cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1565
Views
15
Helpful
6
Replies

Cisco AIR-SAP2602I-A-K9 won't connect to 2504 WLC, any suggestions?

acapistran96
Level 1
Level 1

I've been trying to rack my mind about what is going on with this AP. If it helps any I'll describe my setup.

I have a UDM-PRO router with a link to a 2960-S Cisco switch. The port on UDM-Pro is setup as a Full Trunk port. The port on the 2960-S is setup with switchport mode trunk and thats it.

 

 both the WLC and the AP are setup as switchport mode trunk ports.

 

I have two VLANs. I'm using the native vlan as the LAN network with a default 192.168.1.0/24 subnet with DHCP giving out addresses from 2-200. and another vlan for a Camera network. I can't imagine that being a problem though.

 

Maybe its a firewall issue? 

Here's what I have for the rules on my UDM-Pro. Is there something I'm missing?

Any advice would be appreciated. I've been trying to troubleshoot with time as well but still no luck. 

 RULE INDEXENABLEDDESCRIPTIONACTIONCOUNTTYPE

 
3001
 
allow established/related sessions
Accept
All
Internet In
 
 
3002
 
drop invalid state
Drop
All
Internet In
 
 
3001
 
allow established/related sessions
Accept
All
Internet Local
 
 
3002
 
drop invalid state
Drop
All
Internet Local
 
 
3005
 
allow IPSec ISAKMP, NAT-T
Accept
UDP
Internet Local
 
 
3006
 
allow ESP
Accept
ESP
Internet Local
 
 
3007
 
allow L2TP over IPSec
Accept
UDP
Internet Local
 
 
6001
 
accounting defined network 192.168.5.0/24
Accept
All
LAN In
 
 
6002
 
accounting defined network 192.168.15.0/24
Accept
All
LAN In
 
 
6003
 
accounting defined network 192.168.1.0/24
Accept
All
LAN In
 
 
6004
 
accounting defined network 192.168.20.0/28
Accept
All
LAN In
 
 
6001
 
accounting defined network 192.168.5.0/24
Accept
All
LAN Out
 
 
6002
 
accounting defined network 192.168.15.0/24
Accept
All
LAN Out
 
 
6003
 
accounting defined network 192.168.1.0/24
Accept
All
LAN Out
 
 
6004
 
accounting defined network 192.168.20.0/28
Accept
All
LAN Out
 
 
3003
 
allow established/related sessions
Accept
All
Internet v6 In
 
 
3004
 
drop invalid state
Drop
All
Internet v6 In
 
 
3003
 
allow established/related sessions
Accept
All
Internet v6 Local
 
 
3004
 
drop invalid state
Drop
All
Internet v6 Local
 
 
3008
 
Allow neighbor solicitation
Accept
IPv6-ICMP
Internet v6 Local
 
 
3009
 
Allow neighbor advertisements
Accept
IPv6-ICMP
Internet v6 Local
 
 
6005
 
allow packets to corporate networks
Accept
All
LAN v6 Out

 

 

Translating "CISCO-CAPWAP-CONTROLLER.localdomain"...domain server (192.168.1.1)

Not in Bound state.
*Jan 14 12:29:54.251: %CAPWAP-3-DHCP_RENEW: Could not discover WLC. Either IP address is not assigned or assigned IP is wrong. Renewing DHCP IP.
*Jan 14 12:29:57.327: %DHCP-6-ADDRESS_ASSIGN: Interface BVI1 assigned DHCP address 192.168.1.165, mask 255.255.255.0, hostname APbc16.65ff.79f2

Translating "CISCO-CAPWAP-CONTROLLER.localdomain"...domain server (192.168.1.1)

 

 

 

 

 

 

Here's the info I pulled from the WLC and the AP

WLC:

 


Manufacturer's Name.............................. Cisco Systems Inc.
Product Name..................................... Cisco Controller
Product Version.................................. 8.0.110.0
Bootloader Version............................... 1.0.20
Field Recovery Image Version..................... 7.6.101.1
Firmware Version................................. PIC 20.0


Build Type....................................... DATA + WPS

System Name...................................... CapistranWLC
System Location..................................
System Contact...................................
System ObjectID.................................. 1.3.6.1.4.1.9.1.1279
IP Address....................................... 192.168.1.215
IPv6 Address..................................... ::
Last Reset....................................... Software reset
System Up Time................................... 0 days 0 hrs 7 mins 23 secs
System Timezone Location......................... (GMT -5:00) Eastern Time (US and Canada)
System Stats Realtime Interval................... 5
System Stats Normal Interval..................... 180

--More-- or (q)uit

Configured Country............................... US - United States
Operating Environment............................ Commercial (0 to 40 C)
Internal Temp Alarm Limits....................... 0 to 65 C
Internal Temperature............................. +30 C
External Temperature............................. +33 C
Fan Status....................................... 3500 rpm

State of 802.11b Network......................... Enabled
State of 802.11a Network......................... Enabled
Number of WLANs.................................. 1
Number of Active Clients......................... 0

Burned-in MAC Address............................ DC:EB:94:94:CE:00
Maximum number of APs supported.................. 75
System Nas-Id.................................... CapistranWLC
WLC MIC Certificate Types........................ SHA1/SHA2

(Cisco Controller) show>time

Time............................................. Thu Jan 13 19:41:07 2022

Timezone delta................................... 0:0
Timezone location................................ (GMT -5:00) Eastern Time (US and Canada)

NTP Servers
NTP Polling Interval......................... 3600

Index NTP Key Index NTP Server NTP Msg Auth Status
------- ----------------------------------------------------------------------------------
1 0 192.168.1.1 AUTH DISABLED


(Cisco Controller) show>sh license

Incorrect usage. Use the '?' or <TAB> key to list commands.

(Cisco Controller) show>license

Incorrect usage. Use the '?' or <TAB> key to list commands.

(Cisco Controller) show>li?
license linktest
(Cisco Controller) show>license

Incorrect usage. Use the '?' or <TAB> key to list commands.

(Cisco Controller) show>

802.11a Display 802.11a configuration.
802.11b Display 802.11b configuration.
802.11h Display 802.11h configuration.
aaa Displays AAA related information
acl Display system Access Control Lists.
advanced Display Advanced configuration and statistics.
ap Display AP Configuration.
arp Display ARP cache.
assisted-roaming Display Assisted Roaming and 802.11k configuration.
auth-list Display AP authorization list.
avc Display AVC Configuration/Statistics.
band-select Display Aggressive Load Balancing configuration.
boot Displays the default boot image.
buffers Display pmalloc buffer utilization.
cac Show Call-Admission-Control details
call-control Display Call-control information
cdp Display CDP information
certificate Display SSL Certificate Configuration.
client Displays active clients.
coredump Displays Core Dump Summary
country Display the configured countries.

--More-- or (q)uit
(Cisco Controller) show>license ?

all Displays All The License(s).
capacity Displays License currently used by AP
detail Displays Details Of A Given License.
evaluation Displays Evaluation License(s).
expiring Displays Expiring License(s).
feature Displays License Enabled Features.
file Displays All The License File(s).
handle Displays License Handles.
image-level Display the image level
in-use Displays License That Are In-Use.
permanent Displays Permanent License(s).
statistics Displays License Statistics.
status Displays License Status.
summary Displays Brief Summary Of All License(s).
udi Displays UDI Values For Licenses.

(Cisco Controller) show>license all

License Store: Primary License Storage
StoreIndex: 0 Feature: base Version: 1.0
License Type: Permanent
License State: Active, Not in Use
License Count: Non-Counted
License Priority: Medium
License Store: Evaluation License Storage
StoreIndex: 0 Feature: base-ap-count Version: 1.0
License Type: Evaluation
License State: Active, Not in Use, EULA not accepted
Evaluation total period: 12 weeks 6 days
Evaluation period left: 12 weeks 6 days
License Count: 75 / 0 (Active/In-use)
License Priority: None

 

 

 

AP:

 

Cisco IOS Software, C3600 Software (AP3G2-K9W8-M), Version 15.3(3)JA1, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2014 by Cisco Systems, Inc.
Compiled Fri 19-Dec-14 11:20 by prod_rel_team

ROM: Bootstrap program is C3600 boot loader
BOOTLDR: C3600 Boot Loader (AP3G2-BOOT-M) LoaderVersion 12.4(25e)JAY, RELEASE SOFTWARE (fc1)

APbc16.65ff.79f2 uptime is 4 minutes
System returned to ROM by power-on
System image file is "flash:/ap3g2-k9w8-mx.153-3.JA1/ap3g2-k9w8-xx.153-3.JA1"
Last reload reason:

 

This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.

A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html

If you require further assistance please contact us by sending email to
export@cisco.com.

cisco AIR-CAP2602I-A-K9 (PowerPC) processor (revision A0) with 188394K/60928K bytes of memory.
Processor board ID FTX1721J0F5
PowerPC CPU at 800Mhz, revision number 0x2151
Last reset from power-on
LWAPP image version 8.0.110.0
1 Gigabit Ethernet interface
2 802.11 Radios

32K bytes of flash-simulated non-volatile configuration memory.
Base ethernet MAC Address: BC:16:65:FF:79:F2
Part Number : 73-14588-02
PCA Assembly Number : 800-37899-01
PCA Revision Number : A0
PCB Serial Number : FOC17175LAA
Top Assembly Part Number : 800-38356-01
Top Assembly Serial Number : FTX1721J0F5
Top Revision Number : A0
Product/Model Number : AIR-SAP2602I-A-K9

 

Configuration register is 0xF

APbc16.65ff.79f2#sh ip interface brief
Interface IP-Address OK? Method Status Protocol
BVI1 192.168.1.165 YES DHCP up up
Dot11Radio0 unassigned NO unset up up
Dot11Radio1 unassigned NO unset up up
GigabitEthernet0 unassigned NO unset up up
Virtual-WLAN0 unassigned NO unset up up
Virtual-WLAN0.1 unassigned NO unset up up
Virtual-WLAN0.2 unassigned NO unset up up
Virtual-WLAN0.3 unassigned NO unset up up
Virtual-WLAN0.4 unassigned NO unset up up
Virtual-WLAN0.5 unassigned NO unset up up
Virtual-WLAN0.6 unassigned NO unset up up
Virtual-WLAN0.7 unassigned NO unset up up
Virtual-WLAN0.8 unassigned NO unset up up
Virtual-WLAN0.9 unassigned NO unset up up
Virtual-WLAN0.10 unassigned NO unset up up
Virtual-WLAN0.11 unassigned NO unset up up
Virtual-WLAN0.12 unassigned NO unset up up
Virtual-WLAN0.13 unassigned NO unset up up
Virtual-WLAN0.14 unassigned NO unset up up
Virtual-WLAN0.15 unassigned NO unset up up
Virtual-WLAN0.16 unassigned NO unset up up
APbc16.65ff.79f2#
Not in Bound state.sh capwap
*Jan 14 12:28:57.751: %CAPWAP-3-DHCP_RENEW: Could not discover WLC. Either IP address is not assigned or assigned IP is wrong. Renewing DHCP IP.
APbc16.65ff.79f2#sh capwap
*Jan 14 12:29:00.827: %DHCP-6-ADDRESS_ASSIGN: Interface BVI1 assigned DHCP address 192.168.1.165, mask 255.255.255.0, hostname APbc16.65ff.79f2
clien
APbc16.65ff.79f2#sh capwap client rcb
AdminState : ADMIN_ENABLED
SwVer : 8.0.110.0
NumFilledSlots : 2
Name : APbc16.65ff.79f2
Location : default location
MwarName :
MwarMacAddr : ff01.0000.0000
MwarHwVer : 0.0.0.0
ApMode : Local
ApSubMode : Not Configured
OperationState : DISCOVERY
CAPWAP Path MTU : 1485
Link-Encryption (AP) : Disabled
Link-Encryption (MWAR) : Disabled
Prefer-mode : Un-configured
LinkAuditing : disabled
AP Rogue Detection Mode : Enabled
AP Tcp MSS Adjust : Disabled
Predownload Status : None
Auto Immune Status : Disabled
RA Guard Status : Disabled
Efficient Upgrade State : Disabled
Efficient Upgrade Role : None
TFTP Server : Disabled
Antenna Band Mode : Unknown
802.11bg(0) Radio
ADMIN State = ENABLE [1]
OPER State = DOWN [1]
CONFIG State = UP [2]
HW State = UP [4]
Radio Mode : Local
GPR Period : 0
Beacon Period : 0
DTIM Period : 0
World Mode : 1
VoceraFix : 0
Dfs peakdetect : 1
Fragmentation Threshold : 0
Current Tx Power Level : 0
Current Channel : 0
Current Bandwidth : 20
802.11a(1) Radio
ADMIN State = ENABLE [1]
OPER State = DOWN [1]
CONFIG State = UP [2]
HW State = UP [4]
Radio Mode : Local
GPR Period : 0
Beacon Period : 0
DTIM Period : 0
World Mode : 1
VoceraFix : 0
Dfs peakdetect : 1
Fragmentation Threshold : 0
Current Tx Power Level : 0
Current Channel : 0
Current Bandwidth : 20

APbc16.65ff.79f2#

1 Accepted Solution

Accepted Solutions

acapistran96
Level 1
Level 1

I just wanted to update this post because I found the solution on my own. Turns out I didn't have a license on the 2504 installed. Once the licenses were installed for up to 25 max, the AP's were able to join. I also found out that having the incorrect time on your WLC can also mess up AP's attempting to connect to the controller. finally, the only other issue I had with one of the 2602s was I believe to be bad NVRAM. The only reason i say that is because this particular AP would lose the config on reboot and had to be reconfigured everytime it joined the controller. Thank you all who tried to help me though. Sorry I was so late in replying

 

View solution in original post

6 Replies 6

Leo Laohoo
Hall of Fame
Hall of Fame

Enter the following command into the AP:  

capwap ap primary-base CapistranWLC 192.168.1.215

I entered the command but nothing changed. Still trying to translate.

Rich R
VIP
VIP

Have you had a slow, thorough read and re-read through https://www.cisco.com/c/en/us/support/docs/field-notices/639/fn63942.html and then followed all the steps in the right order?

For starters that AireOS should be updated to the latest available release which is compatible with all your APs.

https://www.cisco.com/c/en/us/support/docs/wireless/wireless-lan-controller-software/200046-tac-recommended-aireos.html

Assuming 2504 WLC and 2600 AP then I'd suggest 8.5.182.0

acapistran96
Level 1
Level 1

I just wanted to update this post because I found the solution on my own. Turns out I didn't have a license on the 2504 installed. Once the licenses were installed for up to 25 max, the AP's were able to join. I also found out that having the incorrect time on your WLC can also mess up AP's attempting to connect to the controller. finally, the only other issue I had with one of the 2602s was I believe to be bad NVRAM. The only reason i say that is because this particular AP would lose the config on reboot and had to be reconfigured everytime it joined the controller. Thank you all who tried to help me though. Sorry I was so late in replying

 

Cisco APs actually emulate NVRAM and the config is stored on flash.
There's a field notice about the problems with flash on IOS APs:
https://www.cisco.com/c/en/us/support/docs/field-notices/703/fn70330.html

Note these problems are fixed in the latest releases of software.

thank you for the resource!

Review Cisco Networking for a $25 gift card