I am trying to register a 1131 AP with a WLC over a WAN (VPN tunnel).
I statically enter the ip address of the controller on the AP, using
lwapp ap controller ip address
The lwapp trace on the WLC, shows the DISCOVER message getting to the WLC, and a return being sent back.
Then, on the AP, I see a UDP message being sent out to the AP-Manager IP address, but dont see any corrosponding message on the WLC.
Any idea where I should start looking ?
The AP-Manager and Management interface of the WLC (NM-AIR-WLC6-K9) are on the same subnet.
No, because this is the first time I am trying to get this AP to join a WLC.
I just converted it from Standalone to lwapp.
As far as I know, the option to set it in H-REAP is only once it has sucessfully joined a controller.
I did some extra debugging, and can see
that a udp packet does reach the router housing my NM-WLC.
(I set up an acl with logging for udp trafic in/out on the fa 0/0 port)
For some reason, it just does not pass through to the AP-Manager interface.
Also I cant ping the AP-manager interface, but I suppose it normally does not respond to pings (??)
You can never ping the AP-Manager interface. The only ping-able IP Address is the Management Interface.
Did you try to connect the AP to the same VLAN segment of the WLC?
I think my problem is because of my MTU size (only pings of 1272 seem to go through unfragmented)coupled with the fact that I am on an IPSec VPN.
Tomorrow, I will try putting the AP on the local LAN, and hope that it will solve my problem.
I connected this AP on a LAN, and it worked right away !!
So it must have been the MTU that was causing the problem. (I was on a Cable network with IPSec VPN)
It doesn't always work that way. What you've just done is "priming" the AP. Now the AP has a "list" of known WLC. When deploying the AP that has been primed, it will automatically search through it's list of known WLC and join quicker.
Cisco always recommends that the AP be primed prior to deployment.
Yes, I am aware that I primed the AP.
That was my intention.. (using the cli lwapp ap controller command, as I did not have a DHCP server to set option 43 or a DNS to resolve CISCO-LWAPP-CONTROLLER)
Its after priming it, that it did not work over the WAN, most likely because of the jumbo frame in the JOIN request and my MTU restrictions.
I upgraded this AP / Controller to 5.2 code and set it to H-REAP.
I got it back to my home, where I have a L2L VPN to the controller.
It worked right AWAY !!
The I set it NOT to use H-REAP.
That too worked !!