Buy or Renew
Buy or Renew
Cisco Virtual Engineer generative AI bot now active in Wireless Discussion Forum. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
855
Views
0
Helpful
3
Replies

H-REAP enabled AP Doesn't join HQ Controller

john smith
Level 1
Level 1

‎10-14-2012 11:56 PM - edited ‎07-03-2021 10:49 PM

Hello Friends,

i have configured cisco LAP1240 in H-Reap Mode for multiple branch offices with Local switching and central authentication.

one of the branch's AP does not join the controller in HQ while the others are all ok.

i have firewall only in HQ,

i did priming first for all APs like let them join the controller and configure controller IP in high availbility, and H-Reap config and assign SSID to map with the branch local vlan.

when i faced this issue first time i brought back ap and configure a static IP address for AP than recheck them again but the problem still same.

since i have only one firewall in the network and also other branches joined the controller through that firewall and no issues.

any help please?

Thanks

Labels:
0 Helpful
3 Replies 3

Scott Fella
Hall of Fame
Hall of Fame

‎10-15-2012 02:59 AM

A good test would be to take that ap to another site that is working and see if it joins.  That would tell you if your FW is maybe blocking udp 5246/5247 or udp 12222/12223 from that particular site.  Also, if you console into the AP, what do you see... do you see an initial join or not.

Thanks,

Scott

Help out other by using the rating system and marking answered questions as "Answered"

-Scott
*** Please rate helpful posts ***
0 Helpful

Peter Nugent
Cisco Employee
Cisco Employee
In response to Scott Fella

‎10-15-2012 06:12 AM

It is worth checking that the ap is the correct rugulatory domain for the controller, just incase.

0 Helpful

Sebastian Helmer
Level 5
Level 5
In response to Peter Nugent

‎10-15-2012 11:36 AM

You could  try to debug that on the WLC to see if the AP tries to joind the WLC so Firewall etc. is not the problem and to see maybe where the problem exactly is.

debug lwapp events enable

—Shows discovery packets and join packets.

debug lwapp packet enable— Shows packet level information of the discovery and join packets.


debug pm pki enable—Shows certificate validation process.


debug disable-all—Turns off debugs#


    From: http://www.cisco.com/en/US/products/ps6366/products_tech_note09186a00808f8599.shtml

    0 Helpful
    Getting Started

    Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

    Customers Also Viewed These Support Documents
    Review Cisco Networking products for a $25 gift card