ap's registering to wrong controller, ignoring option 43 settings

Unanswered Question
Sep 13th, 2008

Added 10 new AP's to the 550 I already have and they are not registering to the either primary or secondary controller specified in dhcp otion 43. The target controllers have adequate capacity so I'm sure how or why they are associating with a different controller. Appreciate any comments.

Setup is a pair of 6509's with 2 WISM each, separated into 4 logical controllers.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Scott Fella Sat, 09/13/2008 - 18:22

Besides option 43, do you have any other setup to help new ap's find a wlc.... Like DNS, OTAP enabled or udp forwarding with ip helper? If only option 43 is enabled, then maybe the ap's were getting the other wlc information from the mobility group configuration. AP's most likely sent a discovery response but only received a discovery response from the other wlc and that is why the ap joined a wlc other than what you specified in dhcp.

bbxie Sat, 09/13/2008 - 19:57

Firstly, double check you configured both DHCP option 43 and option 60, for example if the WLC's management IP is, AP model is 1130,then you need to configure option 43 and 60:

option 60 ascii "Cisco AP c1130"

option 43 hex f1040a010101

Secondly, since AP will go through following discovery steps:

1. broadcast on local subnet(different vlan can use ip helper-address xxxx, ip forward-protocol udp 12223 and

ip forward-protocol udp 12222 to forward the broadcast)


3. Locally stored WLC IP address

4. DHCP option 43

5. DNS resolution of “CISCO-LWAPP-CONTROLLER.localdomain”

After discovery, AP will generate a list of candidate WLC, then AP will select a WLC to join according to following criteria:

p1.If AP has been previously configured with a primary, secondary, and/or tertiary controller, the AP will attempt to join these first (specified in the Controller sysName)

p2. Attempt to join a WLAN Controller configured as a “Master” controller

p3. Attempt to join the WLAN Controller with the greatest excess AP capacity

So there are 4 other ways to find a candidate WLC than DHCP option 43, so make sure you don't have item p1~2 configured, and the WLC you want the new AP to join has the greatest excess AP capacity.

3tstiles Sun, 09/14/2008 - 15:58

thanks, it was #2 that was causing my issue, your reply was very helpful

oqureshi Mon, 09/22/2008 - 12:43

I have got same issue as discussed in this thread, mine is little different some how. I have got two 6509 with one WISM in one chassis and two WISM in other chasis. I am running latest 5.1.xx image on WISM. I have four VLAN's split across these controllers, with two VLAN's configured in such a way that it provides 100% HA and other two configured on one of the WISM.

You can see the diagram as attached, all the AP;s in VLAN 12 primarily registers with left chassis, controller WLC-P-1 and its backup is WLC-P-2. I did this HA configuration in Global Setting under WIRELESS TAB but in case of failure VLAN 12 rather then going to WLC-P-2, registers with random controller which dont make sense at all as all the other controllers are in different VLAN and I am surprised how can AP can register to Controller in different VLAN.

Here is the summary, configured in WISM.

VLAN Primary Seconday

12 WLC-P-1 WLC-P-2

13 WLC-S-1 WLC-S-2

14 WLC-T-1

But as I said I dont get this behaviour sometimes I see vlan 14 ap registering to 12 or vlan 12 going vlan 13 or 14.

Please suggest, also I do have AP failover configured but AP dont move back to primary controller when it comes back online. Again I am using Global wireless setting for assigning primary and seconday AP which is the new feature in later release of 5.x.xx.



oqureshi Mon, 09/22/2008 - 12:54

Also I would like to highlight I am running DHCP on the chassis itself and its working without option 60. Is this normal behaviour.



Scott Fella Mon, 09/22/2008 - 17:44

So on your dhcp scope, you only have the two wlc management ip address defined? Also make sure you are not using DNS to help th eLAP's find the wlc. Disable OTAP on the WLC's.

oqureshi Mon, 09/22/2008 - 23:00

I did disable OTAP last night, will observer things but just curious to know can AP register with WLC which is not in its VLAN?.

Also global setting in WLC for primary and backup controller doesnt seems to be providing AP fall back. But when I configured the same directly on the AP it worked. Any comment on this.



Scott Fella Tue, 09/23/2008 - 03:44

What is your core switch? HP or Cisco... I was just looking at the diagram you posted. I also had the same issue but was sparatic.... same setup with two 6509's and I had 3 WiSM's in each and 6 different mobility groups, but the core switches were Nortel. Ap's once in a while would come up on the wrong wlc and never go back to the original since it has joined a different mobility group. what we did there was configure the ap's to have a static, remove dns, dhcp option 43, disable otap, and make sure there was no ip helper and udp forwarding of port 12223 or 12222. This seemed to stabilize the wireless environment. However, if an ap for some reason lost it's connection to the primary, and never find the secondary, then it will just go through the reboot process and never actually join the wrong WLC again. So far so good.

I have never had this issue though in a 100% Cisco infrastructure.

oqureshi Tue, 09/23/2008 - 04:37

Yes I have HP core and there is IP HELPER ADDRESS command on HP Switches redirecting AP's to use DHCP configured on 6509 in there respective VLAN's. You mean to Say clicking STATIC on AP screen for IP ADDRESS or something else !!. I have disabled OTAP, there is NO DNS, there is no UDP forwarder on HP switches.

I disabled OTAP yesterday so I am observing AP's now but tell me did you ever configure primary/secondary in GLOBAL CONFIGURATION under ACCESS POINT in WIRELESS TAB, this is what I had configure initially and expected AP's to use seconday WLC in case of failure but instead after the primary failure AP's randomly joined different WLC in different VLAN but AP was still showing IP ADDRESS of previous VLAN subnet, very strange!!

You can see attachment for global settings at the same time I tested the PRIMARY/SECONDARY setting directly and removed global settings and it did work and AP fall back was also working but not in the case of global settings introuced in image 5.1.x.x


Scott Fella Tue, 09/23/2008 - 06:53

No. Keep the ip helper for dhcp. If you had UDP forwarding 12223 and ip helper pointing to the management ip of the wlc. Then that is when you should remove it.

oqureshi Tue, 09/23/2008 - 13:37

Could you please reply one what did you mean by using Static in AP.



Scott Fella Tue, 09/23/2008 - 17:24

Static ip address. Also enter the primary and secondary controller (system name not ip address). That is all.


This Discussion



Trending Topics: Other Wireless Mobility

client could not be authenticated
Network Analysis Module (NAM) Products
Cisco 6500 nam
reason 440 driver failure
Cisco password cracker
Cisco Wireless mode