Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
4007
Views
10
Helpful
9
Replies

2800 AP cannot join new WLC-9800-L

franco_bruna
Level 1
Level 1

‎09-10-2021 07:20 AM

Hello,

I just installed and configured a brand new WLC 9800L and when a new 2800 AP tries to connect I get this message on the WLC:

 

[CAPWAP-IDB Error : 420010 - GET SWIDB : Search failed for iifid[Count : 0]

 

WLC is running 17.3.3

2800 is 8.10.130.0

 

Where am I wrong?

 

Thanks in advance

Gio

 

 

 

Labels:
0 Helpful
9 Replies 9

marce1000
VIP
VIP

‎09-10-2021 08:41 AM

 

        - Attach a console AP and scrutinize the boot-process when it tries to join.

 M.



-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
    When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '
0 Helpful

franco_bruna
Level 1
Level 1
In response to marce1000

‎09-10-2021 09:12 AM

Hello Marcel,

thanks a lot for your reply!

 

I've attached the console cable to the AP and this is the result:

 

[*05/22/2021 00:29:53.1436] DOT11_DRV[1]: DOT11_DRV[1]: set_channel Channel set to 36

[*05/22/2021 00:29:54.0300] DOT11_DRV[0]: DOT11_DRV[0]: set_channel Channel set to 1

[*05/22/2021 00:29:54.6801] DOT11_DRV[0]: DOT11_DRV[0]: set_channel Channel set to 1

[*05/22/2021 00:29:54.7005] DOT11_DRV[0]: DOT11_DRV[0]: set_channel Channel set to 1

[*05/22/2021 00:29:54.8016] ethernet_port wired0, ip 172.26.48.199, netmask 255.255.252.0, gw 172.26.48.49, mtu 1500, bcast 172.26.51.255, dns1 172.26.48.76, dns2 172.26.48.232, domain intranet.xxx.itbftype is 6

[*05/22/2021 00:29:55.7354] DOT11_DRV[0]: DOT11_DRV[0]: set_channel Channel set to 1

[*05/22/2021 00:29:56.4934] DOT11_DRV[0]: DOT11_DRV[0]: set_channel Channel set to 1

[*05/22/2021 00:29:56.6597] failed wlconfig_commit netdev = wifi1

[*05/22/2021 00:29:56.6597] Error for wireless request "Commit changes" (8B00) :

[*05/22/2021 00:29:56.6598] SET failed on device wifi1 ; Operation not permitted.

[*05/22/2021 00:29:57.0042] DOT11_DRV[1]: DOT11_DRV[1]: set_channel Channel set to 36

[*05/22/2021 00:29:57.6515] DOT11_DRV[1]: DOT11_DRV[1]: set_channel Channel set to 36

[*05/22/2021 00:29:58.2932] DOT11_DRV[1]: DOT11_DRV[1]: set_channel Channel set to 36

[*05/22/2021 00:29:58.3135] DOT11_DRV[1]: DOT11_DRV[1]: set_channel Channel set to 36

[*05/22/2021 00:29:59.4329] bftype is 6

[*05/22/2021 00:29:59.4596] DOT11_DRV[1]: DOT11_DRV[1]: set_channel Channel set to 36

[*05/22/2021 00:30:00.3216] DOT11_DRV[1]: DOT11_DRV[1]: set_channel Channel set to 36

[*05/22/2021 00:30:01.1836] DOT11_DRV[1]: DOT11_DRV[1]: set_channel Channel set to 36

[*05/22/2021 00:30:05.4435] AP IPv4 Address updated from 0.0.0.0 to 172.26.48.199

[*05/22/2021 00:31:40.7483] dtls_init: Use SUDI certificate

[*05/22/2021 00:31:40.7504]

[*05/22/2021 00:31:40.7505] CAPWAP State: Init

[*05/22/2021 00:31:40.7524]

[*05/22/2021 00:31:40.7524] CAPWAP State: Discovery

[*05/22/2021 00:31:40.7555] Discovery Request sent to 172.26.223.6, discovery type STATIC_CONFIG(1)

[*05/22/2021 00:31:40.7557] IP DNS query for CISCO-CAPWAP-CONTROLLER.intranet.xxx.it

[*05/22/2021 00:31:40.7784] Discovery Request sent to 172.26.223.6, discovery type STATIC_CONFIG(1)

[*05/22/2021 00:31:40.7823] Discovery Request sent to 255.255.255.255, discovery type UNKNOWN(0)

[*05/22/2021 00:31:40.7827]

[*05/22/2021 00:31:40.7827] CAPWAP State: Discovery

[*05/22/2021 00:31:45.4804] Start: RPC thread 1951271920 created.

[*05/22/2021 00:32:10.2370]

[*05/22/2021 00:32:10.2370] CAPWAP State: Discovery

[*05/22/2021 00:32:10.2401] Discovery Request sent to 172.26.223.6, discovery type STATIC_CONFIG(1)

[*05/22/2021 00:32:10.2404] IP DNS query for CISCO-CAPWAP-CONTROLLER.intranet.xxx.it

[*05/22/2021 00:32:10.2472] Discovery Request sent to 172.26.223.6, discovery type STATIC_CONFIG(1)

[*05/22/2021 00:32:10.2696] Discovery Request sent to 255.255.255.255, discovery type UNKNOWN(0)

[*05/22/2021 00:32:39.6961]

[*05/22/2021 00:32:39.6961] CAPWAP State: Discovery

[*05/22/2021 00:32:39.6992] Discovery Request sent to 172.26.223.6, discovery type STATIC_CONFIG(1)

[*05/22/2021 00:32:39.6995] IP DNS query for CISCO-CAPWAP-CONTROLLER.intranet.xxx.it

[*05/22/2021 00:32:39.7261] Discovery Request sent to 172.26.223.6, discovery type STATIC_CONFIG(1)

[*05/22/2021 00:32:39.7289] Discovery Request sent to 255.255.255.255, discovery type UNKNOWN(0)

[*05/22/2021 00:33:09.1552]

 

as you can see it tries to access the WLC 172.26.223.6 but no answer and on the WLC I have the IDB error...

 

Franco

0 Helpful

Leo Laohoo
Hall of Fame
Hall of Fame
In response to franco_bruna

‎09-10-2021 06:16 PM

Factory reset the AP before doing anything. 

After the reboot, can the AP ping the 9800 IP address?

rmfalconer
Level 1
Level 1

‎09-10-2021 01:57 PM

Have you generated and bound the necessary certificate to wireless management? Is a wireless management interface defined?

Arshad Safrulla
VIP Alumni
VIP Alumni

‎09-10-2021 02:26 PM

First Check the NTP is configured in WLC and synchronized, if yes then advertise DHCP option 42 (NTP) towards AP. Make sure that the option 43 is configured as HEX or use DNS to advertise the WLC AP Manager IP towards AP.

I would also recommend you to reset the AP before trying to join. 

___________________________________________
TAC recommended codes for AireOS WLC's
Best Practices for AireOS WLC's
TAC recommended codes for 9800 WLC's
Best Practices for 9800 WLC's
Cisco Wireless compatibility matrix
___________________________________________
Arshad Safrulla
0 Helpful

franco_bruna
Level 1
Level 1
In response to Arshad Safrulla

‎09-12-2021 10:41 AM

Hello All,

the ntp is correctly configured and the WLC is in sync with it.

DHCP is not used as I manually set ip address/mask & primary controller in the new AP

the wireless management interface is defined on the WLC....

 

Is there a debug command I can issue on the WLC in order to see what is happening?

 

I didn't reset the AP as both WLC and AP are in a remote location but this AP is brand new, just out of the box and never connected to any network.

 

Thanks in advance for any help!

 

 

 

 

0 Helpful

Rich R
VIP
VIP

‎09-13-2021 04:02 AM

And that is exactly why you should be using DHCP with option 43 not static config so that you can quickly and easily factory default an AP config and be confident that it will be able to join again without having to provide static config!  That is also the Cisco preferred/recommended approach.

Have any other APs joined the WLC?

I agree with others - your first troubleshooting step should be factory default reset of the AP as that resolves the vast majority of this type of problem.

You have not answered Leo's question about being able to ping.  Just because the AP can reach the WLC doesn't mean the WLC can reach the AP - does the WLC have a valid route back to the AP?

------------------------------
Please click Helpful if this post helped you and Select as Solution (drop down menu at top right of this reply) if this answered your query.
------------------------------
TAC recommended codes for AireOS WLC's   and   TAC recommended codes for 9800 WLC's
Best Practices for AireOS WLC's,   Best Practices for 9800 WLC's   and   Cisco Wireless compatibility matrix
Check your 9800 WLC config with Wireless Config Analyzer using "show tech wireless" output or "config paging disable" then "show run-config" output on AireOS and use Wireless Debug Analyzer to analyze your WLC client debugs
Field Notice: FN63942 APs and WLCs Fail to Create CAPWAP Connections Due to Certificate Expiration
Field Notice: FN72424 Later Versions of WiFi 6 APs Fail to Join WLC - Software Upgrade Required
Field Notice: FN72524 IOS APs stuck in downloading state after 4 Dec 2022 due to Certificate Expired
- Fixed in 8.10.196.0, latest 9800 releases, 8.5.182.12 (8.5.182.13 for 3504) and 8.5.182.109 (IRCM, 8.5.182.111 for 3504)
Field Notice: FN70479 AP Fails to Join or Joins with 1 Radio due to Country Mismatch, RMA needed
How to avoid boot loop due to corrupted image on Wave 2 and Catalyst 11ax Access Points (CSCvx32806)
Field Notice: FN74035 - Wave2 APs DFS May Not Detect Radar After Channel Availability Check Time
Leo's list of bugs affecting 2800/3800/4800/1560 APs
Default AP console baud rate from 17.12.x is 115200 - introduced by CSCwe88390
0 Helpful

franco_bruna
Level 1
Level 1
In response to Rich R

‎09-13-2021 05:54 AM

Hello,

 

yes, the AP with static address can ping the WLC. and the WLC can ping the AP.

I'll enable DHCP option 43 although I don't see the need as the AP has a fixed ip address an it is in management vlan.

 

I'll keep you updated.

Giovanni

 

0 Helpful

rmfalconer
Level 1
Level 1
In response to franco_bruna

‎09-13-2021 09:08 AM

Is the trustpoint defined?

wireless management trustpoint <TP_Name>

 

If you want to debug on the WLC side, you can run a trace in the Troubleshooting section.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card