12-13-2012 05:09 AM - edited 07-03-2021 11:13 PM
Hello everyone -
We have a 5508 controller that manages AP's at approximately 20 branches - each branch has their own subnet. We have a single branch (subnet) with new 2602 AP's that will not register with the controller. All communications to this subnet appear normal and there are no ACL's in place between the AP's and the controller. The AP's are able to resolve the controller IP address via DNS and begin the registration process but then timeout. We have successfully installed 2602 AP's at other branch locations and they register with no problems - this is only a problem at a single branch. I've attached some debug messages below for a single AP (this is a production environment so I parsed un-necessary info) and also included the console messages from a different AP (the console messages on the AP's are the same). There are currently 9 AP's at this location and none of them will register. Any ideas??
Debug Capwap Events:
*spamApTask0: Dec 11 14:39:32.904: 44:2b:03:9a:d1:10 Discovery Request from 10.29.9.190:44306
*spamApTask0: Dec 11 14:39:32.904: 44:2b:03:9a:d1:10 Join Priority Processing status = 0, Incoming Ap's Priority 1, MaxLrads = 300, joined Aps =272
*spamApTask0: Dec 11 14:39:32.904: 44:2b:03:9a:d1:10 Discovery Response sent to 10.29.9.190:44306
*spamApTask0: Dec 11 14:39:32.904: 44:2b:03:9a:d1:10 Discovery Response sent to 10.29.9.190:44306
*spamApTask0: Dec 11 14:39:32.992: 44:2b:03:9a:d1:10 Received LWAPP DISCOVERY REQUEST to 68:ef:bd:8e:48:6f on port '13'
*spamApTask0: Dec 11 14:39:32.992: 44:2b:03:9a:d1:10 Discarding discovery request in LWAPP from AP supporting CAPWAP
*spamApTask0: Dec 11 14:39:42.903: 44:2b:03:9a:d1:10 DTLS connection not found, creating new connection for 10:29:9:190 (44306) 10:5:13:4 (5246)
*spamApTask0: Dec 11 14:57:52.301: e8:ba:70:dc:d1:c0 DTLS connection closed event receivedserver (10:5:13:4/5246) client (10:29:9:190/44306)
*spamApTask0: Dec 11 14:57:52.301: e8:ba:70:dc:d1:c0 No entry exists for AP (10:29:9:190/44306)
*spamApTask0: Dec 11 14:57:52.301: e8:ba:70:dc:d1:c0 No AP entry exist in temporary database for 10.29.9.190:44306
*spamApTask0: Dec 11 14:57:53.828: 44:2b:03:9a:d1:10 Discovery Request from 10.29.9.190:44306
*spamApTask0: Dec 11 14:57:53.828: 44:2b:03:9a:d1:10 Join Priority Processing status = 0, Incoming Ap's Priority 1, MaxLrads = 300, joined Aps =272
*spamApTask0: Dec 11 14:57:53.828: 44:2b:03:9a:d1:10 Discovery Response sent to 10.29.9.190:44306
*spamApTask0: Dec 11 14:57:53.828: 44:2b:03:9a:d1:10 Discovery Response sent to 10.29.9.190:44306
*spamApTask0: Dec 11 14:57:53.916: 44:2b:03:9a:d1:10 Received LWAPP DISCOVERY REQUEST to 68:ef:bd:8e:48:6f on port '13'
*spamApTask0: Dec 11 14:57:53.916: 44:2b:03:9a:d1:10 Discarding discovery request in LWAPP from AP supporting CAPWAP
*spamApTask0: Dec 11 14:58:03.824: 44:2b:03:9a:d1:10 DTLS connection not found, creating new connection for 10:29:9:190 (44306) 10:5:13:4 (5246)
Debug Capwap Errors:
*spamApTask0: Dec 11 15:17:33.715: e8:ba:70:dc:d1:c0 Deleting AP 10.29.9.190 which has not been plumbed
*spamApTask0: Dec 11 15:17:33.716: e8:ba:70:dc:d1:c0 DTLS connection was closed
Debug Capwap Details:
*spamApTask0: Dec 11 15:24:29.419: 44:2b:03:9a:d1:10 CAPWAP Control Msg Received from 10.29.9.190:44306
*spamApTask0: Dec 11 15:24:35.542: 44:2b:03:9a:d1:10 CAPWAP Control Msg Received from 10.29.9.190:44306
*spamApTask0: Dec 11 15:24:41.555: 44:2b:03:9a:d1:10 CAPWAP Control Msg Received from 10.29.9.190:44306
*spamApTask0: Dec 11 15:24:49.555: 44:2b:03:9a:d1:10 CAPWAP Control Msg Received from 10.29.9.190:44306
*spamApTask0: Dec 11 15:25:29.420: 44:2b:03:9a:d1:10 CAPWAP Control Msg Received from 10.29.9.190:44306
*spamApTask0: Dec 11 15:25:29.420: 44:2b:03:9a:d1:10 DTLS connection 0x1a1703c8 closed by controller
*spamApTask0: Dec 11 15:25:29.421: CAPWAP DTLS connection closed msg
AP Console log:
Translating "CISCO-CAPWAP-CONTROLLER.ad.pps.k12.va.us"...domain server (10.29.8.3)
*Mar 1 00:00:57.511: %CAPWAP-3-ERRORLOG: Did not get log server settings from DHCP. [OK]
*Mar 1 00:01:10.511: %CAPWAP-3-ERRORLOG: Go join a capwap controller
*Dec 11 16:05:56.000: %CAPWAP-5-DTLSREQSEND: DTLS connection request sent peer_ip: 10.5.13.4 peer_port: 5246
*Dec 11 16:06:17.495: %CDP_PD-2-POWER_LOW: All radios disabled - NEGOTIATED WS-C3560E-24PD (68bc.0c03.8015)
*Dec 11 16:06:28.231: DTLS_CLIENT_ERROR: ../capwap/base_capwap/dtls/base_capwap_dtls_connection_db.c:2051 Max retransmission count reached!
logging facility kern
^
% Invalid input detected at '^' marker.
logging trap emergencies
^
% Invalid input detected at '^' marker.
logging facility kern
^
% Invalid input detected at '^' marker.
logging trap emergencies
^
% Invalid input detected at '^' marker.
*Dec 11 16:06:55.999: %DTLS-5-SEND_ALERT: Send FATAL : Close notify Alert to 10.5.13.4:5246
*Dec 3 16:06:55.999: %LWAPP-3-CLIENTERRORLOG: LWAPP LED Init: incorrect led state 255
*Dec 11 16:07:06.367: %CAPWAP-3-ERRORLOG: Go join a capwap controller
*Dec 11 16:07:07.000: %CAPWAP-5-DTLSREQSEND: DTLS connection request sent peer_ip: 10.5.13.4 peer_port: 5246
*Dec 11 16:07:39.151: DTLS_CLIENT_ERROR: ../capwap/base_capwap/dtls/base_capwap_dtls_connection_db.c:2051 Max retransmission count reached!
logging facility kern
^
% Invalid input detected at '^' marker.
logging trap emergencies
^
% Invalid input detected at '^' marker.
logging facility kern
^
% Invalid input detected at '^' marker.
logging trap emergencies
^
% Invalid input detected at '^' marker.
*Dec 11 16:08:06.999: %DTLS-5-SEND_ALERT: Send FATAL : Close notify Alert to 10.5.13.4:5246
*Dec 11 16:08:06.999: %LWAPP-3-CLIENTERRORLOG: LWAPP LED Init: incorrect led state 255
*Dec 11 16:08:17.367: %CAPWAP-3-ERRORLOG: Go join a capwap controller
*Dec 11 16:08:17.000: %CAPWAP-5-DTLSREQSEND: DTLS connection request sent peer_ip: 10.5.13.4 peer_port: 5246
Solved! Go to Solution.
12-14-2012 09:17 AM
UDP 5247 is used for data messages. UDP 5246 is used for control messages. These are similar to LWAPP UDP 12222 & 12223.
Sent from Cisco Technical Support iPhone App
12-15-2012 08:25 AM
Good job guys... I guess I assume that there was only one WLC because it wasn't mentioned:) hehe
Sent from Cisco Technical Support iPhone App
12-17-2012 04:59 AM
Hey Guys -
Yes, there is another controller (4400) still in play here - due to be retired in the next few weeks. At this stage the 4400 controller is not servicing any AP's or clients. I didn't realize until these postings that the 4400 is still listed as the primary controller with the 5508 as the secondary in the template for LWAP's. While this is an issue, I am not sure this is the overall problem. The log I posted Friday was from an AP that was registered centrally first and then taken on site (and due to the template configuration it is now looking for the 4400 first) but you'll also note that when it can't get the config from the 4400 it fails trying to get to the 5508 - which was the initial problem. Any new AP's coming online are looking at the 5508 controller first (because our DNS emtry for CISCO-LWAPP-CONTROLLER) and again this has worked at all sites except this one. The other sites have identical AP's.
To be sure this 4400 isn't causing any issues I have updated our LWAP template so the 5508 controller is listed as the primary (and only) controller. I will bring the AP back to our central location, reset it to factory defaults, and let it register again to obtain the updated template. I will then take it back on site and post the logs.
Thanks for all of the continued help with this issue.
12-17-2012 05:02 AM
The DNS is wrong. CISCO-LWAPP-CONTROLLER is for LWAPP imaged APs. The 2602 is CAPWAP and requires this for DNS: CISCO-CAPWAP-CONTROLLER
So change your DNS entry and that should fix it.
Sent from Cisco Technical Support iPhone App
12-17-2012 05:06 AM
We already have entries for both CISCO-LWAPP-CONTROLLER and CISCO-CAPWAP-CONTROLLER and both point to the 5508 controller - I just didn't mention both. Sorry for any confusion.
12-17-2012 05:22 AM
If the 4400 is part of the mobility group then the ap is trying to join that because it doesn't have any AP's associated to it. If the AP is up, you can ssh to it and issues capwap ap controller IP address
Sent from Cisco Technical Support iPhone App
12-17-2012 08:08 AM
No, the 4400 is no longer part of the mobility group. And, to ensure the current issue isn't clouded by the 4400 being out there, I have removed it completely from our network so it no longer exists.
I brought the AP back to our central location, allowed it to join with the controller (which it did successfully) and took it back out to the remote location. Unfortunately the original problem still exists - the AP at the remote site will not register. See the most recent bootup log below. The AP tries to join the controller, timesout and repeats...
IOS Bootloader - Starting system.
flash is writable
FLASH CHIP: Numonyx Mirrorbit (0089)
Xmodem file system is available.
flashfs[0]: 37 files, 9 directories
flashfs[0]: 0 orphaned files, 0 orphaned directories
flashfs[0]: Total bytes: 31997952
flashfs[0]: Bytes used: 18267648
flashfs[0]: Bytes available: 13730304
flashfs[0]: flashfs fsck took 18 seconds.
Reading cookie from SEEPROM
Base Ethernet MAC address: 44:2b:03:9a:dd:00
Ethernet speed is 1000 Mb - FULL Duplex
Loading "flash:/ap3g2-k9w8-mx.152-2.JA/ap3g2-k9w8-mx.152-2.JA"...#########################
File "flash:/ap3g2-k9w8-mx.152-2.JA/ap3g2-k9w8-mx.152-2.JA" uncompressed and installed, entry point: 0x2003000
executing...
Secondary Bootloader - Starting system.
Xmodem file system is available.
flashfs[0]: 37 files, 9 directories
flashfs[0]: 0 orphaned files, 0 orphaned directories
flashfs[0]: Total bytes: 31997952
flashfs[0]: Bytes used: 18267648
flashfs[0]: Bytes available: 13730304
flashfs[0]: flashfs fsck took 8 seconds.
Reading cookie from SEEPROM
Base Ethernet MAC address: 44:2b:03:9a:dd:00
Boot CMD: 'boot flash:/ap3g2-k9w8-mx.152-2.JA/ap3g2-k9w8-xx.152-2.JA;flash:/ap3g2-k9w8-mx.152-2.JA/ap3g2-k9w8-xx.152-2.JA'
Loading "flash:/ap3g2-k9w8-mx.152-2.JA/ap3g2-k9w8-xx.152-2.JA"...############################
File "flash:/ap3g2-k9w8-mx.152-2.JA/ap3g2-k9w8-xx.152-2.JA" uncompressed and installed, entry point: 0x2003000
executing...
Restricted Rights Legend
Use, duplication, or disclosure by the Government is
subject to restrictions as set forth in subparagraph
(c) of the Commercial Computer Software - Restricted
Rights clause at FAR sec. 52.227-19 and subparagraph
(c) (1) (ii) of the Rights in Technical Data and Computer
Software clause at DFARS sec. 252.227-7013.
cisco Systems, Inc.
170 West Tasman Drive
San Jose, California 95134-1706
Cisco IOS Software, C2600 Software (AP3G2-K9W8-M), Version 15.2(2)JA, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2012 by Cisco Systems, Inc.
Compiled Thu 23-Aug-12 02:29 by prod_rel_team
Initializing flashfs...
flashfs[3]: 37 files, 9 directories
flashfs[3]: 0 orphaned files, 0 orphaned directories
flashfs[3]: Total bytes: 31997952
flashfs[3]: Bytes used: 18267648
flashfs[3]: Bytes available: 13730304
flashfs[3]: flashfs fsck took 9 seconds.
flashfs[3]: Initialization complete.
flashfs[4]: 0 files, 1 directories
flashfs[4]: 0 orphaned files, 0 orphaned directories
flashfs[4]: Total bytes: 12257280
flashfs[4]: Bytes used: 1024
flashfs[4]: Bytes available: 12256256
flashfs[4]: flashfs fsck took 0 seconds.
flashfs[4]: Initialization complete....done Initializing flashfs.
Warning: the compile-time code checksum does not appear to be present.
Radio0 present 8764 8000 0 A8000000 A8010000 0
Rate table has 244 entries (64 SGI/104 BF variants)
Radio1 present 8764 8000 0 88000000 88010000 4
This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.
A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html
If you require further assistance please contact us by sending email to
Warning: the compile-time code checksum does not appear to be present.
cisco AIR-CAP2602I-A-K9 (PowerPC) processor (revision A0) with 180214K/81920K bytes of memory.
Processor board ID FGL1640Z00A
PowerPC CPU at 800Mhz, revision number 0x2151
Last reset from power-on
LWAPP image version 7.3.101.0
1 Gigabit Ethernet interface
2 802.11 Radios
32K bytes of flash-simulated non-volatile configuration memory.
Base ethernet MAC Address: 44:2B:03:9A:DD:00
Part Number : 73-14588-02
PCA Assembly Number : 800-37899-01
PCA Revision Number : A0
PCB Serial Number : FOC16337KKT
Top Assembly Part Number : 800-38356-01
Top Assembly Serial Number : FGL1640Z00A
Top Revision Number : A0
Product/Model Number : AIR-CAP2602I-A-K9
% Please define a domain-name first.
Press RETURN to get started!
*Mar 1 00:00:10.231: %SOAP_FIPS-2-SELF_TEST_IOS_SUCCESS: IOS crypto FIPS self test passed
*Mar 1 00:00:13.723: %LINK-6-UPDOWN: Interface GigabitEthernet0, changed state to up
*Mar 1 00:00:17.287: %SOAP_FIPS-2-SELF_TEST_RAD_SUCCESS: RADIO crypto FIPS self test passed on interface Dot11Radio 0
*Mar 1 00:00:23.543: %SOAP_FIPS-2-SELF_TEST_RAD_SUCCESS: RADIO crypto FIPS self test passed on interface Dot11Radio 1
*Mar 1 00:00:25.871: %SYS-5-RESTART: System restarted --
Cisco IOS Software, C2600 Software (AP3G2-K9W8-M), Version 15.2(2)JA, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2012 by Cisco Systems, Inc.
Compiled Thu 23-Aug-12 02:29 by prod_rel_team
*Mar 1 00:00:25.871: %SNMP-5-COLDSTART: SNMP agent on host AP442b.039a.dd00 is undergoing a cold start
*Mar 1 00:00:26.303: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to reset
*Mar 1 00:00:26.303: %LINK-5-CHANGED: Interface Dot11Radio1, changed state to resetlwapp_crypto_init: MIC Present and Parsed Successfully
*Mar 1 00:00:26.443: %SSH-5-ENABLED: SSH 2.0 has been enabled
*Mar 1 00:00:26.919: %LINEPROTO-5-UPDOWN: Line protocol on Interface BVI1, changed state to up
*Mar 1 00:00:29.831: %SOAP_FIPS-2-SELF_TEST_HW_SUCCESS: HW crypto FIPS self test passed
*Mar 1 00:00:29.831: DPAA Initialization Complete
*Mar 1 00:00:29.831: %SYS-3-HARIKARI: Process DPAA INIT top-level routine exited
*Mar 1 00:00:30.219: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0, changed state to up%Default route without gateway, if not a point-to-point interface, may impact performance
*Mar 1 00:00:54.807: Logging LWAPP message to 255.255.255.255.
*Mar 1 00:00:58.067: %CDP_PD-4-POWER_OK: Full power - NEGOTIATED inline power source
*Mar 1 00:00:59.163: %LINK-6-UPDOWN: Interface Dot11Radio0, changed state to up
*Mar 1 00:00:59.903: %DHCP-6-ADDRESS_ASSIGN: Interface BVI1 assigned DHCP address 10.29.8.163, mask 255.255.248.0, hostname AP442b.039a.dd00
*Mar 1 00:01:00.163: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to up
*Mar 1 00:01:00.255: %LINK-6-UPDOWN: Interface Dot11Radio1, changed state to up
*Mar 1 00:01:01.255: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio1, changed state to up
Translating "CISCO-CAPWAP-CONTROLLER.ad.pps.k12.va.us"...domain server (10.29.8.3)
*Mar 1 00:01:10.831: %CAPWAP-3-ERRORLOG: Did not get log server settings from DHCP. [OK]
*Mar 1 00:01:23.831: %CAPWAP-3-ERRORLOG: Selected MWAR 'IRC-WLC-5508'(index 0).
*Mar 1 00:01:23.831: %CAPWAP-3-ERRORLOG: Go join a capwap controller
*Dec 17 15:52:37.000: %CAPWAP-5-DTLSREQSEND: DTLS connection request sent peer_ip: 10.5.13.4 peer_port: 5246
*Dec 17 15:53:13.135: DTLS_CLIENT_ERROR: ../capwap/base_capwap/dtls/base_capwap_dtls_connection_db.c:2051 Max retransmission count reached!
*Dec 17 15:53:36.999: %DTLS-5-SEND_ALERT: Send FATAL : Close notify Alert to 10.5.13.4:5246
*Dec 17 15:53:37.059: %LWAPP-3-CLIENTERRORLOG: LWAPP LED Init: incorrect led state 255
*Dec 17 15:53:37.199: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to administratively down
*Dec 17 15:53:37.199: %LINK-5-CHANGED: Interface Dot11Radio1, changed state to administratively down
*Dec 17 15:53:37.447: %LINK-6-UPDOWN: Interface Dot11Radio0, changed state to up
*Dec 17 15:53:37.467: %LINK-6-UPDOWN: Interface Dot11Radio1, changed state to up
*Dec 17 15:53:38.199: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to down
*Dec 17 15:53:38.231: %LINK-6-UPDOWN: Interface Dot11Radio1, changed state to down
*Dec 17 15:53:38.239: %LINK-5-CHANGED: Interface Dot11Radio1, changed state to reset
*Dec 17 15:53:39.223: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to up
*Dec 17 15:53:39.231: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio1, changed state to down
*Dec 17 15:53:39.259: %LINK-6-UPDOWN: Interface Dot11Radio1, changed state to up
*Dec 17 15:53:39.267: %LINK-6-UPDOWN: Interface Dot11Radio0, changed state to down
*Dec 17 15:53:39.275: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to reset
*Dec 17 15:53:40.259: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio1, changed state to up
*Dec 17 15:53:40.267: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to down
*Dec 17 15:53:40.295: %LINK-6-UPDOWN: Interface Dot11Radio0, changed state to up
*Dec 17 15:53:41.295: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to up
*Dec 17 15:53:47.463: %CAPWAP-3-ERRORLOG: Selected MWAR 'IRC-WLC-5508'(index 0).
*Dec 17 15:53:47.463: %CAPWAP-3-ERRORLOG: Go join a capwap controller
*Dec 17 15:53:47.000: %CAPWAP-5-DTLSREQSEND: DTLS connection request sent peer_ip: 10.5.13.4 peer_port: 5246
*Dec 17 15:54:23.131: DTLS_CLIENT_ERROR: ../capwap/base_capwap/dtls/base_capwap_dtls_connection_db.c:2051 Max retransmission count reached!
*Dec 17 15:54:46.999: %DTLS-5-SEND_ALERT: Send FATAL : Close notify Alert to 10.5.13.4:5246
12-17-2012 01:23 PM
*Dec 17 15:53:47.463: %CAPWAP-3-ERRORLOG: Selected MWAR 'IRC-WLC-5508'(index 0).
*Dec 17 15:53:47.463: %CAPWAP-3-ERRORLOG: Go join a capwap controller*Dec 17 15:53:47.000: %CAPWAP-5-DTLSREQSEND: DTLS connection request sent peer_ip: 10.5.13.4 peer_port: 5246
*Dec 17 15:54:23.131: DTLS_CLIENT_ERROR: ../capwap/base_capwap/dtls/base_capwap_dtls_connection_db.c:2051 Max retransmission count reached!
Getting alot better.
The WAP has selected the 5508 with the correct firmware. The WAP sends a JOIN Request to 10.5.13.4 but cannot get anything back.
Firewall? Routing loop?
This so-called "remote site", how is it connected back to your office? Dark fibre? ISP?
Y'know what? Can you post the output to the following commands:
1. WAP: sh inventory;
2. WLC: sh sysinfo
Nuts, I should've asked for these info before.
12-18-2012 04:50 AM
leolaohoo wrote:
Firewall? Routing loop?
This so-called "remote site", how is it connected back to your office? Dark fibre? ISP?
Y'know what? Can you post the output to the following commands:
1. WAP: sh inventory;
2. WLC: sh sysinfo
Nuts, I should've asked for these info before.
See the requested logs below. The connection between our central location (where the controller resides) and the remote location with AP's that won't register is a SONET connection owned and managed by our ISP. I also suspected possibly a routing loop since there seems to be no other explanation. We work closely with the ISP and I've had them look into it once already - and asked them yesterday to give it yet another look. It's very strange since this remote location has been online for 10 years with no issues to speak of. And we have more than 20 other locations managed through the same ISP - all of them have registered the same type of AP to the controller with no problem. There is no firewall between these locations and we've searched high and low for some obscure ACL that might be in place but we come up with nothing...
1)
AP442b.039a.dd00#sh inventory
NAME: "AP2600", DESCR: "Cisco Aironet 2600 Series (IEEE 802.11n) Access Point"
PID: AIR-CAP2602I-A-K9 , VID: V01, SN: FGL1640Z00A
2)
(Cisco Controller) >show sysinfo
Manufacturer's Name.............................. Cisco Systems Inc.
Product Name..................................... Cisco Controller
Product Version.................................. 7.3.101.0
Bootloader Version............................... 1.0.1
Field Recovery Image Version..................... 6.0.182.0
Firmware Version................................. FPGA 1.3, Env 1.6, USB console 1.27
Build Type....................................... DATA + WPS
System Name...................................... IRC-WLC-5508
System Location..................................
System Contact...................................
System ObjectID.................................. 1.3.6.1.4.1.9.1.1069
Redundancy Mode.................................. SSO
IP Address....................................... 10.5.13.4
Last Reset....................................... Software reset
System Up Time................................... 28 days 15 hrs 3 mins 4 secs
System Timezone Location......................... (GMT -5:00) Eastern Time (US and Canada)
Configured Country............................... US - United States
Operating Environment............................ Commercial (0 to 40 C)
Internal Temp Alarm Limits....................... 0 to 65 C
Internal Temperature............................. +35 C
--More-- or (q)uit
External Temperature............................. +20 C
Fan Status....................................... OK
State of 802.11b Network......................... Enabled
State of 802.11a Network......................... Enabled
Number of WLANs.................................. 5
Number of Active Clients......................... 302
Burned-in MAC Address............................ 68:EF:BD:8E:48:60
Power Supply 1................................... Present, OK
Power Supply 2................................... Absent
Maximum number of APs supported.................. 300
12-18-2012 05:13 AM
Looks like you need to upload the FUS image to the 5508.... if your running v7.2 or newer, then the Fimware version should look like this:
Firmware Version................................. FPGA 1.7, Env 1.8, USB console 2.2
Console into that AP and issue: test capwap controller ip <10.5.13.4>
If that doesn't work, then something is blocking or wrong..
Thanks,
Scott
Help out other by using the rating system and marking answered questions as "Answered"
12-18-2012 06:01 PM
I second to Scott's recommendation about the FUS. Take note that the FUS upgrade takes around 20 minutes, so get yourself a nice book/magazine to read while the stuff is happening.
When someone is consoled into the WAP, can you get the WAP to ping the Management IP Address of the WLC? If it can ping, then enter this enable command: capwap ap controller ip address
12-19-2012 09:02 AM
Hey folks - just an update - I tried both commands from the AP console ('test capwap controller' and 'capwap ap controller') and both timed out. I have not yet run the FUS update on the controller however. In the interim our ISP has found something interesting however... it seems that from within their VRF some of the traffic going to the AP's that won't register is being dropped. If they run extended pings to the AP's they are losing about 30% of them. This being the case could EASILY be why the AP's are timing out when communicating with the controller. They (the ISP) are opening a TAC case with Cisco since they can't explain why the traffic is being dropped. I won't do any more troubleshooting until I hear back from them... will post when I do. Thanks again for all of the responses.
12-19-2012 01:47 PM
Thanks for the feedback, Dean.
Boy, I wish Australian ISPs were that cooperative (where you don't have to result to making physical threats just to get them to start investigating).
01-04-2013 05:16 AM
Update with good news - our 2602 AP's at the remote site are now registered with our controller - finally! Very interesting issue: On a layer 3 switch between the two locations, ICMP Redirects had been disabled. Because of this, some (but not all) of the return traffic from the controller to the AP's was being dropped. After redirects was re-enabled, the AP's completed their registration without issue and are now functioning as expected. It took a conference call between myself, our ISP and Cisco to track down the culprit. I'm honestly not sure I completely understand why the lack of a redirect was causing some of the traffic to drop (especially since all other traffic at that location appears normal), but that was the underlying cause. Thanks to everyone for their help with this issue!
05-27-2013 03:46 AM
HI Team
one Access Point has Statically Configured in South Africa AIR-SAP2602I-E-K9 which is integrated with 5508 WLC ( N-K9) in India.
1. is there any Problem with Country code, we need to enable Country code on WLC.
2. how to enable Country code in WLC.
3. is WLC will support Multiple Country codes both ( E-K9 & N-K9 ).
Please Help me on this .....
these are the Loggs am Getting in South Africa AP (AIR-SAP2602I-E-K9).
*May 27 03:41:18.663: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to administratively down
*May 27 03:41:18.663: %LINK-5-CHANGED: Interface Dot11Radio1, changed state to administratively down
*May 27 03:41:19.667: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to down
*May 27 03:41:19.671: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio1, changed state to down
*May 27 03:41:19.947: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to up
*May 27 03:41:19.955: status of voice_diag_test from WLC is false
*May 27 03:41:19.955: %LINK-3-UPDOWN: Interface Dot11Radio1, changed state to up
*May 27 03:41:20.707: %LINK-5-CHANGED: Interface Dot11Radio1, changed state to reset
*May 27 03:41:21.699: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to up
*May 27 03:41:21.735: %LINK-3-UPDOWN: Interface Dot11Radio1, changed state to up
*May 27 03:41:21.743: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to down
*May 27 03:41:21.751: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to reset
*May 27 03:41:22.735: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio1, changed state to up
*May 27 03:41:22.743: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to down
*May 27 03:41:22.775: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to up
*May 27 03:41:23.775: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to up
*May 27 03:41:28.955: %CAPWAP-3-ERRORLOG: Could Not resolve CISCO-CAPWAP-CONTROLLER
*May 27 03:41:39.000: %CAPWAP-5-DTLSREQSEND: DTLS connection request sent peer_ip: 58.2.204.24 peer_port: 5246
*May 27 03:41:40.051: %CAPWAP-5-DTLSREQSUCC: DTLS connection created sucessfully peer_ip: 58.2.204.24 peer_port: 5246
*May 27 03:41:40.051: %CAPWAP-5-SENDJOIN: sending Join Request to 58.2.204.24
Translating "CISCO-CAPWAP-CONTROLLER"...domain server (255.255.255.255)
., 1)27 03:41:58.459: %CAPWAP-3-ERRORLOG: Retransmission count for packet exceeded max(UNKNOWN_MESSAGE_TYPE (5)
*May 27 03:41:58.459: %CAPWAP-3-ERRORLOG: GOING BACK TO DISCOVER MODE
*May 27 03:41:58.459: %DTLS-5-SEND_ALERT: Send FATAL : Close notify Alert to 58.2.204.24:5246
*May 27 03:41:58.527: %LWAPP-3-CLIENTERRORLOG: LWAPP LED Init: incorrect led state 255
*May 27 03:41:58.659: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to administratively down
*May 27 03:41:58.659: %LINK-5-CHANGED: Interface Dot11Radio1, changed state to administratively down
*May 27 03:41:58.963: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to up
*May 27 03:41:58.971: status of voice_diag_test from WLC is false
*May 27 03:41:58.971: %LINK-3-UPDOWN: Interface Dot11Radio1, changed state to up
*May 27 03:41:59.659: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio1, changed state to down
*May 27 03:41:59.699: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to down
*May 27 03:41:59.707: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to reset
*May 27 03:42:00.691: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio1, changed state to up
*May 27 03:42:00.699: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to down
*May 27 03:42:00.735: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to up
*May 27 03:42:00.743: %LINK-3-UPDOWN: Interface Dot11Radio1, changed state to down
*May 27 03:42:00.751: %LINK-5-CHANGED: Interface Dot11Radio1, changed state to reset
*May 27 03:42:01.747: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to up
*May 27 03:42:01.747: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio1, changed state to down
*May 27 03:42:01.779: %LINK-3-UPDOWN: Interface Dot11Radio1, changed state to up
*May 27 03:42:02.779: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio1, changed state to up
*May 27 03:42:59.000: %CAPWAP-5-DTLSREQSEND: DTLS connection request sent peer_ip: 58.2.204.24 peer_port: 5246
*May 27 03:43:00.051: %CAPWAP-5-DTLSREQSUCC: DTLS connection created sucessfully peer_ip: 58.2.204.24 peer_port: 5246
*May 27 03:43:00.051: %CAPWAP-5-SENDJOIN: sending Join Request to 58.2.204.24
., 1)27 03:43:18.463: %CAPWAP-3-ERRORLOG: Retransmission count for packet exceeded max(UNKNOWN_MESSAGE_TYPE (5)
*May 27 03:43:18.463: %CAPWAP-3-ERRORLOG: Retransmission count exceeded max, ignoring as the ethernet is overloaded
., 1)27 03:43:21.463: %CAPWAP-3-ERRORLOG: Retransmission count for packet exceeded max(UNKNOWN_MESSAGE_TYPE (5)
*May 27 03:43:21.463: %CAPWAP-3-ERRORLOG: Retransmission count exceeded max, ignoring as the ethernet is overloaded
., 1)27 03:43:24.463: %CAPWAP-3-ERRORLOG: Retransmission count for packet exceeded max(UNKNOWN_MESSAGE_TYPE (5)
*May 27 03:43:24.463: %CAPWAP-3-ERRORLOG: Retransmission count exceeded max, ignoring as the ethernet is overloaded
., 1)27 03:43:27.463: %CAPWAP-3-ERRORLOG: Retransmission count for packet exceeded max(UNKNOWN_MESSAGE_TYPE (5)
*May 27 03:43:27.463: %CAPWAP-3-ERRORLOG: Retransmission count exceeded max, ignoring as the ethernet is overloaded
., 1)27 03:43:30.463: %CAPWAP-3-ERRORLOG: Retransmission count for packet exceeded max(UNKNOWN_MESSAGE_TYPE (5)
*May 27 03:43:30.463: %CAPWAP-3-ERRORLOG: Retransmission count exceeded max, ignoring as the ethernet is overloaded
., 1)27 03:43:33.463: %CAPWAP-3-ERRORLOG: Retransmission count for packet exceeded max(UNKNOWN_MESSAGE_TYPE (5)
*May 27 03:43:33.463: %CAPWAP-3-ERRORLOG: Retransmission count exceeded max, ignoring as the ethernet is overloaded
., 1)27 03:43:36.463: %CAPWAP-3-ERRORLOG: Retransmission count for packet exceeded max(UNKNOWN_MESSAGE_TYPE (5)
*May 27 03:43:36.463: %CAPWAP-3-ERRORLOG: Retransmission count exceeded max, ignoring as the ethernet is overloaded
., 1)27 03:43:45.463: %CAPWAP-3-ERRORLOG: Retransmission count for packet exceeded max(UNKNOWN_MESSAGE_TYPE (5)
*May 27 03:43:45.463: %CAPWAP-3-ERRORLOG: Retransmission count exceeded max, ignoring as the ethernet is overloaded
Translating "CISCO-CAPWAP-CONTROLLER"...domain server (255.255.255.255)
., 1)27 03:43:48.463: %CAPWAP-3-ERRORLOG: Retransmission count for packet exceeded max(UNKNOWN_MESSAGE_TYPE (5)
*May 27 03:43:48.463: %CAPWAP-3-ERRORLOG: GOING BACK TO DISCOVER MODE
*May 27 03:43:48.463: %DTLS-5-SEND_ALERT: Send FATAL : Close notify Alert to 58.2.204.24:5246
*May 27 03:43:48.527: %LWAPP-3-CLIENTERRORLOG: LWAPP LED Init: incorrect led state 255
*May 27 03:43:48.663: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to administratively down
*May 27 03:43:48.663: %LINK-5-CHANGED: Interface Dot11Radio1, changed state to administratively down
*May 27 03:43:48.955: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to up
*May 27 03:43:48.971: status of voice_diag_test from WLC is false
*May 27 03:43:48.971: %LINK-3-UPDOWN: Interface Dot11Radio1, changed state to up
*May 27 03:43:49.663: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio1, changed state to down
*May 27 03:43:49.703: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to down
*May 27 03:43:49.711: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to reset
*May 27 03:43:50.695: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio1, changed state to up
*May 27 03:43:50.703: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to down
*May 27 03:43:50.739: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to up
*May 27 03:43:50.747: %LINK-3-UPDOWN: Interface Dot11Radio1, changed state to down
*May 27 03:43:50.755: %LINK-5-CHANGED: Interface Dot11Radio1, changed state to reset
*May 27 03:43:51.739: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to up
*May 27 03:43:51.747: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio1, changed state to down
*May 27 03:43:51.783: %LINK-3-UPDOWN: Interface Dot11Radio1, changed state to up
*May 27 03:43:52.783: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio1, changed state to up
*********** IF we will add the South Africa ( ZA) country code on WLC.the problem will resolve ..? *********************
*********** Right now 5508 WLC have only AIR-CAP3602I-N-K9 AP's in India if we add ZA there is any impact on N-K9 AP's.*****************
Thanks Very Much Scott.....it very Appriciate.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide