David Haycox
asked on
Cisco AP fails to join WLC
We have a Cisco virtual wireless controller (vWLC) v8.3.102.0 set up as detailed here:
http://www.cisco.com/c/en/us/support/docs/wireless/virtual-wireless-controller/113677-virtual-wlan-dg-00.html#features
All other settings are on default, apart from the IP addresses.
New, out of the box, APs fail to connect despite sending join requests to the WLC. The output of the AP is as follows:
http://www.cisco.com/c/en/us/support/docs/wireless/virtual-wireless-controller/113677-virtual-wlan-dg-00.html#features
All other settings are on default, apart from the IP addresses.
New, out of the box, APs fail to connect despite sending join requests to the WLC. The output of the AP is as follows:
Ethernet speed is 1000 Mb - FULL Duplex
Loading "flash:/ap3g2-rcvk9w8-mx/ap3g2-rcvk9w8-mx"...#########################
File "flash:/ap3g2-rcvk9w8-mx/ap3g2-rcvk9w8-mx" uncompressed and installed, entr y point: 0x2003000
executing...
Secondary Bootloader - Starting system.
Antigua Lite Board P2
40MB format
Tide XL MB - 40MB of flash
Xmodem file system is available.
flashfs[0]: 239 files, 8 directories
flashfs[0]: 0 orphaned files, 0 orphaned directories
flashfs[0]: Total bytes: 41158656
flashfs[0]: Bytes used: 20173824
flashfs[0]: Bytes available: 20984832
flashfs[0]: flashfs fsck took 11 seconds.
flashfs[1]: 0 files, 1 directories
flashfs[1]: 0 orphaned files, 0 orphaned directories
flashfs[1]: Total bytes: 12257280
flashfs[1]: Bytes used: 1024
flashfs[1]: Bytes available: 12256256
flashfs[1]: flashfs fsck took 0 seconds.
Base Ethernet MAC address: 00:62:ec:4b:58:7c
Boot CMD: 'boot flash:/ap3g2-rcvk9w8-mx/ap3g2-rcvk9w8-xx;flash:/ap3g2-rcvk9w8-mx/ap3g2-rcvk9w8-xx'
Loading "flash:/ap3g2-rcvk9w8-mx/ap3g2-rcvk9w8-xx"...############################
File "flash:/ap3g2-rcvk9w8-mx/ap3g2-rcvk9w8-xx" uncompressed and installed, entry point: 0x1003000
executing...
Restricted Rights Legend
Use, duplication, or disclosure by the Government is
subject to restrictions as set forth in subparagraph
(c) of the Commercial Computer Software - Restricted
Rights clause at FAR sec. 52.227-19 and subparagraph
(c) (1) (ii) of the Rights in Technical Data and Computer
Software clause at DFARS sec. 252.227-7013.
cisco Systems, Inc.
170 West Tasman Drive
San Jose, California 95134-1706
Cisco IOS Software, C1700 Software (AP3G2-RCVK9W8-M), Version 15.3(3)JC, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2015 by Cisco Systems, Inc.
Compiled Fri 11-Dec-15 11:55 by prod_rel_team
Antigua Lite Board P2
40MB format
Tide XL MB - 40MB of flash
Initializing flashfs...
flashfs[2]: 239 files, 8 directories
flashfs[2]: 0 orphaned files, 0 orphaned directories
flashfs[2]: Total bytes: 40900608
flashfs[2]: Bytes used: 20173824
flashfs[2]: Bytes available: 20726784
flashfs[2]: flashfs fsck took 11 seconds.
flashfs[2]: Initialization complete.
flashfs[3]: 0 files, 1 directories
flashfs[3]: 0 orphaned files, 0 orphaned directories
flashfs[3]: Total bytes: 11999232
flashfs[3]: Bytes used: 1024
flashfs[3]: Bytes available: 11998208
flashfs[3]: flashfs fsck took 1 seconds.
flashfs[3]: Initialization complete....done Initializing flashfs.
This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.
A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html
If you require further assistance please contact us by sending email to
export@cisco.com.
cisco AIR-CAP1702I-E-K9 (PowerPC) processor (revision A0) with 376814K/134656K bytes of memory.
Processor board ID FCW2024P2WZ
PowerPC CPU at 800Mhz, revision number 0x2151
Last reset from power-on
LWAPP image version 8.2.100.0
1 Gigabit Ethernet interface
32K bytes of flash-simulated non-volatile configuration memory.
Base ethernet MAC Address: 00:62:EC:4B:58:7C
Part Number : 73-16776-01
PCB Serial Number : FOC20222CAY
Top Assembly Part Number : 068-100665-01
Top Assembly Serial Number : FCW2024P2WZ
Top Revision Number : A0
Product/Model Number : AIR-CAP1702I-E-K9
% Please define a domain-name first.
ipv6 enable
^
% Invalid input detected at '^' marker.
ipv6 address autoconfig
^
% Invalid input detected at '^' marker.
ipv6 address dhcp
^
% Invalid input detected at '^' marker.
Press RETURN to get started!
*Mar 1 00:00:13.475: APAVC: Initial WLAN Buffers Given to System is 2500
*Mar 1 00:00:13.523: APAVC: WlanPAKs 42878 RadioPaks 42270
*Mar 1 00:00:13.523: Starting Ethernet promiscuous mode
*Mar 1 00:00:13.531: %LWAPP-3-CLIENTERRORLOG: Load nvram:/lwapp_ap.cfg config failed, trying backup...
*Mar 1 00:00:13.531: %LWAPP-3-CLIENTERRORLOG: Load nvram:/lwapp_ap.cfg.bak config failed...
*Mar 1 00:00:14.831: %LWAPP-4-CLIENTEVENTLOG: PnP waiting for capwap init
*Mar 1 00:00:15.507: %LINK-6-UPDOWN: Interface GigabitEthernet0, changed state to up
*Mar 1 00:00:15.571: %SYS-5-RESTART: System restarted --
Cisco IOS Software, C1700 Software (AP3G2-RCVK9W8-M), Version 15.3(3)JC, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2015 by Cisco Systems, Inc.
Compiled Fri 11-Dec-15 11:55 by prod_rel_team
*Mar 1 00:00:15.571: %SNMP-5-COLDSTART: SNMP agent on host ap is undergoing a cold start
*Mar 1 00:00:15.611: %LINK-6-UPDOWN: Interface GigabitEthernet1, changed state to up
*Mar 1 00:00:15.611: %CDP_PD-4-POWER_OK: Full power - HIGH_POWER inline power source
*Mar 1 00:00:15.623: %LWAPP-3-CLIENTERRORLOG: Load nvram:/lwapp_ap.cfg config failed, trying backup...
*Mar 1 00:00:15.623: %LWAPP-3-CLIENTERRORLOG: Load nvram:/lwapp_ap.cfg.bak config failed...
*Mar 1 00:00:15.623: spamInitRadCfg: recovery image default mode 0
lwapp_crypto_init: MIC Present and Parsed Successfully
*Mar 1 00:00:15.787: %SSH-5-ENABLED: SSH 2.0 has been enabled
*Mar 1 00:00:16.607: %LINEPROTO-5-UPDOWN: Line protocol on Interface BVI1, changed state to up
*Mar 1 00:00:17.611: %LINK-5-CHANGED: Interface GigabitEthernet1, changed state to administratively down
*Mar 1 00:00:20.431: DPAA Initialization Complete
*Mar 1 00:00:20.431: %SYS-3-HARIKARI: Process DPAA INIT top-level routine exited
*Mar 1 00:00:21.431: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0, changed state to up
*Mar 1 00:00:23.431: %LINK-6-UPDOWN: Interface BVI1, changed state to down
*Mar 1 00:00:24.431: %LINEPROTO-5-UPDOWN: Line protocol on Interface BVI1, changed state to down
*Mar 1 00:00:27.607: %LINK-6-UPDOWN: Interface BVI1, changed state to up
*Mar 1 00:00:28.607: %LINEPROTO-5-UPDOWN: Line protocol on Interface BVI1, changed state to up
*Mar 1 00:00:28.679: %DHCP-6-ADDRESS_ASSIGN: Interface BVI1 assigned DHCP address 10.50.50.102, mask 255.255.255.0, hostname AP0062.ec4b.587c
bridge-group 1 source-learning
^
% Invalid input detected at '^' marker.
%Default route without gateway, if not a point-to-point interface, may impact performance
*Mar 1 00:00:34.531: %LWAPP-3-CLIENTERRORLOG: Load nvram:/lwapp_ap.cfg config failed, trying backup...
*Mar 1 00:00:34.531: %LWAPP-3-CLIENTERRORLOG: Load nvram:/lwapp_ap.cfg.bak config failed...
*Mar 1 00:00:34.531: %CAPWAP-3-EVENTLOG: No Config Present. PNP required
*Mar 1 00:00:34.535: Cert ISSUER (39): cn=Cisco Manufacturing CA SHA2,o=Cisco
%Error opening flash:/capwap-saved-config (No such file or directory)
%Error opening flash:/capwap-saved-config-bak (No such file or directory)
Not in Bound state.
*Mar 1 00:00:53.135: %DHCP-6-ADDRESS_ASSIGN: Interface BVI1 assigned DHCP address 10.50.50.103, mask 255.255.255.0, hostname AP0062.ec4b.587c
Not in Bound state.
*Mar 1 00:01:06.083: %LWAPP-4-CLIENTEVENTLOG: Invoking capwap discovery
*Mar 1 00:01:09.155: %DHCP-6-ADDRESS_ASSIGN: Interface BVI1 assigned DHCP address 10.50.50.104, mask 255.255.255.0, hostname AP0062.ec4b.587c
Translating "CISCO-CAPWAP-CONTROLLER"...domain server (8.8.8.8)
*Mar 1 00:01:27.091: AP has SHA2 MIC certificate - Using SHA2 MIC certificate for DTLS.
*Oct 5 08:01:33.000: %CAPWAP-5-DTLSREQSEND: DTLS connection request sent peer_i
*Oct 5 08:01:34.231: %CAPWAP-5-DTLSREQSUCC: DTLS connection created sucessfully
*Oct 5 08:01:34.231: %CAPWAP-5-SENDJOIN: sending Join Request to 10.50.50.119
*Oct 5 08:01:39.231: %CAPWAP-5-SENDJOIN: sending Join Request to 10.50.50.119
ipv6 enable
^
% Invalid input detected at '^' marker.
ipv6 address autoconfig
^
% Invalid input detected at '^' marker.
ipv6 address dhcp
^
% Invalid input detected at '^' marker.
*Oct 5 08:02:32.999: %DTLS-5-SEND_ALERT: Send FATAL : Close notify Alert to 10.
*Oct 5 08:02:33.003: %LWAPP-3-CLIENTERRORLOG: Load nvram:/lwapp_ap.cfg config f
*Oct 5 08:02:33.003: %LWAPP-3-CLIENTERRORLOG: Load nvram:/lwapp_ap.cfg.bak conf
*Oct 5 08:02:33.003: spamInitRadCfg: recovery image default mode 0
*Oct 5 08:02:33.015: %LWAPP-3-CLIENTERRORLOG: Load nvram:/lwapp_ap.cfg config f
*Oct 5 08:02:33.015: %LWAPP-3-CLIENTERRORLOG: Load nvram:/lwapp_ap.cfg.bak conf
What must we do to allow the APs to join the WLC?
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Strange. Your AP is supported in 8.3 code.
ASKER
On that version the AP gets detected but seems to go in a loop. In any case I've reverted to the original WLC (v8.3.102.0) in order to get the outputs requested.
Here you go:
Here you go:
(Cisco Controller) >show sysinfo
Manufacturer's Name.............................. Cisco Systems Inc.
Product Name..................................... Cisco Controller
Product Version.................................. 8.3.102.0
RTOS Version..................................... 8.3.102.0
Bootloader Version............................... 8.3.15.96
Emergency Image Version.......................... 8.3.102.0
OUI File Update Time............................. Sun Sep 07 10:44:07 IST 2014
Build Type....................................... DATA + WPS
System Name...................................... WLC-HQ1
System Location..................................
System Contact...................................
System ObjectID.................................. 1.3.6.1.4.1.9.1.1631
IP Address....................................... 10.50.50.119
IPv6 Address..................................... ::
System Up Time................................... 0 days 0 hrs 11 mins 7 secs
System Timezone Location.........................
System Stats Realtime Interval................... 5
System Stats Normal Interval..................... 180
Configured Country............................... GB - United Kingdom
State of 802.11b Network......................... Enabled
State of 802.11a Network......................... Enabled
Number of WLANs.................................. 1
Number of Active Clients......................... 0
OUI Classification Failure Count................. 0
Burned-in MAC Address............................ 00:50:56:95:98:99
Maximum number of APs supported.................. 200
System Nas-Id....................................
WLC MIC Certificate Types........................ SHA1
Licensing Type................................... RTU
vWLC config...................................... Small
(Cisco Controller) >show run-config commands
802.11a 11nSupport a-mpdu tx scheduler enable
802.11a 11nSupport a-mpdu tx scheduler timeout rt 10
802.11a 11nSupport a-mpdu tx scheduler timeout nrt 200
802.11a 11nSupport a-msdu max-subframes 3
802.11b 11nSupport a-msdu max-subframes 3
802.11a 11nSupport a-msdu max-length 8k
802.11b 11nSupport a-msdu max-length 8k
802.11a 11nSupport mcs tx 8 disable
802.11a 11nSupport mcs tx 9 disable
802.11a beacon range 0
802.11a rx-sop threshold auto default
802.11a cca threshold 0 default
802.11a multicast buffer 0
802.11a multicast data-rate 0 default
802.11a cac video cac-method static
802.11a max-clients 200
802.11a dfs-peakdetect enable
802.11b 11nSupport a-mpdu tx scheduler enable
802.11b 11nSupport a-mpdu tx scheduler timeout rt 10
802.11b 11nSupport a-mpdu tx scheduler timeout nrt 200
802.11b beacon range 0
802.11b rx-sop threshold auto default
802.11b cca threshold 0 default
802.11b multicast buffer 0
802.11b multicast data-rate 0 default
802.11b cac video cac-method static
802.11b max-clients 200
802.11h channelswitch enable loud
aaa auth mgmt local radius
acl url-acl disable
flexconnect fallback-radio-shut disable
advanced 802.11a channel dca interval 0
advanced 802.11a channel dca startup-interval 0
advanced 802.11a channel dca anchor-time 0
advanced 802.11a channel dca chan-width 20
advanced 802.11a channel dca best-width-max 80
advanced 802.11a channel dca sensitivity 15
advanced 802.11a channel dca min-metric -95
advanced 802.11b channel dca interval 0
advanced 802.11b channel dca startup-interval 0
advanced 802.11b channel dca anchor-time 0
advanced 802.11b channel dca sensitivity 10
advanced 802.11b channel dca min-metric -95
location info rogue extended
location rssi-half-life tags 0
location rssi-half-life client 0
location rssi-half-life rogue-aps 0
location expiry tags 5
location expiry client 5
location expiry calibrating-client 5
location expiry rogue-aps 5
advanced 802.11b client-network-preference default
advanced 802.11a client-network-preference default
advanced backup-controller primary
advanced backup-controller secondary
advanced backup-controller
advanced backup-controller
advanced sip-snooping-ports 0 0
advanced eap bcast-key-interval 3600
advanced 802.11-abgn pak-rssi-location threshold -100
advanced 802.11-abgn pak-rssi-location trigger-threshold 10
advanced 802.11-abgn pak-rssi-location reset-threshold 8
advanced 802.11-abgn pak-rssi-location ntp 178.79.162.34
advanced 802.11-abgn pak-rssi-location timeout 3
advanced hotspot cmbk-delay 1
Cisco Public Safety is not allowed to set in this domain
ap syslog host global ::
ap dtls-cipher-suite RSA-AES128-SHA
ap dtls-wlc-mic sha2
cdp advertise-v2 enable
country GB
cts sxp disable
cts sxp connection default password ****
cts sxp retry period 120
cts sxp sxpversion 2
database size 2048
dhcp opt-82 remote-id ap-mac
qos qosmap disable
qos qosmap trust-dscp-upstream disable
flexconnect group default-flex-group add
flexconnect group default-flex-group radius ap server-key <hidden>
flexconnect group default-flex-group radius ap authority id 436973636f0000000000000000000000
flexconnect group default-flex-group radius ap authority info Cisco A_ID
flexconnect group default-flex-group http-proxy ip-address 0.0.0.0 http-proxy port 0
flexconnect group default-flex-group template-vlan-map add none
local-auth method fast server-key ****
interface address management 10.50.50.119 255.255.255.0 10.50.50.254
interface address virtual 1.1.1.1
interface dhcp management primary 10.10.10.1
nasid apgroup default-group
wlan nasid none 1
interface port management 1
mdns snooping disable
mdns policy service-group create "default-mdns-policy" "Default Access Policy created by WLC"
mdns policy service-group user-role add default-mdns-policy admin
mdns profile create "default-mdns-profile"
mdns service create "AirTunes" _raop._tcp.local. origin All LSS disable query disable
mdns service create "Airplay" _airplay._tcp.local. origin All LSS disable query disable
mdns service create "Googlecast" _googlecast._tcp.local. origin All LSS disable query disable
mdns service create "HP_Photosmart_Printer_1" _universal._sub._ipp._tcp.local. origin All LSS disable query enable
mdns service create "HP_Photosmart_Printer_2" _cups._sub._ipp._tcp.local. origin All LSS disable query enable
mdns service create "HomeSharing" _home-sharing._tcp.local. origin All LSS disable query enable
mdns service create "Printer-IPP" _ipp._tcp.local. origin All LSS disable query disable
mdns service create "Printer-IPPS" _ipps._tcp.local. origin All LSS disable query disable
mdns service create "Printer-LPD" _printer._tcp.local. origin All LSS disable query disable
mdns service create "Printer-SOCKET" _pdl-datastream._tcp.local. origin All LSS disable query disable
mdns profile service add "default-mdns-profile" "AirTunes"
mdns profile service add "default-mdns-profile" "Airplay"
mdns profile service add "default-mdns-profile" "Googlecast"
mdns profile service add "default-mdns-profile" "HP_Photosmart_Printer_1"
mdns profile service add "default-mdns-profile" "HP_Photosmart_Printer_2"
mdns profile service add "default-mdns-profile" "HomeSharing"
mdns profile service add "default-mdns-profile" "Printer-IPP"
mdns profile service add "default-mdns-profile" "Printer-IPPS"
mdns profile service add "default-mdns-profile" "Printer-LPD"
mdns profile service add "default-mdns-profile" "Printer-SOCKET"
mdns query interval 15
wlan mdns disable 1
ipv6 ra-guard ap enable
ipv6 capwap udplite enable all
ipv6 multicast mode unicast
load-balancing aggressive enable
load-balancing window 5
wlan apgroup add default-group
wlan apgroup qinq tagging eap-sim-aka default-group enable
wlan apgroup interface-mapping add default-group 1 management
wlan apgroup nac-snmp disable default-group 1
memory monitor errors enable
memory monitor leak thresholds 10000 30000
Outdoor Mesh Ext.UNII B Domain channels: Disable
mesh security rad-mac-filter disable
mesh security rad-mac-filter disable
mesh security eap
mesh background-scanning disable
mesh backhaul rrm disable
mesh backhaul rrm auto-rf global
mesh lsc advanced ap-provision open-window enable
mgmtuser add admin **** read-write
mgmtuser termination-interval 0
mobility group domain Charlies
mobility group member hash 10.50.50.119 92371b2887a532e211e552bfd6e7f7a7d7305f16
mobility dscp 0
network dns serverip 10.50.50.8
network http-proxy ip 0.0.0.0
network http-proxy Port 80
network secureweb csrfcheck enable
network multicast igmp snooping enable
network multicast mld snooping enable
network profiling http-port 80
network ap-priority disabled
network rf-network-name Charlies
network secureweb cipher-option rc4-preference disable
network client-ip-conflict-detection disable
paging disable
pmipv6 mag binding maximum AP 250
qos protocol-type bronze dot1p
qos protocol-type silver dot1p
qos protocol-type gold dot1p
qos protocol-type platinum dot1p
qos priority bronze background background background
qos priority gold video video video
qos priority platinum voice voice voice
qos priority silver besteffort besteffort besteffort
qos dot1p-tag silver 0
qos dot1p-tag gold 4
qos dot1p-tag platinum 5
radius callStationIdType macaddr
radius auth callStationIdType ap-macaddr-ssid
radius fallback-test mode passive
radius fallback-test username cisco-probe
radius fallback-test interval 300
radius dns serverip 10.50.50.8
radius dns disable
radius dns auth network enable
radius dns auth management enable
radius dns acct network enable
radius dns auth rfc3576 disable
tacacs dns serverip 10.50.50.8
tacacs dns disable
rogue detection report-interval 10
rogue detection min-rssi -90
rogue detection transient-rogue-interval 0
rogue detection client-threshold 0
rogue detection security-level custom
rogue ap aaa-auth disable
rogue ap aaa-auth polling-interval 0
rogue ap ssid alarm
rogue ap valid-client alarm
rogue adhoc enable
rogue adhoc alert
rogue ap rldp disable
rogue ap rldp schedule disable
rogue auto-contain level 1
rogue containment flex-connect disable
rogue containment auto-rate disable
rogue client aaa disable
rogue client mse disable
serial baudrate 38400
snmp version v2c enable
snmp version v3 enable
snmp snmpEngineId 00003763000098997732320a
snmp community ipsec ike auth-mode pre-shared-key ****
switchconfig strong-pwd case-check enabled
switchconfig strong-pwd consecutive-check enabled
switchconfig strong-pwd default-check enabled
switchconfig strong-pwd username-check enabled
switchconfig strong-pwd position-check disabled
switchconfig strong-pwd case-digit-check disabled
switchconfig strong-pwd minimum upper-case 0
switchconfig strong-pwd minimum lower-case 0
switchconfig strong-pwd minimum digits-chars 0
switchconfig strong-pwd minimum special-chars 0
switchconfig strong-pwd min-length 3
sysname WLC-HQ1
stats-timer realtime 5
stats-timer normal 180
tacacs fallback-test interval 0
time ntp interval 604800
time ntp server 1 178.79.162.34
rf-profile create 802.11a High-Client-Density-802.11a
rf-profile create 802.11b High-Client-Density-802.11bg
rf-profile create 802.11a Low-Client-Density-802.11a
rf-profile create 802.11b Low-Client-Density-802.11bg
rf-profile create 802.11a Typical-Client-Density-802.11a
rf-profile create 802.11b Typical-Client-Density-802.11bg
rf-profile tx-power-min 7 High-Client-Density-802.11a
rf-profile tx-power-min 7 High-Client-Density-802.11bg
rf-profile tx-power-control-thresh-v1 -65 High-Client-Density-802.11a
rf-profile tx-power-control-thresh-v1 -60 Low-Client-Density-802.11a
rf-profile tx-power-control-thresh-v1 -65 Low-Client-Density-802.11bg
rf-profile data-rates 802.11a disabled 6 High-Client-Density-802.11a
rf-profile data-rates 802.11a disabled 9 High-Client-Density-802.11a
rf-profile data-rates 802.11a mandatory 12 High-Client-Density-802.11a
rf-profile data-rates 802.11a supported 18 High-Client-Density-802.11a
rf-profile data-rates 802.11a mandatory 24 High-Client-Density-802.11a
rf-profile data-rates 802.11a supported 36 High-Client-Density-802.11a
rf-profile data-rates 802.11a supported 48 High-Client-Density-802.11a
rf-profile data-rates 802.11a supported 54 High-Client-Density-802.11a
rf-profile data-rates 802.11b disabled 1 High-Client-Density-802.11bg
rf-profile data-rates 802.11b disabled 2 High-Client-Density-802.11bg
rf-profile data-rates 802.11b disabled 5.5 High-Client-Density-802.11bg
rf-profile data-rates 802.11b disabled 11 High-Client-Density-802.11bg
rf-profile data-rates 802.11b disabled 6 High-Client-Density-802.11bg
rf-profile data-rates 802.11b supported 9 High-Client-Density-802.11bg
rf-profile data-rates 802.11b mandatory 12 High-Client-Density-802.11bg
rf-profile data-rates 802.11b supported 18 High-Client-Density-802.11bg
rf-profile data-rates 802.11b supported 24 High-Client-Density-802.11bg
rf-profile data-rates 802.11b supported 36 High-Client-Density-802.11bg
rf-profile data-rates 802.11b supported 48 High-Client-Density-802.11bg
rf-profile data-rates 802.11a mandatory 6 Low-Client-Density-802.11a
rf-profile data-rates 802.11a supported 9 Low-Client-Density-802.11a
rf-profile data-rates 802.11a mandatory 12 Low-Client-Density-802.11a
rf-profile data-rates 802.11a supported 18 Low-Client-Density-802.11a
rf-profile data-rates 802.11a mandatory 24 Low-Client-Density-802.11a
rf-profile data-rates 802.11a supported 36 Low-Client-Density-802.11a
rf-profile data-rates 802.11a supported 48 Low-Client-Density-802.11a
rf-profile data-rates 802.11a supported 54 Low-Client-Density-802.11a
rf-profile data-rates 802.11b mandatory 1 Low-Client-Density-802.11bg
rf-profile data-rates 802.11b mandatory 2 Low-Client-Density-802.11bg
rf-profile data-rates 802.11b mandatory 5.5 Low-Client-Density-802.11bg
rf-profile data-rates 802.11b mandatory 11 Low-Client-Density-802.11bg
rf-profile data-rates 802.11b supported 6 Low-Client-Density-802.11bg
rf-profile data-rates 802.11b supported 9 Low-Client-Density-802.11bg
rf-profile data-rates 802.11b supported 12 Low-Client-Density-802.11bg
rf-profile data-rates 802.11b supported 18 Low-Client-Density-802.11bg
rf-profile data-rates 802.11b supported 24 Low-Client-Density-802.11bg
rf-profile data-rates 802.11b supported 36 Low-Client-Density-802.11bg
rf-profile data-rates 802.11b supported 48 Low-Client-Density-802.11bg
rf-profile data-rates 802.11a mandatory 6 Typical-Client-Density-802.11a
rf-profile data-rates 802.11a supported 9 Typical-Client-Density-802.11a
rf-profile data-rates 802.11a mandatory 12 Typical-Client-Density-802.11a
rf-profile data-rates 802.11a supported 18 Typical-Client-Density-802.11a
rf-profile data-rates 802.11a mandatory 24 Typical-Client-Density-802.11a
rf-profile data-rates 802.11a supported 36 Typical-Client-Density-802.11a
rf-profile data-rates 802.11a supported 48 Typical-Client-Density-802.11a
rf-profile data-rates 802.11a supported 54 Typical-Client-Density-802.11a
rf-profile data-rates 802.11b disabled 1 Typical-Client-Density-802.11bg
rf-profile data-rates 802.11b disabled 2 Typical-Client-Density-802.11bg
rf-profile data-rates 802.11b disabled 5.5 Typical-Client-Density-802.11bg
rf-profile data-rates 802.11b disabled 11 Typical-Client-Density-802.11bg
rf-profile data-rates 802.11b disabled 6 Typical-Client-Density-802.11bg
rf-profile data-rates 802.11b supported 9 Typical-Client-Density-802.11bg
rf-profile data-rates 802.11b mandatory 12 Typical-Client-Density-802.11bg
rf-profile data-rates 802.11b supported 18 Typical-Client-Density-802.11bg
rf-profile data-rates 802.11b supported 24 Typical-Client-Density-802.11bg
rf-profile data-rates 802.11b supported 36 Typical-Client-Density-802.11bg
rf-profile data-rates 802.11b supported 48 Typical-Client-Density-802.11bg
rf-profile rx-sop threshold medium High-Client-Density-802.11a
rf-profile rx-sop threshold medium High-Client-Density-802.11bg
rf-profile rx-sop threshold low Low-Client-Density-802.11a
rf-profile rx-sop threshold low Low-Client-Density-802.11bg
rf-profile coverage data -90 Low-Client-Density-802.11a
rf-profile coverage data -90 Low-Client-Density-802.11bg
rf-profile coverage voice -90 Low-Client-Density-802.11a
rf-profile coverage voice -90 Low-Client-Density-802.11bg
rf-profile coverage exception 2 Low-Client-Density-802.11a
rf-profile coverage exception 2 Low-Client-Density-802.11bg
rf-profile client-network-preference default High-Client-Density-802.11a
rf-profile client-network-preference default High-Client-Density-802.11bg
rf-profile client-network-preference default Low-Client-Density-802.11a
rf-profile client-network-preference default Low-Client-Density-802.11bg
rf-profile client-network-preference default Typical-Client-Density-802.11a
rf-profile client-network-preference default Typical-Client-Density-802.11bg
trapflags client nac-alert enable
trapflags client webAuthUserLogin enable
trapflags client webAuthUserLogout enable
trapflags ap ssidKeyConflict disable
trapflags ap timeSyncFailure disable
trapflags mfp disable
trapflags adjchannel-rogueap disable
trapflags mesh excessive hop count disable
trapflags mesh sec backhaul change disable
trapflags mesh psk auth failure disable
wlan create 1 Charlies_SSID Charlies_SSID
wlan nac snmp disable 1
wlan nac radius disable 1
wlan multicast interface 1 disable
wlan band-select allow disable 1
wlan load-balance allow disable 1
wlan assisted-roaming prediction disable 1
wlan assisted-roaming neighbor-list enable 1
wlan assisted-roaming dual-list disable 1
wlan dms enable 1
wlan bssmaxidle enable 1
wlan bss-transition disassociation-imminent timer 200 1
wlan bss-transition disassociation-imminent oproam-timer 40 1
wlan multicast buffer disable 0 1
wlan session-timeout 1 1800
wlan flexconnect local-switching 1 enable
wlan flexconnect learn-ipaddr 1 enable
wlan wgb broadcast-tagging disable 1
wlan security splash-page-web-redir disable 1
wlan security wpa akm 802.1x enable 1
wlan security wpa akm cckm timestamp-tolerance 1000 1
wlan security ft adaptive enable 1
wlan security wpa gtk-random disable 1
wlan security pmf association-comeback 1 1
wlan security pmf saquery-retrytimeout 200 1
wlan profiling radius dhcp disable 1
wlan profiling radius http disable 1
wlan enable 1
WMM-AC disabled
HS2 QOS disabled
coredump disable
media-stream multicast-direct disable
media-stream message url
media-stream message email
media-stream message phone
media-stream message note denial
media-stream message state disable
802.11a media-stream multicast-direct enable
802.11b media-stream multicast-direct enable
802.11a media-stream multicast-direct radio-maximum 0
802.11b media-stream multicast-direct radio-maximum 0
802.11a media-stream multicast-direct client-maximum 0
802.11b media-stream multicast-direct client-maximum 0
802.11a media-stream multicast-direct admission-besteffort disable
802.11b media-stream multicast-direct admission-besteffort disable
802.11a media-stream video-redirect enable
802.11b media-stream video-redirect enable
ipv6 neighbor-binding timers reachable-lifetime 300
ipv6 neighbor-binding timers stale-lifetime 86400
ipv6 neighbor-binding timers down-lifetime 30
ipv6 neighbor-binding ra-throttle disable
ipv6 neighbor-binding ra-throttle allow at-least 1 at-most 1
ipv6 neighbor-binding ra-throttle max-through 10
ipv6 neighbor-binding ra-throttle throttle-period 600
ipv6 neighbor-binding ra-throttle interval-option passthrough
ipv6 ns-mcast-fwd disable
ipv6 na-mcast-fwd enable
ipv6 enable
nmheartbeat disable
ipv6 slaac service-port disable
sys-nas
tunnel eogre heart-beat interval 60
tunnel eogre heart-beat primary-fallback-timeout 30
tunnel eogre heart-beat max-skip-count 3
cloud-services wsa mode Disable
WSA Backhaul SSID
WSA Backhaul Username
WSA Backhaul Authentication Type psk
Eap Type ........................................ <none>
cloud-services server url https://data.cmxcisco.com
cloud-services cmx disabled
WLAN Express Setup - False
Flex Avc Profile Configuration
Peer_IP Peer_Role Peer_Status Peer_Upg_Status Peer_version
----------------------------------------------------------------------------------------------
Internal Error
Internal Error
Internal Error
Internal Error
config hitLess-upgrade start grouping
Peer_IP Peer_Role Peer_Status Peer_Upg_Status Peer_version
-----------------------------------------------------------------------------------------------
config hitLess-upgrade abort
(Cisco Controller) >show intefac rface summary
Number of Interfaces.......................... 3
Interface Name Port Vlan Id IP Address Type Ap Mgr Guest
-------------------------------- ---- -------- --------------- ------- ------ -----
management 1 untagged 10.50.50.119 Static Yes N/A
service-port N/A N/A 0.0.0.0 DHCP No N/A
virtual N/A N/A 1.1.1.1 Static No N/A
(Cisco Controller) >show interface detailed management
Interface Name................................... management
MAC Address...................................... 00:50:56:95:98:99
IP Address....................................... 10.50.50.119
IP Netmask....................................... 255.255.255.0
IP Gateway....................................... 10.50.50.254
External NAT IP State............................ Disabled
External NAT IP Address.......................... 0.0.0.0
Link Local IPv6 Address.......................... fe80::250:56ff:fe95:9899/64
STATE ........................................... REACHABLE
Primary IPv6 Address............................. ::/128
STATE ........................................... NONE
Primary IPv6 Gateway............................. ::
Primary IPv6 Gateway Mac Address................. 00:00:00:00:00:00
STATE ........................................... INCOMPLETE
VLAN............................................. untagged
Quarantine-vlan.................................. 0
Physical Port.................................... 1
DHCP Proxy Mode.................................. Global
Primary DHCP Server.............................. 10.10.10.1
Secondary DHCP Server............................ Unconfigured
DHCP Option 82................................... Disabled
DHCP Option 82 bridge mode insertion............. Disabled
IPv4 ACL......................................... Unconfigured
IPv6 ACL......................................... Unconfigured
URL ACL.......................................... Unconfigured
mDNS Profile Name................................ Unconfigured
AP Manager....................................... Yes
Guest Interface.................................. N/A
L2 Multicast..................................... Enabled
(Cisco Controller) >show time
Time............................................. Wed Oct 5 10:07:46 2016
Timezone delta................................... 0:0
Timezone location................................
NTP Servers
NTP Polling Interval......................... 604800
Index NTP Key Index NTP Server Status NTP Msg Auth Status
------- ----------------------------------------------------------------------------------------------
1 0 178.79.162.34 In Sync AUTH DISABLED
(Cisco Controller) >show ap join stats summary all
Number of APs.............................................. 4
Base Mac AP EthernetMac AP Name IP Address Status
00:62:ec:4b:58:7c N A AP0062.ec4b.587c 10.50.50.104 Not Joined
05:d0:f4:57:00:00 N A N A 10.50.50.103 Not Joined
79:cf:f4:57:00:00 N A N A 10.50.50.103 Not Joined
91:d0:f4:57:00:00 N A N A 10.50.50.103 Not Joined
(Cisco Controller) >
ASKER
We now have 4 of the 6 APs working using WLC v8.0.140, but the remaining two won't connect with the following error:
One of them was working previously but had a factory reset; the other is out of the box. I will ask another question if necessary.
Oct 5 15:48:06.000: %CAPWAP-5-DTLSREQSEND: DTLS connection request sent peer_ip: 10.50.50.119 peer_port: 5246
*Oct 5 15:48:35.999: DTLS_CLIENT_ERROR: ../capwap/base_capwap/dtls/base_capwap_dtls_connection_db.c:2214 Max retransmission count reached for Connection 0x7C58280!
One of them was working previously but had a factory reset; the other is out of the box. I will ask another question if necessary.
Can you do a debug from the WLC CLI?
debug capwap events enable
debug capwap packet enable
debug capwap events enable
debug capwap packet enable
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Solved problem myself, with some assistance
ASKER
I will post the outputs shortly if the problem persists, or update if resolved.