01-22-2013 04:38 AM - edited 07-03-2021 11:23 PM
All, have anyone encounter this before??
XXXXX01#sh arp | inclu acf2.c585.71b5
Internet 10.80.1.17 0 acf2.c585.71b5 ARPA GigabitEthernet0/1
Internet 10.80.1.24 1 acf2.c585.71b5 ARPA GigabitEthernet0/1
Internet 10.80.1.72 4 acf2.c585.71b5 ARPA GigabitEthernet0/1
Internet 10.80.4.222 42 acf2.c585.71b5 ARPA GigabitEthernet0/1
Internet 10.80.4.252 9 acf2.c585.71b5 ARPA GigabitEthernet0/1
Internet 10.80.4.254 26 acf2.c585.71b5 ARPA GigabitEthernet0/1
!
!
Background:
Add 6 thin Access Points at a remote location to our centrally managed controller.
AP model: 1142 connected to a 3560 PoE access port.
All of the above IP addresses except the first one is reachable by ping...
When I try to telnet/ssh to each of the reachable IP addresses, it takes forever until: "connection refused" is returned.
I have google the problem, asked friends... I have asked "everyone" my last hope is whith you now.... any ideas what cause this "feature" to appear?
Have asked the LCON (and he have done it) to move the APs to a different switch, and of course to different ports also this happens on all 6 of the APs, the only differences is that some "only" receives 4 IP addresses (2 on each subnet) others receives 2...
01-22-2013 05:43 AM
Indeed odd.
First lets look at the arp times. You notice they are different with different ip addresses. It's almost like the ap rebooted and got a new ip each time.
What are you use for a dhcp server and is there anything funky like lease times mess up ?
Is the ap rebooting, check the switch on the log
Is the aps joined to the wlc ?
Sent from Cisco Technical Support iPad App
01-22-2013 05:55 AM
"What are you use for a dhcp server and is there anything funky like lease times mess up" - They are using 2 MS DHCP servers (/16 network), server 1 servicing 10.80.1.0 > 10.80.3.254, server 2 10.80.4.0 > 10.80.5.254
It is "a bit" odd network design since that each of the servers points to the same DG and yes - of course - no vlan`s has been configured...
I/we are not managing the LAN....
No, none of the APs has been able to join the controller.
I will run RDP tomorrow to a local PC and connect a console cable to one of the APs and monitor what happens when the AP boot up, will post the result here tomorrow!
01-22-2013 06:01 AM
So here is what I think is happening ..
1. Your aps aren't joining the wlc which means after they exhaust their tries they reboot. When they reboot they ask for another ip and the dhcp is handing them the ips. Why the funky ip assignment? Not sure but get back to basics and point to only 1 dhcp server. Also test the LAN side with a device and see what happens when you connect and disconnect.
2. What means are you using for the ap to find the wlc ?
Sent from Cisco Technical Support iPad App
01-22-2013 05:44 AM
Can you post the show run of the port the ap is attached to?
Also are you using heap ?
Sent from Cisco Technical Support iPad App
01-24-2013 04:59 AM
The problem/issue was solved by connecting to each of the APs via a local PC (RDP).
I did collect the following information (AP booting process):
!
*Mar 1 00:00:08.559: *** CRASH_LOG = YES
Base Ethernet MAC address: AC:F2:C5:85:72:21
*Mar 1 00:00:08.993: %LWAPP-3-CLIENTERRORLOG: Config load from flash failed. Initialising Cfg
*Mar 1 00:00:10.589: %LINK-6-UPDOWN: Interface GigabitEthernet0, changed state to up
*Mar 1 00:00:11.713: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0, changed state to up
*Mar 1 00:00:11.993: %SYS-5-RESTART: System restarted --
Cisco IOS Software, C1140 Software (C1140-RCVK9W8-M), Version 15.2(2)JA, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2012 by Cisco Systems, Inc.
Compiled Thu 23-Aug-12 04:49 by prod_rel_teamlwapp_crypto_init: MIC Present and Parsed Successfully
*Mar 1 00:00:13.004: %LINEPROTO-5-UPDOWN: Line protocol on Interface BVI1, changed state to up
*Mar 1 00:00:17.042: %CDP_PD-2-POWER_LOW: All radios disabled - INJECTOR_DETECTED_PD AIR-AP1242AG-E-K9 (0000.0000.0000)
APacf2.c585.7221>
no bridge-group 1 source-learning
^
% Invalid input detected at '^' marker.
%Default route without gateway, if not a point-to-point interface, may impact performanceen
capwap process not yet started.Please execute enable command again
APacf2.c585.7221>en
capwap process not yet started.Please execute enable command again
APacf2.c585.7221>
*Mar 1 00:00:45.692: %DHCP-6-ADDRESS_ASSIGN: Interface BVI1 assigned DHCP address 10.80.4.105, mask 255.255.0.0, hostname APacf2.c585.7221
Translating "CISCO-CAPWAP-CONTROLLER.XXXXX.XXXXXXXX.XXX"...domain server (10.80.61.22)
*Mar 1 00:00:56.574: %CAPWAP-3-ERRORLOG: Did not get log server settings from DHCP.
*Mar 1 00:00:59.578: %CAPWAP-3-ERRORLOG: Could Not resolve CISCO-CAPWAP-CONTROLLER.XXXXX.XXXXXXXX.XXX
Not in Bound state.
*Mar 1 00:01:55.088: %CAPWAP-3-DHCP_RENEW: Could not discover WLC using DHCP IP. Renewing DHCP IP.
*Mar 1 00:01:58.101: %CAPWAP-3-ERRORLOG: Invalid event 38 & state 2 combination.
*Mar 1 00:01:58.218: %DHCP-6-ADDRESS_ASSIGN: Interface BVI1 assigned DHCP address 10.80.4.105, mask 255.255.0.0, hostname APacf2.c585.7221
Translating "CISCO-CAPWAP-CONTROLLER.XXXX.XXXXXX.XXX"...domain server (10.80.61.22)
*Mar 1 00:02:05.090: %CAPWAP-3-ERRORLOG: Did not get log server settings from DHCP.
*Mar 1 00:02:08.094: %CAPWAP-3-ERRORLOG: Could Not resolve CISCO-CAPWAP-CONTROLLER.XXXXX.XXXXXXXX.XXX
APacf2.c585.7221>en
Password:
APacf2.c585.7221#capwap ap ip address 10.80.65.3 255.255.0.0
You should configure Domain and Name Server from controller CLI/GUI.
APacf2.c585.7221#
*Mar 1 00:02:30.002: %CAPWAP-3-ERRORLOG: Invalid event 38 & state 2 combination.
APacf2.c585.7221#capwap ap controller ip address 10.78.254.190
APacf2.c585.7221#ping
*Mar 1 00:03:08.097: %CAPWAP-3-ERRORLOG: Go join a capwap controller
examining image...!
One of the problem/issues was (and still is apperantly) that the controller has not been properly configured on our internal DNS servers (or that DHCP/DNS servers on the local site is having problem with the DNS transfer). But as you all can see: the AP does only "get" one IP address, but when checking the arp table of the router on the site it stills shows 4 IP addresses. Well I guess the lesson here is: when this happens, login to the AP via an serial cable and configure the AP.....
01-24-2013 05:48 AM
That is normal. When a LAP boots it gets an IP address. It will then go through the process of discovering the WLC. If the AP does not discover a WLC it reboots. When that LAP boots up again it will request another address and mark the other address dirty. MS dhcp will see this and mark that address as bad.
So lesson learned is not to plug APs in a live environment subnet or else you will run out of addresses. I have seen this!
Like George mentioned, use one of the options at least for the AP to discover the WLC. I don't think it's still requesting 4 IP address. You have to clear the arp table or wait for the arp to clear after the default time.
Sent from Cisco Technical Support iPhone App
01-24-2013 09:08 AM
Hmmm.. Interesting thing here is.. The aps are getting the ip on the BVI interface.. Which means its trying to come up as a bridge or mesh ap.. So.. Please add the base ethernet mac address of the AP on the WLC in security>> ap policies tab
Make sure u just hv one country code enaled on the wlc and should be matching that of the AP
Lemme know how this works out!!
Regards
Surendra
Sent from Cisco Technical Support iPhone App
01-24-2013 09:11 AM
Aps are not getting enough power as well.. Please use a power supply or use max power on POE
Sent from Cisco Technical Support iPhone App
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide