cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
3040
Views
0
Helpful
15
Replies

AP 1242AG can not register on WLC 4404

Alex Nikolaev
Level 1
Level 1

Hello!

I have few Cisco 4404 WLC controllers with 1242AG connected and 2 WISM 1. Everywhere is 7.0.252.0 software and country set as Russia Federations (RU). When I update WLC 4404 to 7.0.252.0 software version no one AP's can not register on controller. The error is 

failed to find matching cert.

No AP entry exist in temporary database

 but when I try to connect AP to wism - all work good. What I do wrong?

15 Replies 15

Leo Laohoo
Hall of Fame
Hall of Fame

Console into the AP and post the complete output to the command "sh version".  The AP in question could be 10 years old and the MIC has expired.  This is a known issue.

MIC - it's a certificate? We have more then 180 items of 1242 AG. Is exist some mechanism to make changes on all APs ?

Field Notice: FN - 63942 - Wireless Lightweight Access Points and WLAN Controllers Fail to Create CAPWAP/LWAPP Connections Due to Certificate Expiration - Software Upgrade Required

Post the complete output to the command "sh version" because it's not just a software upgrade (on the controller) but there's a command involved as well.

I check you link. Not same like in my case. I have no any errors about cert expiration. Only one error in debug - is

failed to find matching cert.

No AP entry exist in temporary database

In log on controller 

Cause=New Discovery Status:NA

Cause=Heartbeat Timeout Status:NA

Is this same? Tomorrow will check AP console

I changed the system time on the controller, strange situation 1 of 3 test ap - register well but 2 other have a errors in controller log - Cause=Radio interface reset. Status:NA

Kindly post the complete output to the following commands: 

1.  WLC:  sh sysinfo; 

2.  WLC:  sh time; 

3.  AP:  sh version; and 

4.  AP:  sh inventory

WLC SYSINFO

Manufacturer's Name.............................. Cisco Systems Inc.

Product Name..................................... Cisco Controller

Product Version.................................. 7.0.252.0

RTOS Version..................................... 7.0.252.0

Bootloader Version............................... 7.0.252.0

Emergency Image Version.......................... 7.0.252.0

Build Type....................................... DATA + WPS

System Name...................................... WLC_4404_Tower_1

System Location.................................. TOWER

System Contact................................... 

System ObjectID.................................. 1.3.6.1.4.1.14179.1.1.4.3

IP Address....................................... 172.17.0.10

System Up Time................................... 0 days 12 hrs 22 mins 48 secs

System Timezone Location......................... (GMT +3:00) Baghdad

Configured Country............................... RU  - Russian Federation

Operating Environment............................ Commercial (0 to 40 C)

Internal Temp Alarm Limits....................... 0 to 65 C

Internal Temperature............................. +63 C

--More-- or (q)uit

State of 802.11b Network......................... Enabled

State of 802.11a Network......................... Enabled

Number of WLANs.................................. 0

Number of Active Clients......................... 0

Burned-in MAC Address............................ 00:0B:85:43:AF:60

Crypto Accelerator 1............................. Absent

Crypto Accelerator 2............................. Absent

Power Supply 1................................... Present, OK

Power Supply 2................................... Present, Failed

Maximum number of APs supported.................. 100

AP SH VER

APe8b7.484d.2a46>sh ver
Cisco IOS Software, C1240 Software (C1240-K9W8-M), Version 12.4(23c)JA10, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2015 by Cisco Systems, Inc.
Compiled Fri 20-Mar-15 12:45 by prod_rel_team

ROM: Bootstrap program is C1240 boot loader
BOOTLDR: C1240 Boot Loader (C1240-BOOT-M) Version 12.4(13d)JA, RELEASE SOFTWARE (fc2)

APe8b7.484d.2a46 uptime is 10 hours, 50 minutes
System returned to ROM by power-on
System image file is "flash:/c1240-k9w8-mx.124-23c.JA10/c1240-k9w8-mx.124-23c.JA10"


This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.

A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html

If you require further assistance please contact us by sending email to
export@cisco.com.

cisco AIR-LAP1242AG-E-K9 (PowerPCElvis) processor (revision A0) with 27638K/5120K bytes of memory.
Processor board ID FCZ152381AY
PowerPCElvis CPU at 262Mhz, revision number 0x0950
Last reset from power-on
LWAPP image version 7.0.252.0
1 FastEthernet interface
2 802.11 Radio(s)

32K bytes of flash-simulated non-volatile configuration memory.
Base ethernet MAC Address: E8:B7:48:4D:2A:46
Part Number : 73-10256-07
PCA Assembly Number : 800-26918-06
PCA Revision Number : A0
PCB Serial Number : FOC15161AZ7
Top Assembly Part Number : 800-29233-02
Top Assembly Serial Number : FCZ152381AY
Top Revision Number : A0
Product/Model Number : AIR-AP1242AG-E-K9

Configuration register is 0xF

AP SH INVENT

APe8b7.484d.2a46>sh inventory
NAME: "AP1240", DESCR: "Cisco Aironet 1240 Series (IEEE 802.11a/g) Access Point"
PID: AIR-AP1242AG-E-K9 , VID: V04, SN: FCZ152381AY

Hi,

Your controller configured as:

Configured Country............................... RU  - Russian Federation

And your AP shows it is in Europe domain: 

Product/Model Number : AIR-AP1242AG-E-K9

I think either you need to change the country code on WLC or you need to replace 1242AG AP with -R- domain(AIR-AP1242AG-R-K9)

Regards

Dont forget to rate helpful posts

I do not think so. There is no country code Europe, only countries (Spain, Estonia, etc) and second one - i changed year to 2011 - all work well, if I changing it back and reload controller - same situation (AP cannot register)

Don't "add" European countries.  Remove "Russia" from the controller and see if the AP joins.

I agree with Sandeep (below).  The AP has the Regulatory Domain of Europe (-E) but APs for Russia must have the Regulatory Domain of "-R".

Which domain should I select? EE - Estonian, ES -Spain - but we talking about Country domain not about Regulatory right? Regulatory Domain is -AER on controller.

Choose any European country(example: Spain )on controller and then try again.

hiw to change country code:

https://rscciew.wordpress.com/2014/02/08/country-code-on-wlc/

Regards

dont forget to rate helpful posts

I changed country to Germany and my reg domain is E but nothing changed. Nothing in controller log, no ap registered. But if I change year on controller to 2011 or 2012 - ap's successfully registered and work well. I think it's a mic certificate issue.

Review Cisco Networking for a $25 gift card