03-25-2014 03:19 PM - edited 07-05-2021 12:32 AM
Unboxing AP3702 and it do not wont to join WLC !
Manufacturer's Name.............................. Cisco Systems Inc.
Product Name..................................... Cisco Controller
Product Version.................................. 7.6.110.0
Bootloader Version............................... 1.0.20
Field Recovery Image Version..................... 7.6.101.1
Firmware Version................................. FPGA 1.7, Env 1.8, USB console 2.2
Build Type....................................... DATA + WPS
Authorize MIC APs against Auth-list or AAA ...... disabled
Authorize LSC APs against Auth-List ............. disabled
APs Allowed to Join
AP with Manufacturing Installed Certificate.... yes
AP with Self-Signed Certificate................ no
AP with Locally Significant Certificate........ no
Version AP:
ROM: Bootstrap program is C3700 boot loader
BOOTLDR: C3700 Boot Loader (AP3G2-BOOT-M) LoaderVersion 15.2(4)JB, RELEASE SOFTWARE (fc1)
APd072.dc01.0020 uptime is 7 minutes
System returned to ROM by power-on
System image file is "flash:/ap3g2-k9w8-mx.152-4.JB1/ap3g2-k9w8-xx.152-4.JB1"
Error on AP:
%CAPWAP-3-ERRORLOG: Go join a capwap controller
%CAPWAP-5-DTLSREQSEND: DTLS connection request sent peer_ip: 172.xx.xx.10 peer_port: 5246
%LINK-6-UPDOWN: Interface Dot11Radio0, changed state to down
%LINK-5-CHANGED: Interface Dot11Radio0, changed state to reset
%CAPWAP-5-DTLSREQSUCC: DTLS connection created sucessfully peer_ip: 172.xx.xx.10 peer_port: 5246
%CAPWAP-5-SENDJOIN: sending Join Request to 172.xx.xx.10
%CAPWAP-3-ERRORLOG: Invalid event 10 & state 5 combination.
%CAPWAP-3-ERRORLOG: CAPWAP SM handler: Failed to process message type 10 state 5.
%CAPWAP-3-ERRORLOG: Failed to handle capwap control message from controller
Error on WLC
AAA Authentication Failure for UserName:d072dc010020 User Type: WLAN USER
03-25-2014 03:25 PM
Please post the following command outputs:
NOTE: Please post the full output and do not edit out any details.
03-25-2014 03:29 PM
I think you have point.. i look at AP show time and its 1h behind :)
03-25-2014 03:51 PM
Manufacturer's Name.............................. Cisco Systems Inc.
Product Name..................................... Cisco Controller
Product Version.................................. 7.6.110.0
Bootloader Version............................... 1.0.20
Field Recovery Image Version..................... 7.6.101.1
Firmware Version................................. FPGA 1.7, Env 1.8, USB console 2.2
Build Type....................................... DATA + WPS
System Name...................................... WLC5508
System Location..................................
System Contact...................................
System ObjectID.................................. 1.3.6.1.4.1.9.1.1069
Redundancy Mode.................................. SSO (Both AP and Client SSO)
IP Address....................................... 172.30.20.64
Last Reset....................................... Software reset
System Up Time................................... 0 days 2 hrs 7 mins 16 secs
System Timezone Location......................... (GMT +1:00) Amsterdam, Berlin, Rome, Vienna
System Stats Realtime Interval................... 5
System Stats Normal Interval..................... 180
Configured Country............................... SE - Sweden
Operating Environment............................ Commercial (0 to 40 C)
--More-- or (q)uit
Internal Temp Alarm Limits....................... 0 to 65 C
Internal Temperature............................. +40 C
External Temperature............................. +21 C
Fan Status....................................... OK
State of 802.11b Network......................... Enabled
State of 802.11a Network......................... Enabled
Number of WLANs.................................. 4
Number of Active Clients......................... 50
Burned-in MAC Address............................ 6C:20:56:BD:1F:A0
Power Supply 1................................... Present, OK
Power Supply 2................................... Present, OK
Maximum number of APs supported.................. 100
(Cisco Controller) >show time
Time............................................. Tue Mar 25 23:48:49 2014
Timezone delta................................... 0:0
Timezone location................................ (GMT +1:00) Amsterdam, Berlin, Rome, Vienna
NTP Servers
NTP Polling Interval......................... 3600
Index NTP Key Index NTP Server NTP Msg Auth Status
------- ----------------------------------------------------------------------------------
2 0 172.30.20.1 AUTH DISABLED
APd072.dc01.0020#sh ver
Cisco IOS Software, C3700 Software (AP3G2-K9W8-M), Version 15.2(4)JB1, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2013 by Cisco Systems, Inc.
Compiled Sat 16-Nov-13 11:00 by prod_rel_team
ROM: Bootstrap program is C3700 boot loader
BOOTLDR: C3700 Boot Loader (AP3G2-BOOT-M) LoaderVersion 15.2(4)JB, RELEASE SOFTWARE (fc1)
APd072.dc01.0020 uptime is 38 minutes
System returned to ROM by power-on
System restarted at 22:10:47 UTC Tue Mar 25 2014
System image file is "flash:/ap3g2-k9w8-mx.152-4.JB1/ap3g2-k9w8-xx.152-4.JB1"
Last reload reason:
This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.
A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html
If you require further assistance please contact us by sending email to
export@cisco.com.
cisco AIR-CAP3702I-E-K9 (PowerPC) pr
Mar 25 22:49:17.383: %LINK-6-UPDOWN: Interface Dot11Radio0, changed state to downocessor (revision A0) with 204790K/57344K bytes of memory.
Processor board ID FCZ1811W0LX
PowerPC CPU at 800Mhz, revision number 0x2151
Last reset from power-on
LWAPP image version 7.6.1.118
1 Gigabit Ethernet interface
2 802.11 Radios
32K bytes of flash-simulated non-volatile configuration memory.
Base ethernet MAC Address: D0:72:DC:01:00:20
Part Number : 73-15243-01
PCA Assembly Number : 000-00000-00
--More--
Mar 25 22:49:17.387: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to reset
Mar 25 22:49:18.387: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to down
Mar 25 22:49:18.407: %LINK-6-UPDOWN: Interface Dot11Radio0, changed state to up
Mar 25 22:49:19.407: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed sPCA Revision Number :
PCB Serial Number : FOC180823YE
Top Assembly Part Number : 068-05054-01
Top Assembly Serial Number : FCZ1811W0LX
Top Revision Number : A0
Product/Model Number : AIR-CAP3702I-E-K9
Configuration register is 0xF
APd072.dc01.0020# sh ip interface brief; and
Interface IP-Address OK? Method Status Protocol
BVI1 172.30.6.153 YES DHCP up up
Dot11Radio0 unassigned NO unset up up
Dot11Radio1 unassigned NO unset up up
GigabitEthernet0 unassigned NO unset up up
Virtual-WLAN0 unassigned NO unset up up
Virtual-WLAN0.1 unassigned NO unset up up
Virtual-WLAN0.2 unassigned NO unset up up
Virtual-WLAN0.3 unassigned NO unset up up
Virtual-WLAN0.4 unassigned NO unset up up
Virtual-WLAN0.5 unassigned NO unset up up
Virtual-WLAN0.6 unassigned NO unset up up
Virtual-WLAN0.7 unassigned NO unset up up
Virtual-WLAN0.8 unassigned NO unset up up
Virtual-WLAN0.9 unassigned NO unset up up
Virtual-WLAN0.10 unassigned NO unset up up
Virtual-WLAN0.11 unassigned NO unset up up
Virtual-WLAN0.12 unassigned NO unset up up
Virtual-WLAN0.13 unassigned NO unset up up
Virtual-WLAN0.14 unassigned NO unset up up
Virtual-WLAN0.15 unassigned NO unset up up
Virtual-WLAN0.16 unassigned NO unset up up
APd072.dc01.0020#sh inventory
NAME: "AP3700", DESCR: "Cisco Aironet 3700 Series (IEEE 802.11ac) Access Point"
PID: AIR-CAP3702I-E-K9 , VID: V01, SN: FCZ1811W0LX
03-25-2014 04:03 PM
But all other AP work fine ! any suggestions ?
'
03-25-2014 04:47 PM
Have you configured any AP policy (Security -> AP Policy ) ? If so you have to add AP mac address on to the list
HTH
Rasika
*** Pls rate all useful responses ****
03-25-2014 05:37 PM
No we do not have. it looks i found solution :)
03-25-2014 05:11 PM
If this AP can ping the controller, can you console into the AP and enter the command "capwap ap controller ip address <WLC management IP address>".
Can you also post the first page of the output to the WLC command "sh ap summary"?
03-25-2014 05:36 PM
I think here is the problem
APd072.dc01.0020#sh capwap client rcb
AdminState : ADMIN_ENABLED
SwVer : 7.6.1.118
NumFilledSlots : 2
Name : APd072.dc01.0020
Location : default location
MwarName : WLC5508
MwarApMgrIp : 172.30.20.64
MwarHwVer : 0.0.0.0
ApMode : Bridge
ApSubMode : Not Configured
OperationState : JOIN
CAPWAP Path MTU : 576
LinkAuditing : disabled
ApRole : MeshAP
ApBackhaul : 802.11a
ApBackhaulChannel : 0
Lightweight Access Point does not register with the WLC. The log displays this the error message
AAA Authentication Failure for UserName:5475xxx8bf9c User Type: WLAN USER
This can happen if the Lightweight Access Point was shipped with a mesh image and is in Bridge mode. If the LAP was ordered with mesh software on it, you need to add the LAP to the AP authorization list. Choose Security > AP Policies and add AP to the Authorization List. The AP should then join, download the image from the controller, then register with the WLC in bridge mode. Then you need to change the AP to local mode. The LAP downloads the image, reboots and registers back to the controller in local mode.
http://www.cisco.com/c/en/us/support/docs/wireless/4400-series-wireless-lan-controllers/99948-lap-notjoin-wlc-tshoot.html#p9
Problem 17
03-25-2014 05:47 PM
Cisco Controller) >show ap summary
Number of APs.................................... 62
Global AP User Name.............................. Not Configured
Global AP Dot1x User Name........................ Not Configured
03-25-2014 05:29 PM
I think i have it.. the AP is in Bridge mode and need to be set to Local mode.
03-25-2014 06:09 PM
I just did the trick :)
Add mac address in Security->MAC Filtering and it works :)
///Aram
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide