Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
Bookmark
|
Subscribe
|
16526
Views
21
Helpful
4
Replies

Cisco 3802 AP unable to connect to WLC 5520

Deepthi
Level 1
Level 1

‎11-08-2017 02:16 PM - edited ‎07-05-2021 07:50 AM

hi Friends, 

I am trying to configure a WLC and access points which must be connected to it as a part of my company's requirement. I configured the WLC and now i can access it via GUI. I have the initial configuration done on the WLC. I am trying to connect an Access point to it and it would not happen. 

I am doing this on a lab setup and so, i created the DHCP server and the DNS server inside the Cisco 3650 i am using to connect all these devices. So, please let me know where i would be going wrong.

 

I am sharing the logs i captured. Please let me know if anything is wrong with my config. Thank you very much for helping me out in advance.

 

Log from AP:

 

[*11/08/2017 22:05:56.7347] CAPWAP State: Discovery
[*11/08/2017 22:05:56.7357] Discovery Request sent to 172.16.90.5, discovery type STATIC_CONFIG(1)
[*11/08/2017 22:06:24.5166] Discovery Request sent to 172.16.90.5, discovery type STATIC_CONFIG(1)
[*11/08/2017 22:06:24.5177] Discovery Request sent to 255.255.255.255, discovery type UNKNOWN(0)
[*11/08/2017 22:06:24.5179] Discovery Response from 172.16.90.5
[*11/08/2017 22:06:24.0001] Discovery Response from 172.16.90.5
[*11/08/2017 22:06:24.0000] CAPWAP State: DTLS Setup
[*11/08/2017 22:06:24.0003] Invalid event 2 & state 3 combination.
[*11/08/2017 22:06:24.0004] CAPWAP SM handler: Failed to process message type 2 state 3.
[*11/08/2017 22:06:24.0004] Failed to handle capwap control message from controller - status 1
[*11/08/2017 22:06:24.0004] Failed to process unencrypted capwap packet from 172.16.90.5
[*11/08/2017 22:06:24.0004] Failed to send capwap message 0 to the state machine. Packet already freed.
[*11/08/2017 22:06:24.0004] wtpProcessPacketFromSocket returned 1
[*11/08/2017 22:06:24.9486] CAPWAP State: Join
[*11/08/2017 22:06:24.9496] Sending Join request to 172.16.90.5 through port 5272
[*11/08/2017 22:07:20.6047] Discarding msg CAPWAP_WTP_EVENT_REQUEST(type 9) in CAPWAP state: Join(5).
[*11/08/2017 22:07:20.9779] CAPWAP State: DTLS Teardown
[*11/08/2017 22:07:20.9809] Dropping dtls packet since session is not established. ac105a05, 147e, ac105a06, 1498, (nil)
[*11/08/2017 22:07:21.2556] Discarding msg CAPWAP_WTP_EVENT_REQUEST(type 9) in CAPWAP state: DTLS Teardown(4).
[*11/08/2017 22:07:25.7300] CAPWAP State: Discovery
[*11/08/2017 22:07:25.7310] Discovery Request sent to 172.16.90.5, discovery type STATIC_CONFIG(1)
[*11/08/2017 22:07:53.0003] Discovery Request sent to 172.16.90.5, discovery type STATIC_CONFIG(1)
[*11/08/2017 22:07:53.0015] Discovery Request sent to 255.255.255.255, discovery type UNKNOWN(0)
[*11/08/2017 22:07:53.0017] Discovery Response from 172.16.90.5
[*11/08/2017 22:07:53.0001] Discovery Response from 172.16.90.5
[*11/08/2017 22:07:53.0000] CAPWAP State: DTLS Setup
[*11/08/2017 22:07:53.0003] Invalid event 2 & state 3 combination.
[*11/08/2017 22:07:53.0004] CAPWAP SM handler: Failed to process message type 2 state 3.
[*11/08/2017 22:07:53.0004] Failed to handle capwap control message from controller - status 1
[*11/08/2017 22:07:53.0004] Failed to process unencrypted capwap packet from 172.16.90.5
[*11/08/2017 22:07:53.0004] Failed to send capwap message 0 to the state machine. Packet already freed.
[*11/08/2017 22:07:53.0004] wtpProcessPacketFromSocket returned 1
[*11/08/2017 22:07:53.9328] CAPWAP State: Join
[*11/08/2017 22:07:53.9339] Sending Join request to 172.16.90.5 through port 5272
[*11/08/2017 22:08:49.9217] CAPWAP State: DTLS Teardown
[*11/08/2017 22:08:49.9246] Dropping dtls packet since session is not established. ac105a05, 147e, ac105a06, 1498, (nil)

 

 

Logs from WLC:

 

*spamApTask6: Nov 08 13:54:23.257: apModel: AIR-AP3802I-B-K9

*spamApTask6: Nov 08 13:54:23.257: apType = 52 apModel: AIR-AP3802I-B-K9

*spamApTask6: Nov 08 13:54:23.257: apType: Ox34 bundleApImageVer:
*spamApTask6: Nov 08 13:54:23.257: Could not find image version of bundled AP(apType: 52)!!!
*spamApTask6: Nov 08 13:54:23.257: Unable to get AP Bundled Version. Using Controller Version!!!

*spamApTask6: Nov 08 13:54:23.257: 38:0e:4d:8e:ba:00 Discovery Response sent to 172.16.90.6 port 5272

*spamApTask6: Nov 08 13:54:23.257: 38:0e:4d:8e:ba:00 Discovery Response sent to 172.16.90.6:5272

*spamApTask6: Nov 08 13:54:32.655: 70:7d:b9:24:12:ea DTLS connection not found, creating new connection for 172:16:90:6 (5272) 172:16:90:5 (5246)

*spamApTask6: Nov 08 13:54:33.602: acDtlsPlumbControlPlaneKeys: lrad:172.16.90.6(5272) mwar:172.16.90.5(5246)

*spamApTask6: Nov 08 13:54:33.602: 70:7d:b9:24:12:ea Allocated index from main list, Index: 895

*spamApTask6: Nov 08 13:54:33.602: 70:7d:b9:24:12:ea Using CipherSuite AES128-SHA
*spamApTask6: Nov 08 13:54:33.602: 70:7d:b9:24:12:ea DTLS keys for Control Plane are plumbed successfully for AP 172.16.90.6. Index 896

*spamApTask1: Nov 08 13:54:33.602: 70:7d:b9:24:12:ea DTLS Session established server (172.16.90.5:5246), client (172.16.90.6:5272)
*spamApTask1: Nov 08 13:54:33.602: 70:7d:b9:24:12:ea Starting wait join timer for AP: 172.16.90.6:5272

*spamApTask6: Nov 08 13:54:33.603: 38:0e:4d:8e:ba:00 Join Request from 172.16.90.6:5272

*spamApTask6: Nov 08 13:54:33.604: update ap status:00:00:00:00:00:00 ,index:895

*spamApTask6: Nov 08 13:54:33.604: Unable to find deleted AP 00:00:00:00:00:00
*spamApTask6: Nov 08 13:54:33.604: 38:0e:4d:8e:ba:00 Failed to allocate database entry for AP 172.16.90.6:5272

*spamApTask6: Nov 08 13:54:33.604: 38:0e:4d:8e:ba:00 Failed to add database entry for 172.16.90.6:5272

*spamApTask6: Nov 08 13:54:33.604: 38:0e:4d:8e:ba:00 Join Request failed!

*spamApTask6: Nov 08 13:54:33.604: 38:0e:4d:8e:ba:00 State machine handler: Failed to process msg type = 3 state = 0 from 172.16.90.6:5272

*spamApTask6: Nov 08 13:54:33.604: 70:7d:b9:24:12:ea Failed to parse CAPWAP packet from 172.16.90.6:5272

*spamApTask6: Nov 08 13:54:38.167: 38:0e:4d:8e:ba:00 Join Request from 172.16.90.6:5272

*spamApTask6: Nov 08 13:54:38.167: 38:0e:4d:8e:ba:00 Failed to allocate database entry for AP 172.16.90.6:5272

*spamApTask6: Nov 08 13:54:38.167: 38:0e:4d:8e:ba:00 Failed to add database entry for 172.16.90.6:5272

*spamApTask6: Nov 08 13:54:38.167: 38:0e:4d:8e:ba:00 Join Request failed!

*spamApTask6: Nov 08 13:54:38.167: 38:0e:4d:8e:ba:00 State machine handler: Failed to process msg type = 3 state = 0 from 172.16.90.6:5272

*spamApTask6: Nov 08 13:54:38.167: 70:7d:b9:24:12:ea Failed to parse CAPWAP packet from 172.16.90.6:5272

 

Switch DHCP & DNS configuration:

 

ip dhcp excluded-address 172.16.90.1
ip dhcp excluded-address 172.16.90.5
!
ip dhcp pool WIRELESS
network 172.16.90.0 255.255.255.0
dns-server 172.16.90.1
default-router 172.16.90.1
option 43 hex ac10.5a05

 

ip dns server

ip host FF-WLC5520.com 172.16.90.5
ip host FF-WLC5520 172.16.90.5

 

3 people had this problem
Labels:
0 Helpful
4 Replies 4

Flavio Miranda
VIP
VIP

‎11-08-2017 02:34 PM

Hi @Deepthi

 

 First off, make sure the WLC is properly configured with Data and time and if license is activated.

The AP has "B" Regulatory Domain which is intended to be used in US. Which country does the WLC have checked?

 

-If I helped you somehow, please, rate it as useful.-

 

Rasika Nayanajith
VIP Alumni
VIP Alumni

‎11-08-2017 07:33 PM

I do not think you have activate ap licenses.

 

Using below command activate ap-count licenses. Below shows activating 100 AP licenses (change that count to match how many licenses you purchase). Anyway these are RTU - Right to Use licenses, so you can use any number, but Cisco believe you do not lie to them & go with exact number that you purchase :)

 

(5520-WLC) >license add ap-count 100
ACCEPT? [y/n]: y

 

You can verify it using below command

 

(5520-WLC) >show license summary

Feature name: ap_count (adder)
License type: Permanent
License state: Active, Not-In-Use
License Nodelocked: No
RTU License Count: 100

 

 

HTH

Rasika

*** Pls rate all useful responses ***

Sandeep Choudhary
VIP Alumni
VIP Alumni

‎11-08-2017 10:30 PM

Post the complete output to the WLC command "sh sysinfo" and "sh time".

 

Regards

Dont forget to rate helpful posts

Deepthi
Level 1
Level 1
In response to Sandeep Choudhary

‎11-09-2017 08:47 AM

i guess the mistake was the "time"

ip dhcp pool WIRELESS
network 172.16.90.0 255.255.255.0
dns-server 172.16.90.1
default-router 172.16.90.1
option 43 hex ac10.5a05
option 42 ip 172.16.90.1 -- after adding this... the APs are connecting to WLC..

 

Thanks a lot for the responses for everyone.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card
Top