Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
496
Views
0
Helpful
0
Replies

CISCO 5500 - Channel List RRM, and Flapp Interface Dot11Radio0 and 1

joand3512004
Level 1
Level 1

‎08-12-2016 09:12 AM - edited ‎07-05-2021 05:37 AM

Dear, 

I'm APs CISCO AIR-CAP1532E-Z-K9 in the external environment, outdoor (waterfront). And even with the APs "LOCAL MODE", the interfaces are flappando.
I have a WLC 5500, with the RRM >> GENERAL >> Channel List >> ALL
And I'm Active Rogue APs 1781, is that this is the offender of these flaps?
Follow the AP configuration, and the eventlog as an example:

Today:

*Aug 12 04:04:12.000: %CAPWAP-5-DTLSREQSEND: DTLS connection request sent peer_ip: 200.x.x.x peer_port: 5246
*Aug 12 04:04:14.183: %CAPWAP-5-DTLSREQSUCC: DTLS connection created sucessfully peer_ip: 200.x.x.x peer_port: 5246
*Aug 12 04:12:08.000: %CAPWAP-5-DTLSREQSEND: DTLS connection request sent peer_ip: 200.x.x.x peer_port: 5246
*Aug 12 04:12:08.403: %CAPWAP-5-DTLSREQSUCC: DTLS connection created sucessfully peer_ip: 200.x.x.x peer_port: 5246
*Aug 12 04:12:08.403: %CAPWAP-5-SENDJOIN: sending Join Request to 200.x.x.x
*Aug 12 04:12:13.403: %CAPWAP-5-SENDJOIN: sending Join Request to 200.x.x.x
*Aug 12 04:12:13.931: %LINK-6-UPDOWN: Interface Dot11Radio0, changed state to down
*Aug 12 04:12:13.939: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to reset
*Aug 12 04:12:14.579: %CAPWAP-5-JOINEDCONTROLLER: AP has joined controller WLC-XXX
*Aug 12 04:12:14.651: %LINK-6-UPDOWN: Interface Dot11Radio0, changed state to up
*Aug 12 04:12:14.931: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to down
*Aug 12 04:12:14.971: %LINK-6-UPDOWN: Interface Dot11Radio1, changed state to down
*Aug 12 04:12:14.975: %WIDS-6-ENABLED: IDS Signature is loaded and enabled
*Aug 12 04:12:14.979: %LINK-5-CHANGED: Interface Dot11Radio1, changed state to reset
*Aug 12 04:12:15.651: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio1, changed state to down
*Aug 12 04:12:15.963: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to up
*Aug 12 04:12:16.011: %LINK-6-UPDOWN: Interface Dot11Radio1, changed state to up
*Aug 12 04:12:16.019: %LINK-6-UPDOWN: Interface Dot11Radio0, changed state to down
*Aug 12 04:12:16.039: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to reset
*Aug 12 04:12:17.011: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio1, changed state to up
*Aug 12 04:12:17.019: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to down
*Aug 12 04:12:17.063: %LINK-6-UPDOWN: Interface Dot11Radio0, changed state to up
*Aug 12 04:12:18.063: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to up
*Aug 12 07:11:27.111: %WIDS-4-SIG_ALARM: Attack is detected on Sig:Standard Id:9 Channel:153 Source MAC:f0b2.e5dc.336f
*Aug 12 07:11:30.123: %WIDS-4-SIG_ALARM: Attack is detected on Sig:Standard Id:9 Channel:153 Source MAC:f0b2.e5dc.336f
*Aug 12 07:21:30.547: %WIDS-6-SIG_ALARM_OFF: Attack is cleared on Sig:Standard Id:9 Channel:153
*Aug 12 07:21:40.643: %WIDS-6-SIG_ALARM_OFF: Attack is cleared on Sig:Standard Id:9 Channel:153
*Aug 12 08:29:02.987: %WIDS-4-SIG_ALARM: Attack is detected on Sig:Standard Id:9 Channel:153 Source MAC:2ce6.cc11.decc
*Aug 12 08:33:55.127: %WIDS-4-SIG_ALARM: Attack is detected on Sig:Standard Id:9 Channel:153 Source MAC:2ce6.cc11.decc
*Aug 12 08:47:52.071: %WIDS-6-SIG_ALARM_OFF: Attack is cleared on Sig:Standard Id:9 Channel:153
*Aug 12 08:52:58.459: %WIDS-4-SIG_ALARM: Attack is detected on Sig:Standard Id:9 Channel:153 Source MAC:2ce6.cc11.decc
*Aug 12 09:02:59.095: %WIDS-6-SIG_ALARM_OFF: Attack is cleared on Sig:Standard Id:9 Channel:153
*Aug 12 09:08:22.851: %WIDS-6-SIG_ALARM_OFF: Attack is cleared on Sig:Standard Id:9 Channel:153
*Aug 12 09:18:23.547: %WIDS-4-SIG_ALARM: Attack is detected on Sig:Standard Id:9 Channel:153 Source MAC:2ce6.cc11.decc
*Aug 12 09:21:39.499: %WIDS-4-SIG_ALARM: Attack is detected on Sig:Standard Id:9 Channel:153 Source MAC:2ce6.cc11.decc
*Aug 12 09:31:40.283: %WIDS-6-SIG_ALARM_OFF: Attack is cleared on Sig:Standard Id:9 Channel:153
*Aug 12 09:32:18.455: %WIDS-6-SIG_ALARM_OFF: Attack is cleared on Sig:Standard Id:9 Channel:153
*Aug 12 09:34:04.063: %WIDS-4-SIG_ALARM: Attack is detected on Sig:Standard Id:9 Channel:153 Source MAC:2ce6.cc11.decc
*Aug 12 09:46:40.511: %WIDS-6-SIG_ALARM_OFF: Attack is cleared on Sig:Standard Id:9 Channel:153
*Aug 12 09:47:00.611: %WIDS-4-SIG_ALARM: Attack is detected on Sig:Standard Id:9 Channel:153 Source MAC:2ce6.cc11.decc
*Aug 12 10:28:45.527: %WIDS-6-SIG_ALARM_OFF: Attack is cleared on Sig:Standard Id:9 Channel:153
*Aug 12 11:22:18.815: %WIDS-4-SIG_ALARM: Attack is detected on Sig:Standard Id:9 Channel:153 Source MAC:2ce6.cc11.decc
*Aug 12 11:32:19.043: %WIDS-6-SIG_ALARM_OFF: Attack is cleared on Sig:Standard Id:9 Channel:153
*Aug 12 11:35:28.019: %WIDS-4-SIG_ALARM: Attack is detected on Sig:Standard Id:9 Channel:153 Source MAC:2ce6.cc11.decc
*Aug 12 11:46:48.379: %WIDS-6-SIG_ALARM_OFF: Attack is cleared on Sig:Standard Id:9 Channel:153
*Aug 12 11:50:06.163: %WIDS-4-SIG_ALARM: Attack is detected on Sig:Standard Id:9 Channel:153 Source MAC:2ce6.cc11.decc
*Aug 12 12:00:06.955: %WIDS-6-SIG_ALARM_OFF: Attack is cleared on Sig:Standard Id:9 Channel:153

And Configuration:


Building configuration...

Current configuration : 21287 bytes
!
! Last configuration change at 04:12:14 UTC Fri Aug 12 2016
version 15.3
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname WMRJCPBOUT00021
!
!
logging rate-limit console 9
enable secret 5 $1$7OvR$5I6xjbkdxP5x8REZa68Q4/
!
aaa new-model
!
!
aaa authentication login default local
!

aaa session-id common
no ip routing
no ip cef
!

eap profile lwapp_eap_profile
method fast
!
!
crypto pki trustpoint cisco-m2-root-cert
revocation-check none
rsakeypair Cisco_IOS_M2_MIC_Keys
!
crypto pki trustpoint Cisco_IOS_M2_MIC_cert
revocation-check none
rsakeypair Cisco_IOS_M2_MIC_Keys
!
crypto pki trustpoint airespace-old-root-cert
revocation-check none
rsakeypair Cisco_IOS_MIC_Keys
!
crypto pki trustpoint airespace-device-root-cert
revocation-check none
rsakeypair Cisco_IOS_MIC_Keys
!
crypto pki trustpoint Cisco_IOS_MIC_cert
revocation-check none
rsakeypair Cisco_IOS_MIC_Keys
!
!
crypto pki certificate chain cisco-m2-root-cert
certificate ca 01
30820313 308201FB A0030201 02020101 300D0609 2A864886 F70D0101 0B050030

quit
crypto pki certificate chain Cisco_IOS_M2_MIC_cert
certificate 1694EACB00000005982F
3082046F 30820357 A0030201 02020A16 94EACB00 00000598 2F300D06 092A8648
86F70D01 010B0500 3036310E 300C0603 55040A13 05436973 636F3124 30220603

quit
certificate ca 02
30820465 3082034D A0030201 02020102 300D0609 2A864886 F70D0101 0B050030
2B310E30 0C060355 040A1305 43697363 6F311930 17060355 04031310 43697363

quit
crypto pki certificate chain airespace-old-root-cert
certificate ca 00
30820406 3082032F A0030201 02020100 300D0609 2A864886 F70D0101 04050030

quit
crypto pki certificate chain airespace-device-root-cert
certificate ca 03
3082047F 308203A8 A0030201 02020103 300D0609 2A864886 F70D0101 04050030
81A6310B 30090603 55040613 02555331 13301106 03550408 130A4361 6C69666F

quit
crypto pki certificate chain Cisco_IOS_MIC_cert
certificate 1E11DA840000000E12E0
30820470 30820358 A0030201 02020A1E 11DA8400 00000E12 E0300D06 092A8648

quit
certificate ca 6A6967B3000000000003
308204D9 308203C1 A0030201 02020A6A 6967B300 00000000 03300D06 092A8648

quit
username
!
!
ip ssh version 2
lldp run
bridge irb
!
!
!
interface Dot11Radio0
no ip route-cache
antenna gain 0
ampdu transmit priority 1
ampdu transmit priority 2
ampdu transmit priority 3
mbssid
speed basic-1.0 2.0 5.5 11.0 basic-6.0 9.0 12.0 18.0 24.0 36.0 48.0 54.0 m0. m1. m2. m3. m4. m5. m6. m7. m8. m9. m10. m11. m12. m13. m14. m15.
power client local
packet retries 64 drop-packet
station-role root
!
interface Dot11Radio1
no ip route-cache
antenna gain 0
peakdetect
ampdu transmit priority 1
ampdu transmit priority 2
ampdu transmit priority 3
mbssid
speed basic-6.0 9.0 basic-12.0 18.0 24.0 36.0 48.0 54.0 m0. m1. m2. m3. m4. m5. m6. m7. m8. m9. m10. m11. m12. m13. m14. m15.
power client local
packet retries 64 drop-packet
station-role root
!
interface GigabitEthernet0
no ip route-cache
duplex auto
speed auto
bridge-group 1
bridge-group 1 spanning-disabled
no bridge-group 1 source-learning
!
interface GigabitEthernet1
no ip route-cache
duplex auto
speed auto
!
interface BVI1
mac-address 84b8.02ad.2ab6
ip address 10.10.1.24 255.255.255.0
no ip route-cache
ipv6 address dhcp
ipv6 address autoconfig
ipv6 enable
!
interface Virtual-WLAN0
no ip route-cache
!
ip default-gateway 10.10.1.1
ip forward-protocol nd
no ip http server
!
!
logging trap emergencies
logging origin-id string AP:84b8.02ad.2ab6
logging facility kern
logging host 255.255.255.255
!
!
bridge 1 protocol ieee
bridge 1 route ip
parser view capwap-config-view
secret 5 $1$7OvR$5I6xjbkdxP5x8REZa68Q4/
commands configure include all capwap
commands exec include all enable
commands exec include configure terminal
commands exec include configure
commands exec include all show capwap
commands exec include show running-config
commands exec include show
!
!
line con 0
line vty 0 4
transport input ssh
line vty 5 198
transport input ssh
!
end

Labels:
0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card