No JOIN message seen on WLC

Unanswered Question
Mar 23rd, 2009
User Badges:

Hi,


I am trying to register a 1131 AP with a WLC over a WAN (VPN tunnel).


I statically enter the ip address of the controller on the AP, using


lwapp ap controller ip address


The lwapp trace on the WLC, shows the DISCOVER message getting to the WLC, and a return being sent back.


Then, on the AP, I see a UDP message being sent out to the AP-Manager IP address, but dont see any corrosponding message on the WLC.


Any idea where I should start looking ?


The AP-Manager and Management interface of the WLC (NM-AIR-WLC6-K9) are on the same subnet.




  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4 (1 ratings)
Loading.
Leo Laohoo Mon, 03/23/2009 - 19:45
User Badges:
  • Super Gold, 25000 points or more
  • Hall of Fame,

    The Hall of Fame designation is a lifetime achievement award based on significant overall achievements in the community. 

  • Cisco Designated VIP,

    2017 LAN, Wireless

Are you using H-REAP?

shahedvoicerite Tue, 03/24/2009 - 02:04
User Badges:

No, because this is the first time I am trying to get this AP to join a WLC.


I just converted it from Standalone to lwapp.


As far as I know, the option to set it in H-REAP is only once it has sucessfully joined a controller.



I did some extra debugging, and can see

that a udp packet does reach the router housing my NM-WLC.


(I set up an acl with logging for udp trafic in/out on the fa 0/0 port)


For some reason, it just does not pass through to the AP-Manager interface.


Also I cant ping the AP-manager interface, but I suppose it normally does not respond to pings (??)


Thanks



Leo Laohoo Tue, 03/24/2009 - 14:20
User Badges:
  • Super Gold, 25000 points or more
  • Hall of Fame,

    The Hall of Fame designation is a lifetime achievement award based on significant overall achievements in the community. 

  • Cisco Designated VIP,

    2017 LAN, Wireless

You can never ping the AP-Manager interface. The only ping-able IP Address is the Management Interface.


Did you try to connect the AP to the same VLAN segment of the WLC?

shahedvoicerite Tue, 03/24/2009 - 14:31
User Badges:

I think my problem is because of my MTU size (only pings of 1272 seem to go through unfragmented)coupled with the fact that I am on an IPSec VPN.


Tomorrow, I will try putting the AP on the local LAN, and hope that it will solve my problem.


Thanks

Leo Laohoo Tue, 03/24/2009 - 14:57
User Badges:
  • Super Gold, 25000 points or more
  • Hall of Fame,

    The Hall of Fame designation is a lifetime achievement award based on significant overall achievements in the community. 

  • Cisco Designated VIP,

    2017 LAN, Wireless

Thanks for the rating and keep us posted.

shahedvoicerite Wed, 03/25/2009 - 09:26
User Badges:

I connected this AP on a LAN, and it worked right away !!


So it must have been the MTU that was causing the problem. (I was on a Cable network with IPSec VPN)


Thanks

Leo Laohoo Wed, 03/25/2009 - 16:00
User Badges:
  • Super Gold, 25000 points or more
  • Hall of Fame,

    The Hall of Fame designation is a lifetime achievement award based on significant overall achievements in the community. 

  • Cisco Designated VIP,

    2017 LAN, Wireless

It doesn't always work that way. What you've just done is "priming" the AP. Now the AP has a "list" of known WLC. When deploying the AP that has been primed, it will automatically search through it's list of known WLC and join quicker.


Cisco always recommends that the AP be primed prior to deployment.

shahedvoicerite Wed, 03/25/2009 - 16:45
User Badges:

Yes, I am aware that I primed the AP.


That was my intention.. (using the cli lwapp ap controller command, as I did not have a DHCP server to set option 43 or a DNS to resolve CISCO-LWAPP-CONTROLLER)


Its after priming it, that it did not work over the WAN, most likely because of the jumbo frame in the JOIN request and my MTU restrictions.


Thanks again

shahedvoicerite Tue, 05/04/2010 - 16:08
User Badges:

I upgraded this AP / Controller to 5.2 code and set it to H-REAP.


I got it back to my home, where I have a L2L VPN to the controller.


It worked right AWAY !!


The I set it NOT to use H-REAP.


That too worked !!

Leo Laohoo Tue, 05/04/2010 - 16:15
User Badges:
  • Super Gold, 25000 points or more
  • Hall of Fame,

    The Hall of Fame designation is a lifetime achievement award based on significant overall achievements in the community. 

  • Cisco Designated VIP,

    2017 LAN, Wireless

Avoid the 5.X code:  It's filled with bugs.

Actions

This Discussion