Move ap from one controller to another
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-05-2022 10:40 AM
Hello.
We are in the process of moving a bunch of access points from an old supplier to us as a new supplier.
The old supplier does have a WLC which "holds" all of the access points.
I set up a new 9800 WLC, and tried to move one of the access points to the L2 subnet where I have configured the wireless management network. I also created DHCP option 43 on the DHCP server thats distributes ip addresses for the access points. (I moved on of the access points from the "old" management network to the newly created one.
I could not get the access point to join my controller even though it got the DHCP option 43. It said something about a certificate error.
So my thoughts was to reset the AP, which I did with the MODE button.
The ap joined my controller. All good so far.
So now I need to get all of the other access points over to my new controller. The problem is that some of the access points are mounted 50 meters above ground and VERY hard to get physical access to.
My thoughts was that the old supplier enabled SSH on the access points, which they did, and after that I could reset them via SSH.
But no luck. The access points doesnt have the write/erase or any of those commands.
So my question is basically: Do I need to access the access points physically and press the MODE button to reset them, or is there some way to do it from the access points ssh? If so, how?
Remember I dont have access to the old suppliers WLC.
The access points is a mix between 1702 and 2802, and running boot version 15.3.0.0 and software version 17.3.4.40
Many thanks in advance.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-05-2022 11:03 AM
Try the command "clear ap config <ap-name> keep-ip-config "
If not work you can try "capwap ap erase all"
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-05-2022 11:18 AM - edited 04-05-2022 11:24 AM
[cid:image001.png@01D8492A.36FAA680]
Thank you for the response, but as my screenshot shows none of those commands work.
Any idea why?
This is also on my test ap which I currently have in my controller.
Is there a command I need to enable to be able to do the clear command?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-05-2022 11:33 AM
This AP you tried is which? This command exist in any capwap AP I know but it may change the syntax from one to another.
after 'capwap ap....' if you run ? which option do you have?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-05-2022 11:36 AM - edited 04-05-2022 11:37 AM
Please see attached picture.
The ap is 1702 connected to the controller which I have control over.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-05-2022 11:50 AM
Yeah, looks like is not possoble. We can see a "Reset" option there but probably wont help you. One another possibility is do it using Cisco Prime, in case you have it.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-05-2022 12:37 PM
Hello again Flavio.
Thank you for your help so far.
I figured out on my controller I could run the clear ap config <ap-name> keep-ip-config. That command rebooted the ap and cleared the config.
Is the access point configured in a special way since I can only run that command from the controller?
Is there a way to ssh into the AP and set the "mode" of the AP to allow me to run those commands?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-05-2022 05:35 PM
Look at the screenshot. The command is there: capwap ap primary-base <WLC Name> <WLC IP ADDRESS>
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-07-2022 07:51 AM
Hello and thank you for the tip.
i did this on One of the ap and moved it to the New subnet.
i am getting a ssl error on the ap.
currently on phone so I dont have the specific error but the AP does not want to join because of the ssl error.
it looks like a wipe from the previous controller or a physical wipe is the only option.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-07-2022 08:29 AM
Another thing to be aware of https://www.cisco.com/c/en/us/support/docs/field-notices/639/fn63942.html
Please click Helpful if this post helped you and Select as Solution (drop down menu at top right of this reply) if this answered your query.
------------------------------
TAC recommended codes for AireOS WLC's and TAC recommended codes for 9800 WLC's
Best Practices for AireOS WLC's, Best Practices for 9800 WLC's and Cisco Wireless compatibility matrix
Check your 9800 WLC config with Wireless Config Analyzer using "show tech wireless" output or "config paging disable" then "show run-config" output on AireOS and use Wireless Debug Analyzer to analyze your WLC client debugs
Field Notice: FN63942 APs and WLCs Fail to Create CAPWAP Connections Due to Certificate Expiration
Field Notice: FN72424 Later Versions of WiFi 6 APs Fail to Join WLC - Software Upgrade Required
Field Notice: FN72524 IOS APs stuck in downloading state after 4 Dec 2022 due to Certificate Expired
- Fixed in 8.10.196.0, latest 9800 releases, 8.5.182.12 (8.5.182.13 for 3504) and 8.5.182.109 (IRCM, 8.5.182.111 for 3504)
Field Notice: FN70479 AP Fails to Join or Joins with 1 Radio due to Country Mismatch, RMA needed
How to avoid boot loop due to corrupted image on Wave 2 and Catalyst 11ax Access Points (CSCvx32806)
Field Notice: FN74035 - Wave2 APs DFS May Not Detect Radar After Channel Availability Check Time
Leo's list of bugs affecting 2800/3800/4800/1560 APs
Default AP console baud rate from 17.12.x is 115200 - introduced by CSCwe88390
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-05-2022 11:26 AM
I could not get the access point to join my controller even though it got the DHCP option 43. It said something about a certificate error.
Option 43 works if the device zero day provision on boarding. you need to reset the AP.
Make sure compatable matrix with WLC 9800 controller version with the AP.
So my question is basically: Do I need to access the access points physically and press the MODE button to reset them, or is there some way to do it from the access points ssh? If so, how? Remember I dont have access to the old suppliers WLC.
If you dont have WLC access and can you able to SSH to AP ?
if not then Physical reset required, then move to new VLAN, if you have console cable check what is happening while booting to get information., so you can follow same steps for the rest of the AP.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-05-2022 11:29 AM
Yes I am able to SSH to all the access points.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-05-2022 11:39 AM
what mode is this : i guess CAPWAP.
clear capwap private
reset
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-05-2022 11:56 AM
I am not experienced with either Cisco AP or WLC, but learning by the day.
What is the command to show mode?
The clear capwap private command is not recognized.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-06-2022 07:43 AM
since you meantioned you learning, let me put some document :
