Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

Cisco Employee

AP 3600 can not join vWLC

Hello,

I have no idea on why my AP 3600 can not join vWLC 7.3. From the log message on vWLC:

*spamApTask3: Jan 27 14:03:54.501: #DTLS-3-HANDSHAKE_FAILURE: openssl_dtls.c:681 Failed to complete DTLS handshake with peer 192.168.45.100

Here is the debug output of pm pki error , capwap error:


*spamApTask3: Jan 27 13:16:30.394: 64:d9:89:47:c1:d0 Join Priority Processing status = 0, Incoming Ap's Priority 1, MaxLrads = 200, joined Aps =0
*spamApTask3: Jan 27 13:16:30.394: 64:d9:89:47:c1:d0 Discovery Response sent to 192.168.45.100:25426

*spamApTask3: Jan 27 13:16:30.394: 64:d9:89:47:c1:d0 Discovery Response sent to 192.168.45.100:25426

*spamApTask3: Jan 27 13:16:30.394: 64:d9:89:47:c1:d0 Discovery Request from 192.168.45.100:25426

*spamApTask3: Jan 27 13:16:30.394: 64:d9:89:47:c1:d0 Join Priority Processing status = 0, Incoming Ap's Priority 1, MaxLrads = 200, joined Aps =0
*spamApTask3: Jan 27 13:16:30.394: 64:d9:89:47:c1:d0 Discovery Response sent to 192.168.45.100:25426

*spamApTask3: Jan 27 13:16:30.394: 64:d9:89:47:c1:d0 Discovery Response sent to 192.168.45.100:25426

*spamApTask3: Jan 27 13:16:30.394: 64:d9:89:47:c1:d0 Discovery Request from 192.168.45.100:25426

*spamApTask3: Jan 27 13:16:30.394: 64:d9:89:47:c1:d0 Join Priority Processing status = 0, Incoming Ap's Priority 1, MaxLrads = 200, joined Aps =0
*spamApTask3: Jan 27 13:16:30.394: 64:d9:89:47:c1:d0 Discovery Response sent to 192.168.45.100:25426

*spamApTask3: Jan 27 13:16:30.394: 64:d9:89:47:c1:d0 Discovery Response sent to 192.168.45.100:25426

enable

(Cisco Controller) >debug capwap errors *spamApTask3: Jan 27 13:16:40.393: 64:d9:89:47:c1:d0 DTLS connection not found, creating new connection for 192:168:45:100 (25426) 192:168:45:18 (5246)

*spamApTask3: Jan 27 13:16:40.393: sshpmGetCID: called to evaluate <cscoDefaultIdCert>

*spamApTask3: Jan 27 13:16:40.394: sshpmGetCID: comparing to row 0, CA cert >bsnOldDefaultCaCert<

*spamApTask3: Jan 27 13:16:40.394: sshpmGetCID: comparing to row 1, CA cert >bsnDefaultRootCaCert<

*spamApTask3: Jan 27 13:16:40.394: sshpmGetCID: comparing to row 2, CA cert >bsnDefaultCaCert<

*spamApTask3: Jan 27 13:16:40.394: sshpmGetCID: comparing to row 3, CA cert >bsnDefaultBuildCert<

*spamApTask3: Jan 27 13:16:40.394: sshpmGetCID: comparing to row 4, CA cert >cscoDefaultNewRootCaCert<

*spamApTask3: Jan 27 13:16:40.394: sshpmGetCID: comparing to row 5, CA cert >cscoDefaultMfgCaCert<

*spamApTask3: Jan 27 13:16:40.394: sshpmGetCID: comparing to row 0, ID cert >bsnOldDefaultIdCert<

*spamApTask3: Jan 27 13:16:40.394: sshpmGetCID: comparing to row 1, ID cert >bsnDefaultIdCert<

*spamApTask3: Jan 27 13:16:40.394: sshpmGetCID: comparing to row 2, ID cert >cscoDefaultIdCert<

*spamApTask3: Jan 27 13:16:40.394: sshpmGetCertFromCID: called to get cert for CID 108b5675

*spamApTask3: Jan 27 13:16:40.394: sshpmGetCertFromCID: comparing to row 0, certname >bsnOldDefaultCaCert<

*spamApTask3: Jan 27 13:16:40.394: sshpmGetCertFromCID: comparing to row 1, certname >bsnDefaultRootCaCert<

*spamApTask3: Jan 27 13:16:40.394: sshpmGetCertFromCID: comparing to row 2, certname >bsnDefaultCaCert<

*spamApTask3: Jan 27 13:16:40.394: sshpmGetCertFromCID: comparing to row 3, certname >bsnDefaultBuildCert<

*spamApTask3: Jan 27 13:16:40.394: sshpmGetCertFromCID: comparing to row 4, certname >cscoDefaultNewRootCaCert<

*spamApTask3: Jan 27 13:16:40.394: sshpmGetCertFromCID: comparing to row 5, certname >cscoDefaultMfgCaCert<

*spamApTask3: Jan 27 13:16:40.394: sshpmGetCertFromCID: comparing to row 0, certname >bsnOldDefaultIdCert<

*spamApTask3: Jan 27 13:16:40.394: sshpmGetCertFromCID: comparing to row 1, certname >bsnDefaultIdCert<

*spamApTask3: Jan 27 13:16:40.394: sshpmGetCertFromCID: comparing to row 2, certname >cscoDefaultIdCert<

*spamApTask3: Jan 27 13:16:40.394: sshpmGetCID: called to evaluate <cscoDefaultIdCert>

*spamApTask3: Jan 27 13:16:40.394: sshpmGetCID: comparing to row 0, CA cert >bsnOldDefaultCaCert<

*spamApTask3: Jan 27 13:16:40.394: sshpmGetCID: comparing to row 1, CA cert >bsnDefaultRootCaCert<

*spamApTask3: Jan 27 13:16:40.394: sshpmGetCID: comparing to row 2, CA cert >bsnDefaultCaCert<

*spamApTask3: Jan 27 13:16:40.394: sshpmGetCID: comparing to row 3, CA cert >bsnDefaultBuildCert<

*spamApTask3: Jan 27 13:16:40.394: sshpmGetCID: comparing to row 4, CA cert >cscoDefaultNewRootCaCert<

*spamApTask3: Jan 27 13:16:40.394: sshpmGetCID: comparing to row 5, CA cert >cscoDefaultMfgCaCert<

*spamApTask3: Jan 27 13:16:40.394: sshpmGetCID: comparing to row 0, ID cert >bsnOldDefaultIdCert<

*spamApTask3: Jan 27 13:16:40.394: sshpmGetCID: comparing to row 1, ID cert >bsnDefaultIdCert<

*spamApTask3: Jan 27 13:16:40.394: sshpmGetCID: comparing to row 2, ID cert >cscoDefaultIdCert<

*spamApTask3: Jan 27 13:16:40.394: sshpmGetSshPrivateKeyFromCID: called to get key for CID 108b5675

*spamApTask3: Jan 27 13:16:40.394: sshpmGetSshPrivateKeyFromCID: comparing to row 0, certname >bsnOldDefaultIdCert<

*spamApTask3: Jan 27 13:16:40.394: sshpmGetSshPrivateKeyFromCID: comparing to row 1, certname >bsnDefaultIdCert<

*spamApTask3: Jan 27 13:16:40.394: sshpmGetSshPrivateKeyFromCID: comparing to row 2, certname >cscoDefaultIdCert<

*spamApTask3: Jan 27 13:16:40.394: sshpmGetSshPrivateKeyFromCID: match in row 2

*spamApTask3: Jan 27 13:16:40.416: 64:d9:89:47:c1:d0 DTLS connection was closed
*spamApTask3: Jan 27 13:16:40.417: 64:d9:89:47:c1:d0 Discarding non-ClientHello Handshake OR DTLS encrypted packet from  192.168.45.100:25426)since DTLS session is not established

*spamApTask6: Jan 27 13:16:40.418: 64:d9:89:47:c1:d0 DTLS connection closed event receivedserver (192:168:45:18/5246) client (192:168:45:100/25426)
*spamApTask6: Jan 27 13:16:40.418: 64:d9:89:47:c1:d0 No entry exists for AP (192:168:45:100/25426)
enable

(Cisco Controller) >*spamApTask6: Jan 27 13:16:40.418: 64:d9:89:47:c1:d0 No AP entry exist in temporary database for 192.168.45.100:25426
*sshpmLscTask: Jan 27 13:17:35.881: sshpmLscTask: LSC Task received a message 4
*spamApTask3: Jan 27 13:17:45.394: 64:d9:89:47:c1:d0 DTLS connection not found, creating new connection for 192:168:45:100 (25426) 192:168:45:18 (5246)

*spamApTask3: Jan 27 13:17:45.394: sshpmGetCID: called to evaluate <cscoDefaultIdCert>

*spamApTask3: Jan 27 13:17:45.394: sshpmGetCID: comparing to row 0, CA cert >bsnOldDefaultCaCert<

*spamApTask3: Jan 27 13:17:45.394: sshpmGetCID: comparing to row 1, CA cert >bsnDefaultRootCaCert<

*spamApTask3: Jan 27 13:17:45.394: sshpmGetCID: comparing to row 2, CA cert >bsnDefaultCaCert<

*spamApTask3: Jan 27 13:17:45.394: sshpmGetCID: comparing to row 3, CA cert >bsnDefaultBuildCert<

*spamApTask3: Jan 27 13:17:45.394: sshpmGetCID: comparing to row 4, CA cert >cscoDefaultNewRootCaCert<

*spamApTask3: Jan 27 13:17:45.394: sshpmGetCID: comparing to row 5, CA cert >cscoDefaultMfgCaCert<

*spamApTask3: Jan 27 13:17:45.394: sshpmGetCID: comparing to row 0, ID cert >bsnOldDefaultIdCert<

*spamApTask3: Jan 27 13:17:45.394: sshpmGetCID: comparing to row 1, ID cert >bsnDefaultIdCert<

*spamApTask3: Jan 27 13:17:45.394: sshpmGetCID: comparing to row 2, ID cert >cscoDefaultIdCert<

*spamApTask3: Jan 27 13:17:45.394: sshpmGetCertFromCID: called to get cert for CID 108b5675

*spamApTask3: Jan 27 13:17:45.394: sshpmGetCertFromCID: comparing to row 0, certname >bsnOldDefaultCaCert<

*spamApTask3: Jan 27 13:17:45.394: sshpmGetCertFromCID: comparing to row 1, certname >bsnDefaultRootCaCert<

*spamApTask3: Jan 27 13:17:45.394: sshpmGetCertFromCID: comparing to row 2, certname >bsnDefaultCaCert<

*spamApTask3: Jan 27 13:17:45.394: sshpmGetCertFromCID: comparing to row 3, certname >bsnDefaultBuildCert<

*spamApTask3: Jan 27 13:17:45.394: sshpmGetCertFromCID: comparing to row 4, certname >cscoDefaultNewRootCaCert<

*spamApTask3: Jan 27 13:17:45.394: sshpmGetCertFromCID: comparing to row 5, certname >cscoDefaultMfgCaCert<

*spamApTask3: Jan 27 13:17:45.394: sshpmGetCertFromCID: comparing to row 0, certname >bsnOldDefaultIdCert<

*spamApTask3: Jan 27 13:17:45.394: sshpmGetCertFromCID: comparing to row 1, certname >bsnDefaultIdCert<

*spamApTask3: Jan 27 13:17:45.394: sshpmGetCertFromCID: comparing to row 2, certname >cscoDefaultIdCert<

*spamApTask3: Jan 27 13:17:45.394: sshpmGetCID: called to evaluate <cscoDefaultIdCert>

*spamApTask3: Jan 27 13:17:45.394: sshpmGetCID: comparing to row 0, CA cert >bsnOldDefaultCaCert<

*spamApTask3: Jan 27 13:17:45.394: sshpmGetCID: comparing to row 1, CA cert >bsnDefaultRootCaCert<

*spamApTask3: Jan 27 13:17:45.394: sshpmGetCID: comparing to row 2, CA cert >bsnDefaultCaCert<

*spamApTask3: Jan 27 13:17:45.394: sshpmGetCID: comparing to row 3, CA cert >bsnDefaultBuildCert<

*spamApTask3: Jan 27 13:17:45.394: sshpmGetCID: comparing to row 4, CA cert >cscoDefaultNewRootCaCert<

*spamApTask3: Jan 27 13:17:45.394: sshpmGetCID: comparing to row 5, CA cert >cscoDefaultMfgCaCert<

*spamApTask3: Jan 27 13:17:45.394: sshpmGetCID: comparing to row 0, ID cert >bsnOldDefaultIdCert<

*spamApTask3: Jan 27 13:17:45.394: sshpmGetCID: comparing to row 1, ID cert >bsnDefaultIdCert<

*spamApTask3: Jan 27 13:17:45.394: sshpmGetCID: comparing to row 2, ID cert >cscoDefaultIdCert<

*spamApTask3: Jan 27 13:17:45.394: sshpmGetSshPrivateKeyFromCID: called to get key for CID 108b5675

*spamApTask3: Jan 27 13:17:45.394: sshpmGetSshPrivateKeyFromCID: comparing to row 0, certname >bsnOldDefaultIdCert<

*spamApTask3: Jan 27 13:17:45.394: sshpmGetSshPrivateKeyFromCID: comparing to row 1, certname >bsnDefaultIdCert<

*spamApTask3: Jan 27 13:17:45.394: sshpmGetSshPrivateKeyFromCID: comparing to row 2, certname >cscoDefaultIdCert<

*spamApTask3: Jan 27 13:17:45.394: sshpmGetSshPrivateKeyFromCID: match in row 2

*spamApTask3: Jan 27 13:17:45.418: 64:d9:89:47:c1:d0 DTLS connection was closed
*spamApTask3: Jan 27 13:17:45.418: 64:d9:89:47:c1:d0 Discarding non-ClientHello Handshake OR DTLS encrypted packet from  192.168.45.100:25426)since DTLS session is not established

*spamApTask6: Jan 27 13:17:45.418: 64:d9:89:47:c1:d0 DTLS connection closed event receivedserver (192:168:45:18/5246) client (192:168:45:100/25426)
*spamApTask6: Jan 27 13:17:45.418: 64:d9:89:47:c1:d0 No entry exists for AP (192:168:45:100/25426)
*spamApTask6: Jan 27 13:17:45.418: 64:d9:89:47:c1:d0 No AP entry exist in temporary database for 192.168.45.100:25426
*spamApTask3: Jan 27 13:18:50.395: 64:d9:89:47:c1:d0 DTLS connection not found, creating new connection for 192:168:45:100 (25426) 192:168:45:18 (5246)

*spamApTask3: Jan 27 13:18:50.395: sshpmGetCID: called to evaluate <cscoDefaultIdCert>

*spamApTask3: Jan 27 13:18:50.395: sshpmGetCID: comparing to row 0, CA cert >bsnOldDefaultCaCert<

*spamApTask3: Jan 27 13:18:50.395: sshpmGetCID: comparing to row 1, CA cert >bsnDefaultRootCaCert<

*spamApTask3: Jan 27 13:18:50.395: sshpmGetCID: comparing to row 2, CA cert >bsnDefaultCaCert<

*spamApTask3: Jan 27 13:18:50.395: sshpmGetCID: comparing to row 3, CA cert >bsnDefaultBuildCert<

*spamApTask3: Jan 27 13:18:50.395: sshpmGetCID: comparing to row 4, CA cert >cscoDefaultNewRootCaCert<

*spamApTask3: Jan 27 13:18:50.395: sshpmGetCID: comparing to row 5, CA cert >cscoDefaultMfgCaCert<

*spamApTask3: Jan 27 13:18:50.395: sshpmGetCID: comparing to row 0, ID cert >bsnOldDefaultIdCert<

*spamApTask3: Jan 27 13:18:50.395: sshpmGetCID: comparing to row 1, ID cert >bsnDefaultIdCert<

*spamApTask3: Jan 27 13:18:50.395: sshpmGetCID: comparing to row 2, ID cert >cscoDefaultIdCert<

*spamApTask3: Jan 27 13:18:50.395: sshpmGetCertFromCID: called to get cert for CID 108b5675

*spamApTask3: Jan 27 13:18:50.395: sshpmGetCertFromCID: comparing to row 0, certname >bsnOldDefaultCaCert<

*spamApTask3: Jan 27 13:18:50.395: sshpmGetCertFromCID: comparing to row 1, certname >bsnDefaultRootCaCert<

*spamApTask3: Jan 27 13:18:50.395: sshpmGetCertFromCID: comparing to row 2, certname >bsnDefaultCaCert<

*spamApTask3: Jan 27 13:18:50.395: sshpmGetCertFromCID: comparing to row 3, certname >bsnDefaultBuildCert<

*spamApTask3: Jan 27 13:18:50.395: sshpmGetCertFromCID: comparing to row 4, certname >cscoDefaultNewRootCaCert<

*spamApTask3: Jan 27 13:18:50.395: sshpmGetCertFromCID: comparing to row 5, certname >cscoDefaultMfgCaCert<

*spamApTask3: Jan 27 13:18:50.395: sshpmGetCertFromCID: comparing to row 0, certname >bsnOldDefaultIdCert<

*spamApTask3: Jan 27 13:18:50.395: sshpmGetCertFromCID: comparing to row 1, certname >bsnDefaultIdCert<

*spamApTask3: Jan 27 13:18:50.395: sshpmGetCertFromCID: comparing to row 2, certname >cscoDefaultIdCert<

*spamApTask3: Jan 27 13:18:50.395: sshpmGetCID: called to evaluate <cscoDefaultIdCert>

*spamApTask3: Jan 27 13:18:50.395: sshpmGetCID: comparing to row 0, CA cert >bsnOldDefaultCaCert<

*spamApTask3: Jan 27 13:18:50.395: sshpmGetCID: comparing to row 1, CA cert >bsnDefaultRootCaCert<

*spamApTask3: Jan 27 13:18:50.395: sshpmGetCID: comparing to row 2, CA cert >bsnDefaultCaCert<

*spamApTask3: Jan 27 13:18:50.395: sshpmGetCID: comparing to row 3, CA cert >bsnDefaultBuildCert<

*spamApTask3: Jan 27 13:18:50.395: sshpmGetCID: comparing to row 4, CA cert >cscoDefaultNewRootCaCert<

*spamApTask3: Jan 27 13:18:50.395: sshpmGetCID: comparing to row 5, CA cert >cscoDefaultMfgCaCert<

*spamApTask3: Jan 27 13:18:50.395: sshpmGetCID: comparing to row 0, ID cert >bsnOldDefaultIdCert<

*spamApTask3: Jan 27 13:18:50.395: sshpmGetCID: comparing to row 1, ID cert >bsnDefaultIdCert<

*spamApTask3: Jan 27 13:18:50.395: sshpmGetCID: comparing to row 2, ID cert >cscoDefaultIdCert<

*spamApTask3: Jan 27 13:18:50.395: sshpmGetSshPrivateKeyFromCID: called to get key for CID 108b5675

*spamApTask3: Jan 27 13:18:50.395: sshpmGetSshPrivateKeyFromCID: comparing to row 0, certname >bsnOldDefaultIdCert<

*spamApTask3: Jan 27 13:18:50.395: sshpmGetSshPrivateKeyFromCID: comparing to row 1, certname >bsnDefaultIdCert<

*spamApTask3: Jan 27 13:18:50.395: sshpmGetSshPrivateKeyFromCID: comparing to row 2, certname >cscoDefaultIdCert<

*spamApTask3: Jan 27 13:18:50.395: sshpmGetSshPrivateKeyFromCID: match in row 2

*spamApTask3: Jan 27 13:18:50.416: 64:d9:89:47:c1:d0 DTLS connection was closed
*spamApTask3: Jan 27 13:18:50.417: 64:d9:89:47:c1:d0 Discarding non-ClientHello Handshake OR DTLS encrypted packet from  192.168.45.100:25426)since DTLS session is not established

*spamApTask6: Jan 27 13:18:50.417: 64:d9:89:47:c1:d0 DTLS connection closed event receivedserver (192:168:45:18/5246) client (192:168:45:100/25426)
*spamApTask6: Jan 27 13:18:50.417: 64:d9:89:47:c1:d0 No entry exists for AP (192:168:45:100/25426)
*spamApTask6: Jan 27 13:18:50.417: 64:d9:89:47:c1:d0 No AP entry exist in temporary database for 192.168.45.100:25426

Any idea what is going on ?

Thanks,

An

34 REPLIES
Hall of Fame Super Gold

AP 3600 can not join vWLC

Post the following outputs:

1.  WLC:  sh sysinfo

2.  AP:  sh version;

3.  AP:  sh inventory

Cisco Employee

Re: AP 3600 can not join vWLC

Sh sysinfor on vWLC:

(Cisco Controller) >show sysinfo

Manufacturer's Name.............................. Cisco Systems Inc.
Product Name..................................... Cisco Controller
Product Version.................................. 7.3.101.0
RTOS Version..................................... 7.3.101.0
Bootloader Version............................... 7.3.101.0
Emergency Image Version.......................... 7.3.101.0

Build Type....................................... DATA + WPS

System Name...................................... HCM-VWLC
System Location..................................
System Contact...................................
System ObjectID.................................. 1.3.6.1.4.1.9.1.1631
IP Address....................................... 192.168.45.18
System Up Time................................... 3 days 21 hrs 24 mins 12 secs
System Timezone Location......................... (GMT -8:00) Pacific Time (US and Canada)

Configured Country............................... VN  - Vietnam

State of 802.11b Network......................... Enabled
State of 802.11a Network......................... Enabled

--More-- or (q)uit
Number of WLANs.................................. 1
Number of Active Clients......................... 0

Burned-in MAC Address............................ 00:0C:29:B7:94:4F
Maximum number of APs supported.................. 200

sh ver and sh invent on AP:

Vietnam3600#show version
Cisco IOS Software, C3600 Software (AP3G2-K9W8-M), Version 15.2(2)JA, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2012 by Cisco Systems, Inc.
Compiled Thu 23-Aug-12 02:29 by prod_rel_team

ROM: Bootstrap program is C3600 boot loader
BOOTLDR: C3600 Boot Loader (AP3G2-BOOT-M) LoaderVersion 12.4(23c)JY, RELEASE SOFTWARE (fc1)

Vietnam3600 uptime is 3 days, 21 hours, 21 minutes
System returned to ROM by power-on
System image file is "flash:/ap3g2-k9w8-mx.152-2.JA/ap3g2-k9w8-xx.152-2.JA"
Last reload reason:

This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.

A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html

If you require further assistance please contact us by sending email to
export@cisco.com.

cisco AIR-CAP3602I-E-K9    (PowerPC) processor (revision B0) with 180214K/81920K bytes of memory.
Processor board ID FGL1552P05B
PowerPC CPU at 800Mhz, revision number 0x2151
Last reset from power-on
LWAPP image version 7.3.101.0
1 Gigabit Ethernet interface
2 802.11 Radios

32K bytes of flash-simulated non-volatile configuration memory.
Base ethernet MAC Address: 70:CA:9B:86:35:06
Part Number                          : 73-14521-01
PCA Assembly Number                  : 800-37501-01
PCA Revision Number                  : A0
PCB Serial Number                    : FOC15485FW3
Top Assembly Part Number             : 800-35852-02
Top Assembly Serial Number           : FGL1552P05B
Top Revision Number                  : A0
Product/Model Number                 : AIR-CAP3602I-E-K9  

Configuration register is 0xF

Vietnam3600#sh inventory

NAME: "AP3600", DESCR: "Cisco Aironet 3600 Series (IEEE 802.11n) Access Point"

PID: AIR-CAP3602I-E-K9 , VID: V01, SN: FGL1552P05B Vietnam3600#sh inventory
NAME: "AP3600", DESCR: "Cisco Aironet 3600 Series (IEEE 802.11n) Access Point"
PID: AIR-CAP3602I-E-K9 , VID: V01, SN: FGL1552P05B

Hall of Fame Super Gold

AP 3600 can not join vWLC

Thanks for the output.  I need you to console into the AP and reboot the AP.  Please post the entire bootup process.

Cisco Employee

AP 3600 can not join vWLC

I don't know why my console cable does not work for this AP while this console cable works for switch. I tried to search on CCO to find if there is any specific setting to console to AP 3600 but can not find any information ( already tried 9600, 8 databit, no parity, 1 stopbit , no flow control )

Hall of Fame Super Gold

AP 3600 can not join vWLC

That's odd.

Based on the serial number the AP was built last week of December 2011.

Could be a batch defect.   You may need to RMA the AP.

Cisco Employee

Re: AP 3600 can not join vWLC

No, it can join remote controller. We have a WLC in cloud and it can joint remote WLC  which i have no information about this WLC.

Hall of Fame Super Silver

Re: AP 3600 can not join vWLC

I don't get it. I joins another wlc but it doesn't join your vWLC?

Sent from Cisco Technical Support iPhone App

-Scott
*** Please rate helpful posts ***
Cisco Employee

yes, me too, I still can not

yes, me too, I still can not get it join the vWLC

Best Regards,

An

New Member

 I solved. I have cisco 3602i

 

I solved. I have cisco 3602i-e ap points and vwlc 7.4 software. The below link helped me.

http://supertekboy.com/2014/01/13/cisco-lightweight-access-point-will-not-join-to-a-wireless-lan-controller/

New Member

Hi, lean, Did you solve your

Hi, lean,

 Did you solve your problem. I have same. console output is stopping, ap doesn't join to vWLC.

Hall of Fame Super Silver

Re: AP 3600 can not join vWLC

Lean,

Just to add to what Leo posted...

You also need to look at this link. Since its a vWLC, depending in the image the AP has, it might need to join a WLC first that is on v7.3 before you can join it to a vWLC.

https://supportforums.cisco.com/docs/DOC-26765#Access_Points_Requirement

http://www.cisco.com/en/US/products/ps12723/products_tech_note09186a0080bd2d04.shtml#tshoot

Sent from Cisco Technical Support iPhone App

-Scott
*** Please rate helpful posts ***
New Member

AP 3600 can not join vWLC

The software release appears to be up to the correct level, as 15.2(2)JA is the required minimum release level for one of these AP's to join a vWLC.

Have you tried joining it to a physical appliance?

You may need to disable hash validation on the vWLC and then reboot the AP and watch the join process.

"configure certificate ssc hash validation disable"

and then on the AP:

test capwap erase

test capwap restart

Cisco Employee

AP 3600 can not join vWLC

In GUI of vWLC i already disable hash validation.

On AP i can not type test command:

Vietnam3600#test ? 

% Unrecognized commandVietnam3600#test ? 
% Unrecognized command

Hall of Fame Super Silver

Re: AP 3600 can not join vWLC

Don't do a test? Just enter the full command

Sent from Cisco Technical Support iPhone App

-Scott
*** Please rate helpful posts ***
Cisco Employee

AP 3600 can not join vWLC

The is no such command on my AP:

Vietnam3600#capwap ? 
  ap  lwapp ap commands

Vietnam3600#capwap ap ?
  controller      lwapp primary controller
  dot1x           Configure the dot1x username and password
  ethernet        Configure ethernet parameters like vlan tag id
  hostname        Configure ap hostname
  ip              lwapp ap ip command
  log-server      Configure the syslog server where all LWAPP errors will be logged
  primary-base    Primary Controller
  primed-timer    primed-timer enable/disable
  secondary-base  Secondary Controller
  tertiary-base   Tertiary Controller

Hall of Fame Super Silver

Re: AP 3600 can not join vWLC

What I wanted you to just enter is

test capwap erase
test capwap restart

Just copy the whole command and hit the enter. Some of these commands are hidden and you can't use the ?

Sent from Cisco Technical Support iPhone App

-Scott
*** Please rate helpful posts ***
Cisco Employee

Re: AP 3600 can not join vWLC

I did as you advised, but it said that no such command, here is the output:

Vietnam3600#test capwap erase
              ^
% Invalid input detected at '^' marker.

Vietnam3600#capwap erase
                   ^
% Invalid input detected at '^' marker.

Vietnam3600#
Vietnam3600#test capwap erase
              ^
% Invalid input detected at '^' marker.

Vietnam3600#test capwap restart
              ^
% Invalid input detected at '^' marker.

Vietnam3600#

Hall of Fame Super Silver

Re: AP 3600 can not join vWLC

Try capwap controller IP address

Sent from Cisco Technical Support iPhone App

-Scott
*** Please rate helpful posts ***
Hall of Fame Super Gold

AP 3600 can not join vWLC

1.  Console into the AP and enter this command:  delete /f /r flash:/ap3g2-k9w8-mx.152-2.JA

2.  Reboot the AP

3.  Post the entire bootup process.

Cisco Employee

Re: AP 3600 can not join vWLC

I can not enter this command, teh same as test capwap erase:

Vietnam3600#delete /f /r flash:/ap3g2-k9w8-mx.152-2.JA
              ^
% Invalid input detected at '^' marker.

Vietnam3600#

Hall of Fame Super Silver

Re: AP 3600 can not join vWLC

Post the output from the console... boot the ap and start capturing.

Thanks,

Scott

Help out other by using the rating system and marking answered questions as "Answered"

-Scott
*** Please rate helpful posts ***
Cisco Employee

Re: AP 3600 can not join vWLC

Poor me, I feel there is some problem with the console port of this ap. I connected console cable to console port but not thing happen. This cable works fine for switch and router to which this ap connected to.

Hall of Fame Super Silver

Re: AP 3600 can not join vWLC

Well its probobly a bad AP.... I would just RMA that if you can't get to the console. 

Thanks,

Scott

Help out other by using the rating system and marking answered questions as "Answered"

-Scott
*** Please rate helpful posts ***
Hall of Fame Super Silver

Re: AP 3600 can not join vWLC

How are you entering these commands..... from telnet or ssh not from the console?

Thanks,

Scott

Help out other by using the rating system and marking answered questions as "Answered"

-Scott
*** Please rate helpful posts ***
Cisco Employee

Re: AP 3600 can not join vWLC

yes, I enter from telnet

Hall of Fame Super Silver

AP 3600 can not join vWLC

you can't do a config t can you?

Thanks,

Scott

Help out other by using the rating system and marking answered questions as "Answered"

-Scott
*** Please rate helpful posts ***
Cisco Employee

Re: AP 3600 can not join vWLC

right, no i can't do config

Hall of Fame Super Silver

Re: AP 3600 can not join vWLC

Seems like you can't do much. Just RMA the AP and get a new one.

Sent from Cisco Technical Support iPhone App

-Scott
*** Please rate helpful posts ***
Cisco Employee

AP 3600 can not join vWLC

but this ap still works fine. It can join WLC in cloud.

1926
Views
25
Helpful
34
Replies