09-14-2022 04:07 PM - edited 09-14-2022 04:09 PM
Hi Everyone,
I've been searching for the past few days and I haven't found anyone with this specific issue I'm facing.
I received a Cisco 2811 with an NME-AIR-WLC6 and 4 AIR-LAP1142N after doing a refit.
I've configured the 2811 and the WLC the correct way to my knowledge, however, I am still experiencing issues with the AP finding the controller address.
I'll try to be as thorough as possible.
This is my DHCP Pool:
ip dhcp pool 101
network 10.10.101.0 255.255.255.0
default-router 10.10.101.2
!
ip dhcp pool 90
network 10.10.90.0 255.255.255.0
default-router 10.10.90.1
!
ip dhcp pool 91
network 10.10.91.0 255.255.255.0
default-router 10.10.91.1
option 60 ascii "Cisco AP c1140"
option 43 hex f104.0a0a.5a65
Interfaces:
interface FastEthernet0/0
no ip address
duplex half
speed auto
no mop enabled
!
interface FastEthernet0/1
no ip address
duplex auto
speed auto
!
interface FastEthernet0/1.90
encapsulation dot1Q 90
!
interface FastEthernet0/1.91
encapsulation dot1Q 91
ip address 10.10.91.1 255.255.255.0
!
interface FastEthernet0/1.101
encapsulation dot1Q 101
ip address 10.10.101.2 255.255.255.0
!
interface Integrated-Service-Engine1/0
ip address 10.10.90.1 255.255.255.0
vlan-id dot1q 90
exit-vlan-config
The vlan tagging on the ISE was just me being desperate.
(Cisco Controller) >show run-config
Press Enter to continue...
System Inventory
NAME: "Chassis" , DESCR: "Cisco Wireless Controller"
PID: NME-AIR-WLC6-K9, VID: V01, SN: FOC16134UPF
Burned-in MAC Address............................ 54:75:D0:07:D3:C0
Press Enter to continue or <ctrl-z> to abort
System Information
Manufacturer's Name.............................. Cisco Systems Inc.
Product Name..................................... Cisco Controller
Product Version.................................. 6.0.199.4
RTOS Version..................................... 6.0.199.4
Bootloader Version............................... 6.0.199.4
Emergency Image Version.......................... 6.0.199.4
Build Type....................................... DATA + WPS
System Name...................................... Cisco_wlc
System Location..................................
System Contact...................................
System ObjectID.................................. 1.3.6.1.4.1.9.1.818
IP Address....................................... 10.10.90.100
System Up Time................................... 0 days 1 hrs 46 mins 6 secs
System Timezone Location.........................
Configured Country............................... US - United States
State of 802.11b Network......................... Enabled
State of 802.11a Network......................... Enabled
--More or (q)uit current module or <ctrl-z> to abort
Number of WLANs.................................. 1
3rd Party Access Point Support................... Disabled
Number of Active Clients......................... 0
Burned-in MAC Address............................ 54:75:D0:07:D3:C0
Press Enter to continue or <ctrl-z> to abort
Switch Configuration
802.3x Flow Control Mode......................... Disable
FIPS prerequisite features....................... Disabled
secret obfuscation............................... Enabled
Press Enter to continue or <ctrl-z> to abort
Network Information
RF-Network Name............................. SB
Web Mode.................................... Enable
Secure Web Mode............................. Enable
Secure Web Mode Cipher-Option High.......... Disable
Secure Web Mode Cipher-Option SSLv2......... Enable
Secure Shell (ssh).......................... Enable
Telnet...................................... Enable
Ethernet Multicast Forwarding............... Enable
Ethernet Broadcast Forwarding............... Disable
AP Multicast/Broadcast Mode................. Multicast Address : 239.255.255.1
IGMP snooping............................... Enabled
IGMP timeout................................ 60 seconds
User Idle Timeout........................... 300 seconds
ARP Idle Timeout............................ 300 seconds
Cisco AP Default Master..................... Enabled
AP Join Priority............................ Disable
Mgmt Via Wireless Interface................. Disable
Mgmt Via Dynamic Interface.................. Disable
Bridge MAC filter Config.................... Enable
Bridge Security Mode........................ EAP
Mesh Full Sector DFS........................ Enable
--More or (q)uit current module or <ctrl-z> to abort
AP Fallback ................................ Enable
Web Auth Redirect Ports .................... 80
Fast SSID Change ........................... Enabled
IP/MAC Addr Binding Check .................. Enabled
I'm not sure where to find it again but the AP controller address is 10.10.90.101
Multicast Address, I'm pretty sure I got it somewhere on this forum as well.
Ideally, I wanted the controller on VLAN 90 and the APs on VLAN 91.
While writing this post I decided to replicate my results based on my current configuration.
Before starting, I factory reset the AP with the commands:
ap:delete flash:private-config
ap:delete flash:private-multiple-fs
ap:boot
I don't know if it matters but I'm using a 3560e-24pd-s
Plugging the AP into an access port for VLAN 90 produced:
*Mar 1 00:00:09.490: %LINK-3-UPDOWN: Interface GigabitEthernet0, changed state to up
*Mar 1 00:00:10.569: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0, changed state to up
*Mar 1 00:00:10.597: %SYS-5-RESTART: System restarted --
Cisco IOS Software, C1140 Software (C1140-K9W8-M), Version 12.4(21a)JHB1, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2010 by Cisco Systems, Inc.
Compiled Wed 11-Aug-10 15:45 by prod_rel_team
*Mar 1 00:00:10.598: %SNMP-5-COLDSTART: SNMP agent on host ap is undergoing a cold start
*Mar 1 00:11:45.040: %CAPWAP-5-CHANGED: CAPWAP changed state to DISCOVERY
*Mar 1 00:11:45.233: %SSH-5-ENABLED: SSH 2.0 has been enabled
*Mar 1 00:11:45.233: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to reset
*Mar 1 00:11:45.233: %LINK-5-CHANGED: Interface Dot11Radio1, changed state to reset
*Mar 1 00:11:46.232: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to down
*Mar 1 00:11:46.233: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio1, changed state to down
*Mar 1 00:11:54.357: %DHCP-6-ADDRESS_ASSIGN: Interface GigabitEthernet0 assigned DHCP address 10.10.91.33, mask 255.255.255.0, hostname APf0f7.5560.2ead
*Mar 1 00:12:04.114: Logging LWAPP message to 255.255.255.255.
*Mar 1 00:12:0
*Mar 1 00:12:06.189: %LINK-3-UPDOWN: Interface Dot11Radio1, changed state to up
*Mar 1 00:12:06.189: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to up
*Mar 1 00:12:07.189: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio1, changed state to up
*Mar 1 00:12:07.189: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to up
*Mar 1 00:12:07.189: %SYS-6-LOGGINGHOST_STARTSTOP: Logging to host 255.255.255.255 started - CLI initiated
Translating "CISCO-CAPWAP-CONTROLLER"...domain server (255.255.255.255)
*Mar 1 00:12:14.941: %CAPWAP-3-ERRORLOG: Did not get log server settings from DHCP.
*Mar 1 00:12:23.941: %CAPWAP-3-ERRORLOG: Could Not resolve CISCO-CAPWAP-CONTROLLER
APf0f7.5560.2ead#
*Mar 1 00:12:33.942: %CAPWAP-3-ERRORLOG: Go join a capwap controller
*Oct 12 02:52:05.000: %CAPWAP-5-DTLSREQSEND: DTLS connection request sent peer_ip: 10.10.90.101 peer_port: 5246
*Oct 12 02:52:05.000: %CAPWAP-5-CHANGED: CAPWAP changed state to
*Oct 12 02:52:05.712: %CAPWAP-5-DTLSREQSUCC: DTLS connection created sucessfully peer_ip: 10.10.90.101 peer_port: 5246
*Oct 12 02:52:05.713: %CAPWAP-5-SENDJOIN: sending Join Request to 10.10.90.101
*Oct 12 02:52:05.713: %CAPWAP-5-CHANGED: CAPWAP changed state to JOIN
*Oct 12 02:52:05.804: %CAPWAP-5-CHANGED: CAPWAP changed state to CFG
*Oct 12 02:52:05.805: %DTLS-5-ALERT: Received WARNING : Close notify alert from 10.10.90.101
*Oct 12 02:52:05.805: %DTLS-5-PEER_DISCONNECT: Peer 10.10.90.101 has closed connection.
*Oct 12 02:52:15.868: %CAPWAP-3-ERRORLOG: Go join a capwap controller
*Oct 12 02:52:16.000: %CAPWAP-5-DTLSREQSEND: DTLS connection request sent peer_ip: 10.10.90.101 peer_port: 5246
*Oct 12 02:52:16.000: %CAPWAP-5-CHANGED: CAPWAP changed state to
*Oct 12 02:52:16.719: %CAPWAP-5-DTLSREQSUCC: DTLS connection created sucessfully peer_ip: 10.10.90.101 peer_port: 5246
*Oct 12 02:52:16.720: %CAPWAP-5-SENDJOIN: sending Join Request to 10.10.90.101
*Oct 12 02:52:16.720: %CAPWAP-5-CHANGED: CAPWAP changed state to JOIN
*Oct 12 02:52:16.804: %CAPWAP-5-CHANGED: CAPWAP changed state to CFG
*Oct 12 02:52:16.805: %DTLS-5-ALERT: Received WARNING : Close notify alert from 10.10.90.101
*Oct 12 02:52:16.805: %DTLS-5-PEER_DISCONNECT: Peer 10.10.90.101 has closed connection.
Surprisingly Option 43 worked this time but before I was having difficulties with that as well. Before the factory reset I did manually configure the controller address but I factory reset the AP to be sure that wasn't why.
The date is OCT 12 2022 on the controller because I read about the license expiration and saw that I had to set the date before that (Not sure how to check the license again though, sorry)
----------------------------------------------------
Now I tried to just put the APs on 90 as I heard this helps but. I got this result:
*Mar 1 00:00:06.501: %SOAP_FIPS-2-SELF_TEST_IOS_SUCCESS: IOS crypto FIPS self test passed
*Mar 1 00:00:06.513: *** CRASH_LOG = YES
Security Core found.
Base Ethernet MAC address: F0:F7:55:60:2E:AD
*Mar 1 00:00:07.814: %SOAP_FIPS-2-SELF_TEST_RAD_SUCCESS: RADIO crypto FIPS self test passed on interface Dot11Radio 0
*Mar 1 00:00:08.321: %SOAP_FIPS-2-SELF_TEST_RAD_SUCCESS: RADIO crypto FIPS self test passed on interface Dot11Radio 1
*Mar 1 00:00:08.354: %LWAPP-3-CLIENTEVENTLOG: Read and initialized AP event log (contains, 240 messages)
*Mar 1 00:00:09.500: %LINK-3-UPDOWN: Interface GigabitEthernet0, changed state to up
*Mar 1 00:00:10.579: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0, changed state to up
*Mar 1 00:00:10.608: %SYS-5-RESTART: System restarted --
Cisco IOS Software, C1140 Software (C1140-K9W8-M), Version 12.4(21a)JHB1, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2010 by Cisco Systems, Inc.
Compiled Wed 11-Aug-10 15:45 by prod_rel_team
*Mar 1 00:00:10.608: %SNMP-5-COLDSTART: SNMP agent on host ap is undergoing a cold start
*Mar 1 00:11:45.041: %CAPWAP-5-CHANGED: CAPWAP changed state to DISCOVERY
*Mar 1 00:11:45.230: %SSH-5-ENABLED: SSH 2.0 has been enabled
*Mar 1 00:11:45.230: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to reset
*Mar 1 00:11:45.230: %LINK-5-CHANGED: Interface Dot11Radio1, changed state to reset
*Mar 1 00:11:46.229: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to down
*Mar 1 00:11:46.229: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio1, changed state to down
*Mar 1 00:12:04.886: Logging LWAPP message to 255.255.255.255.
*Mar 1 00:12:06.562: %CDP_PD-4-POWER_OK: Full power - NEGOTIATED inline power source
*Mar 1 00:12:06.601: %LINK-3-UPDOWN: Interface Dot11Radio1, changed state to up
*Mar 1 00:12:06.601: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to up
*Mar 1 00:12:07.600: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio1, changed state to up
*Mar 1 00:12:07.601: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to up
*Mar 1 00:12:07.601: %SYS-6-LOGGINGHOST_STARTSTOP: Logging to host 255.255.255.255 started - CLI initiated
*Mar 1 00:12:13.937: %CAPWAP-3-ERRORLOG: Not sending discovery request AP does not have an Ip !!
*Mar 1 00:12:23.937: %CAPWAP-3-ERRORLOG: Not sending discovery request AP does not have an Ip !!
DHCP doesn't work on VLAN 90?? I don't understand why. I know it has to do with the ISE IP address as I removed it from the ISE and assigned it to a subinterface f0/1.90 and a pc I connected to an access port got an IP address via DHCP.
So I would just like to know why is the AP not connecting and is this common where DHCP won't work for VLAN 90 with that configuration? From the previous network drawing I was viewing where these devices were configured, the WLC was on its own VLAN.
Any help is appreciated, thanks!
Solved! Go to Solution.
09-15-2022 11:34 PM
>...- Check the controller logs too when the AP tries to join.
Just issue the command show logging when the AP tries to join
M.
09-17-2022 08:32 PM
Thank you for that, now that I checked, I saw that the WLC was set to the wrong country code, emarassing!
Thank you so much for the help!
09-15-2022 03:16 AM
- Check the controller logs too when the AP tries to join.
M.
09-15-2022 03:58 PM
Do I just do this by using the function debug capwap events enable then show eventlog? If so, I didn't see anything. However, it may have to do with what happened while typing this.
Now after keeping the AP off for about 18 hours, it cannot discover the WLC again
*Mar 1 00:00:06.501: %SOAP_FIPS-2-SELF_TEST_IOS_SUCCESS: IOS crypto FIPS self test passed
*Mar 1 00:00:06.513: *** CRASH_LOG = YES
Security Core found.
Base Ethernet MAC address: F0:F7:55:60:2E:AD
*Mar 1 00:00:07.815: %SOAP_FIPS-2-SELF_TEST_RAD_SUCCESS: RADIO crypto FIPS self test passed on interface Dot11Radio 0
*Mar 1 00:00:08.321: %SOAP_FIPS-2-SELF_TEST_RAD_SUCCESS: RADIO crypto FIPS self test passed on interface Dot11Radio 1
*Mar 1 00:00:08.355: %LWAPP-3-CLIENTEVENTLOG: Read and initialized AP event log (contains, 240 messages)
*Mar 1 00:00:09.495: %LINK-3-UPDOWN: Interface GigabitEthernet0, changed state to up
*Mar 1 00:00:10.574: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0, changed state to up
*Mar 1 00:00:10.603: %SYS-5-RESTART: System restarted --
Cisco IOS Software, C1140 Software (C1140-K9W8-M), Version 12.4(21a)JHB1, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2010 by Cisco Systems, Inc.
Compiled Wed 11-Aug-10 15:45 by prod_rel_team
*Mar 1 00:00:10.603: %SNMP-5-COLDSTART: SNMP agent on host ap is undergoing a cold start
*Mar 1 00:11:45.043: %CAPWAP-5-CHANGED: CAPWAP changed state to DISCOVERY
*Mar 1 00:11:45.231: %SSH-5-ENABLED: SSH 2.0 has been enabled
*Mar 1 00:11:45.231: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to reset
*Mar 1 00:11:45.231: %LINK-5-CHANGED: Interface Dot11Radio1, changed state to reset
*Mar 1 00:11:46.231: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to down
*Mar 1 00:11:46.231: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio1, changed state to down
*Mar 1 00:11:53.355: %DHCP-6-ADDRESS_ASSIGN: Interface GigabitEthernet0 assigned DHCP address 10.10.91.6, mask 255.255.255.0, hostname APf0f7.5560.2ead
*Mar 1 00:12:04.906: Logging LWAPP message to 255.255.255.255.
*Mar 1 00:12:06.908: %CDP_PD-4-POWER_OK: Full power - NEGOTIATED inline power source
*Mar 1 00:12:06.947: %LINK-3-UPDOWN: Interface Dot11Radio1, changed state to up
*Mar 1 00:12:06.948: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to up
*Mar 1 00:12:07.947: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio1, changed state to up
*Mar 1 00:12:07.947: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to up
*Mar 1 00:12:07.948: %SYS-6-LOGGINGHOST_STARTSTOP: Logging to host 255.255.255.255 started - CLI initiated
Translating "CISCO-CAPWAP-CONTROLLER"...domain server (255.255.255.255)
*Mar 1 00:12:14.942: %CAPWAP-3-ERRORLOG: Did not get log server settings from DHCP.
*Mar 1 00:12:23.942: %CAPWAP-3-ERRORLOG: Could Not resolve CISCO-CAPWAP-CONTROLLER
*Mar 1 00:14:33.948: %CAPWAP-5-DHCP_RENEW: Could not discover WLC using DHCP IP. Renewing DHCP IP.
I'm about to rip my hair out haha. THIS was the error I was getting intially. So maybe it wasn't factory reset? Now I'm back to square one.
09-15-2022 11:34 PM
>...- Check the controller logs too when the AP tries to join.
Just issue the command show logging when the AP tries to join
M.
09-17-2022 08:32 PM
Thank you for that, now that I checked, I saw that the WLC was set to the wrong country code, emarassing!
Thank you so much for the help!
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide