Introduction
This document discuss about how to resolve the issues on getting the 600 Series OfficeExtend Access Points (AIR-OEAP600) registered to 5508 Wireless LAN Controller.
Unable to register Aironet 600 AP to 5508 WLC
First check if any data encryption licence installed. To find that from the WLC CLI, issue the following commands
Config paging disable
Show run-config
- Try to Join OEAP 600 with the WLC on the local network and not via the internet.
- Make sure UDP ports 5246 and 5247 are open on firewall to allow CAPWAP data.
Show license all
Here is the output:
(Cisco Controller) >Show license all
License Store: Primary License Storage
StoreIndex: 0 Feature: base Version: 1.0
License Type: Permanent
License State: Active, Not in Use
License Count: Non-Counted
License Priority: Medium
License Store: Primary License Storage
StoreIndex: 1 Feature: base-ap-count Version: 1.0
License Type: Permanent
License State: Active, In Use
License Count: 12 /10 (Active/In-use)
License Priority: Medium
License Store: Evaluation License Storage
StoreIndex: 0 Feature: base-ap-count Version: 1.0
License Type: Evaluation
License State: Inactive
Evaluation total period: 8 weeks 4 days
Evaluation period left: 8 weeks 4 days
License Count: 500 / 0 (Active/In-use)
License Priority: None
Now to resolve this issue, DTLS license needs to be installed.
Follow the steps below to Obtain a Data DTLS License:
Step 1 - Browse to http://cisco.com/go/license
Step 2 - On the Product License Registration page, choose Licenses Not Requiring a PAK.
Step 3 - Choose Cisco Wireless Controllers DTLS License under Wireless.
Step 4 - Complete the remaining steps to generate the license file.
The license will be provided online or via email.
If the issue persists after installing the DTLS license, grab the message log
from the OEAP AP and run the following debugs from the WLC CLI
Debug mac addr <Mac address of OEAP>
Debug capwap events enable
Debug capwap errors enable
The Debug output is as shown below:
*spamApTask5: May 07 17:03:56.167: %LWAPP-3-VALIDATE_ERR: spam_lrad.c:9649 Validation of
SPAM_VENDOR_SPECIFIC_PAYLOAD failed - AP ec:c8:82:c3:f9:80
*spamApTask5: May 07 17:03:56.167: %LWAPP-3-RD_ERR8: spam_lrad.c:9795 Country code (CN)
not configured for AP ec:c8:82:c3:f9:80
It looks like the WLC isn't allowing it to connect since the country code isn't configured. To configure country code, go to Wireless -> Country and enable the country code for the OEAP AP.
OEAP AP unable to join WLC across WAN
Follow the steps below to resolve the issue:
- Check the IP connectivity between WLC from AP, use ping to confirm..
- Login to OEAP and collect the logs from logs section.
- Run the following commands on WLC
# debug capwap events enable
# debug capwap errors enable
From WLC GUI navigate to Monitor > AP statistics > select the AP name.
This will show last successful or unsuccessful attempt of AP join.
From logs it was shown that AP is not able to join because of regulatory domain mismatch.
However this was not right as the country was set correctly and regulatory domain was right.
*spamApTask1: Oct 13 18:45:53.289: e0:5f:b9:de:f5:c0 Regulatory Domain Mismatch: AP e0:5f:b9:de:f5:c0 not allowed to join. Regulatory Domain check failed -
The resolution for this bug is to upgrade WLC code. Once you upgrade the AP join issue on OEAP will be resolved.
This is documented in the Cisco internal Bug
| Known Affected Releases: | (1) |
but fixed in
Summary
If OEAP is unable to fully join the WLC try the following solution.
- Install the DTLS license.
- upgrade the WLC code
Related Information
