Solved: Re: AP cannot get internet

wfqk · ‎09-10-2017

Hi, Switch 3560(vlan10), WLC management interface are all in the same vlan. The Switch vlan 10 is 10.0.0.90, WLC management ip address are10.0.0.92. Its dhcp point to 10.0.0.1 in management interface. The WLC is associated with the AP normally. The AP get ip address from dhcp pool located in Switch. The question is after internet cable is plugged into vlan 10 Switch port, WLC lose connection with AP. After unplugging the cable, WLC can see the AP. The internet gateway is 10.0.0.1 Anyone can give some suggestion? Can I say that is caused by two dhcp in the vlan10? Thanks

Flavio Miranda · ‎09-10-2017

Alright man,

First, if your switch port is in trunk mode, your WLC should be in Lag mode. This is how WLC talks with Switch trunk port.

Looks like you are using an old version (4400 maybe?). But, it is ok, the thing is, when you have ap-manager interface, this interface is used to join APs.

You can see this here:

DTLS connection request sent peer_ip: 10.1.1.2 peer_port: 5246

Max retransmit count for 10.1.1.2 is reached

So, the ap-manager interface should be on the same VLAN as AP.

Is that make sense?

View solution in original post

Flavio Miranda · ‎09-10-2017

Hello,

"The WLC is associated with the AP normally. The AP get ip address from dhcp pool located in Switch. The question is after internet cable is plugged into vlan 10 Switch port, WLC lose connection with AP. After unplugging the cable, WLC can see the AP."

This is a bit confuse.

What do you mean by plug internet cable on vlan 10 ?

the Swtich port that the WLC is connected is in trunk mode on the switch?

Is it the WLC on lag mode?

Can you give more detail?

wfqk · ‎09-10-2017

Thank you so much for your reply. Sorry it is not clear.

"What do you mean by plug internet cable on vlan 10 ?"

PC can reach to internet via cable(RJ45). Now I plugged the cable into the switch. The PC and AP are plugged into the switch and in vlan10

"the Swtich port that the WLC is connected is in trunk mode on the switch?"

WLC is connected to Switch by trunk

"Is it the WLC on lag mode?"

no, it is not in lag mode

(WLC-1) >show interface summary

Interface Name Port Vlan Id IP Address Type Ap Mgr Guest
-------------------------------- ---- -------- --------------- ------- ------ -----
ap-manager 2 10 10.1.1.2 Static Yes No
guest 1 50 10.1.5.5 Dynamic No No
management 2 10 10.0.0.90 Static No No
service-port N/A N/A 192.168.1.1 Static No No
virtual N/A N/A 1.1.1.1 Static No No

=================

ap-1>
ap-1>
*Jul 8 03:32:39.052: %DTLS-5-SEND_ALERT: Send FATAL : Close notify Alert to 10.1.1.2:5246
*Jul 8 03:32:39.107: %CAPWAP-5-CHANGED: CAPWAP changed state to DISCOVERY
*Jul 8 03:32:39.107: %CAPWAP-5-CHANGED: CAPWAP changed state to DISCOVERY
*Jul 8 03:32:39.130: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to administratively down
*Jul 8 03:32:39.130: %LINK-5-CHANGED: Interface Dot11Radio1, changed state to administratively down
*Jul 8 03:32:40.129: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to down
*Jul 8 03:32:40.130: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio1, changed state to down
*Jul 8 03:32:40.286: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to reset
*Jul 8 03:32:40.300: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to up
*Jul 8 03:32:40.904: status of voice_diag_test from WLC is false
*Jul 8 03:32:40.912: %LINK-5-CHANGED: Interface Dot11Radio1, changed state to reset
*Jul 8 03:32:40.933: %LINK-3-UPDOWN: Interface Dot11Radio1, changed state to up
*Jul 8 03:32:41.300: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to up
*Jul 8 03:32:41.933: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio1, changed state to up
*Jul 8 03:33:51.000: %CAPWAP-5-DTLSREQSEND: DTLS connection request sent peer_ip: 10.1.1.2 peer_port: 5246
*Jul 8 03:33:51.000: %CAPWAP-5-CHANGED: CAPWAP changed state to
*Jul 8 03:34:20.999: DTLS_CLIENT_ERROR: ../dtls/dtls_connection_db.c:2017 Max retransmission count reached!
*Jul 8 03:34:20.999: %DTLS-3-HANDSHAKE_RETRANSMIT: Max retransmit count for 10.1.1.2 is reached.
*Jul 8 03:34:51.053: %DTLS-5-SEND_ALERT: Send FATAL : Close notify Alert to 10.1.1.2:5246
*Jul 8 03:33:51.000: %CAPWAP-5-DTLSREQSEND: DTLS connection request sent peer_ip: 10.1.1.2 peer_port: 5246

Flavio Miranda · ‎09-10-2017

Alright man,

First, if your switch port is in trunk mode, your WLC should be in Lag mode. This is how WLC talks with Switch trunk port.

Looks like you are using an old version (4400 maybe?). But, it is ok, the thing is, when you have ap-manager interface, this interface is used to join APs.

You can see this here:

DTLS connection request sent peer_ip: 10.1.1.2 peer_port: 5246

Max retransmit count for 10.1.1.2 is reached

So, the ap-manager interface should be on the same VLAN as AP.

Is that make sense?

wfqk · ‎09-11-2017

Thank you Flavio. After changing ap-manager to same vlan, It began to work!

Now, I still have questions that I am not sure of:

1. Before ap-manager interface ip changed to the same vlan, Why could it not work only when the internet cable was plugged into the switch

2. I did not enable lag, it still can work. I think in this 4402, i only enable one distribute port.

Flavio Miranda · ‎09-11-2017

Hello,

1. Before ap-manager interface ip changed to the same vlan, Why could it not work only when the internet cable was plugged into the switch

It is still unclear to me this setup the way you put this. But, can be result of Spanning-tree action. Depends on the way you connect Switches to other devices, this can cause spanning-tree to block some ports.

2. I did not enable lag, it still can work. I think in this 4402, i only enable one distribute port.

But if you need to have multiples SSID and segregate traffic and/or at the same time bound physical ports together to have more capacity, we´ll need enable Lag.

wfqk · ‎09-11-2017

Thank you!!

Flavio Miranda · ‎09-11-2017

Thank you for rating. This will help others find solution!!