cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1666
Views
5
Helpful
6
Replies

AP cannot join to Wireless Controller

timothy_MTS
Level 1
Level 1

Hello everyone,

I am trying to make my AP C2600 to join to my exiting Virtual Wireless controller which has already controlling over 10 units. They are c2700 series.

The AP C2600 was used and connected to other Wireless controller before but it was decommissioned. I have already wiped and reset it into factory default. Now I couldn't make it connects to the exiting vWLC.

I followed the instruction to reset by pressing the MODE button until it turns to amber light. I also made the switch port on my switch to a VLAN which is able to route to the vWLC. The VLAN also with the DHCP, and I also created this option 43, which shows the direction/IP of the vWLC. From the vWLC, I can also see vWLC got in touch with the AP, but it says Received Discovery request and sent response.

Now I have no idea on what I can make this AP communicate with the vWLC.

Here I got some captures for the bootup of the AP, and some of the errors shown when the AP tries to talk to the vWLC.

172.22.29.230 is the wireless controller IP

IOS Bootloader - Starting system.
flash is writable
FLASH CHIP:  Numonyx Mirrorbit (0089)
Xmodem file system is available.
flashfs[0]: 75 files, 8 directories
flashfs[0]: 0 orphaned files, 0 orphaned directories
flashfs[0]: Total bytes: 31997952
flashfs[0]: Bytes used: 15358464
flashfs[0]: Bytes available: 16639488
flashfs[0]: flashfs fsck took 18 seconds.
Reading cookie from SEEPROM
Base Ethernet MAC address: 00:3a:9a:ab:bb:22
Ethernet speed is 1000 Mb - FULL Duplex
Loading "flash:/ap3g2-k9w8-mx.153-3.JD/ap3g2-k9w8-mx.153-3.JD"...#########################

File "flash:/ap3g2-k9w8-mx.153-3.JD/ap3g2-k9w8-mx.153-3.JD" uncompressed and installed, entry point: 0x2003000
executing...

Secondary Bootloader - Starting system.
Tide MB - 32MB of flash
Xmodem file system is available.
flashfs[0]: 75 files, 8 directories
flashfs[0]: 0 orphaned files, 0 orphaned directories
flashfs[0]: Total bytes: 31997952
flashfs[0]: Bytes used: 15358464
flashfs[0]: Bytes available: 16639488
flashfs[0]: flashfs fsck took 8 seconds.
flashfs[1]: 0 files, 1 directories
flashfs[1]: 0 orphaned files, 0 orphaned directories
flashfs[1]: Total bytes: 12257280
flashfs[1]: Bytes used: 1024
flashfs[1]: Bytes available: 12256256
flashfs[1]: flashfs fsck took 1 seconds.
Base Ethernet MAC address: 00:3a:9a:ab:bb:22

2600/3600 AP, PID: 'AIR-CAP2602I-N-K9 '. Checking for BL upgrade...
BL: C2600 Boot Loader (AP3G2-BOOT-M) LoaderVersion 12.4(25e)JAY, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Compiled Thu 03-Oct-13 03:35 by sdcunha

BL Build year: 13
Unable to locate IOS image with name **xx**.
Boot CMD: 'boot  flash:/ap3g2-k9w8-mx.153-3.JD/ap3g2-k9w8-xx.153-3.JD'
Loading "flash:/ap3g2-k9w8-mx.153-3.JD/ap3g2-k9w8-xx.153-3.JD"...#################################################
File "flash:/ap3g2-k9w8-mx.153-3.JD/ap3g2-k9w8-xx.153-3.JD" uncompressed and installed, entry point: 0x1003000
executing...

              Restricted Rights Legend

Use, duplication, or disclosure by the Government is
subject to restrictions as set forth in subparagraph
(c) of the Commercial Computer Software - Restricted
Rights clause at FAR sec. 52.227-19 and subparagraph
(c) (1) (ii) of the Rights in Technical Data and Computer
Software clause at DFARS sec. 252.227-7013.

           cisco Systems, Inc.
           170 West Tasman Drive
           San Jose, California 95134-1706



Cisco IOS Software, C2600 Software (AP3G2-K9W8-M), Version 15.3(3)JD, RELEASE SOFTWARE (fc3)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2016 by Cisco Systems, Inc.
Compiled Fri 29-Jul-16 04:06 by prod_rel_team

Tide MB - 32MB of flash
Initializing flashfs...

flashfs[2]: 75 files, 8 directories
flashfs[2]: 0 orphaned files, 0 orphaned directories
flashfs[2]: Total bytes: 31739904
flashfs[2]: Bytes used: 15358464
flashfs[2]: Bytes available: 16381440
flashfs[2]: flashfs fsck took 9 seconds.
flashfs[2]: Initialization complete.
flashfs[4]: 0 files, 1 directories
flashfs[4]: 0 orphaned files, 0 orphaned directories
flashfs[4]: Total bytes: 11999232
flashfs[4]: Bytes used: 1024
flashfs[4]: Bytes available: 11998208
flashfs[4]: flashfs fsck took 1 seconds.
flashfs[4]: Initialization complete.
Copying radio files from flash: to ram:
Copy in progress...CCCCC
Copy in progress...CCC
Copy in progress...CCCC
Copy in progress...CCCC
Copy in progress...CC
Copy in progress...CC
Copy in progress...CCCC
Copy in progress...CC
Copy in progress...CCCCCC
Copy in progress...CCCC
Copy in progress...CC
Copy in progress...C
Uncompressing radio files...
...done Initializing flashfs.

Radio0  present 8764 8000 0 A8000000 A8010000 0
Rate table has 650 entries (20 legacy/224 11n/406 11ac)

POWER TABLE FILENAME = ram:/Y2.bin

Radio1  present 8764 8000 0 88000000 88010000 4
POWER TABLE FILENAME = ram:/Y5.bin

This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.

A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html

If you require further assistance please contact us by sending email to
export@cisco.com.

cisco AIR-CAP2602I-N-K9 (PowerPC) processor (revision A0) with 188398K/60928K bytes of memory.
Processor board ID FGL1648Z2EL
PowerPC CPU at 800Mhz, revision number 0x2151
Last reset from power-on
LWAPP image version 8.3.102.0
1 Gigabit Ethernet interface
2 802.11 Radios

32K bytes of flash-simulated non-volatile configuration memory.
Base ethernet MAC Address: 00:3A:9A:AB:BB:22
Part Number                          : 73-14588-02
PCB Serial Number                    : FOC164767ED
Top Assembly Part Number             : 800-38356-01
Top Assembly Serial Number           : FGL1648Z2EL
Top Revision Number                  : A0
Product/Model Number                 : AIR-CAP2602I-N-K9
% Please define a domain-name first.


Press RETURN to get started!


*Mar  1 00:00:14.207: %SOAP_FIPS-2-SELF_TEST_IOS_SUCCESS: IOS crypto FIPS self test passed (15)
*Mar  1 00:00:14.663: Registering HW DTLS

*Mar  1 00:00:17.343: %LINK-6-UPDOWN: Interface GigabitEthernet0, changed state to up
*Mar  1 00:00:19.823: %SOAP_FIPS-2-SELF_TEST_RAD_SUCCESS: RADIO crypto FIPS self test passed on interface Dot11Radio 0 (4)
*Mar  1 00:00:19.935: loading Power Tables from ram:/Y2.bin. Class = A
*Mar  1 00:00:19.939:  record size of 3ss: 1168 read_ptr: 4DC33AE

*Mar  1 00:00:24.811: %SOAP_FIPS-2-SELF_TEST_RAD_SUCCESS: RADIO crypto FIPS self test passed on interface Dot11Radio 1 (4)
*Mar  1 00:00:24.855: loading Power Tables from ram:/Y5.bin. Class = N
*Mar  1 00:00:24.903:  record size of 3ss: 1168 read_ptr: 4DC33AE
APAVC Registering AVC licences on the AP to make sure we enable advanced PP
APAVC Protocol list already initialized.

*Mar  1 00:00:26.255: Start STILE Activation
APAVC: Succeeded to activate all the STILE protocols.
APAVC: Registering with CFT

*Mar  1 00:00:26.471: APAVC: CFT registration of delete callback succeeded
APAVC: Reattaching  Original Buffer pool for system use

*Mar  1 00:00:28.315: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0, changed state to down
*Aug 29 01:19:17.067: %DOT11-5-EXPECTED_RADIO_RESET: Restarting Radio interface Dot11Radio0 due to hostname change
*Aug 29 01:19:17.067: %DOT11-5-EXPECTED_RADIO_RESET: Restarting Radio interface Dot11Radio1 due to hostname change
*Aug 29 01:19:17.075: %SYS-5-RESTART: System restarted --
Cisco IOS Software, C2600 Software (AP3G2-K9W8-M), Version 15.3(3)JD, RELEASE SOFTWARE (fc3)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2016 by Cisco Systems, Inc.
Compiled Fri 29-Jul-16 04:06 by prod_rel_team
*Aug 29 01:19:17.075: %SNMP-5-COLDSTART: SNMP agent on host AP003a.9aab.bb22 is undergoing a cold start
*Aug 29 01:19:19.139: %LINEPROTO-5-UPDOWN: Line protocol on Interface BVI1, changed state to up
*Aug 29 01:19:19.167: %DOT11-5-EXPECTED_RADIO_RESET: Restarting Radio interface Dot11Radio0 due to hostname change
*Aug 29 01:19:19.167: %DOT11-5-EXPECTED_RADIO_RESET: Restarting Radio interface Dot11Radio1 due to hostname change
*Aug 29 01:19:19.187: %DOT11-5-EXPECTED_RADIO_RESET: Restarting Radio interface Dot11Radio0 due to interface reset
*Aug 29 01:19:19.191: %LINK-6-UPDOWN: Interface Dot11Radio0, changed state to up
*Aug 29 01:19:19.195: %DOT11-5-EXPECTED_RADIO_RESET: Restarting Radio interface Dot11Radio1 due to interface resetlwapp_crypto_init: MIC Present and Parsed Successfully

*Aug 29 01:19:19.359: %SSH-5-ENABLED: SSH 2.0 has been enabled
*Aug 29 01:19:19.359: %LINK-6-UPDOWN: Interface Dot11Radio1, changed state to up
*Aug 29 01:19:20.191: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to down
*Aug 29 01:19:20.359: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio1, changed state to down
*Aug 29 01:19:24.935: %SOAP_FIPS-2-SELF_TEST_HW_SUCCESS: HW crypto FIPS self test passed (2-16)
*Aug 29 01:19:24.935: DPAA Initialization Complete
*Aug 29 01:19:24.935: %SYS-3-HARIKARI: Process DPAA INIT top-level routine exited
*Aug 29 01:19:25.179: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0, changed state to up
*Aug 29 01:19:30.195: %DHCP-6-ADDRESS_ASSIGN: Interface BVI1 assigned DHCP address 172.22.185.29, mask 255.255.255.0, hostname AP003a.9aab.bb22

*Aug 29 01:19:35.259: Currently running a Release Image
validate_sha2_block: Failed to get certificate chain
*Aug 29 01:19:35.283: Using SHA-1 signed certificate for image signing validation.%Default route without gateway, if not a point-to-point interface, may impact performance
*Aug 29 01:19:42.955: AP image integrity check PASSED

*Aug 29 01:19:42.959: Non-recovery image. PNP Not required.

*Aug 29 01:19:43.075:  validate_sha2_block:No SHA2 Block present on this AP.

*Aug 29 01:19:43.095: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to reset
*Aug 29 01:19:43.095: %LINK-5-CHANGED: Interface Dot11Radio1, changed state to reset
%Error opening flash:/capwap-saved-config (No such file or directory)
%Error opening flash:/capwap-saved-config-bak (No such file or directory)
*Aug 29 01:19:53.107: %SYS-6-LOGGINGHOST_STARTSTOP: Logging to host 255.255.255.255 port 0 CLI Request Triggered
*Aug 29 01:19:54.107: %SYS-6-LOGGINGHOST_STARTSTOP: Logging to host 255.255.255.255 port 514 started - CLI initiated
Translating "CISCO-CAPWAP-CONTROLLER.maoritelevision.com"...domain server (172.22.0.1) [OK]

*Aug 29 01:20:04.111: %CAPWAP-5-DHCP_OPTION_43: Controller address 172.22.29.230 obtained through DHCP
*Aug 29 01:20:07.207: %DOT11-5-EXPECTED_RADIO_RESET: Restarting Radio interface Dot11Radio0 due to interface reset
*Aug 29 01:20:07.207: %DOT11-5-EXPECTED_RADIO_RESET: Restarting Radio interface Dot11Radio1 due to interface reset
*Aug 29 01:20:07.207: %CDP_PD-4-POWER_OK: Full power - NEGOTIATED inline power source
*Aug 29 01:20:08.315: %LINK-6-UPDOWN: Interface Dot11Radio0, changed state to up
*Aug 29 01:20:09.315: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to up
*Aug 29 01:20:09.423: %LINK-6-UPDOWN: Interface Dot11Radio1, changed state to up
*Aug 29 01:20:10.423: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio1, changed state to up
*Aug 29 02:09:00.000: %CAPWAP-5-DTLSREQSEND: DTLS connection request sent peer_ip: 172.22.29.230 peer_port: 5246
*Aug 29 02:09:00.223: %DTLS-5-ALERT: Received FATAL : Certificate unknown alert from 172.22.29.230
*Aug 29 02:09:00.223: %DTLS-5-SEND_ALERT: Send FATAL : Close notify Alert to 172.22.29.230:5246

*Aug 29 22:43:40.000: %CAPWAP-5-DTLSREQSEND: DTLS connection request sent peer_ip: 172.22.29.230 peer_port: 5246
*Aug 29 22:43:40.223: %DTLS-5-ALERT: Received FATAL : Certificate unknown alert from 172.22.29.230
*Aug 29 22:43:40.223: %DTLS-5-SEND_ALERT: Send FATAL : Close notify Alert to 172.22.29.230:5246
*Aug 29 22:44:45.000: %CAPWAP-5-DTLSREQSEND: DTLS connection request sent peer_ip: 172.22.29.230 peer_port: 5246
*Aug 29 22:44:45.223: %DTLS-5-ALERT: Received FATAL : Certificate unknown alert from 172.22.29.230
*Aug 29 22:44:45.223: %DTLS-5-SEND_ALERT: Send FATAL : Close notify Alert to 172.22.29.230:5246

 

vWLC1.JPG

Thank you.

Timothy

1 Accepted Solution

Accepted Solutions

Controller is on 8.7.X.X but the 2600/3600 will never be support beyond 8.6.X.X and later. 

Downgrade the controller to 8.5.X.X and the 2600/3600 will be supported.

View solution in original post

6 Replies 6

Leo Laohoo
Hall of Fame
Hall of Fame

What firmware is the controller on?

@Leo Laohoo 

Here you are. Thanks. I just masked the MAC address for safety

System Inventory
NAME: "Chassis"    , DESCR: "Cisco Wireless Controller"
PID: AIR-CTVM-K9,  VID: V01,  SN: 9IKVRDVO7SK

Burned-in MAC Address............................ XX:50:56:XX:XX:XX
Maximum number of APs supported.................. 200
Press Enter to continue or <ctrl-z> to abort


System Information
Manufacturer's Name.............................. Cisco Systems Inc.
Product Name..................................... Cisco Controller
Product Version.................................. 8.7.106.0
RTOS Version..................................... 8.7.106.0
Bootloader Version............................... 8.5.1.85
Emergency Image Version.......................... 8.7.106.0

OUI File Last Update Time........................ Tue Feb 06 10:44:07 UTC 2018

Build Type....................................... DATA + WPS

 

 

Controller is on 8.7.X.X but the 2600/3600 will never be support beyond 8.6.X.X and later. 

Downgrade the controller to 8.5.X.X and the 2600/3600 will be supported.

Thanks @Leo Laohoo 

So if the firmware is compatible with the 2600 AP, then the procedure should be straight forward to get it done, and the vWLC should be able to communicate with the AP?

Cheers

Even though the 2600/3600 can be loaded with 17.12.1 firmware, Cisco has written the WLC 8.6.X.X (and later) firmware to not accept the 2600/3600. 

The last WLC firmware to support the 2600/3600 is 8.5.X.X.

Yes current latest is 8.5.182.11 (link below).
Make sure you have "config ap cert-expiry-ignore mic enable" configured on the WLC.

Review Cisco Networking for a $25 gift card