cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2192
Views
0
Helpful
12
Replies

AIR LAP1131AG-N-K9 wont join 4400 series WLAN controller

anup.dhital
Level 1
Level 1

When I try and connect AP 1131AG, it doesn't get discovered in WLAN controller. AP gets DHCP address assigned to it but doesn't receive JOIN RESPONSE from WLAN controller. I have checked the version firmware on WLAN and is 4.0.179.11 and is set to layer 3. Can anyone help me on this.

*Mar 1 00:00:07.241: %LINK-3-UPDOWN: Interface FastEthernet0, changed state to

up

*Mar 1 00:00:08.241: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthern

et0, changed state to up

*Mar 1 00:00:25.290: %LWAPP-5-CHANGED: LWAPP changed state to DISCOVERY

*Mar 1 00:00:33.429: %DHCP-6-ADDRESS_ASSIGN: Interface FastEthernet0 assigned D

HCP address xxxxxx, mask 255.255.0.0, hostname COJAP06

*Mar 1 00:00:46.711: %LWAPP-5-CHANGED: LWAPP changed state to JOIN

*Mar 1 00:00:51.712: LWAPP_CLIENT_ERROR_DEBUG: spamHandleJoinTimer: Did not rec

ieve the Join response

*Mar 1 00:00:51.712: LWAPP_CLIENT_ERROR_DEBUG: No more AP manager IP addresses

remain.

*Mar 1 00:00:51.744: %SYS-5-RELOAD: Reload requested by LWAPP CLIENT. Reload Re

ason: DID NOT GET JOIN RESPONSE.

*Mar 1 00:00:51.744: %LWAPP-5-CHANGED: LWAPP changed state to DOWN

12 Replies 12

bbxie
Level 3
Level 3

Make sure you configured DHCP option 43 and 60. Following is a example(wlc's management IP is 10.10.10.20):

option 43 hex f1040a0a0a14

option 60 ascii "Cisco AP c1130"

also make sure wlc's ip can com with AP's IP

Also check if the sys time on AP is the same as on WLC because in join phase, the WLC will check if the AP has a valid x.509 certificate which is related to time

Thanks bbxie,

I have done that. WLC's IP can comm with APs IP fine. But cant find it in WLC list of APs.

if you are sure of AP and WLC have same time, then you can use following debug in WLC see what really happened in your network:

debug pm pki enable

debug mac addr [ap's mac address]

I found that AP has different time settings. I have changed it and tired to save settings or write to memory but no joy. How do I save the time settings that I have changed. Then will look into further.

Thanks

Your AP must be converted from Autonomous AP to Lightweight AP, right? When doing the conversion, there will generate a SSC whose validate time is depend on what you select when using Upgrade tool(use WLC's time or specified time), so if the AP is converted with the wrong time, the SSC will be invalid when you try to join the WLC, the WLC will think this is not a valid AP, so refuse to accept it.

Since the SSC had already been generated, it's too late for you to change AP's time at this moment. What you can do is revert back the AP to auto AP, then re-do the conversion, this time pay attension to set the correct time before the conversion

sorry to be pain. But I bought it as LAP so never had to do anything with the time. I understand that I can use web browser interface in autonomous mode. Its just that WLC doesn't recognise this AP. I have got several other 1000 series AP's at this site which had no problems in connecting WLC.

have you done the debug on the WLC, what's the result:

debug pm pki enable

debug mac addr [ap's mac address]

debug lwapp event enable

I just experienced the same situation with a 2106 WLC. Rebooting the WLC solved the issue - 2 APs were displaying this message and had been connected previously. When the customer had a power outage in that network closet, the APs never came back up. If you're able to reboot the WLC (during a requested time window!), it's well worth to see if this solves your problem.

Did you solve this. I have two converted AP's with the correct time, which never gets the JOIN responds, even they are on the same subnet and get IP addresses.

The AP's seems to get 'stuck' somewhere.

Both AP's are converted 1131AG with 12.3(7)JX9 software trying to connect a 4402 WLC with 5.2.157.0 software.

It resolved itself with a reboot.

I suspect that it could be due to the fact that we are using ip protocol-forward udp 12222/12223 and the new ports are 5246/5247.

If these are not specified on the router before the upgrade, I suspect this error occurred.

Why it does not resolve itself by adding the ports afterward, I don't know.

If an AP refuses to join the Wireless LAN Controller, type the following command from the AP:

lwapp ap controller ip address

Dmitry Halavin
Level 1
Level 1

You need to debug on the WLC to find out why it is not sending join response. message logs may also help here. Most common mistakes are: misconfigured country codes (WLC configured for US only, while AP is -N), missing SSC (if AP has a self signed certificate), among others. A TAC case will help here if the error is elsewhere.

Review Cisco Networking for a $25 gift card