Solved: Re: Cisco C9124AXI-E

Sjalle · ‎06-22-2022

Hello guys

I have a new outdoor access point there don't wanna join the WLC.

We think we need to upgrade our WLC with a new firmware its have the version 17.4.1?

I think this is the message there can tell us something, its from the AP when we try to join it

I have attached screenshot from the AP join session

Sjalle · ‎06-22-2022

Hello

I found out the solution the WLC version 17.4.1 do not support the AP model C9124AXI-E. So thats why i can't connect it.

Thank you all for helping me

View solution in original post

balaji.bandi · ‎06-22-2022

what WLC you have what code running, you can look at the support matrix of AP wth your Controler version,

is this new AP model only not working ? any other AP working ?

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Sjalle · ‎06-22-2022

The wlc is: Cisco Catalyst 9800-CL Wireless Controller 17.4.1

And i have tried a another one because we have buyed 6 of them, and the 2nd one give the same issue with the same messages.

balaji.bandi · ‎06-23-2022

Glad you able to find the issue, when the issue come, i will refer the document with compatable matrix, that we advise always.

good to know all good, and you know what is the next step.

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Flavio Miranda · ‎06-22-2022

Hi

You need to check version on the WLC. If you want to see by himself, here is the link.

https://www.cisco.com/c/en/us/td/docs/wireless/compatibility/matrix/compatibility-matrix.html

You also need to see if this AP is capwap mode or mobility express mode. You can see it with the command 'show version'

Sjalle · ‎06-22-2022

I will say its in Capwap mode, as we also can see in that message i sent

And i can see the service is active: capwapd.service loaded active running capwapd

Arshad Safrulla · ‎06-22-2022

As per you Screen capture it looks like you are using 9800-CL. So you need generate a wireless trustpoint using the internal script in exec mode

wireless config vwlc-ssc key-size 2048 signature-algo sha256 password 0 <password>

https://www.cisco.com/c/en/us/products/collateral/wireless/catalyst-9800-series-wireless-controllers/guide-c07-743627.html#:~:text=Dealing%20with%20trustpoints

Also make sure that you configure the WMI interface

wireless management interface Vlan X

https://www.cisco.com/c/en/us/products/collateral/wireless/catalyst-9800-series-wireless-controllers/guide-c07-743627.html#:~:text=for%20EAP%2DFAST%3A-,Wireless%20management%20VLAN%20mapping%20to%20WLAN%20(via%20policy%20profile),-To%20avoid%20any

Additionally make sure that the WLC is synced to a NTP server and follow the info in the above linked document.

17.4 is a short lived release and support will be limited incase you are exposed to a bug, so consider upgrading to the latest Cisco recommended release.

Recommended Cisco IOS XE Releases for Catalyst 9800 Wireless LAN Controllers - Cisco

___________________________________________
TAC recommended codes for AireOS WLC's
Best Practices for AireOS WLC's
TAC recommended codes for 9800 WLC's
Best Practices for 9800 WLC's
Cisco Wireless compatibility matrix
___________________________________________
Arshad Safrulla

Leo Laohoo · ‎06-22-2022

Console into the AP and reboot the AP.

Post the entire boot-up process (remove the IP addresses).

NOTE: Do not post screenshots.

Sjalle · ‎06-22-2022

[*06/17/2022 09:45:06.9777] CAPWAP State: Init
[*06/17/2022 09:45:07.6492] Start: RPC thread 2995344272 created.
[*06/17/2022 09:45:26.0722] Set PnP NTP Server pnpntpserver.test.local.
[*06/17/2022 09:45:56.8473] PNP:Server not reachable, Start CAPWAP Discovery
[*06/17/2022 09:45:56.8479]
[*06/17/2022 09:45:56.8479] CAPWAP State: Discovery
[*06/17/2022 09:45:56.8488] IP DNS query for CISCO-CAPWAP-CONTROLLER.tpt.local
[*06/17/2022 09:45:56.8672] Discovery Request sent to 255.255.255.255, discovery type UNKNOWN(0)
[*06/17/2022 09:45:56.8676]
[*06/17/2022 09:45:56.8676] CAPWAP State: Discovery
[*06/17/2022 09:46:26.3543]
[*06/17/2022 09:46:26.3543] CAPWAP State: Discovery
[*06/17/2022 09:46:26.3575] IP DNS query for CISCO-CAPWAP-CONTROLLER.test.local
[*06/17/2022 09:46:26.3687] Discovery Request sent to 255.255.255.255, discovery type UNKNOWN(0)
[*06/17/2022 09:46:26.3697] Discovery Response from (Our Wlc ip)
[*06/17/2022 09:46:26.3872] Discovery Response from (Our wlc)
[*06/23/2022 07:05:55.0001] Started wait dtls timer (60 sec)
[*06/23/2022 07:05:55.0006]
[*06/23/2022 07:05:55.0006] CAPWAP State: DTLS Setup
[*06/23/2022 07:05:55.0371] First connect to vWLC, accept vWLC by default
[*06/23/2022 07:05:55.0371]
[*06/23/2022 07:05:55.0579] dtls_verify_server_cert: vWLC is using SSC, returning 1
[*06/23/2022 07:05:55.4116]
[*06/23/2022 07:05:55.4116] CAPWAP State: Join
[*06/23/2022 07:05:55.4232] Sending Join request to (our ip) through port 5256
[*06/23/2022 07:06:00.1259] Sending Join request to (our ip) through port 5256
[*06/23/2022 07:06:04.8777] Sending Join request to (our Ip) through port 5256
[*06/23/2022 07:06:52.0331]
[*06/23/2022 07:06:52.0332] CAPWAP State: DTLS Teardown
[*06/23/2022 07:06:52.1484] status 'upgrade.sh: Script called with args:[CANCEL]'
[*06/23/2022 07:06:52.1817] do CANCEL, part1 is active part
[*06/23/2022 07:06:52.2103] status 'upgrade.sh: Cleanup tmp files ...'
[*06/23/2022 07:06:52.2416] Discarding msg CAPWAP_WTP_EVENT_REQUEST(type 9) in CAPWAP state: DTLS Teardown(4).
[*06/23/2022 07:06:52.2416] Discarding msg CAPWAP_WTP_EVENT_REQUEST(type 9) in CAPWAP state: DTLS Teardown(4).

ammahend · ‎06-22-2022

Also make sure trust point is configured correctly and MIC is used for ap authorization.

-hope this helps-

Sjalle · ‎06-22-2022

Hello

I found out the solution the WLC version 17.4.1 do not support the AP model C9124AXI-E. So thats why i can't connect it.

Thank you all for helping me