03-09-2009 02:23 PM - edited 07-03-2021 05:17 PM
I have some 1130ag lwapp's that cannot reach the controller for some reason. They are located in a remote building connected via a ds3 circuit. The AP is getting a dhcp address via a scope built on a 3560 switch, here is the scope.
ip dhcp pool APScope
network 192.168.201.0 255.255.255.0
default-router 192.168.201.3
option 60 ascii "Cisco AP c1130"
option 43 hex f104.aa63.c736
When I debug dhcp events on the switch, I see the ap get an address, then I see it release, then reboot, then get another address. This just continues.
I am able to plug a pc into the port and get a valid ip address, then I am able to ping the WLC. So it appears the routing is working correctly.
I am running 4.2.176 on the controller. These Ap's are brand new never used anywhere else.
This is the config of the interface on the router as well.
interface GigabitEthernet2/0.301
encapsulation dot1Q 301
ip address 192.168.201.3 255.255.255.0
no ip redirects
ip load-sharing per-packet
arp timeout 1200
HELP! Thanx
03-09-2009 03:07 PM
AP is "located in a remote building connected via a ds3 circuit."
I presume that WLC is NOT co-located with this AP? If so, console into the AP and try the command "lwapp ap controller ip address
I know that you've configured Option 43/60 but try this and see if this works.
Hope this works.
03-09-2009 03:34 PM
I will try this. Also, does the option 43 address need to be the management address of the controller, or the ap manager address?
Here is another question. I have my controller management and ap manager address setup on the same subnet. This subnet is on vlan 199, which is not the native vlan. The interfaces on the controller are set for vlan 199. The switch is passing vlan 199.
Should the management and ap manager be on the native vlan? If so, then I could set the switch to show switchport trunk native vlan 199 and change the controller to 0.
Seth
03-09-2009 04:57 PM
Q: Also, does the option 43 address need to be the management address of the controller, or the ap manager address?
A: This should be the Management IP Address. The AP-Manager is not ping-able and is used predominantly between the WLC and the AP after the AP has joined.
Q: Should the management and ap manager be on the native vlan?
A: You can configure both the Management and AP-Manager on the same VLAN.
03-09-2009 05:30 PM
The Management and the AP-manager are both already on the same vlan.
They are not however on the native vlan. The question is, should then be on the native vlan?
Seth
03-09-2009 10:23 PM
If they are both in the same VLAN, then they must be in the same Native VLAN.
03-10-2009 07:05 AM
They are both now in the native vlan.
Here is the output from the LWAPP while it is booting up.
*Mar 1 00:00:25.305: %LWAPP-5-CHANGED: LWAPP changed state to DISCOVERY
*Mar 1 00:00:40.443: %DHCP-6-ADDRESS_ASSIGN: Interface FastEthernet0 assigned DHCP address 192.168.201.75, mask 255.255.255.0, hostname AP0021.a0d5.fe10
*Mar 1 00:00:56.715: LWAPP_CLIENT_ERROR_DEBUG: spamHandleDiscoveryTimer : Found the discovery response from MASTER Mwar
*Mar 1 00:00:56.724: %LWAPP-5-CHANGED: LWAPP changed state to JOIN
*Mar 1 00:01:01.724: LWAPP_CLIENT_ERROR_DEBUG: spamHandleJoinTimer: Did not recieve the Join response
*Mar 1 00:01:01.724: LWAPP_CLIENT_ERROR_DEBUG: No more AP manager IP addresses remain.
Any suggestions?
03-10-2009 08:01 AM
I have run the following debug's on the contoller
debug pm pki enable
debug mac addr [ap's mac address]
The controller is not showing anything. It seems the ap's join request is not getting to the WLC.
I also noticed that I cannot ping the AP from the controller, or from the switch the ap scope is on. Not sure if the AP will respond to pings while it is attempting to get to the controller.
03-10-2009 08:05 AM
*Mar 1 00:01:01.724: LWAPP_CLIENT_ERROR_DEBUG: No more AP manager IP addresses remain.
This normally means that you're out of space on your controller, or specifically your AP Manager interface. How many access points do you have on it?
03-10-2009 10:58 AM
The controller is a 4404-100 and it only currently has 12 ap's on it in another building.
Seth
03-10-2009 01:52 PM
Ok, I tried the lwapp ap controller ip address command and that seems to have helped get the lwapp packet to the controller. However, the response packets do not seem to make it back to the ap. Here is the output of the controller debugs.
(Cisco Controller) >Tue Mar 10 20:46:23 2009: 00:21:a0:d5:fd:18 Received LWAPP D
ISCOVERY REQUEST from AP 00:21:a0:d5:fd:18 to 00:24:97:3c:33:20 on port '29'
Tue Mar 10 20:46:23 2009: Start of Packet
Tue Mar 10 20:46:23 2009: Ethernet Source MAC (LRAD): 00:21:A0:D5:FD:18
Tue Mar 10 20:46:23 2009: Msg Type :
Tue Mar 10 20:46:23 2009: DISCOVERY_REQUEST
Tue Mar 10 20:46:23 2009: Msg Length : 21
Tue Mar 10 20:46:23 2009: Msg SeqNum : 0
Tue Mar 10 20:46:23 2009:
IE : UNKNOWN IE 58
Tue Mar 10 20:46:23 2009: IE Length : 1
Tue Mar 10 20:46:23 2009: Decode routine not available, Printing Hex Dump
Tue Mar 10 20:46:23 2009: 00000000: 01
.
Tue Mar 10 20:46:23 2009:
IE : RAD_PAYLOAD
Tue Mar 10 20:46:23 2009: IE Length : 14
Tue Mar 10 20:46:23 2009: H/W Version : 1
Tue Mar 10 20:46:23 2009: H/W Release : 0
Tue Mar 10 20:46:23 2009: H/W Maint : 0
Tue Mar 10 20:46:23 2009: H/W Build : 0
Tue Mar 10 20:46:23 2009: S/W Version : 3
Tue Mar 10 20:46:23 2009: S/W Release : 0
Tue Mar 10 20:46:23 2009: S/W Maint : 51
Tue Mar 10 20:46:23 2009: S/W Build : 0
Tue Mar 10 20:46:23 2009: Boot Version : 12
Tue Mar 10 20:46:23 2009: Boot Release : 3
Tue Mar 10 20:46:23 2009: Boot Maint : 8
Tue Mar 10 20:46:23 2009: Boot Build : 0
Tue Mar 10 20:46:23 2009: numSlots : 0
Tue Mar 10 20:46:23 2009: numFilledSlots : 0
Tue Mar 10 20:46:23 2009: End of Packet
Tue Mar 10 20:46:23 2009: 00:21:a0:d5:fd:18 Successful transmission of LWAPP Dis
covery Response to AP 00:21:a0:d5:fd:18 on port 29
Seth
03-10-2009 02:40 PM
Hi Seth,
Any result? Is it still not joining?
Have a read of this link:
Troubleshoot a Lightweight Access Point Not Joining a Wireless LAN Controller
http://www.cisco.com/en/US/products/ps6366/products_tech_note09186a00808f8599.shtml
03-11-2009 06:51 AM
I still cannot get any ap's to register with the controller. I have over 30 ap's at this remote location and none of them are getting to the controller.
On one of them, I added this command to the AP - lwapp ap controller ip address and I am now seeing the Discovery request get to the WLC and a response being sent from the WLC, but it never gets to the AP.
03-11-2009 07:53 AM
03-11-2009 03:14 PM
Seth,
Before you sent your AP off-site, did you prime them?
When the AP's get an IP Address, can you ping and traceroute the WLC Management IP Address?
Are there any firewalls present between the AP's and the WLC?
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: