×

Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

Cisco WLC 2504 with AIR-CAP2702E-x-K9 not working

Unanswered Question
Aug 4th, 2014
User Badges:

Hi,

I have a really simple scenario using WLC2504 (version 7.6.120.0) with a new AIR-CAP2702. I have just one WLAN configured in the vlan3 and a DHCP server for this WLAN, but when I try to connect the network is saying "Impossible to connect to the network" and I cannot associate.

Am I missing something? I just followed the config manual and I don't find the issue.

The WLC is connected to a SG-200-50 switch port with three vlans (vlan1 as untagged, vlan 2 and 3 are tagged).

 

This is the config for the WLC2504:

config acl layer2 rule add TEST_L2 1 
config acl layer2 rule action TEST_L2 1 permit 
config acl layer2 rule ethertype TEST_L2 1 2048 65535 
config acl layer2 create TEST_L2 
config acl layer2 apply TEST_L2 
config acl rule add TEST 1 
config acl rule source port range TEST 1 0 65535 
config acl rule action TEST 1 permit 
config acl rule destination port range TEST 1 0 65535 
config acl rule add TEST 65 
config acl rule source port range TEST 65 0 65535 
config acl rule destination port range TEST 65 0 65535 
config acl create TEST 
config acl apply TEST 
config dhcp address-pool "DHCP para VLAN3" 192.168.1.10 192.168.1.15 
config dhcp dns-servers "DHCP para VLAN3" 192.168.1.4 8.8.8.8 
config dhcp lease "DHCP para VLAN3" 86400 
config dhcp address-pool "DHCP red WLC" 10.10.100.35 10.10.100.45 
config dhcp lease "DHCP red WLC" 86400 
config dhcp network "DHCP para VLAN3" 192.168.1.0 255.255.255.0 
config dhcp network "DHCP red WLC" 10.10.100.0 255.255.255.0 
config dhcp create-scope "DHCP para VLAN3" 
config dhcp domain "DHCP para VLAN3" admin.testing.com 
config dhcp default-router "DHCP para VLAN3" 192.168.1.249 
config dhcp enable "DHCP para VLAN3" 
config dhcp create-scope "DHCP red WLC" 
config dhcp enable "DHCP red WLC" 
config license boot base 
config sysname WLC-TESTING
config 802.11a cac voice sip bandwidth 64 sample-interval 20 
config 802.11a cac voice sip codec g711 sample-interval 20 
config advanced probe limit 2 500 
config advanced 802.11a profile foreign global 50 
config advanced 802.11a channel add 36 
config advanced 802.11a channel add 40 
config advanced 802.11a channel add 44 
config advanced 802.11a channel add 48 
config advanced 802.11a channel add 52 
config advanced 802.11a channel add 56 
config advanced 802.11a channel add 60 
config advanced 802.11a channel add 64 
config advanced probe-limit 2 500 
config advanced 802.11b profile foreign global 50 
config advanced 802.11b channel add 1 
config advanced 802.11b channel add 6 
config advanced 802.11b channel add 11 
config country ES 
config wps client-exclusion ip-theft disable 
config switchconfig strong-pwd lockout attempts mgmtuser 3 
config switchconfig strong-pwd lockout time mgmtuser 5 
config interface port management 1 
config interface address management 10.10.100.30 255.255.255.0 10.10.100.249 
config interface dhcp management primary 10.10.100.30 
config interface address virtual 1.1.1.1 
config interface port vlan3 1 
config interface acl vlan3 TEST 
config interface address dynamic-interface vlan3 192.168.1.1 255.255.255.0 192.168.1.249 
config interface create vlan3 3 
config interface dhcp dynamic-interface vlan3 primary 10.10.100.30 
config interface vlan vlan3 3 
config interface port vlan2 1 
config interface address dynamic-interface vlan2 172.16.1.2 255.255.0.0 172.16.1.1 
config interface create vlan2 2 
config interface vlan vlan2 2 
config trapflags ap ssidkeyconflict enable 
config trapflags ap register enable 
config trapflags ap authfailure enable 
config trapflags ap modechange enable 
config trapflags ap interfaceup enable 
config trapflags ap timesyncfailure enable 
config trapflags stpmode disable 
config trapflags rogueap disable 
config trapflags client 802.11-deauthenticate enable 
config trapflags client 802.11-associate enable 
config trapflags client 802.11-authfail enable 
config trapflags client nac-alert enable 
config trapflags client excluded enable 
config trapflags client max-warning-threshold enable 
config trapflags client authentication enable 
config trapflags client 802.11-disassociate enable 
config trapflags client 802.11-assocfail enable 
config wlan session-timeout 3 1800 
config wlan exclusionlist 3 60 
config wlan broadcast-ssid enable 3 
config wlan interface 3 vlan3 
config wlan mfp client enable 3 
config wlan create 3 WLC-PROFES WLC-PROFES 
config wlan wmm allow 3 
config wlan security wpa akm 802.1x disable 3 
config wlan security wpa wpa2 ciphers aes disable 3 
config wlan security wpa wpa2 disable 3 
config wlan security wpa disable 3 
config wlan security web-auth server-precedence 3 local radius ldap 
config wlan enable 3 
config mobility group domain testing 
config certificate generate webadmin 
config network rf-network-name testing 
config network webmode enable 
config network master-base enable 
config network multicast global enable 
config network multicast igmp snooping enable 
config network multicast l2mcast disable service-port 
config network multicast l2mcast disable virtual 
config mdns profile service add default-mdns-profile AirPrint 
config mdns profile service add default-mdns-profile AirTunes 
config mdns profile service add default-mdns-profile AppleTV 
config mdns profile service add default-mdns-profile HP_Photosmart_Printer_1 
config mdns profile service add default-mdns-profile HP_Photosmart_Printer_2 
config mdns profile service add default-mdns-profile Printer 
config mdns profile create default-mdns-profile 
config mdns service origin all AirPrint 
config mdns service query enable AirPrint 
config mdns service create AirPrint _ipp._tcp.local. origin all lss disable query enable 
config mdns service origin all AirTunes 
config mdns service query enable AirTunes 
config mdns service create AirTunes _raop._tcp.local. origin all lss disable query enable 
config mdns service origin all AppleTV 
config mdns service query enable AppleTV 
config mdns service create AppleTV _airplay._tcp.local. origin all lss disable query enable 
config mdns service origin all HP_Photosmart_Printer_1 
config mdns service query enable HP_Photosmart_Printer_1 
config mdns service create HP_Photosmart_Printer_1 _universal._sub._ipp._tcp.local. origin all lss disable query enable 
config mdns service origin all HP_Photosmart_Printer_2 
config mdns service query enable HP_Photosmart_Printer_2 
config mdns service create HP_Photosmart_Printer_2 _cups._sub._ipp._tcp.local. origin all lss disable query enable 
config mdns service origin all Printer 
config mdns service query enable Printer 
config mdns service create Printer _printer._tcp.local. origin all lss disable query enable 
config database size 2048 
config 802.11b 11gsupport enable 
config 802.11b cac voice sip bandwidth 64 sample-interval 20 
config 802.11b cac voice sip codec g711 sample-interval 20 
config ap packet-dump capture-time 10 
config ap packet-dump truncate 0 
config ap packet-dump buffer-size 2048 
config mgmtuser add encrypt cisco 1 60b1a65ef9a0f69437eb739a615c088e 78976c29bc00d9a0eb5a4c843a0abb8e1b5b122c 16 8d5a6d1413464de026722d6ea58c74170000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 read-write 

 

Thanks.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Vinod Arya Wed, 08/13/2014 - 09:34
User Badges:
  • Cisco Employee,

Is your client getting an IP Address? What kind of l2/l3 security configured on the WLAN?

Is authentication successful? Share following ouptut :

  • show wlan summary
  • show wlan wlan_number/id

Also, enable debug and share the debug ouptut when a client tries to join the WLAN, enable following debug :

  • debug client client_mac_addr

One the debug is over, disable it with debug disable-all.

-Thanks

Vinod

**Encourage Contributors. RATE Them.**

 

Actions

This Discussion