_FIPS-2-SELF_TEST_IOS_SUCCESS: IOS crypto FIPS self test passed
*Mar  1 00:00:07.070: %SOAP_FIPS-2-SELF_TEST_RAD_SUCCESS: RADIO crypto FIPS self test passed on interface Dot11Radio 0
*Mar  1 00:00:07.546: %LINK-6-UPDOWN: Interface FastEthernet0, changed state to up
*Mar  1 00:00:08.734: %SOAP_FIPS-2-SELF_TEST_RAD_SUCCESS: RADIO crypto FIPS self test passed on interface Dot11Radio 1
*Mar  1 00:00:08.807: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0, changed state to up
*Mar  1 00:00:08.834: %LWAPP-4-CLIENTEVENTLOG: Read and initialized AP event log (contains, 986 messages)

*Mar  1 00:00:11.116: %SYS-5-RESTART: System restarted --
Cisco IOS Software, C1130 Software (C1130-K9W8-M), Version 12.4(25e)JAP12, RELEASE SOFTWARE (fc3)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2017 by Cisco Systems, Inc.
Compiled Fri 20-Oct-17 23:02 by prod_rel_team
*Mar  1 00:00:11.117: %SNMP-5-COLDSTART: SNMP agent on host AP0024.976e.2d74 is undergoing a cold start
*Mar  1 00:55:23.257: %SSH-5-ENABLED: SSH 2.0 has been enabled
*Mar  1 00:55:23.257: %LINK-6-UPDOWN: Interface Dot11Radio0, changed state to up
*Mar  1 00:55:23.257: %LINK-6-UPDOWN: Interface Dot11Radio1, changed state to up
*Mar  1 00:55:23.493: %LINK-5-CHANGED: Interface Dot11Radio1, changed state to reset
*Mar  1 00:55:23.493: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to resetlwapp_crypto_init: MIC Present and Parsed Successfully

*Mar  1 00:55:24.257: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to down
*Mar  1 00:55:24.257: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio1, changed state to down
*Mar  1 00:55:26.061: %LINEPROTO-5-UPDOWN: Line protocol on Interface BVI1, changed state to up
*Mar  1 00:55:31.383: %DHCP-6-ADDRESS_ASSIGN: Interface BVI1 assigned DHCP address 172.16.10.93, mask 255.255.255.0, hostname AP0024.976e.2d74

*Mar  1 00:55:41.877: Logging LWAPP message to 255.255.255.255.

Translating "CISCO-CAPWAP-CONTROLLER"...domain server (172.16.10.1) [OK]

Translating "CISCO-LWAPP-CONTROLLER"...domain server (172.16.10.1) [OK]

*Mar  1 00:55:52.919: %CAPWAP-5-DHCP_OPTION_43: Controller address 172.16.10.5 obtained through DHCP
*Mar  1 00:55:52.919: %CAPWAP-3-ERRORLOG: Did not get log server settings from DHCP.
*Mar  1 00:55:55.582: %CDP_PD-4-POWER_OK: Full power - NEGOTIATED inline power source
*Mar  1 00:55:56.614: %LINK-6-UPDOWN: Interface Dot11Radio1, changed state to up
*Mar  1 00:55:57.614: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio1, changed state to up
*Mar  1 00:55:57.653: %LINK-6-UPDOWN: Interface Dot11Radio0, changed state to up
*Mar  1 00:55:58.654: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to up
Not in Bound state.

 

The AP recycles and assign itself a new dhcp address each time/cycle...

 

 

 

 

 

 

 

Labels:
0 Helpful
50 Replies 50

srkala
Cisco Employee
Cisco Employee
In response to John Bachman

‎02-19-2019 09:56 AM

John,

From the shared logs the config looks okay. The SN confirms that you are not running into CSCuq19142 which is common in old APs. Although 2 APs will soon hit the cert expiration. For more information see:
https://supportforums.cisco.com/document/12453081/lightweight-ap-fail-create-capwaplwapp-connection-due-certificate-expiration

 

Can you share the output of "show interface summary" from WLC CLI and "show ip int br" from AP CLI. Need to confirm ap manager config from interfaces.

 

-Sri

0 Helpful

John Bachman
Level 1
Level 1
In response to srkala

‎02-19-2019 10:46 AM

Thank you Srkala

 

Here is the print-outs:

 

(Cisco Controller)
User: admin
Password:*********
(Cisco Controller) >show interface summary


 Number of Interfaces.......................... 3

Interface Name                   Port Vlan Id  IP Address      Type    Ap Mgr Gu                                       est
-------------------------------- ---- -------- --------------- ------- ------ --                                       ---
management                       1    10       172.16.10.5     Static  Yes    No                                      
service-port                        N/A  N/A      10.100.10.151   Static  No     No                                      
virtual                                  N/A  N/A      1.1.1.1         Static  No     No                                      

(Cisco Controller) >

 

AP0024.976e.2d74#sh ip interface brief
Interface                  IP-Address      OK? Method Status                Protocol
BVI1                       172.16.20.122   YES DHCP   up                    up
Dot11Radio0                unassigned      NO  unset  up                    up
Dot11Radio1                unassigned      NO  unset  up                    up
FastEthernet0              unassigned      NO  unset  up                    up
AP0024.976e.2d74#

 

 

 

 

0 Helpful

srkala
Cisco Employee
Cisco Employee
In response to John Bachman

‎02-19-2019 11:14 AM

John,


Try to use static IP address on the AP as Leo mentioned earlier. The command is "capwap ap ip address A.B.C.D" and "capwap ap controller ip address 172.16.10.5" from AP CLI.

Is there any firewall between AP and WLC blocking UDP 5246 port ?

0 Helpful

John Bachman
Level 1
Level 1
In response to srkala

‎02-19-2019 12:34 PM

Thank you Srkala,

 

This is a LAB environment for a certification I am doing.  I moved the AP to the 172.16.10.0/24 VLAN to simplify and not to deal with DGW.

 

I was able to set the static IP using the capwap command, but once it's set, the same errors comes up, the AP forces itself onto DHCP, and then reboots:

 

AP0024.976e.2d74#capwap ap ip address 172.16.10.110 255.255.255.0
You should configure Domain and Name Server from controller CLI/GUI.
AP0024.976e.2d74#capwap ap controller ip address 172.16.10.5


sh run | begin username

username Cisco secret 5 $1$J9Cy$w9NnSwTWn.x3Fw0z0dgqs.
!
!
ip ssh version 2
!
!
interface Dot11Radio0
 no ip route-cache
 mbssid
 power local -1
 power client local
 packet retries 64 drop-packet
 no cdp enable
!
interface Dot11Radio1
 no ip route-cache
 peakdetect
 mbssid
 power local -1
 power client local
 packet retries 64 drop-packet
 no cdp enable
!
interface FastEthernet0
 no ip route-cache
 duplex auto
 speed auto
!
interface BVI1
 ip address 172.16.10.110 255.255.255.0
 no ip route-cache
!
no ip http server
logging trap emergencies
logging origin-id string AP:0024.976e.2d74
logging facility kern
logging snmp-trap notifications
logging snmp-trap informational
logging snmp-trap debugging
logging 255.255.255.255
!
control-plane
!
!
line con 0
line vty 0 4
 transport input none
line vty 5 15
 transport input none
!
end

 

AP0024.976e.2d74#
*Mar  1 00:08:34.682: %CAPWAP-3-STATIC_TO_DHCP_IP: Could not discover WLC using static IP. Forcing AP to use DHCP.
*Mar  1 00:08:39.695: %CAPWAP-3-ERRORLOG: Invalid event 38 & state 2 combination.
*Mar  1 00:08:39.815: %DHCP-6-ADDRESS_ASSIGN: Interface BVI1 assigned DHCP address 172.16.10.119, mask 255.255.255.0, hostname AP0024.976e.2d74

Translating "CISCO-CAPWAP-CONTROLLER"...domain server (172.16.10.1) [OK]

Translating "CISCO-LWAPP-CONTROLLER"...domain server (172.16.10.1) [OK]

*Mar  1 00:08:45.689: %CAPWAP-5-DHCP_OPTION_43: Controller address 172.16.10.5 obtained through DHCP
*Mar  1 00:08:45.689: %CAPWAP-3-ERRORLOG: Did not get log server settings from DHCP.
Not in Bound state.
*Mar  1 00:09:31.705: %CAPWAP-3-DHCP_RENEW: Could not discover WLC using DHCP IP. Renewing DHCP IP.
*Mar  1 00:09:36.711: %CAPWAP-3-ERRORLOG: Invalid event 38 & state 2 combination.
*Mar  1 00:09:36.831: %DHCP-6-ADDRESS_ASSIGN: Interface BVI1 assigned DHCP address 172.16.10.120, mask 255.255.255.0, hostname AP0024.976e.2d74


Writing out the event log to nvram...

*Mar  1 00:09:42.784: %SYS-5-RELOAD: Reload requested by CAPWAP CLIENT. Reload Reason: Could not discover WLC using DHCP IP address, Reload to use static IP.
*Mar  1 00:09:42.787: %LWAPP-5-CHANGED: CAPWAP changed state to DOWN
AP0024.976e.2d74#Xmodem file system is available.
flashfs[0]: 25 files, 8 directories
flashfs[0]: 0 orphaned files, 0 orphaned directories
flashfs[0]: Total bytes: 15998976
flashfs[0]: Bytes used: 5217280
flashfs[0]: Bytes available: 10781696
flashfs[0]: flashfs fsck took 30 seconds.
Base ethernet MAC Address: 00:24:97:6e:2d:74
Initializing ethernet port 0...
Reset ethernet port 0...
Reset done!
ethernet link up, 100 mbps, full-duplex
Ethernet port 0 initialized: link is up
Loading "flash:/c1130-k9w8-mx.124-25e.JAP12/c1130-k9w8-mx.124-25e.JAP12"...#######################################################################################################################################

 

 

here is a simple diagram of the environment, no firewall:

 

2019-02-19 15_20_51-vWLAN.vsdx - Visio Professional.png

 

0 Helpful

Jurgens L
Level 3
Level 3
In response to John Bachman

‎02-19-2019 04:01 PM

Hi John,

 

Just to double check, did you enable Promiscuous mode under your network settings for your vWLC?

 

Step 14 to 18 as per the guide below.

https://www.cisco.com/c/en/us/td/docs/wireless/technology/mesh/8-2/b_Virtual_Wireless_LAN_Controller_Deployment_Guide_8-2.html#id_10331

 

0 Helpful

John Bachman
Level 1
Level 1
In response to Jurgens L

‎02-19-2019 05:59 PM

Yes I did, it was a requirement per my training class, I will check it again, thank you Jurgens
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card