H-REAP enabled AP Doesn't join HQ Controller

john smith · ‎10-14-2012

Hello Friends,

i have configured cisco LAP1240 in H-Reap Mode for multiple branch offices with Local switching and central authentication.

one of the branch's AP does not join the controller in HQ while the others are all ok.

i have firewall only in HQ,

i did priming first for all APs like let them join the controller and configure controller IP in high availbility, and H-Reap config and assign SSID to map with the branch local vlan.

when i faced this issue first time i brought back ap and configure a static IP address for AP than recheck them again but the problem still same.

since i have only one firewall in the network and also other branches joined the controller through that firewall and no issues.

any help please?

Thanks

Scott Fella · ‎10-15-2012

A good test would be to take that ap to another site that is working and see if it joins. That would tell you if your FW is maybe blocking udp 5246/5247 or udp 12222/12223 from that particular site. Also, if you console into the AP, what do you see... do you see an initial join or not.

Thanks,

Scott

Help out other by using the rating system and marking answered questions as "Answered"

-Scott
*** Please rate helpful posts ***

Peter Nugent · ‎10-15-2012

It is worth checking that the ap is the correct rugulatory domain for the controller, just incase.

Sebastian Helmer · ‎10-15-2012

You could try to debug that on the WLC to see if the AP tries to joind the WLC so Firewall etc. is not the problem and to see maybe where the problem exactly is.

debug lwapp events enable

—Shows discovery packets and join packets.

debug lwapp packet enable— Shows packet level information of the discovery and join packets.

debug pm pki enable—Shows certificate validation process.

debug disable-all—Turns off debugs#

From: http://www.cisco.com/en/US/products/ps6366/products_tech_note09186a00808f8599.shtml