cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
741
Views
0
Helpful
3
Replies

Lightweight AP Connectivity Problem

Richard Atkin
Level 4
Level 4

Hi Guys (& Ladies?),

I have a 4404 running 4.1.185.0, with a number of 1130 AG Access Points. APs are in different subnets, and were provisioned using DHCP - this all works fine.

Problems begin if I reboot / lose the Wireless LAN Controller. The APs correctly identify they're alone, and begin the re-connection / discovery process as expected.

From the AP perspective, it is sending messages to the correct IP / Port of the WLC, but never receives a response. (FILE: AP Port Span.pcap, the specific AP being spanned is 10.8.57.135, the WLC Mgmt Interface is 10.8.67.1)

From the WLC perspective, the LWAPP Discovery messages are received, but the WLC believes they contain error(s) ("UNKNOWN IE 58" and "UNKNOWN IE 99"), and so never responds. (FILE: "WLC debug lwapp packet.txt")

Currently, the only way to recover from the situation is to pull the power on the Access Points and reboot them (not easy as some APs on Power Injectors at remote sites).

So the question is, how do I fix this problem?

Cheers All,

Richard.

3 Replies 3

Richard Atkin
Level 4
Level 4

Hi All,

Just so you know, the UNKNOWN IE messages are normal, and the numbers correspond with the provisioning type that was used.

In the end, the problem was caused by a problem on a Firewall where Stateful UDP wasn't configured properly, and so if a response (from WLC to AP) was recieved that was a fragmented UDP packet, it would drop the the whole packet (ie, both Fragments).

Some work on the Firewall fixed the problem.

What kind of FW do you use?

What did you do to fix the problem?

I am have a case with an Microsoft ISA server and a Cisco PIX VPN that drops the fragments.

jesse.fields
Level 1
Level 1

I would be interested to learn what the fix to this issue is. I am currently experiencing the same errors but with a new 1130AG at a remote site. I get the UNKNOWN 58 then the UNKNOWN 99 messages on the controller. I have tested with another AP in different areas of my network with no problems. I have verified there are no ports being blocked beteen the AP's network and the controller.

Thanks.

Review Cisco Networking for a $25 gift card