ap won't join wlc 5508

Unanswered Question
Jan 5th, 2010

Hi,

Just installed a fresh 5508 using 6.0.188.0 , tried to join a 1252 ap but it won't work.

errorlogs says this on the ap...

*Jan  5 21:02:31.000: %CAPWAP-5-CHANGED: CAPWAP changed state to
*Jan  5 21:02:31.695: %CAPWAP-5-DTLSREQSUCC: DTLS connection created sucessfully peer_ip: 10.42.1.200 peer_port: 5246
*Jan  5 21:02:31.695: %CAPWAP-5-SENDJOIN: sending Join Request to 10.42.1.200
*Jan  5 21:02:31.695: %CAPWAP-5-CHANGED: CAPWAP changed state to JOIN
*Jan  5 21:02:31.695: %CAPWAP-3-ERRORLOG: Unencrypted non-discovery CAPWAP Control Message from 10.42.1.200
*Jan  5 21:02:31.695: %CAPWAP-3-ERRORLOG: Invalid AC Message Type 4.
*Jan  5 21:02:31.699: %CAPWAP-3-ERRORLOG: Failed to handle capwap control message from controller
*Jan  5 21:02:31.699: %CAPWAP-3-ERRORLOG: Failed to process unencrypted capwap packet from 10.42.1.200
*Jan  5 21:02:36.695: %CAPWAP-5-SENDJOIN: sending Join Request to 10.42.1.200
*Jan  5 21:02:36.695: %CAPWAP-3-ERRORLOG: Unencrypted non-discovery CAPWAP Control Message from 10.42.1.200
*Jan  5 21:02:36.695: %CAPWAP-3-ERRORLOG: Invalid AC Message Type 4.
*Jan  5 21:02:36.695: %CAPWAP-3-ERRORLOG: Failed to handle capwap control message from controller
*Jan  5 21:02:36.695: %CAPWAP-3-ERRORLOG: Failed to process unencrypted capwap packet from 10.42.1.200

When joining a 4402-25 also with 6.0.188.0 it works like a charm... whats wrong with the 5508? -any ideas anyone?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Marcus Johansson Tue, 01/05/2010 - 14:58

nope this is not it... same time source as the 4402-25.

And the time is correct!

any other ideas?

Leo Laohoo Tue, 01/05/2010 - 15:08

Console into the AP in question and in enable mode type in the following command: lwapp ap controller ip address



Marcus Johansson Wed, 01/06/2010 - 02:36

yes i've tried that too, even erased the private-conf. nothing helps.

Today i tried downgrading the 5508 to 6.0.182.0, same problem arised with that one too.

The AP seems fine since it is connecting fine to the 4402-25 controller with image 6.0.188.0.

Marcus Johansson Thu, 01/07/2010 - 04:08

I have an update on this very very strange problem.

Today i connected a Cisco 1242AG to the Cisco 5508 (6.0.188.0) and it joins as it should no errors.

The Cisco 1252 does not, same error message as before.

BUT when i connect the 1252 to my other controller Cisco 4402 (6.0.188.0) it joins as it should no errors.

I can't understand wtf is happening here....

nathan.a.reeves Wed, 01/20/2010 - 04:34

Faced a similar issue today.  By any chance does your AP have a mac address which doesn't start in '00'?  I had two batches of AP's at a clients site, one with MAC's that began with 00:22 and others that began with C3:7D.  The 00:22 units would register without issue.  The C3 units would reboot continuously and the console output was identical to yours above.

TAC said this was a known issue where the WLC code wasn't coping with MAC addresses that didn't begin with 00.  Couple of fixes depening on the situation was to put the AP on the same vlan as the WLC management interface (which is the setup I was having problems with).  Other fix was to move the AP to a seperate vlan and use Option43/DNS to specify the WLC.  This is what fixed it up for me.

A fix is apparently on the way.

larrywoods Tue, 01/26/2010 - 15:29

Nathan is right, it is an issue in the broadcast of an AP that doesnt have the MAC address that starts with "00".  Anything greater than that is discarded by the 5508 and this is only affected in 6.0.188.0 version of code.  6.0.191.0 should be out soon.  If you dont have any APs that connect, you can downgrade to 6.0.182.0 as well and it will work again.  The VLAN separation also will work as the default gateway MAC will be broadcasted and not the APs.

Bug link:  http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCte01087

Actions

This Discussion