Solved: AP 1242 (autonomous to lightweight)

perseas16 · ‎03-22-2017

Hi All! I'm trying to connect my AP to a WLC, but Ι have a problem. My AP is 1242ag-AK9. I have 3 controllers and use WCS 7 to control them. The AP was autonomous, and I changed it to lightweight with tftp and the appropriate command using console cable, IOS is the right one. When AP reloads, finds the WLCs as I see in console.

When I console to AP, I get the following messages

---

%CAPWAP-5-DTLSREQSEND: DTLS connection request sent peer_ip: 192.168.15.17 peer_port: 5246

%CAPWAP-5-CHANGED: CAPWAP changed state to

%DTLS-5-ALERT: Received FATAL : Certificate unknown alert from 192.168.15.17

%CAPWAP-3-ERRORLOG: Bad certificate alert received from peer.

%DTLS-5-PEER_DISCONNECT: Peer 192.168.15.17 has closed connection.

%DTLS-5-SEND_ALERT: Send FATAL : Close notify Alert to 192.168.15.17:5246

%CAPWAP-3-ERRORLOG: Invalid event 38 & state 3 combination.

---

I don't know what device is on 192.168.15.17. It is not WLC, Router or Switch. But it replies on pings.

debug on the first controller for this AP MAC address:

--

*spamReceiveTask: DTLS connection closed event receivedserver (192:168:15:17/5246) client (192:168:15:225/13488)

*spamReceiveTask: No entry exists for AP (192:168:15:225/13488)

*spamReceiveTask: No AP entry exist in temporary database for 192.168.15.225:13488

*spamReceiveTask: Echo Request from 192.168.15.207:52741

--

The status led is purple (stable) radio off, ethernet sometimes off, others on.

According to Cisco datasheet, there is no this type of signal (http://www.cisco.com/c/en/us/td/docs/wireless/access_point/1240/installation/guide/1240hig5/124h_c4.html)

Other info: I have another AP, same model, same ios and it is working well. The running configuration is the same with 2 differencies. The problematic AP has no cdp enable and power local -1.

Can anybody help me??? Thanks in advance.

Leo Laohoo · ‎03-23-2017

This is due to Regulatory Domain mismatch: The AP has a Regulatory Domain of "-A" but the WLC is configured for Greece and this country has a Regulatory Domain of "-E".

Disable Greece and enable, say, USA and the AP will join.

View solution in original post

Leo Laohoo · ‎03-22-2017

Post the complete output to the following commands:

1. AP: sh version;

2. AP: sh ip interface brief;

3. WLC: sh sysinfo; and

4. WLC: sh time

perseas16 · ‎03-23-2017

Thanks for the response. Here is my output in the AP. I have already attached screenshot with the WLC output.

#sh ip interface brief
Interface                  IP-Address      OK? Method Status                Prot                                                                                        ocol
Dot11Radio0                unassigned      NO unset up                    up
Dot11Radio1                unassigned      NO unset up                    up
FastEthernet0              192.168.15.241 YES DHCP   up                    up

AP001a.a233.4bee# sh version
Cisco IOS Software, C1240 Software (C1240-K9W8-M), Version 12.4(23c)JA10, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2015 by Cisco Systems, Inc.
Compiled Fri 20-Mar-15 12:45 by prod_rel_team

ROM: Bootstrap program is C1240 boot loader
BOOTLDR: C1240 Boot Loader (C1240-BOOT-M) Version 12.3(7)JA1, RELEASE SOFTWARE (fc1)

AP001a.a233.4bee uptime is 6 minutes
System returned to ROM by power-on
System image file is "flash:/c1240-k9w8-mx.124-23c.JA10/c1240-k9w8-mx.124-23c.JA10"

cisco AIR-LAP1242AG-A-K9    (PowerPCElvis) processor (revision A0) with 27638K/5120K bytes of memory.
Processor board ID FTX1106B1MD
PowerPCElvis CPU at 262Mhz, revision number 0x0950
Last reset from power-on
LWAPP image version 7.0.252.0
1 FastEthernet interface
2 802.11 Radio(s)

32K bytes of flash-simulated non-volatile configuration memory.
Base ethernet MAC Address: 00:1A:A2:33:4B:EE
Part Number                          : 73-9925-05
PCA Assembly Number                  : 800-26579-04
PCA Revision Number                  : B0
PCB Serial Number                    : FOC10520VWC
Top Assembly Part Number             : 800-26804-02
Top Assembly Serial Number           : FTX1106B1MD
Top Revision Number                  : B0
Product/Model Number                 : AIR-AP1242AG-A-K9

Configuration register is 0xF

AP001a.a233.4bee#

Leo Laohoo · ‎03-23-2017

This is due to Regulatory Domain mismatch: The AP has a Regulatory Domain of "-A" but the WLC is configured for Greece and this country has a Regulatory Domain of "-E".

Disable Greece and enable, say, USA and the AP will join.

perseas16 · ‎03-23-2017

I have 3 WLCs and 76 access points already joined. Is it possible to change the Regulatory Domain in the AP???

I just found that 192.168.15.15 and 192.168.15.16 are the IPs of AP MAnagers for each WLC.

Leo Laohoo · ‎03-23-2017

Is it possible to change the Regulatory Domain in the AP???

Not possible. The AP will need to be in autonomous mode or there will be a controller to service this Regulatory Domain.

perseas16 · ‎03-23-2017

If I turn the mode to autonomous, is it possible to change the Regulatory Domain and then return the mode to lightweight?

Leo Laohoo · ‎03-24-2017

The AP doesn't care about the Regulatory Domain if it runs on autonomous.

perseas16 · ‎03-24-2017

But if I turn it to autonomous, I won't control it from WCS? This is why I use lightweight APs, to control them from WCS. Is that true?

Leo Laohoo · ‎03-24-2017

But if I turn it to autonomous, I won't control it from WCS? This is why I use lightweight APs, to control them from WCS. Is that true?

You won't be able to control the autonomous APs from WCS but you can monitor them.

If WCS is mandatory, then you'll need to replace the AP with the one with the correct Regulatory Domain.

And no, the Regulatory Domain cannot be altered using software.

perseas16 · ‎03-24-2017

Thanks a lot for your help and for answering all of my questions.