cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
7965
Views
0
Helpful
32
Replies

AP NOT GETTING JOIN RESPONSE??

mbaylis
Level 1
Level 1

Hi, I have just connected my 1130ag ap to the network noticed that it can not get a Join response. as follows;

bymydesk#

*Mar 1 00:00:25.294: %LWAPP-5-CHANGED: LWAPP changed state to DISCOVERY

*Mar 1 00:00:35.698: LWAPP_CLIENT_ERROR_DEBUG: spamHandleDiscoveryTimer : Found the disco

very response from MASTER Mwar

*Mar 1 00:00:35.707: %LWAPP-5-CHANGED: LWAPP changed state to JOIN

*Mar 1 00:00:40.707: LWAPP_CLIENT_ERROR_DEBUG: spamHandleJoinTimer: Did not recieve the J

oin response

*Mar 1 00:00:40.707: LWAPP_CLIENT_ERROR_DEBUG: No more AP manager IP addresses remain.

*Mar 1 00:00:40.746: %SYS-5-RELOAD: Reload requested by LWAPP CLIENT. Reload Reason: DID

NOT GET JOIN RESPONSE.

*Mar 1 00:00:40.746: %LWAPP-5-CHANGED: LWAPP changed state to DOWNXmodem file system is

I have looked in the forum and other people have had the problem and have indicated it could be a date time issue. I have set the date and time but when I do a "show Auth-list" i get nothing back like the following;

(Cisco Controller) >show auth-list

(Cisco Controller) >

can anyone help please, i am not sure what else to do

1 Accepted Solution

Accepted Solutions

Glad to help.

-Scott
*** Please rate helpful posts ***

View solution in original post

32 Replies 32

Rob Huffman
Hall of Fame
Hall of Fame

Hi Martin,

Have a look at these two docs for some good tips;

http://www.cisco.com/en/US/tech/tk722/tk809/technologies_tech_note09186a008072d9a1.shtml#prob

Self-Signed Certificate Manual Addition to the Controller for LWAPP-Converted APs

http://www.cisco.com/en/US/products/ps7206/products_configuration_example09186a00806a426c.shtml

Hope this helps!

Rob

Hi Rob,

Thanks for the advice, looked into great detail on these docs but still no joy. When I do a sh auth-list the controller comes back blank, I have checked and ssc is enabled but when trying to add the AP mac and key hash, i'm having problems, as i can not find the the key hash using the "debug pm pki enable". as per below;

(Cisco Controller) >Thu Jun 5 09:55:41 2008: Received a message from AP of length 83 on i

nteface = 1

Thu Jun 5 09:55:41 2008: Entered spamGetLCBFromMac file spam_lrad.c line 472**

Thu Jun 5 09:55:41 2008: 00:19:06:73:30:90 Received LWAPP DISCOVERY REQUEST from AP 00:19

:06:73:30:90 to 00:19:aa:72:2b:40 on port '1'

Thu Jun 5 09:55:41 2008: Entered spamGetLCBFromMac file spam_lrad.c line 1046**

Thu Jun 5 09:55:41 2008: 00:19:e8:af:e6:45 Successful transmission of LWAPP Discovery-Res

ponse to AP 00:19:06:73:30:90 on Port 1

Thu Jun 5 09:57:04 2008: Received a message from AP of length 83 on inteface = 1

Thu Jun 5 09:57:04 2008: Entered spamGetLCBFromMac file spam_lrad.c line 472**

Thu Jun 5 09:57:04 2008: 00:19:06:73:30:90 Received LWAPP DISCOVERY REQUEST from AP 00:19

:06:73:30:90 to 00:19:aa:72:2b:40 on port '1'

Thu Jun 5 09:57:04 2008: Entered spamGetLCBFromMac file spam_lrad.c line 1046**

Thu Jun 5 09:57:04 2008: 00:19:e8:af:e6:45 Successful transmission of LWAPP Discovery-Res

ponse to AP 00:19:06:73:30:90 on Port 1

Thu Jun 5 09:57:29 2008: sshpmExtKeyCallback: called with Event 5, Keypath software://0/,

Flags 00000000

Thu Jun 5 09:57:36 2008: sshpmExtKeyCallback: called with Event 5, Keypath software://0/,

Flags 00000000

Thu Jun 5 09:58:26 2008: Received a message from AP of length 83 on inteface = 1

Thu Jun 5 09:58:26 2008: Entered spamGetLCBFromMac file spam_lrad.c line 472**

Thu Jun 5 09:58:26 2008: 00:19:06:73:30:90 Received LWAPP DISCOVERY REQUEST from AP 00:19

:06:73:30:90 to 00:19:aa:72:2b:40 on port '1'

Thu Jun 5 09:58:26 2008: Entered spamGetLCBFromMac file spam_lrad.c line 1046**

Thu Jun 5 09:58:26 2008: 00:19:e8:af:e6:45 Successful transmission of LWAPP Discovery-Res

ponse to AP 00:19:06:73:30:90 on Port 1

Thu Jun 5 09:59:49 2008: Received a message from AP of length 83 on inteface = 1

Thu Jun 5 09:59:49 2008: Entered spamGetLCBFromMac file spam_lrad.c line 472**

Thu Jun 5 09:59:49 2008: 00:19:06:73:30:90 Received LWAPP DISCOVERY REQUEST from AP 00:19

:06:73:30:90 to 00:19:aa:72:2b:40 on port '1'

Thu Jun 5 09:59:49 2008: Entered spamGetLCBFromMac file spam_lrad.c line 1046**

Thu Jun 5 09:59:49 2008: 00:19:e8:af:e6:45 Successful transmission of LWAPP Discovery-Res

ponse to AP 00:19:06:73:30:90 on Port 1

The "show crypto ca certificates" confirmed that the date is within the stated time period of the certificate.

I am using a cisco 875 as the dhcp server with the option 43 commands.

??? please help

Hi Martin,

Sorry for the delay as I have many things on the go today :) Just so I can understand;

this was an upgraded AP (from Autonomous)?

I made some assumptions on my first post (I know) but just need to be sure.

Rob

Hi rob,

this was not upgraded, this was just an out of the box AP its an 1131AG -E.

also rob, this is the config for the layer 3 switch and the 875 i an using for the dhcp server, basically i want to setup a bsic wirelss lan in a test enviroment, can you point me in the write direct to a docuemnt which shows a good example of setting something up? or have a look at this config, can you see anything wrong

your help is appriciated!!!

Switch#sh ru

Switch#sh running-config

Building configuration...

Current configuration : 2298 bytes

!

version 12.2

no service pad

service timestamps debug uptime

service timestamps log uptime

no service password-encryption

!

hostname Switch

!

!

no aaa new-model

switch 2 provision ws-c3750-24ts

ip subnet-zero

ip routing

!

!

!

!

no file verify auto

spanning-tree mode pvst

spanning-tree extend system-id

!

vlan internal allocation policy ascending

!

interface FastEthernet2/0/1

description Access port Connection to Cisco AP

switchport access vlan 5

switchport mode access

spanning-tree portfast

!

interface FastEthernet2/0/2

switchport access vlan 60

switchport mode access

speed 100

duplex full

spanning-tree portfast

!

interface FastEthernet2/0/3

switchport access vlan 2

speed 100

duplex full

!

interface FastEthernet2/0/4

!

interface FastEthernet2/0/5

!

interface FastEthernet2/0/6

!

interface FastEthernet2/0/7

!

interface FastEthernet2/0/8

!

interface FastEthernet2/0/9

!

interface FastEthernet2/0/10

!

interface FastEthernet2/0/11

!

interface FastEthernet2/0/12

!

interface FastEthernet2/0/13

!

interface FastEthernet2/0/14

!

interface FastEthernet2/0/15

!

interface FastEthernet2/0/16

!

interface FastEthernet2/0/17

!

interface FastEthernet2/0/18

!

interface FastEthernet2/0/19

!

interface FastEthernet2/0/20

!

interface FastEthernet2/0/21

!

interface FastEthernet2/0/22

!

interface FastEthernet2/0/23

!

interface FastEthernet2/0/24

!

interface GigabitEthernet2/0/1

description Trunk Port to Cisco WLC

switchport trunk encapsulation dot1q

switchport trunk native vlan 60

switchport trunk allowed vlan 2-5,60

switchport mode trunk

!

interface GigabitEthernet2/0/2

!

interface Vlan1

no ip address

!

interface Vlan2

description LAN

ip address 10.1.1.254 255.255.255.0

!

interface Vlan3

description secure Auth_1

ip address 10.3.3.1 255.255.255.0

!

interface Vlan4

description secure Auth_2

ip address 10.4.4.1 255.255.255.0

!

interface Vlan5

description AP VLan

ip address 10.5.5.1 255.255.255.0

ip helper-address 10.1.1.2

!

interface Vlan60

description Managment & AP Managment Interface

ip address 192.168.60.1 255.255.255.0

!

router eigrp 10

network 10.1.1.0

network 10.5.5.0

no auto-summary

eigrp stub connected summary

!

ip classless

ip http server

!

!

control-plane

!

!

line con 0

password cisco

login

line vty 0 4

password cisco

login

line vty 5 15

no login

!

end

***************************************************

also this is the cisco 875 config i am using for the dhcp server for option 43

vice timestamps log datetime msec

no service password-encryption

!

hostname Router

!

boot-start-marker

boot-end-marker

!

!

no aaa new-model

!

resource policy

!

no ip dhcp use vrf connected

!

ip dhcp pool vlan5pool

network 10.5.5.0 255.255.255.0

default-router 10.5.5.1

option 60 ascii "Cisco AP c1130"

option 43 hex f104.c0a8.3c02

!

!

ip cef

!

!

!

!

!

!

!

!

interface Ethernet0

ip address 10.1.1.2 255.255.255.0

hold-queue 100 out

!

interface Ethernet2

no ip address

shutdown

hold-queue 100 out

!

interface ATM0

no ip address

shutdown

no atm ilmi-keepalive

dsl operating-mode auto

!

interface FastEthernet1

duplex auto

speed auto

!

interface FastEthernet2

duplex auto

speed auto

!

interface FastEthernet3

duplex auto

speed auto

!

interface FastEthernet4

duplex auto

speed auto

!

ip http server

no ip http secure-server

!

!

!

control-plane

!

!

line con 0

no modem enable

line aux 0

line vty 0 4

login

!

scheduler max-task-time 5000

end

For now, place the ap on vlan 60 and place a temporary dhcp scope for that vlan and see if the ap joins the controller. Then if it does, change it back and the ap will be able to join from vlan 5.

-Scott
*** Please rate helpful posts ***

hi,

doing what u have told me it now assigns a dhcp address but still fails on the same place.

*Mar 1 00:00:07.149: %LINK-3-UPDOWN: Interface FastEthernet0, changed state to up

*Mar 1 00:00:08.149: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0, chang

ed state to up

*Mar 1 00:00:25.197: %LWAPP-5-CHANGED: LWAPP changed state to DISCOVERY

*Mar 1 00:00:35.336: %DHCP-6-ADDRESS_ASSIGN: Interface FastEthernet0 assigned DHCP addres

s 192.168.60.21, mask 255.255.255.0, hostname bymydesk

*Mar 1 00:00:46.617: %LWAPP-5-CHANGED: LWAPP changed state to JOIN

*Mar 1 00:00:54.617: LWAPP_CLIENT_ERROR_DEBUG: spamHandleJoinTimer: Did not recieve the J

oin response

*Mar 1 00:00:54.617: LWAPP_CLIENT_ERROR_DEBUG: No more AP manager IP addresses remain.

*Mar 1 00:00:54.644: %SYS-5-RELOAD: Reload requested by LWAPP CLIENT. Reload Reason: DID

NOT GET JOIN RESPONSE.

*Mar 1 00:00:54.644: %LWAPP-5-CHANGED: LWAPP changed state to DOWNXmodem file system is a

vailable.

the scop i have made is as follows;

ip dhcp pool WLAN

network 192.168.60.0 255.255.255.0

default-router 192.168.60.1

option 60 ascii "Cisco AP c1130"

option 43 hex f104.c0a8.c0a8.3c02

** NOTICE** i dont have the DNS server address. I have not put one in because i dont have a dns server on this test network. What is that used for in this instance please????

you can take out the option 60 and option 43. Not needed when tha ap's are on the same subnet as the ap-manager.

-Scott
*** Please rate helpful posts ***

hi,

this again has made no difference, can you see anything in the controller config, i have attached this, please take a look, the only thing i can see is that maybe the ap manager interface should not be tagged, because i had a problem earlier were i could not connect to the managment interface, and I got round this by changing the tagging to 0???

may try this, what do you reckon? sorry see one below i have attached the controller sh run

thanks

post your show run-config

-Scott
*** Please rate helpful posts ***

config attached, thanks

hi,

this again has made no difference, can you see anything in the controller config, i have attached this, please take a look, the only thing i can see is that maybe the ap manager interface should not be tagged, because i had a problem earlier were i could not connect to the managment interface, and I got round this by changing the tagging to 0???

may try this, what do you reckon?

YOur ap-manager interface is set to vlan 60. This should be untagged. Also configure the service port to an ip address not on your network... like 2.2.2.2 or 192.168.237.x or something.

-Scott
*** Please rate helpful posts ***

how would i change that please?

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: