Associating a LWAPP with a 4402 controller

Unanswered Question
Jan 11th, 2010


I have the following config on my controller and am plugging in a new out of the box LWAPP into a switch that the ap-manager interface is linked to via gigabit. I would assume that since I see the lightweight AP start a process that makes me think it's looking for the controller it would send a message and receive an address from the internal scope on the 4402 that I think I setup, doesn't seem to be happening though. The config is below and I am wondering the best practice for the interfaces, and whether or not my ap-manager interface can/should be on the same network as the management interface?

ap-manager Vlan1 (connected to a 2960 8port on Vlan1)

management untagged (connected to a 2960T)

service port untagged

virtual interface

I believe I have setup an internal DHCP scope for the ap-manager interface, but seeing as it's not working I would assume I'm missing something. The management interface has a DHCP server on it's /24 network which is the gateway for the network. Does the Cisco 4402 act as a router? Does it hand out addresses if you make internal scopes that correspond with the networks you have interfaces for, or do you always need a separate DHCP server on each network?

Sorry for the low rent questions...

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Ryan Curry Mon, 01/11/2010 - 10:15

Hey William, untag the AP-Manager interface, move it to the same subnet as the Management (192.168.1.x) interface on the same port as the management interface.

You can create DHCP scopes for the internal "dynamic" interfaces (so you can hand out addresses to each BSSID) and as long as those VLANs are trunked and terminated on a router you should be fine.  You will not need a DHCP scope set up for the AP-Manager interface.  The APs will call out for a DHCP address when they first boot up, then attempt to discover a LWAPP controller (thus why you don't need a DHCP pool for that interface).

Hope this helps.

william.briere Mon, 01/11/2010 - 10:23

It appears as though the DHCP is now working as when I see the LWAPP bootup it says it is requesting a DHCP address

, getting one, finding the Master, sending a join request... The problem is it keeps rebooting because the

Master doesn't appear to ever send a response. Is there something I need to do to make it respond?

Ryan Curry Mon, 01/11/2010 - 10:33

If the AP does not receive DHCP option 43 or a response to the request, it will send a broadcast (layer 2) for the controller.  If the AP-Manager IP address is not on the same subnet as the AP, then it will reboot and run through the same search parameters.  Thus if the port the AP is plugged into on the switch does not have a native-VLAN associated with it (making it VLAN 1), then you want to make sure the AP-Manager IP is on the same subnet as the AP and make sure it is untaged (VLAN 0).

william.briere Mon, 01/11/2010 - 10:42

Here's how it is right now... I think i see from your post that everything is how you expect it to be...

The management interface is port 1 and has untagged

The ap-manager interface is port 2 and has untagged

The LWAPP is plugged into a switch that is trunked into the management interface on the 4402. There is also another switch trunked into port two on the 4402 but when I plug the LWAPP into that switch it doesn't seem to even go through the DHCP process. When it is plugged into the switch that goes through the management interface its gets an IP, via the Linksys on the network, then looks for and finds the controller, sends a request to join, but almost right after says it didn;t get a response and then reboots, and does it all over again. This sort of gives me the idea that the controller setup must be missing something that would allow it to send responses to the LWAPP's requesting to join?

Does this make sense?

Ryan Curry Mon, 01/11/2010 - 10:47

Move the AP-Manager interface over to Port 1 as well.  I have a feeling this will solve the problem.  Cisco pretty much recommends that Management and AP-Manager be configured the same except for IP addressing (same subnet).  Try that and see if it comes up.  You should see the AP under Wireless and it'll initially download a new LWAPP image then reboot.  If you wait too long to see if it shows up, it'll look like it's not there yet even though it's rebooting after downloading the new image.  Thus, either watch immediately or wait 10 minutes and see if it shows up.

william.briere Mon, 01/11/2010 - 10:52

Yep... that did it... So I am going to guess that realistically the only reason for the two physical interfaces is the idea of port-channeling?  Are there best practices for the AP templates?

Ryan Curry Mon, 01/11/2010 - 12:15

Yup, port channeling and if you have a 50 AP license, you have to use both ports (since each port supports 48 APs).

Not sure on the best practices for AP templates (since I haven't used them yet), but I do know that it takes the entire template, so make sure you have everything set correctly or you could wipe something out.  Depending on the version of code you're using, look up the Configuration Guide for your WLC version; those have a lot of really good info in them.

Glad to hear you're up and running.


This Discussion