Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
239
Views
1
Helpful
3
Replies

9115AXI-K AP Fails to Join in Sniffer Mode on C9800 WLC

qahwork
Level 1
Level 1

‎03-13-2025 04:54 PM

Hello 

 

I am new in my current role and have recently started working with Cisco Access Points. As part of my testing, I am evaluating various operational modes (local, monitor, sniffer, flex connect) on a 9115AXI-K AP connected to a Cisco C9800 Wireless LAN Controller. While the AP successfully joins the controller in all modes except sniffer mode, it fails to join when switched to that mode.

The WLC logs (via show wireless stats ap history) show multiple “Disjoined” events with the reason “Mode change to sniffer.” Additionally, a Wireshark capture reveals a “Bad Certificate Status Response” alert. Notably, the AP joins successfully in all other modes.

I would appreciate guidance on the following points:

  1. Certificate or Configuration Requirements:
    Are there any known certificate or configuration prerequisites for sniffer mode that might cause the AP to fail the join process?

  2. Best Practices for Configuring Sniffer Mode:
    What is the recommended sequence or best practice for configuring the AP and controller for sniffer mode? For troubleshooting and configuration, I am referencing the following Cisco documents:

  3. Troubleshooting the “Bad Certificate Status Response”:
    Could the certificate error be directly related to the AP’s inability to join in sniffer mode? If so, what troubleshooting steps or resolutions would you recommend?

Thank you in advance for any assistance or insights.



Thank you in advance for any assistance or insights.

0 Helpful
3 Replies 3

Scott Fella
Hall of Fame
Hall of Fame

‎03-13-2025 07:17 PM - edited ‎03-13-2025 07:19 PM

When you are learning to do something, for me its videos and blogs as I like to see it actually being done.  There is really no order because you are new, you need to start some place and don't jump around so much.  So to be specific on sniffers for the 9800, you can look at this for starters.  Also typically you want a higher end ap for sniffing packets, I don't know if the 9115 would work or work well, but just watch the video.

https://www.labminutes.com/wl0051_9800_wlc_access_point_sniffer_mode_1

This does show it it supported on your model:
https://www.cisco.com/c/en/us/td/docs/wireless/access_point/9115ax/quick/guide/ap9115ax-getstart.html

 

-Scott
*** Please rate helpful posts ***
0 Helpful

qahwork
Level 1
Level 1
In response to Scott Fella

‎03-15-2025 03:30 AM

Thanks for the good answer, but the issue was that my WLC is a C9800-CL, and it was using an L3 interface.

0 Helpful

Scott Fella
Hall of Fame
Hall of Fame
In response to qahwork

‎03-15-2025 08:05 AM

Its just like that, you start to learen and figure things out.  The biggest thing that I usually see is that folks try to setup their wireless a certain way because they are use to doing that for a specific vendor as an example.  Each vendor has their own best practices of how their controllers need to connect to the network, which also mean, what design they will support of not.  Even knowing now that you are using a 9800-CL, that also changes things, because there are requirements for on-prem VM's vs AWS, vs Azure, etc.  Its a learning process for everyone.  Different environments also means different problems.

-Scott
*** Please rate helpful posts ***
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card