I have more than 200 APs same model reaching and associating with my WLC but only 5 are not able! They reach the WLC on port UDP/5426 but they never go further to associate with WLC.
There is no firewall issue, all ports are open between the APs and WLC.
No DHCP issue either, they obtain an IP address from the correct pool and I'm able to ping them from controller.
Any other idea?
AP model is 1700 and Controller is Flex 7500
Which information is shown for the AP's when you look at Monitor -> Statistics -> AP Join? Can you also provide us with an output log from the console of the access-point from boot until a few minutes after it is finished booting?
Nothing appears under Monitor -> Statistics -> AP Join regarding these 5 APs.
And also, the APs have been installed in a remote site, so no possibility to have console connection; unfortunately.
In my firewall logs I see they talk to controller on port 5426, then they talk on port 12223. Then the same sequence repeats. Other APs switch to port 5427 immediately after 5426.
5246 is the aps control plane to the wlc meaning this it what it uses to connect to the wlc and send heart beats afterwards. 5247 is the data plan, in other words all your client data.
If nothing is in the join my guess it's not hitting the wlc. You would see something in the join if it was. Since you only have wlc access you would run the debug capwap events and see what you see .. Console is my way to check though ..