cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
4165
Views
0
Helpful
20
Replies

AP1852I-B-K9 cannot join WLC 2504

Jason_jjc
Level 1
Level 1

Hi 

 

I have a VLC 2504 with 24 x CAP2702I-E-K9 AP's all connected and working. I am attempingt to add 5 x new AP1852I-B-K9 AP's without any success. 

 

WLC ws ver - 8.2.121.0

 

I have this message on the new AP that keeps repeating , help ! 

 

[*09/28/2017 00:42:48.5948] Discovery Response from 10.192.2.10
[*09/28/2017 00:42:58.0000] CAPWAP State: DTLS Setup
[*09/28/2017 00:42:58.1399] CAPWAP State: Join
[*09/28/2017 00:42:58.1399] Sending Join request to 10.192.2.10 through port 5272
[*09/28/2017 00:42:58.1399] Join Response from 10.192.2.10
[*09/28/2017 00:42:58.1399] CAPWAP State: Image Data
[*09/28/2017 00:42:58.1399] CAPWAP State: Configure
[*09/28/2017 00:42:58.2099] DTLS: packet too old or a replay distance=0, this_seq_num=1, last_seq_num=1
[*09/28/2017 00:43:43.8057] GOING BACK TO DISCOVER MODE
[*09/28/2017 00:43:43.8057] CAPWAP State: DTLS Teardown
[*09/28/2017 00:43:48.5642] CAPWAP State: Discovery
[*09/28/2017 00:44:18.5948] Discovery Request sent to 255.255.255.255 with discovery type set to CAPWAP_DISCOVERY_TYPE_UNKNOWN(0)

1 Accepted Solution

Accepted Solutions

Do it using web gui, can you? will be easier.

Go to Wireless> Country and add  both.

View solution in original post

20 Replies 20

Are you running capwap on it or mobility express ?

 

"Sending Join request to 10.192.2.10 through port 5272"

Can you run 

show capwap ip config on the AP?

Hi Flavio , its straight out the box. I was told by sales that it would auto connect to the WLC. 

 

APA0F8.49DA.1578>show capwap ip config
IP Address : 10.192.2.60
IP netmask : 255.255.255.0
Default Gateway : 10.192.2.254
APA0F8.49DA.1578>

I think this is ME.

Can you run "show version" please?

APA0F8.49DA.1578>show version
Restricted Rights Legend

Use, duplication, or disclosure by the Government is subject to
restrictions as set forth in subparagraph (c) of the Commercial
Computer Software - Restricted Rights clause at FAR sec. 52.227-19 and
subparagraph (c) (1) (ii) of the Rights in Technical Data and Computer
Software clause at DFARS sec. 252.227-7013.

Cisco Systems, Inc.
170 West Tasman Drive
San Jose, California 95134-1706

This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.

A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html

If you require further assistance please contact us by sending email to
export@cisco.com.

This product contains some software licensed under the
"GNU General Public License, version 2" provided with
ABSOLUTELY NO WARRANTY under the terms of
"GNU General Public License, version 2", available here:
http://www.gnu.org/licenses/old-licenses/gpl-2.0.html

This product contains some software licensed under the
"GNU Library General Public License, version 2" provided
with ABSOLUTELY NO WARRANTY under the terms of "GNU Library
General Public License, version 2", available here:
http://www.gnu.org/licenses/old-licenses/lgpl-2.0.html

This product contains some software licensed under the
"GNU Lesser General Public License, version 2.1" provided
with ABSOLUTELY NO WARRANTY under the terms of "GNU Lesser
General Public License, version 2.1", available here:
http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html

-corsica-cco]ware, (ap1g4), [cheetah-build:/local/build/JENKINS/workspace/8.2MR3--More--
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2015 by Cisco Systems, Inc.
Compiled Thu Jul 28 21:47:26 PDT 2016

ROM: Bootstrap program is U-Boot boot loader
BOOTLDR: U-Boot boot loader Version 25

APA0F8.49DA.1578 uptime is 0 days, 0 hours, 51 minutes
Last reload time : Wed Sep 27 23:17:48 UTC 2017
Last reload reason : 0: unknown

memory. -AP1852I-B-K9 ARMv7 Processor rev 0 (v7l) with 966404/744176K bytes of --More--
Processor board ID KWC213006KR
AP Running Image : 8.2.121.0
Primary Boot Image : 8.2.121.0
Backup Boot Image : 8.2.151.0
2 Gigabit Ethernet interfaces
2 802.11 Radios
Radio FW version : e5a4a8a71f070bfaa9221d5f60e73236
NSS FW version : NSS.AK.1.0.c10-00017-E_custC-1

Base ethernet MAC Address : A0:F8:49:DA:15:78
Part Number : 0-0000-00
PCA Assembly Number : 074-13149-02
PCA Revision Number : 01
PCB Serial Number : KWC213006KR
Top Assembly Part Number : 000-00000-00
Top Assembly Serial Number : KWC213006KR
Top Revision Number : A0
Product/Model Number : AIR-AP1852I-B-K9


APA0F8.49DA.1578>

One more last command please:

 

show capwap client config

The show capwap client config command is not available , so i ran show capwap client rcb ? 

 

 

APA0F8.49DA.1578>show capwap client config
^
% Invalid input detected at '^' marker.
APA0F8.49DA.1578>
APA0F8.49DA.1578>show capwap client
rcb CAPWAP Client RCB Information
APA0F8.49DA.1578>show capwap client rcb
AdminState : ADMIN_ENABLED
OperationState : CFG
Name : APA0F8.49DA.1578
SwVer : 8.2.121.0
HwVer : 1.0.0.0
MwarMacAddr : 0a:c0:02:0a:00:00
MwarApMgrIp : 10.192.2.10
MwarName : WLC001
MwarHwVer : 0.0.0.0
Location : default location
ApMode : Local
ApSubMode : Not Configured
CAPWAP Path MTU : 1485
AP Link DTLS Encryption : OFF
AP Tcp MSS Adjust : Disabled
LinkAuditing : disabled
APA0F8.49DA.1578>
APA0F8.49DA.1578>

AP is showing this "AP Link  DTLS Encryption : OFF"

 

The original logs says: "*09/28/2017 00:43:43.8057] CAPWAP State: DTLS Teardown"

 Looks like we have something here. Let me dig on it.

Thanks Flavio , so is the AP running version CAPWAP then ? 

 

Is this a special config that is needed ?

 

I have 5 more AP's to configure , but i dont want to unbox them all unit i can get one working. 

 

Yeah. otherwise, show version should show it.

But, I´ve seen some issue related to this AP1852I-B-K9 AP regulatory domain. I advise you to put 8.3.122.0  version on your WLC. 

 But, according to Cisco, B regulatory domain is supposed to be used in US:

"To comply with FCC rules order 14-30, Cisco will introduce new –B domain access point products for use in the United States (U.S.). The –B domain access points will be used only in the U.S. "

 

Does you WLC has US domain allowed.  Can you show the output of 'show country supported'

 

The access points were purchased in the US , so that would explaing the "B".  The configured country is GB. 

 

If i upgrade the version to 8.3.122.0  , do you think this will solve the problem ?

 


(Cisco Controller) >show country supported


Configured Country............................. GB - United Kingdom
Supported Country Codes
AE - United Arab Emirates...................... 802.11a Indoor,Outdoor / 802.11b / 802.11g
AL - Albania................................... 802.11a Indoor,Outdoor / 802.11b / 802.11g
AR - Argentina................................. 802.11a Indoor,Outdoor / 802.11b / 802.11g
AT - Austria................................... 802.11a Indoor,Outdoor / 802.11b / 802.11g
AU - Australia................................. 802.11a Indoor,Outdoor / 802.11b / 802.11g
BA - Bosnia.................................... 802.11a Indoor / 802.11b / 802.11g
BB - Barbados.................................. 802.11a Indoor / 802.11b / 802.11g
BE - Belgium................................... 802.11a Indoor,Outdoor / 802.11b / 802.11g
BG - Bulgaria.................................. 802.11a Indoor,Outdoor / 802.11b / 802.11g
BH - Bahrain................................... 802.11a Indoor,Outdoor / 802.11b / 802.11g
BM - Bahamas................................... 802.11a Indoor,Outdoor / 802.11b / 802.11g
BN - Brunei.................................... 802.11a Indoor / 802.11b / 802.11g
BO - Bolivia................................... 802.11a Indoor,Outdoor / 802.11b / 802.11g
BR - Brazil.................................... 802.11a Indoor,Outdoor / 802.11b / 802.11g
BY - Belarus................................... 802.11a Indoor / 802.11b / 802.11g
CA - Canada.................................... 802.11a Indoor,Outdoor / 802.11b / 802.11g
CH - Switzerland............................... 802.11a Indoor,Outdoor / 802.11b / 802.11g
CL - Chile..................................... 802.11a Indoor,Outdoor / 802.11b / 802.11g

--More-- or (q)uit
CM - Cameroon.................................. 802.11b / 802.11g
CN - China..................................... 802.11a Indoor,Outdoor / 802.11b / 802.11g
CO - Colombia.................................. 802.11a Indoor,Outdoor / 802.11b / 802.11g
CR - Costa Rica................................ 802.11a Indoor / 802.11b / 802.11g
CY - Cyprus.................................... 802.11a Indoor,Outdoor / 802.11b / 802.11g
CZ - Czech Republic............................ 802.11a Indoor,Outdoor / 802.11b / 802.11g
DE - Germany................................... 802.11a Indoor,Outdoor / 802.11b / 802.11g
DK - Denmark................................... 802.11a Indoor,Outdoor / 802.11b / 802.11g
DO - Dominican Republic........................ 802.11a Indoor / 802.11b / 802.11g
DZ - Algeria................................... 802.11a Indoor / 802.11b / 802.11g
EC - Ecuador................................... 802.11a Indoor,Outdoor / 802.11b / 802.11g
EE - Estonia................................... 802.11a Indoor,Outdoor / 802.11b / 802.11g
EG - Egypt..................................... 802.11a Indoor,Outdoor / 802.11b / 802.11g
EL - El Salvador............................... 802.11a Indoor,Outdoor / 802.11b / 802.11g
ES - Spain..................................... 802.11a Indoor,Outdoor / 802.11b / 802.11g
FI - Finland................................... 802.11a Indoor,Outdoor / 802.11b / 802.11g
FJ - Fiji...................................... 802.11a Indoor / 802.11b / 802.11g
FR - France.................................... 802.11a Indoor,Outdoor / 802.11b / 802.11g
GB - United Kingdom............................ 802.11a Indoor,Outdoor / 802.11b / 802.11g
GH - Ghana..................................... 802.11a Indoor / 802.11b / 802.11g
GI - Gibraltar................................. 802.11a Indoor,Outdoor / 802.11b / 802.11g
GR - Greece.................................... 802.11a Indoor,Outdoor / 802.11b / 802.11g
HK - Hong Kong................................. 802.11a Indoor,Outdoor / 802.11b / 802.11g

--More-- or (q)uit
HR - Croatia................................... 802.11a Indoor,Outdoor / 802.11b / 802.11g
HU - Hungary................................... 802.11a Indoor,Outdoor / 802.11b / 802.11g
ID - Indonesia................................. 802.11a Indoor,Outdoor / 802.11b / 802.11g
IE - Ireland................................... 802.11a Indoor,Outdoor / 802.11b / 802.11g
IL - Israel.................................... 802.11a Indoor,Outdoor / 802.11b / 802.11g
IO - Israel (outdoor).......................... 802.11b / 802.11g
IN - India..................................... 802.11a Indoor,Outdoor / 802.11b / 802.11g
IQ - Iraq...................................... 802.11a Indoor,Outdoor / 802.11b / 802.11g
IS - Iceland................................... 802.11a Indoor,Outdoor / 802.11b / 802.11g
IT - Italy..................................... 802.11a Indoor,Outdoor / 802.11b / 802.11g
J2 - Japan 2(P)................................ 802.11a Indoor,Outdoor / 802.11b / 802.11g
J4 - Japan 4(Q)................................ 802.11a Indoor,Outdoor / 802.11b / 802.11g
JM - Jamaica................................... 802.11a Indoor / 802.11b / 802.11g
JO - Jordan.................................... 802.11b / 802.11g
KE - Korea Extended (CK)....................... 802.11a Indoor,Outdoor / 802.11b / 802.11g
KN - Kenya..................................... 802.11a Indoor,Outdoor / 802.11b / 802.11g
KW - Kuwait.................................... 802.11a Indoor,Outdoor / 802.11b / 802.11g
KZ - Kazakhstan................................ 802.11a Indoor / 802.11b / 802.11g
LB - Lebanon................................... 802.11a Indoor,Outdoor / 802.11b / 802.11g
LI - Liechtenstein............................. 802.11a Indoor,Outdoor / 802.11b / 802.11g
LK - Sri Lanka................................. 802.11a Indoor,Outdoor / 802.11b / 802.11g
LT - Lithuania................................. 802.11a Indoor,Outdoor / 802.11b / 802.11g
LU - Luxembourg................................ 802.11a Indoor,Outdoor / 802.11b / 802.11g

--More-- or (q)uit
LV - Latvia.................................... 802.11a Indoor,Outdoor / 802.11b / 802.11g
LY - Libya..................................... 802.11a Indoor / 802.11b / 802.11g
MA - Morocco................................... 802.11a Indoor,Outdoor / 802.11b / 802.11g
MC - Monaco.................................... 802.11a Indoor,Outdoor / 802.11b / 802.11g
ME - Montenegro................................ 802.11a Indoor / 802.11b / 802.11g
MK - Macedonia................................. 802.11a Indoor / 802.11b / 802.11g
MN - Mongolia.................................. 802.11a Indoor / 802.11b / 802.11g
MO - Macau..................................... 802.11a Indoor,Outdoor / 802.11b / 802.11g
MT - Malta..................................... 802.11a Indoor,Outdoor / 802.11b / 802.11g
MX - Mexico.................................... 802.11a Indoor,Outdoor / 802.11b / 802.11g
MY - MALAYSIA.................................. 802.11a Indoor,Outdoor / 802.11b / 802.11g
NG - Nigeria................................... 802.11a Indoor,Outdoor / 802.11b / 802.11g
NL - Netherlands............................... 802.11a Indoor,Outdoor / 802.11b / 802.11g
NO - Norway.................................... 802.11a Indoor,Outdoor / 802.11b / 802.11g
NZ - New Zealand............................... 802.11a Indoor,Outdoor / 802.11b / 802.11g
OM - Oman...................................... 802.11a Indoor,Outdoor / 802.11b / 802.11g
PA - Panama.................................... 802.11a Indoor,Outdoor / 802.11b / 802.11g
PE - Peru...................................... 802.11a Indoor,Outdoor / 802.11b / 802.11g
PH - Philippines............................... 802.11a Indoor,Outdoor / 802.11b / 802.11g
PK - Pakistan.................................. 802.11a Indoor / 802.11b / 802.11g
PL - Poland.................................... 802.11a Indoor,Outdoor / 802.11b / 802.11g
PR - Puerto Rico............................... 802.11a Indoor,Outdoor / 802.11b / 802.11g
PT - Portugal.................................. 802.11a Indoor,Outdoor / 802.11b / 802.11g

--More-- or (q)uit
PY - Paraguay.................................. 802.11a Indoor,Outdoor / 802.11b / 802.11g
QA - Qatar..................................... 802.11a Indoor,Outdoor / 802.11b / 802.11g
RO - Romania................................... 802.11a Indoor,Outdoor / 802.11b / 802.11g
RS - Serbia.................................... 802.11a Indoor,Outdoor / 802.11b / 802.11g
RU - Russian Federation........................ 802.11a Indoor,Outdoor / 802.11b / 802.11g
SA - Saudi Arabia.............................. 802.11a Indoor,Outdoor / 802.11b / 802.11g
SE - Sweden.................................... 802.11a Indoor,Outdoor / 802.11b / 802.11g
SG - Singapore................................. 802.11a Indoor,Outdoor / 802.11b / 802.11g
SI - Slovenia.................................. 802.11a Indoor,Outdoor / 802.11b / 802.11g
SK - Slovak Republic........................... 802.11a Indoor,Outdoor / 802.11b / 802.11g
TH - Thailand.................................. 802.11a Indoor,Outdoor / 802.11b / 802.11g
TI - Trinidad.................................. 802.11a Indoor,Outdoor / 802.11b / 802.11g
TN - Tunisia................................... 802.11a Indoor / 802.11b / 802.11g
TR - Turkey.................................... 802.11a Indoor,Outdoor / 802.11b / 802.11g
TW - Taiwan.................................... 802.11a Indoor,Outdoor / 802.11b / 802.11g
UA - Ukraine................................... 802.11a Indoor,Outdoor / 802.11b / 802.11g
US - United States............................. 802.11a Indoor,Outdoor / 802.11b / 802.11g
UY - Uruguay................................... 802.11a Indoor,Outdoor / 802.11b / 802.11g
VE - Venezuela................................. 802.11a Indoor,Outdoor / 802.11b / 802.11g
VN - Vietnam................................... 802.11a Indoor,Outdoor / 802.11b / 802.11g
ZA - South Africa.............................. 802.11a Indoor,Outdoor / 802.11b / 802.11g

(Cisco Controller) >

Try to allow US:

config country US

 Try to join. If does not work, I recommend to upgrade.

Thanks Flavio , i will try this. 

 

I noted this line in the release notes for WLC software 8.3.112.0 , do i need to upgrade all the new AP's first after upgrading the WLC ?  :-

 


Note


Before you associate Cisco Aironet 1830 Series and 1850 Series APs with Cisco vWLC running Cisco 8.3.112.0 release software, you must upgrade the APs to Cisco 8.3.112.0 release.


 

 

I see i only have the option of the lightweight AP or the ME software upgrade , no CAPWAP , and the version is v15.3.3  ?  https://software.cisco.com/download/type.html?mdfid=286285803&flowid=75343

 

Hello,

 You dont need to worry about it. As soon as you upgrade de WLC, the AP will upgrade from WLC automatic, as soon as they join the WLC.

I have changed the WLC region over from GB to US and the new AP1852I-B-K9 now connectes successfully for the WLC , however all of my other 23 x  AIR-CAP2702I-E-K9 AP's are no longer connecting to the WLAN controller. 

 

Just the one AIR-AP2702I-UXK9  that i have extra connects with both GB and US regions. 

 

I have not updated the software yet , as the AP now connects , but the others dont.  I am not completely lost on how to proceed ?!>  Help. 

 

Here is the output on one of the 23 x AIR-CAP2702I-E-K9 AP's  :- 

 

*Sep 28 21:39:03.475: %DTLS-5-SEND_ALERT: Send FATAL : Close notify Alert to 10.192.2.10:5246
*Sep 28 21:39:03.559: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to administratively down
*Sep 28 21:39:03.559: %LINK-5-CHANGED: Interface Dot11Radio1, changed state to administratively down
*Sep 28 21:39:03.563: %LINK-6-UPDOWN: Interface Dot11Radio0, changed state to up
*Sep 28 21:39:03.591: %LINK-6-UPDOWN: Interface Dot11Radio1, changed state to up
*Sep 28 21:39:04.563: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to down
*Sep 28 21:39:04.591: %LINK-6-UPDOWN: Interface Dot11Radio1, changed state to down
*Sep 28 21:39:04.599: %LINK-5-CHANGED: Interface Dot11Radio1, changed state to reset
*Sep 28 21:39:05.583: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to up
*Sep 28 21:39:05.591: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio1, changed state to down
*Sep 28 21:39:05.635: %LINK-6-UPDOWN: Interface Dot11Radio1, changed state to up
*Sep 28 21:39:05.643: %LINK-6-UPDOWN: Interface Dot11Radio0, changed state to down
*Sep 28 21:39:05.651: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to reset
*Sep 28 21:39:06.635: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio1, changed state to up
*Sep 28 21:39:06.643: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to down
*Sep 28 21:39:06.671: %LINK-6-UPDOWN: Interface Dot11Radio0, changed state to up
*Sep 28 21:39:07.671: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to up
*Sep 28 21:39:13.591: AP has SHA2 MIC certificate - Using SHA2 MIC certificate for DTLS.

*Sep 28 21:39:14.000: %CAPWAP-5-DTLSREQSEND: DTLS connection request sent peer_ip: 10.192.2.10 peer_port: 5246
*Sep 28 21:39:14.291: %CAPWAP-5-DTLSREQSUCC: DTLS connection created sucessfully peer_ip: 10.192.2.10 peer_port: 5246
*Sep 28 21:39:14.291: %CAPWAP-5-SENDJOIN: sending Join Request to 10.192.2.10
% Hostname contains one or more illegal characters.

*Sep 28 21:39:32.483: %DTLS-5-SEND_ALERT: Send FATAL : Close notify Alert to 10.192.2.10:5246
*Sep 28 21:39:33.007: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to administratively down
*Sep 28 21:39:33.007: %LINK-5-CHANGED: Interface Dot11Radio1, changed state to administratively down
*Sep 28 21:39:33.011: %LINK-6-UPDOWN: Interface Dot11Radio0, changed state to up
*Sep 28 21:39:33.043: %LINK-6-UPDOWN: Interface Dot11Radio1, changed state to up
*Sep 28 21:39:34.011: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to down
*Sep 28 21:39:34.039: %LINK-6-UPDOWN: Interface Dot11Radio1, changed state to down
*Sep 28 21:39:34.047: %LINK-5-CHANGED: Interface Dot11Radio1, changed state to reset
*Sep 28 21:39:35.031: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to up
*Sep 28 21:39:35.039: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio1, changed state to down
*Sep 28 21:39:35.083: %LINK-6-UPDOWN: Interface Dot11Radio1, changed state to up
*Sep 28 21:39:35.091: %LINK-6-UPDOWN: Interface Dot11Radio0, changed state to down
*Sep 28 21:39:35.099: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to reset
*Sep 28 21:39:36.083: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio1, changed state to up
*Sep 28 21:39:36.091: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to down
*Sep 28 21:39:36.119: %LINK-6-UPDOWN: Interface Dot11Radio0, changed state to up
*Sep 28 21:39:37.119: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to up
*Sep 28 21:39:43.043: AP has SHA2 MIC certificate - Using SHA2 MIC certificate for DTLS.

*Sep 28 21:39:43.000: %CAPWAP-5-DTLSREQSEND: DTLS connection request sent peer_ip: 10.192.2.10 peer_port: 5246
*Sep 28 21:39:43.315: %CAPWAP-5-DTLSREQSUCC: DTLS connection created sucessfully peer_ip: 10.192.2.10 peer_port: 5246
*Sep 28 21:39:43.315: %CAPWAP-5-SENDJOIN: sending Join Request to 10.192.2.10
% Hostname contains one or more illegal characters.

Review Cisco Networking for a $25 gift card