Aironet 1010 lightweight Access Point with 2106 WLAN Controll

Unanswered Question
Aug 8th, 2007
User Badges:

please can someone tell me How can I discover and configure Aironet 1010 lightweight Access Point using 2106 Wireless LAN Controller.

thks...

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 3 (1 ratings)
Loading.
ankbhasi Wed, 08/08/2007 - 08:12
User Badges:
  • Cisco Employee,

Hi Friend,


I believe you must have configured your 2106 controller with management interface ip address,mask and gateway and vlan number.


Then connect your AP to switch on same vlan what you have configured on management interface on your controller and your APs should join controller.


HTH


Ankur


*Pls rate all helpfull post

nkila_lna Wed, 08/08/2007 - 08:38
User Badges:

thanks Ankur for your help


I am using untagged vlan so its number is = 0 ? and I am using this config

AP1010 ===port8===== TO WLC2106

AP1010======port7=== TO WLC2106


Is it necessary to work in tagged mode with vlan

number 1 or 2 in order to make it work ?


I send you below the parameters we entered during the setup of our WLC2106 :


Management Interface IP Address: 172.18.124.200

Management Interface Netmask: 255.255.0.0

Management Interface Default Router: 172.18.124.199

Management Interface VLAN Identifier (0 = untagged): 0

Management Interface Port Num [1 to 8]: 1

Management Interface DHCP Server IP Address: 172.18.124.200

AP Manager Interface IP Address: 172.18.124.201

AP-Manager is on Management subnet, using same values

AP Manager Interface DHCP Server (172.18.124.200): 172.18.124.200

Virtual Gateway IP Address: 1.1.1.1

Mobility/RF Group Name: mrf

Network Name (SSID): atm

Allow Static IP Addresses [YES][no]: no

Configure a RADIUS Server now? [YES][no]: no

Warning! The default WLAN security policy requires a RADIUS server.

Please see documentation for more details.

Enter Country Code (enter 'help' for a list of countries) [US]: us

Enable 802.11b Network [YES][no]: yes

Enable 802.11a Network [YES][no]: yes

Enable 802.11g Network [YES][no]: yes

Enable Auto-RF [YES][no]: yes

ankbhasi Wed, 08/08/2007 - 08:42
User Badges:
  • Cisco Employee,

Hi Friend,


You can keep it untagg but on switch you might have configured some native vlan correct? I believe you must be aware theat you need to have trunk between controller and switch?


So whatever native vlan you have configured on controller connect your APs on switch on same vlan.


HTH


Ankur


*Pls rate all helpfull post

nkila_lna Wed, 08/08/2007 - 09:05
User Badges:

hi friend ankur

i m not using switch at all because ap 1010 are connected directely to wlc 2106(of course i will use switch later in order to deploy this installation )

so is it necesary to use a switch ? or i can configure ap 1010 and wlc without a switch ?

thanks for your help

ankbhasi Thu, 08/09/2007 - 07:44
User Badges:
  • Cisco Employee,

Hi Friend,


All you need to do is create an internal DHCP scope (that the management ip address is in) on the controller and the controller will hand out DHCP ip addresses for the Aps that are directly connected to it.


Use the management ip address for the DHCP server ip address on the management and ap-manager interfaces and define a local DHCP scope.


HTH


Ankur


*Pls rate all helpfull post

nkila_lna Thu, 08/09/2007 - 09:14
User Badges:

hi friend,

thank you for your reply,

i try this solution but it dosn't work plz see debug.

i create dhcp scope 25.0.0.20 to 25.0.0.30 with interface management is 25.0.0.25.

i give dhcp server for ap-manager and managment interface 25.0.0.25.

and i have this debug result:

(Cisco Controller) >Thu Aug 9 17:07:44 2007: 00:0b:85:90:fc:d0 Received LWAPP J

OIN REQUEST from AP 00:0b:85:90:fc:d0 to 00:1a:6c:91:df:47 on port '8'

Thu Aug 9 17:07:44 2007: 00:0b:85:90:fc:d0 AP ap:90:fc:d0: txNonce 00:1A:6C:91

:DF:40 rxNonce 00:0B:85:90:FC:D0

Thu Aug 9 17:07:44 2007: 00:0b:85:90:fc:d0 LWAPP Join-Request MTU path from AP

00:0b:85:90:fc:d0 is 1500, remote debug mode is 0

Thu Aug 9 17:07:44 2007: 00:0b:85:90:fc:d0 Successfully added NPU Entry for AP

00:0b:85:90:fc:d0 (index 58)

Switch IP: 25.0.0.26, Switch Port: 12223, intIfNum 8, vlanId 0

AP IP: 25.1.2.4, AP Port: 4045, next hop MAC: 00:0b:85:90:fc:d0

Thu Aug 9 17:07:44 2007: 00:0b:85:90:fc:d0 Successfully transmission of LWAPP J

oin-Reply to AP 00:0b:85:90:fc:d0

Thu Aug 9 17:07:44 2007: 00:0b:85:90:fc:d0 Register LWAPP event for AP 00:0b:85

:90:fc:d0 slot 0

Thu Aug 9 17:07:44 2007: 00:0b:85:90:fc:d0 Register LWAPP event for AP 00:0b:85

:90:fc:d0 slot 1

Thu Aug 9 17:07:45 2007: 00:0b:85:90:fc:d0 Received LWAPP CONFIGURE REQUEST fro

m AP 00:0b:85:90:fc:d0 to 00:1a:6c:91:df:47

Thu Aug 9 17:07:45 2007: 00:0b:85:90:fc:d0 Updating IP info for AP 00:0b:85:90:

fc:d0 -- static 1, 25.1.2.4/255.0.0.0, gtw 25.25.25.25

Thu Aug 9 17:07:45 2007: spamVerifyRegDomain RegDomain set for slot 0 code 1 re

gstring -E regDfromCb -A

Thu Aug 9 17:07:45 2007: 00:0b:85:90:fc:d0 AP 00:0b:85:90:fc:d0: 80211a Regulat

ory Domain (-E) does not match with country (US ) reg. domain -A for the slot 0


Thu Aug 9 17:07:45 2007: spamVerifyRegDomain RegDomain set for slot 1 code 1 re

gstring -E regDfromCb -A

Thu Aug 9 17:07:45 2007: 00:0b:85:90:fc:d0 AP 00:0b:85:90:fc:d0: 80211bg Regula

tory Domain (-E) does not match with country (US ) reg. domain -A for the slot

1

Thu Aug 9 17:07:45 2007: spamVerifyRegDomain AP RegDomain check for the country

US failed

Thu Aug 9 17:07:45 2007: 00:0b:85:90:fc:d0 AP 00:0b:85:90:fc:d0: Regulatory Dom

ain check Completely FAILED The AP will not be allowed to join

Thu Aug 9 17:07:45 2007: 00:0b:85:90:fc:d0 apfSpamProcessStateChangeInSpamConte

xt: Deregister LWAPP event for AP 00:0b:85:90:fc:d0 slot 0

Thu Aug 9 17:07:45


thank you for your help,

ankbhasi Thu, 08/09/2007 - 21:11
User Badges:
  • Cisco Employee,

Hi Friend,


So now we find out the reason. There is a mismatch regulatory domain. From your debugs "80211bg Regula

tory Domain (-E) does not match with country (US ) reg. domain -A for the slot

1"


If you see your AP b/g radio is configured for UK and your controller is configured for US domain and is the reason AP is not joining.


Change it accordingly and you will be good to go.


HTH


Ankur


*Pls rate all helpfull post

nkila_lna Fri, 08/10/2007 - 02:48
User Badges:

hi friend,

thank you for your reply.

now the APs take address from controller :

(Cisco Controller) >show dhcp leases


MAC IP Lease Time Remaining

00:0b:85:90:fc:d0 25.0.0.21 23 hours 59 minutes 31 seconds

00:0b:85:90:ef:60 25.0.0.20 23 hours 59 minutes 20 seconds


but i can't ping from controller to APs how can i do to ping and get access to AP web interface to manage AP.


(Cisco Controller) >ping 25.0.0.21

Send count=3, Receive count=0 from 25.0.0.21

(Cisco Controller) >ping 25.0.0.20

Send count=3, Receive count=0 from 25.0.0.20


thank you for your help,

ankbhasi Fri, 08/10/2007 - 07:34
User Badges:
  • Cisco Employee,

Hi Friend,


You will never be able to access the AP via WEB GUI as in controller base architecture APs are always manageable by controller and not manageable individually.


Also your APs have not yet joined controller because there is a domain name mismatch as I stated in my last post. So first make the domain name name on controller and AP by changing country setting in controller to UK and then your AP will join controller and then from controller GUI you can manage AP.


HTH


Ankur


*Pls rate all helpfull post

nkila_lna Fri, 08/10/2007 - 08:11
User Badges:

Hi Friend,


i config controller country with Fr cuz UK not supported by 2106, the aps take here address from dhcp internal but i can't ping or get access web to manage my APs.

how can i manage my APs via WEB GUI from controller.


thnks

nkila_lna Fri, 08/10/2007 - 10:30
User Badges:

Hi Ankur


please have a look to this debug output capture from our WLC and tell me how to fix this authentication issue ,a s it seems to me


thanks a lot



(Cisco Controller) >

(Cisco Controller) >

(Cisco Controller) >debug client 00:08:a1:a9:bc:da



i Aug 10 18:29:20 2007: 00:08:a1:a9:bc:da 802.1x 'txWhen' Timer expired for st

ation 00:08:a1:a9:bc:da

Fri Aug 10 18:29:20 2007: 00:08:a1:a9:bc:da dot1x - moving mobile 00:08:a1:a9:bc

:da into Connecting state

Fri Aug 10 18:29:20 2007: 00:08:a1:a9:bc:da Sending EAP-Request/Identity to mobi

le 00:08:a1:a9:bc:da (EAP Id 2)

Fri Aug 10 18:29:21 2007: 00:08:a1:a9:bc:da 802.1x 'txWhen' Timer expired for st

ation 00:08:a1:a9:bc:da

Fri Aug 10 18:29:21 2007: 00:08:a1:a9:bc:da dot1x - moving mobile 00:08:a1:a9:bc

:da into Connecting state

Fri Aug 10 18:29:21 2007: 00:08:a1:a9:bc:da Sending EAP-Request/Identity to mobi

le 00:08:a1:a9:bc:da (EAP Id 3)

Fri Aug 10 18:29:22 2007: 00:08:a1:a9:bc:da 802.1x 'txWhen' Timer expired for st

ation 00:08:a1:a9:bc:da

Fri Aug 10 18:29:22 2007: 00:08:a1:a9:bc:da dot1x - moving mobile 00:08:a1:a9:bc

:da into Connecting state

Fri Aug 10 18:29:22 2007: 00:08:a1:a9:bc:da Sending EAP-Request/Identity to mobi

le 00:08:a1:a9:bc:da (EAP Id 4)

Fri Aug 10 18:29:23 2007: 00:08:a1:a9:bc:da 802.1x 'txWhen' Timer expired for st

ation 00:08:a1:a9:bc:da

Fri Aug 10 18:29:23 2007: 00:08:a1:a9:bc:da dot1x - moving mobile 00:08:a1:a9:bc

:da into Connecting state

Fri Aug 10 18:29:23 2007: 00:08:a1:a9:bc:da Sending EAP-Request/Identity to mobi

le 00:08:a1:a9:bc:da (EAP Id 5)




Actions

This Discussion

 

 

Trending Topics: Other Wireless Mobility

client could not be authenticated
Network Analysis Module (NAM) Products
Cisco 6500 nam
reason 440 driver failure
Cisco password cracker
Cisco Wireless mode