03-26-2014 12:39 PM - edited 07-05-2021 12:33 AM
Hi,
Does it possible register a Lightweight AP to remote Controller that are comunicated through a VPN site to site?
best regards
Solved! Go to Solution.
03-26-2014 02:33 PM
As a side note, you should upgrade your controller to a supported firmware version. Go for 7.4.121.0 for AireOS version & upgrade your FUS to 1.9.0.0 as well. The version you are running is having multiple critical bugs.
Product Version.................................. 7.4.100.60
Bootloader Version............................... 1.0.1
Field Recovery Image Version..................... 6.0.182.0
Firmware Version................................. FPGA 1.3, Env 1.6, USB console 1.27
Here are the release note for these versions. FUS upgrade will take around 30-40min, so get sufficient outage window for the upgrade (at least 1 hour for both)
http://www.cisco.com/c/en/us/td/docs/wireless/controller/release/notes/crn74mr02.html
http://www.cisco.com/c/en/us/td/docs/wireless/controller/release/notes/fus_rn_OL-31390-01.pdf
HTH
Rasika
*** Pls rate all useful responses ***
03-26-2014 12:56 PM
yes it is :)
03-26-2014 01:00 PM
Yes it is possible.
Normally this technology is called flexconnect(old name was H-REAP).
Here are the modes:
http://www.cisco.com/c/en/us/support/docs/wireless-mobility/wireless-lan-wlan/81680-hreap-modes.html
HREAP Design:
http://www.cisco.com/c/en/us/support/docs/wireless/5500-series-wireless-controllers/71250-h-reap-design-deploy.html
Regards
Dont forget to rate helpful posts
03-26-2014 01:15 PM
ok, I before configured H-REAP an FlexConnect, but through a Point to Point Link, and the AP refistered normally, now I´m triying to do it through a VPN site to site and the console AP only sends this messenge repeatly
%CAPWAP-3-ERRORLOG: Could Not resolve CISCO-CAPWAP-CONTROLLER
Translating "CISCO-CAPWAP-CONTROLLER"...domain server (255.255.255.255)
Ping responses from AP to WLC and from WLC to AP, do you have any idea of why the AP doesn´t register?
thanks
03-26-2014 01:24 PM
Check:
is AP got the IP via DHCP or statically ?
is there a Way for AP to find WLC ?
reboot the AP and post the entite bootup process here als paste the output of these commands:
sh sysinfo from WLC
sh version from AP
Regards
Dont forget to rate helpful posts
03-26-2014 02:18 PM
Hi,
I configured the IP statically using the commands
capwap ap controller ip address
capwap ap ip address
capwap ap ip default-gateway
Here is the outputs
AP7c69.f640.de6e#
reload
Proceed with reload? [confirm]
Writing out the event log to flash:/event.log ...
*Jul 20 05:20:34.079: %SYS-5-RELOAD: Reload requested by cisco on console. Reload Reason: Reload Command.
*Jul 20 05:20:34.095: %LWAPP-5-CHANGED: CAPWAP changed state to DOWN
Translating "CISCO-CAPWAP-CONTROLLER"...domain server (255.255.255.255)
Write of event.log done
IOS Bootloader - Starting system.
flash is writable
FLASH CHIP: Numonyx Mirrorbit (0089)
Xmodem file system is available.
flashfs[0]: 52 files, 8 directories
flashfs[0]: 0 orphaned files, 0 orphaned directories
flashfs[0]: Total bytes: 31997952
flashfs[0]: Bytes used: 13725696
flashfs[0]: Bytes available: 18272256
flashfs[0]: flashfs fsck took 27 seconds.
Reading cookie from SEEPROM
Base Ethernet MAC address: 7c:69:f6:40:de:6e
Ethernet speed is 100 Mb - FULL Duplex
Loading "flash:/ap3g2-k9w8-mx.152-4.JB4/ap3g2-k9w8-mx.152-4.JB4"...##########################
File "flash:/ap3g2-k9w8-mx.152-4.JB4/ap3g2-k9w8-mx.152-4.JB4" uncompressed and installed, entry point: 0x2003000
executing...
Secondary Bootloader - Starting system.
Tide MB - 32MB of flash
Xmodem file system is available.
flashfs[0]: 52 files, 8 directories
flashfs[0]: 0 orphaned files, 0 orphaned directories
flashfs[0]: Total bytes: 31997952
flashfs[0]: Bytes used: 13725696
flashfs[0]: Bytes available: 18272256
flashfs[0]: flashfs fsck took 18 seconds.
Base Ethernet MAC address: 7c:69:f6:40:de:6e
Boot CMD: 'boot flash:/ap3g2-k9w8-mx.152-4.JB4/ap3g2-k9w8-xx.152-4.JB4;flash:/ap3g2-k9w8-mx.152-4.JB4/ap3g2-k9w8-mx.152-4.JB4'
Loading "flash:/ap3g2-k9w8-mx.152-4.JB4/ap3g2-k9w8-xx.152-4.JB4"...######################################
File "flash:/ap3g2-k9w8-mx.152-4.JB4/ap3g2-k9w8-xx.152-4.JB4" uncompressed and installed, entry point: 0x1003000
executing...
Restricted Rights Legend
Use, duplication, or disclosure by the Government is
subject to restrictions as set forth in subparagraph
(c) of the Commercial Computer Software - Restricted
Rights clause at FAR sec. 52.227-19 and subparagraph
(c) (1) (ii) of the Rights in Technical Data and Computer
Software clause at DFARS sec. 252.227-7013.
cisco Systems, Inc.
170 West Tasman Drive
San Jose, California 95134-1706
Cisco IOS Software, C3600 Software (AP3G2-K9W8-M), Version 15.2(4)JB4, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2014 by Cisco Systems, Inc.
Compiled Thu 06-Mar-14 10:41 by prod_rel_team
Tide MB - 32MB of flash
Initializing flashfs...
flashfs[3]: 52 files, 8 directories
flashfs[3]: 0 orphaned files, 0 orphaned directories
flashfs[3]: Total bytes: 31739904
flashfs[3]: Bytes used: 13725696
flashfs[3]: Bytes available: 18014208
flashfs[3]: flashfs fsck took 11 seconds.
flashfs[3]: Initialization complete.
flashfs[4]: 0 files, 1 directories
flashfs[4]: 0 orphaned files, 0 orphaned directories
flashfs[4]: Total bytes: 11999232
flashfs[4]: Bytes used: 1024
flashfs[4]: Bytes available: 11998208
flashfs[4]: flashfs fsck took 1 seconds.
flashfs[4]: Initialization complete.
Copying radio files from flash: to ram:
Copy in progress...CCCCC
Copy in progress...CCC
Copy in progress...CCCC
Copy in progress...CCCC
Copy in progress...CC
Copy in progress...CCC
Copy in progress...CC
Copy in progress...CCCCC
Uncompressing radio files...
...done Initializing flashfs.
Radio0 present 8764 8000 0 A8000000 A8010000 0
Rate table has 650 entries (20 legacy/224 11n/406 11ac)
POWER TABLE FILENAME = ram:/B2.bin
Radio1 present 8764 8000 0 88000000 88010000 4
POWER TABLE FILENAME = ram:/B5.bin
This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.
A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html
If you require further assistance please contact us by sending email to
export@cisco.com.
%Error opening flash:/ap3g2-rcvk9w8-mx/info (No such file or directory)cisco AIR-CAP2602E-A-K9 (PowerPC) processor (revision A0) with 204790K/57344K bytes of memory.
Processor board ID FTX1732J076
PowerPC CPU at 800MHz, revision number 0x2151
Last reset from power-on
LWAPP image version 7.6.100.0
1 Gigabit Ethernet interface
2 802.11 Radios
32K bytes of flash-simulated non-volatile configuration memory.
Base ethernet MAC Address: 7C:69:F6:40:DE:6E
Part Number : 73-14511-02
PCA Assembly Number : 800-37898-01
PCA Revision Number : A0
PCB Serial Number : FOC17292QAP
Top Assembly Part Number : 800-38357-01
Top Assembly Serial Number : FTX1732J076
Top Revision Number : A0
Product/Model Number : AIR-SAP2602E-A-K9
% Please define a domain-name first.
Press RETURN to get started!
*Mar 1 00:00:15.579: %SOAP_FIPS-2-SELF_TEST_IOS_SUCCESS: IOS crypto FIPS self test passed (11)
*Mar 1 00:00:16.035: Registering HW DTLS
APAVC: Initial WLAN Buffers Given to System is 2500
APAVC: WlanPAKs 18174 RadioPaks 17566
*Mar 1 00:00:18.415: %LINK-6-UPDOWN: Interface GigabitEthernet0, changed state to up
*Mar 1 00:00:22.223: %SOAP_FIPS-2-SELF_TEST_RAD_SUCCESS: RADIO crypto FIPS self test passed on interface Dot11Radio 0 (4)
*Mar 1 00:00:28.551: %SOAP_FIPS-2-SELF_TEST_RAD_SUCCESS: RADIO crypto FIPS self test passed on interface Dot11Radio 1 (4)
*Mar 1 00:00:28.755: Wait until the stile protocol list is initialized.
*Mar 1 00:00:31.767: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0, changed state to down
*Mar 1 00:00:33.955: Start STILE Activation
*Jul 20 05:20:33.043: %SYS-5-RESTART: System restarted --
Cisco IOS Software, C3600 Software (AP3G2-K9W8-M), Version 15.2(4)JB4, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2014 by Cisco Systems, Inc.
Compiled Thu 06-Mar-14 10:41 by prod_rel_team
*Jul 20 05:20:33.043: %SNMP-5-COLDSTART: SNMP agent on host AP7c69.f640.de6e is undergoing a cold start
*Jul 20 05:20:34.315: %LINEPROTO-5-UPDOWN: Line protocol on Interface BVI1, changed state to upERROR: Failed to configure ethernet promiscuous mode. Interface Descriptor mismatch
*Jul 20 05:20:48.399: %SOAP_FIPS-2-SELF_TEST_HW_SUCCESS: HW crypto FIPS self test passed (2-8)
*Jul 20 05:20:48.399: DPAA Initialization Complete
*Jul 20 05:20:48.399: %SYS-3-HARIKARI: Process DPAA INIT top-level routine exited
*Jul 20 05:20:49.403: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0, changed state to up
*Jul 20 05:20:55.163: APAVC: Succeeded to activate all the STILE protocols.
*Jul 20 05:20:55.163: APAVC: Registering with CFT
APAVC: CFT registration of delete callback succeeded
APAVC: Reattaching Original Buffer pool for system use
Pool-ReAtach: paks 18174 radio17566
Translating "CISCO-CAPWAP-CONTROLLER"...domain server (255.255.255.255)
*Jul 20 05:21:06.515: %CAPWAP-3-ERRORLOG: Could Not resolve CISCO-CAPWAP-CONTROLLER
*Jul 20 05:21:06.515: %LWAPP-3-CLIENTERRORLOG: LWAPP LED Init: incorrect led state 255
*Jul 20 05:21:06.539: %LINK-6-UPDOWN: Interface Dot11Radio0, changed state to uplwapp_crypto_init: MIC Present and Parsed Successfully
*Jul 20 05:21:06.743: %SSH-5-ENABLED: SSH 2.0 has been enabled
*Jul 20 05:21:06.743: %LINK-6-UPDOWN: Interface Dot11Radio1, changed state to up
*Jul 20 05:21:06.767: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to reset
*Jul 20 05:21:06.767: %LINK-5-CHANGED: Interface Dot11Radio1, changed state to reset
*Jul 20 05:21:07.539: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to down
*Jul 20 05:21:07.743: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio1, changed state to down
*Jul 20 05:21:16.755: Logging LWAPP message to 255.255.255.255.
Translating "CISCO-CAPWAP-CONTROLLER"...domain server (255.255.255.255)
*Jul 20 05:21:35.759: %CAPWAP-3-ERRORLOG: Could Not resolve CISCO-CAPWAP-CONTROLLER
Translating "CISCO-CAPWAP-CONTROLLER"...domain server (255.255.255.255)
*Jul 20 05:21:48.039: %CDP_PD-4-POWER_OK: Full power - NEGOTIATED inline power source
*Jul 20 05:21:49.139: %LINK-6-UPDOWN: Interface Dot11Radio0, changed state to up
*Jul 20 05:21:50.139: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to up
*Jul 20 05:21:50.235: %LINK-6-UPDOWN: Interface Dot11Radio1, changed state to up
*Jul 20 05:21:51.235: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio1, changed state to up
*Jul 20 05:21:54.759: %CAPWAP-3-ERRORLOG: Could Not resolve CISCO-CAPWAP-CONTROLLER
Translating "CISCO-CAPWAP-CONTROLLER"...domain server (255.255.255.255)
AP7c69.f640.de6e#sh version
Cisco IOS Software, C3600 Software (AP3G2-K9W8-M), Version 15.2(4)JB4, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2014 by Cisco Systems, Inc.
Compiled Thu 06-Mar-14 10:41 by prod_rel_team
ROM: Bootstrap program is C3600 boot loader
BOOTLDR: C3600 Boot Loader (AP3G2-BOOT-M) LoaderVersion 12.4(25e)JA1, RELEASE SOFTWARE (fc1)
AP7c69.f640.de6e uptime is 15 minutes
System returned to ROM by power-on
System image file is "flash:/ap3g2-k9w8-mx.152-4.J
Translating "CISCO-CAPWAP-CONTROLLER"...domain server (255.255.255.255)B4/ap3g2-k9w8-xx.152-4.JB4"
Last reload reason:
This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.
A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html
If you require further assistance please contact us by sending email to
export@cisco.com.
cisco AIR-CAP2602E-A-K9 (PowerPC) processor (revision A0) with 204790K/57344K bytes of memory.
Processor board ID FTX1732J076
PowerPC CPU at 800MHz, revision number 0x2151
Last reset from power-on
LWAPP image version 7.6.100.0
1 Gigabit Ethernet interface
2 802.11 Radios
32K bytes of flash-simulated non-volatile configuration memory.
Base ethernet MAC Address: 7C:69:F6:40:DE:6E
Part Number : 73-14511-02
PCA Assembly Number : 800-37898-01
PCA Revision Number : A0
PCB Serial Number : FOC17292QAP
Top Assembly Part Number : 800-38357-01
Top Assembly Serial Number : FTX1732J076
Top Revision Number : A0
Product/Model Number : AIR-SAP2602E-A-K9
Configuration register is 0xF
(Cisco Controller) >show sysinfo
Manufacturer's Name.............................. Cisco Systems Inc.
Product Name..................................... Cisco Controller
Product Version.................................. 7.4.100.60
Bootloader Version............................... 1.0.1
Field Recovery Image Version..................... 6.0.182.0
Firmware Version................................. FPGA 1.3, Env 1.6, USB console 1.27
Build Type....................................... DATA + WPS
System Name...................................... WLC
System Location..................................
System Contact...................................
System ObjectID.................................. 1.3.6.1.4.1.9.1.1069
Redundancy Mode.................................. Disabled
IP Address....................................... 10.10.30.187
Last Reset....................................... Power on reset
System Up Time................................... 36 days 18 hrs 10 mins 27 secs
System Timezone Location.........................
System Stats Realtime Interval................... 5
System Stats Normal Interval..................... 180
Configured Country............................... MX - Mexico
--More-- or (q)uit
Operating Environment............................ Commercial (0 to 40 C)
Internal Temp Alarm Limits....................... 0 to 65 C
Internal Temperature............................. +40 C
External Temperature............................. +28 C
Fan Status....................................... OK
State of 802.11b Network......................... Enabled
State of 802.11a Network......................... Enabled
Number of WLANs.................................. 3
Number of Active Clients......................... 4
Memory Current Usage............................. Unknown
Memory Average Usage............................. Unknown
CPU Current Usage................................ Unknown
CPU Average Usage................................ Unknown
Burned-in MAC Address............................ 50:57:A8:C7:0A:20
Power Supply 1................................... Present, OK
Power Supply 2................................... Absent
Maximum number of APs supported.................. 12
I realized that the reglatory domain configured on WLC and local APs is Mexico-N and the AP I testing is US-A, I didn´t have to enable multiple regulatory domains using newer WLC software releases, but I´ll enable to be sure
thanks.
03-26-2014 02:27 PM
Yes, It will not join to this WLC because AP is in different regulatery domain.
WLC is in mexco but AP is in -A- America Domain.It must be in -N- domain.
You can try to enable two country (Mexico and USA)on wlc then check it out.
Regards
Dont forget to rate helpful posts
03-26-2014 04:04 PM
Hi,
Currently I can´t enable American domain, because I need shutdown the radios, but I got an American regulatory domain AP and happend the same behavior
best regards
03-26-2014 11:00 PM
You need a mexican domain AP to connect to this WLC (country configured as mexico).
regards
03-27-2014 02:53 PM
Yes,I´m testing now with mexican domain AP, but it still doesn´t connect
03-26-2014 02:33 PM
As a side note, you should upgrade your controller to a supported firmware version. Go for 7.4.121.0 for AireOS version & upgrade your FUS to 1.9.0.0 as well. The version you are running is having multiple critical bugs.
Product Version.................................. 7.4.100.60
Bootloader Version............................... 1.0.1
Field Recovery Image Version..................... 6.0.182.0
Firmware Version................................. FPGA 1.3, Env 1.6, USB console 1.27
Here are the release note for these versions. FUS upgrade will take around 30-40min, so get sufficient outage window for the upgrade (at least 1 hour for both)
http://www.cisco.com/c/en/us/td/docs/wireless/controller/release/notes/crn74mr02.html
http://www.cisco.com/c/en/us/td/docs/wireless/controller/release/notes/fus_rn_OL-31390-01.pdf
HTH
Rasika
*** Pls rate all useful responses ***
03-27-2014 03:13 PM
capwap ports opened on the firewall ?
03-27-2014 03:20 PM
Yes, all IP traffic is allowed
02-01-2015 03:50 PM
After ugrade code to 7.6.110 and FUS, the AP has registered without any problem,
thanks.
08-24-2020 03:20 PM - edited 12-13-2020 08:34 PM
Hi... as you are splinting your broadcast domain, you should set the branch to get WLC answers via CAPWAP (UDP 5246 to AP controlling) and considering use DHCP option 43 (converting the WLC IP to hex) and use it to allow the branch AP joining using CAPWAP features:
In the router facing the WAN link:
ip forward-protocol udp 5246
!
interface <AP_FACING>
encapsulation dot1Q <AP_VLAN>
ip address <AP_subnet>
ip helper-address <WLC_IP>
!
ip dhcp excluded-address 10.10.8.<start_reserved> 10.10.8.<end_reserved>
ip dhcp pool <AP_POOL_NAME>
network <AP_NET>
default-router <AP_GW>
dns-server <DNS>
option 60 ascii "Cisco AP c2800" --> to model c2800 if it's the case
option 43 hex f104.aaaa.bbbb.cccc --> f104.<WLC_IP_HEX_CONVERTED>
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide