The PoE Ports are not for the APs

Note      Ports 3 and 4 are PoE only ports; do not connect access point devices to these ports. The ports can be used for infra-switch connection using multiple an AP-Manager or data interface

Connect port 1 to a trunk port on the switch.
configure the native vlan ON THE TRUNKPORT only eg vlan 10
Let's assume your wireless is on vlan 10 and your WLC2504 is 10.10.10.20 /24 gateway 10.10.10.1
Enable and Configure DHCP scope for vlan 10
The APs are then connected to a vlan 10 access port on the switch
Configure the SSID

DHCP server tips
- enable bridging mode if using the controller as the DHCP server, otherwise disable it.
- if using other DHCP server and the DHCP server is in the same vlan as the controller, nothing further is needed.
- if DHCP server is on another vlan, you will need to configure option 43 (vendor specific into)


See the following sequence for guidance.

(Cisco Controller)
Welcome to the Cisco Wizard Configuration Tool
Use the '-' character to backup

Would you like to terminate autoinstall? [yes]: yes
AUTO-INSTALL: process terminated -- no configuration loaded
System Name [Cisco_d9:24:44] (31 characters max): Szabla
Enter Administrative User Name (24 characters max): cisco
Enter Administrative Password (3 to 24 characters): ********
Re-enter Administrative Password                 : ********
Management Interface IP Address: 10.10.10.20
Management Interface Netmask: 255.255.255.0
Management Interface Default Router: 10.10.10.1
Management Interface VLAN Identifier (0 = untagged): 0
Management Interface Port Num [1 to 4]: 1
Management Interface DHCP Server IP Address: 10.10.10.1

Virtual Gateway IP Address: 1.1.1.1
Mobility/RF Group Name: Jmobile

Network Name (SSID): Szabla
Configure DHCP Bridging Mode [yes][NO]: yes
Allow Static IP Addresses [YES][no]: yes

Configure a RADIUS Server now? [YES][no]: no
Warning! The default WLAN security policy requires a RADIUS server.
Please see documentation for more details.

Enter Country Code list (enter 'help' for a list of countries) [US]: US

Enable 802.11b Network [YES][no]: yes
Enable 802.11a Network [YES][no]: yes
Enable 802.11g Network [YES][no]: yes
Enable Auto-RF [YES][no]: yes

Configure a NTP server now? [YES][no]: no
Configure the system time now? [YES][no]: yes
Enter the date in MM/DD/YY format: 04/14/11
Enter the time in HH:MM:SS format: 15:52:20
Configuration correct? If yes, system will save it and reset. [yes][NO]: yes

Configuration saved!
Resetting system with new configuration...
Restarting system.




http://www.cisco.com/en/US/products/ps11630/products_tech_note09186a0080b8450c.shtml

Cisco say you can't use the PoE ports to directly connect APs.  Technically you can - they do work, but Cisco just don't support it that's all.  Anyway, forget the PoE ports for a second.

You need to check the software version on the WLC.  If you don't have 7.4 code the 1600 APs won't join the WLC.

When you browse to the WLC, what software version does it say in the summary page?

Also, you don't specifically need ap-manager ports configuring if:

1] You use one port as the primary port and one port as the backup port.
2] You use the management interface with the "Dynamic AP-management" box ticked.

If you wanted to connect all 4 ports from the WLC to a switch, for example, you'd need to configure ap-manager interfaces.

LAG is also enabled in 7.4 on the 2504 - completely removing the need to configure ap-manager interfaces in any case.

LAG was not enabled previously on the 2504.

My advice... install 7.4.100.0 (AIR-CT2500-K9-7-4-100-0.aes) on the WLC, and the 1.8 FUS image (AIR-CT2500-K9-1-8-0-0-FUS.aes).  Then install the 7.4.100.60 maintenance image (AIR-CT2500-K9-7-4-100-60.aes).

There's a new release - 7.4.110.0 - due soon.  7.4.100.60 is a beta maintenance release for certain bugs in 7.4.100.0.  You should install 7.4.110.0 when it becomes available.

I upgraded the WLC software. Still cannot get the WAPs to join. I have attached the text from one of the WAPs.
wapjoin.TXT

Post the config of your 2504

Paste the result of debug capwap

The APs are getting IP addresses and know where the controller is.

Check my post above and verify your settings again.

Be aware that bridging mode must be enabled if the WLC is the dhcp server.

Another main factor is time skew. Make sure the clock synchronizes with the ntp.

Ok so I can see your WLC is using IP 192.168.101.15.  Is there a firewall between the AP and the WLC which is blocking UDP port 5246?


Just as a note but with regard to the DHCP bridging comment - that is incorrect.

If you use the WLC as a DHCP server you should NOT use DHCP Bridging - you should use DHCP Proxy.  That is MANDATORY!

DHCP bridging is only used when the WLC is intended to be completely transparent to the DHCP function.

During normal operation (DHCP proxy) the WLC will direct DHCP requests to the DHCP server just as a standard IP helper would, whether it is on the same subnet or not.  In bridging mode the DHCP packet is not forwarded by the WLC; instead it drops onto the client VLAN just as it would if it were a wired client.  This means the DHCP packet is not modified by the WLC.

It is advisable to only use DHCP bridging mode if you want the IP helper on your L3 device to direct the DHCP packet to its intended DHCP server - otherwise just let the WLC do it.

I meant DHCP Proxy. I must be sleep-writing when I typed that in.

That's craigbeck for catching that.

Set DHCP Proxy to Enable or Global.

I used "global" on all my 2504s

Based on Cisco release notes, the 1600 Aironet series will only work with software release AIR-CT2500-K9-7-4-100-60. They will not work with a lower software release, as per the release notes write-up.

Strange isn't it. This software release only came out in May 2013. After applying the updated software, the controller picked up the WAPs.

I've requested that this question be closed as follows:

Accepted answer: 0 points for OmniSystems's comment #a39323762

for the following reason:

Conducted research and spoke to Cisco technical support. I was able to resolve the problem based on own data and research. Other contributors provide invaluable insights.

I believe my comment in ID: 39303773 stated exactly what the OP states as the reason for closing this question, and therefore should be marked as the answer.

FWIW... the latest .60 release is a maintenance release and includes the same support for the 1600 APs as the initial 7.4 release.  I've never needed to install .60 to provide support for a 1600 AP to join the WLC.

The Cisco release notes indicated that the .60 was needed. However, as I am new to this, I take your word for it. I did download the initial 7.4 but decided to go to .60 as specified in the notes. Thanks for your assistance and input.

Glad to help.  Just remember to go to 7.4.110.0 when it's released :-)

I plan to.