Problems registering a 1131 LAP to a WLC in different subnets

Unanswered Question
Mar 21st, 2009
User Badges:

Hi, we are deploying a wireless network in two buildings. It has a single WLC in one of them, with 15 APs in the local subnet (already working perfectly) an 10 APs in the other building (different subnets). The APs in the other subnet cannot register in the WLC. I have tried using oprtion 43 and 60, and ip helper-address method without success. I have also tried to register the APs local (they register in the WLC perfectly) and then take them to the original place, but I have the same problem. The WLC is configured L3, and this is the config of DHCP server:


ip dhcp pool WIFI

import all

network 10.1.1.0 255.255.255.0

default-router 10.1.1.1

option 43 ascii "10.12.1.5"

option 60 ascii "Cisco AP c1130"


There are two 3750 switchs between the APs and WLC with full conectivity. The MGMT ip of WLC is 10.12.1.5. Any idea?


Regards.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Scott Fella Sat, 03/21/2009 - 07:31
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    The Hall of Fame designation is a lifetime achievement award based on significant overall achievements in the community. 

  • Cisco Designated VIP,

    2017 Wireless

Just have to ask... do you have L3 working correctly between the subnets (10,12,1,x to 10.1.1.x) and also, if the other building is a L2 connection, do you have that vlan allowed on the wlc trunk port?

victorgarciaternero Sat, 03/21/2009 - 10:10
User Badges:

Hello, there is a fiber cable (16 fibers) between the 3750s (one in each building), with this scheme:


WLC----3750(Building1)-------(8 fiber links)------3750(Building2)----APs


In 3750(Building1):

VLAN1: 10.12.1.1

Gi1/0/1: 10.12.254.225/30

Gi1/0/2: 10.12.254.229/30

Gi1/0/3: 10.12.254.233/30

Gi1/0/4: 10.12.254.237/30

Gi1/0/5: 10.12.254.241/30

Gi1/0/6: 10.12.254.245/30

Gi1/0/7: 10.12.254.249/30

Gi1/0/8: 10.12.254.253/30

There are configured 8 routes with equal-cost to subnet 10.1.1.0

WLC Management Interface: 10.12.1.5


3750(Building2):

Gi1/0/1: 10.12.254.226/30

Gi1/0/2: 10.12.254.230/30

Gi1/0/3: 10.12.254.234/30

Gi1/0/4: 10.12.254.238/30

Gi1/0/5: 10.12.254.242/30

Gi1/0/6: 10.12.254.246/30

Gi1/0/7: 10.12.254.250/30

Gi1/0/8: 10.12.254.254/30

There are configured 8 router with equal-cost to subnet 10.12.1.0

AP IP: 10.1.1.11


Whe the AP receive the ip config form DHCP server, we can ping from WLC to the AP, but it doesn't seem to receive any discover message from AP. If a configure ip helper-address, I can view in the WLC the DHCP relay, but any discover message.


Best regards.


Scott Fella Sat, 03/21/2009 - 10:22
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    The Hall of Fame designation is a lifetime achievement award based on significant overall achievements in the community. 

  • Cisco Designated VIP,

    2017 Wireless

Try to configure on the switch globally... leave the ip helper on the L3 interface:


ip forward-protocol udp 12222

ip forward-protocol udp 12223


Is the wlc to ap communication taking the same route?

victorgarciaternero Sun, 03/22/2009 - 12:07
User Badges:

Hello, I have disabled 7 of the 8 links to assure that communications between WLC and AP is taking the same route. I have also configured ip forward-protocol udp 12222 and 12223, and ip helper-address 10.12.1.5 under interface vlan1 and interface gi1/0/8 which is the L3 link that remains enable (I don't know exactly in which interface I have to enable ip helper-address). The result, tha same...


I have changed the option 43 in DHCP server to hex value but I can't see in the WLC log any discover message.


I can see that when I enable ip helper-address the WLC receives DHCP request relayed from the switch, so I have to configure DHCP scope in the WLC, but there is no option 43. This is the capture of WLC:


(Cisco Controller) >Sun Mar 22 19:59:48 2009: dhcp: Found a relay packet! Bouncing it locally!

Sun Mar 22 19:59:48 2009: dhcpd: sending 576 bytes raw 10.1.1.1:67 -> 10.12.1.5:1067

Sun Mar 22 19:59:48 2009: Received 576 byte dhcp packet from 0x0a010101 10.1.1.1:67

Sun Mar 22 19:59:48 2009: DHCP packet: 10.1.1.1 -> 10.12.1.5 using scope "prueba"

Sun Mar 22 19:59:48 2009: received DISCOVER

Sun Mar 22 19:59:48 2009: adding option 0x35

Sun Mar 22 19:59:48 2009: adding option 0x36

Sun Mar 22 19:59:48 2009: DHCP: Find existing node 0x12d49e68 10.1.1.11.

Sun Mar 22 19:59:48 2009: DHCP: Removing duplicate entry 0x12d49e68 10.1.1.11. from leases

Sun Mar 22 19:59:48 2009: DHCP: Reuse existing IP 10.1.1.11.

Sun Mar 22 19:59:48 2009: adding option 0x33

Sun Mar 22 19:59:48 2009: adding option 0x03

Sun Mar 22 19:59:48 2009: adding option 0x01

Sun Mar 22 19:59:48 2009: dhcp: sending OFFER of 10.1.1.11

Sun Mar 22 19:59:48 2009: dhcpd: Sending DHCP packet (giaddr:10.1.1.1)to 10.12.1.5:67 from 10.12.1.5:1067

Sun Mar 22 19:59:48 2009: sendto (548 bytes) returned 548

Sun Mar 22 19:59:48 2009: dhcp: Relay a reply back to 10.1.1.1

Sun Mar 22 19:59:48 2009: dhcp: Found a relay packet! Bouncing it locally!

Sun Mar 22 19:59:48 2009: dhcpd: sending 576 bytes raw 10.1.1.1:67 -> 10.12.1.5:1067


(Cisco Controller) >Sun Mar 22 19:59:48 2009: Received 576 byte dhcp packet from 0x0a010101 10.1.1.1:67

Sun Mar 22 19:59:48 2009: DHCP packet: 10.1.1.1 -> 10.12.1.5 using scope "prueba"

Sun Mar 22 19:59:48 2009: received REQUEST

Sun Mar 22 19:59:48 2009: Checking node 10.1.1.11 Allocated 1237748388, Expires 1237834788 (now: 1237748388)

Sun Mar 22 19:59:48 2009: server_id = 0a0c0105

Sun Mar 22 19:59:48 2009: adding option 0x35

Sun Mar 22 19:59:48 2009: adding option 0x36

Sun Mar 22 19:59:48 2009: adding option 0x33

Sun Mar 22 19:59:48 2009: adding option 0x03

Sun Mar 22 19:59:48 2009: adding option 0x01

Sun Mar 22 19:59:48 2009: dhcpd: Sending DHCP packet (giaddr:10.1.1.1)to 10.12.1.5:67 from 10.12.1.5:1067

Sun Mar 22 19:59:48 2009: sendto (548 bytes) returned 548

Sun Mar 22 19:59:48 2009: dhcp: Relay a reply back to 10.1.1.1


(Cisco Controller) >

(Cisco Controller) >

(Cisco Controller) >show dhcp leases


MAC IP Lease Time Remaining

00:21:d8:47:39:d2 10.1.1.11 23 hours 59 minutes 39 seconds

(Cisco Controller) >ping 10.1.1.11


Send count=3, Receive count=3 from 10.1.1.11


(Cisco Controller) >

(Cisco Controller) >

(Cisco Controller) >

(Cisco Controller) >show debug

MAC address ................................ 00:90:e8:14:7b:3b


Debug Flags Enabled:

dhcp message enabled.

dhcp packet enabled.

dhcp service port packet enabled.

dot11 mobile enabled.

dot11 state enabled

dot1x events enabled.

dot1x states enabled.

lwapp events enabled.

lwapp errors enabled.

pem events enabled.

pem state enabled.

pm pki enabled.



(Cisco Controller) >



I have no more idea to solve the issue. Thank you very much.


Best regards.


You cannot use the WLC internal DHCP server for use with the APs. Revert back to using the switch/router. What vlan are you using for the ap's? You need to apply the ip helper on the router for the ap vlan interface. When you had option 43 setup with hex, did you verify that the ap's actually received an ip? You should be able to tell on the switch router by issuing this command:


show ip dhcp bindings


If you know the MAC of the ap, you should see it's MAC and related ip address. Try to ping that ip to make sure it is alive.

Leo Laohoo Sun, 03/22/2009 - 16:23
User Badges:
  • Super Gold, 25000 points or more
  • Hall of Fame,

    The Hall of Fame designation is a lifetime achievement award based on significant overall achievements in the community. 

  • Cisco Designated VIP,

    2017 LAN, Wireless

From the 1130 AP, can you ping the WLC Management IP Address? If yes, console into one of the AP and type the following command: config ap controller ip address

victorgarciaternero Mon, 03/23/2009 - 00:37
User Badges:

Thank you for your response. I will try to do all you say, but I have to go to the office where the AP is installed to connect the console cable.


Best regards.

victorgarciaternero Mon, 03/23/2009 - 05:13
User Badges:

Hello, I have doing some tests. I have configured an static entry to WLC ip in the AP config, and this is the result:


*Mar 1 00:00:07.242: %LINK-3-UPDOWN: Interface FastEthernet0, changed state to up

*Mar 1 00:00:08.242: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0, changed state to up

*Mar 1 00:00:25.302: %LWAPP-5-CHANGED: LWAPP changed state to DISCOVERY

*Mar 1 00:00:35.705: LWAPP_CLIENT_ERROR_DEBUG: spamHandleDiscoveryTimer : Found the discovery response from MASTER Mwar


*Mar 1 00:00:35.714: %LWAPP-5-CHANGED: LWAPP changed state to JOIN

*Mar 1 00:00:40.714: LWAPP_CLIENT_ERROR_DEBUG: spamHandleJoinTimer: Did not recieve the Join response


*Mar 1 00:00:40.714: LWAPP_CLIENT_ERROR_DEBUG: No more AP manager IP addresses remain.


*Mar 1 00:00:40.750: %SYS-5-RELOAD: Reload requested by LWAPP CLIENT. Reload Reason: DID NOT GET JOIN RESPONSE.

*Mar 1 00:00:40.750: %LWAPP-5-CHANGED: LWAPP changed state to DOWN


I thought that it could be a conectivity problem, so I did a ping from AP to WLC:


AP0021.d847.6082#ping 10.12.1.5


Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 10.12.1.5, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/1 ms


What can I do?


Best regards.

victorgarciaternero Mon, 03/23/2009 - 07:32
User Badges:

Hello, I understood you. I tested it and it works perfectly (traceroute fails, but it also fails in the same subnet when the dest is the WLC, so I thought that is normal). I have tried to upload the sh run file and I receive a timeout error.

Regards.

victorgarciaternero Mon, 03/23/2009 - 09:06
User Badges:

I have configured the next debug:


debug mac addr


And this is the output of WLC:


Mon Mar 23 16:53:08 2009: 00:21:d8:47:60:82 Received LWAPP DISCOVERY REQUEST fro

m AP 00:21:d8:47:60:82 to 00:1b:d4:6b:6f:e0 on port '1'

Mon Mar 23 16:53:08 2009: Start of Packet

Mon Mar 23 16:53:08 2009: Ethernet Source MAC (LRAD): 00:21:D8:47:60:82

Mon Mar 23 16:53:08 2009: Msg Type :

Mon Mar 23 16:53:08 2009: DISCOVERY_REQUEST

Mon Mar 23 16:53:08 2009: Msg Length : 21

Mon Mar 23 16:53:08 2009: Msg SeqNum : 0

Mon Mar 23 16:53:08 2009:

IE : UNKNOWN IE 58

Mon Mar 23 16:53:08 2009: IE Length : 1

Mon Mar 23 16:53:08 2009: Decode routine not available, Printing Hex Dump

Mon Mar 23 16:53:08 2009: 00000000: 01

.

Mon Mar 23 16:53:08 2009:

IE : RAD_PAYLOAD

Mon Mar 23 16:53:08 2009: IE Length : 14

Mon Mar 23 16:53:08 2009: H/W Version : 1

Mon Mar 23 16:53:08 2009: H/W Release : 0

Mon Mar 23 16:53:08 2009: H/W Maint : 0

Mon Mar 23 16:53:08 2009: H/W Build : 0

Mon Mar 23 16:53:08 2009: S/W Version : 3

Mon Mar 23 16:53:08 2009: S/W Release : 0

Mon Mar 23 16:53:08 2009: S/W Maint : 51

Mon Mar 23 16:53:08 2009: S/W Build : 0

Mon Mar 23 16:53:08 2009: Boot Version : 12

Mon Mar 23 16:53:08 2009: Boot Release : 3

Mon Mar 23 16:53:08 2009: Boot Maint : 8

Mon Mar 23 16:53:08 2009: Boot Build : 0

Mon Mar 23 16:53:08 2009: numSlots : 0

Mon Mar 23 16:53:08 2009: numFilledSlots : 0

Mon Mar 23 16:53:08 2009: End of Packet


What info could I obtain from this log?


Regards.

victorgarciaternero Mon, 03/23/2009 - 12:43
User Badges:

I have reloaded the WLC, and I have captured the following traces:


Mon Mar 23 20:13:40 2009: 00:21:d8:47:60:82 Received LWAPP IMAGE_DATA from AP 00:21:d8:47:60:82

Mon Mar 23 20:13:41 2009: 00:21:d8:47:60:82 Successfully transmission of LWAPP Image-Data Response to AP 00:21:d8:47:60:82

Mon Mar 23 20:13:41 2009: 00:21:d8:47:60:82 Received LWAPP IMAGE_DATA_RES from AP 00:21:d8:47:60:82

Mon Mar 23 20:13:41 2009: 00:21:d8:47:60:82 Received LWAPP IMAGE_DATA_RES from AP 00:21:d8:47:60:82

Mon Mar 23 20:13:41 2009: 00:21:d8:47:60:82 Received LWAPP IMAGE_DATA_RES from AP 00:21:d8:47:60:82


.....



Mon Mar 23 20:14:09 2009: 00:21:d8:47:60:82 Received LWAPP IMAGE_DATA_RES from AP 00:21:d8:47:60:82

Mon Mar 23 20:14:09 2009: 00:21:d8:47:60:82 Received LWAPP IMAGE_DATA_RES from AP 00:21:d8:47:60:82

Mon Mar 23 20:14:09 2009: 00:21:d8:47:60:82 Received LWAPP IMAGE_DATA_RES from AP 00:21:d8:47:60:82

Mon Mar 23 20:14:09 2009: 00:21:d8:47:60:82 Received LWAPP IMAGE_DATA_RES from AP 00:21:d8:47:60:82

Mon Mar 23 20:14:09 2009: 00:21:d8:47:60:82 Received LWAPP IMAGE_DATA_RES from AP 00:21:d8:47:60:82

Mon Mar 23 20:14:10 2009: 00:21:d8:47:60:82 Received LWAPP ECHO_REQUEST from AP 00:21:d8:47:60:82

Mon Mar 23 20:14:10 2009: 00:21:d8:47:60:82 Successfully transmission of LWAPP Echo-Response to AP 00:21:d8:47:60:82

Mon Mar 23 20:14:11 2009: 00:21:d8:47:60:82 Received LWAPP ECHO_REQUEST from AP 00:21:d8:47:60:82

Mon Mar 23 20:14:11 2009: 00:21:d8:47:60:82 Successfully transmission of failed LWAPP Echo-Response to AP 00:21:d8:47:60:82 due to packet sequencing

Mon Mar 23 20:14:12 2009: 00:21:d8:47:60:82 Received LWAPP ECHO_REQUEST from AP 00:21:d8:47:60:82

Mon Mar 23 20:14:12 2009: 00:21:d8:47:60:82 Successfully transmission of failed LWAPP Echo-Response to AP 00:21:d8:47:60:82 due to packet sequencing

Mon Mar 23 20:14:13 2009: 00:21:d8:47:60:82 Received LWAPP ECHO_REQUEST from AP 00:21:d8:47:60:82

Mon Mar 23 20:14:13 2009: 00:21:d8:47:60:82 Successfully transmission of failed LWAPP Echo-Response to AP 00:21:d8:47:60:82 due to packet sequencing

Mon Mar 23 20:14:14 2009: 00:21:d8:47:60:82 Received LWAPP ECHO_REQUEST from AP 00:21:d8:47:60:82

Mon Mar 23 20:14:14 2009: 00:21:d8:47:60:82 Successfully transmission of failed LWAPP Echo-Response to AP 00:21:d8:47:60:82 due to packet sequencing

Mon Mar 23 20:15:42 2009: 00:21:d8:47:60:82 Did not receive hearbeat reply from AP 00:21:d8:47:60:82

Mon Mar 23 20:15:42 2009: sshpmFreePublicKeyHandle: called with 0x12c06ad8

Mon Mar 23 20:15:42 2009: sshpmFreePublicKeyHandle: freeing public key

Mon Mar 23 20:15:42 2009: spamDeleteLCB: stats timer not initialized for AP 00:21:d8:47:60:82


After that the AP reloaded and disassociated from WLC. Have anyone any idea?


Best regards.

victorgarciaternero Mon, 03/23/2009 - 13:14
User Badges:

After some reloads of the system and configuring proxy-arp, ip helper-address and ip forward-protocol it works. I hope tomorrow I can determine what is the command that gets working the scenario.


Best regards and thank you very much for your responses.

Actions

This Discussion