Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
Community Member

AP not getting Join Response

We have a wlc 4402 (IOS with a few LAP1131 associated to it.

All the APs are located in different cities (one per city) and every AP is connected to a trunked Fa0 of an 877 router, that provides to the APs its IP address as well as the IP address of the wlc's management interface.

The problem is that for some cities, the following happens:


2 - WLC receives the request and sends the DISCOVERY_RESPONSE;

3 - AP receives the DISCOVERY_REPLY;

4 - AP sends the JOIN_REQUEST;

5 - AP reloads as it DID NOT GET JOIN RESPONSE.

In other cities, the AP associates, equalizes the firmware, downloads all the wlans configurations without a glitch.

In all the cities envolved, we have the same AP, with the same IOS, the same 877 router all with the same IOS, and this is driving us crazy, as the problem does not occur for all the sites.

Can anybody out there shed some light into this issue?

We already digged the forum, but could not get any hint that would help us to solve this puzzle.

Thanks in advance,


Community Member

Re: AP not getting Join Response


Lets do some troubleshooting: firstly i want to know how exactly the APs are connected to the controllers across the different cities (what kind of physical links, distance, etc.)

Then if possible try a directly connecting the APs to the WLC lets see what happens.


Re: AP not getting Join Response

Hi Nunes,

Common causes for this kind of problem are;

WLC has reached capacity - either total capacity, or if using a 4402-50 / 4404-100, you're trying to get more than 48 APs down one physical uplink.

There's a routing / switching problem between the AP & the AP Manager interface. This is normally somthing really simple like a mis-configuration of the AP Manager interface, but could be firewalls, ACLs, routing problems, etc.

Firewalls between the AP & AP-Manager have been known to interfere with the join response - i had a client where the join response was being fragmented by the network, and then a stateful firewall was only allowing the first fragment through, resulting in a fail.

My suggestion would be to;

1. Double-check the interface configs on the WLC

2. Check the date & time is correct on the AP / WLC (remember its x.509 certificate based, wrong time = invalid certificate = fail)

3. From the WLC CLI - "debug lwapp errors enable" & "debug lwapp events enable" and see what crops up

4. Sniff packets from the respective uplinks of the AP & WLC. Ensure that the packets are actually being sent from / received by the devices you think they are.

CreatePlease to create content