I am having some issues with the initial setup of a 4402 WLC and 35 Cisco Aironet LWAPPs. The WLC and the LWAPPs are configured in the same VLAN and a DHCP server is setup to serve the VLAN. The WLC is configured for LAYER2. The LWAPPs show link light on the switches they are plugged in to... but I cannot see them from the WLC. Any thoughts?
Try setting your WLC to layer 3 mode.
this is from the WLC guide 4.1 page 1.5
The requirement for Layer 2 LWAPP communications is that the Cisco Wireless LAN Controller and
Cisco 1000 series lightweight access points must be connected to each other through Layer 2 devices on
the same subnet. This is the default operational mode for the Cisco Wireless LAN Solution. Note that
when the Cisco Wireless LAN Controller and Cisco 1000 series lightweight access points are on
different subnets, these devices must be operated in Layer 3 mode.
The requirement for Layer 3 LWAPP communications is that the Cisco Wireless LAN Controllers and
Cisco 1000 series lightweight access points can be connected through Layer 2 devices on the same
subnet or connected through Layer 3 devices across subnets. Another requirement is that the IP
addresses of access points should be either statically assigned or dynamically assigned through an
external DHCP server.
Thank you for your post.
Howerver, I do not see the need to set the WLC to LAYER3. From what I understand LAYER3 mode is for when the WLC and the APs are in different VLANs. This is not the case for my installation. Everything will be in one VLAN; no routing needed.
Am I missing something? Thanks again.
For what reason would I need to support multicast? Also, I did try putting the WLC in LAYER3 mode and assigned an addtional IP to the unit. Still no go.
Anything else? Thanks!
ummm... to support multicast to wireless clients. If you don't need to provide multicast to your wireless clients, definitely disable it (multicast).
I am having some issues with the initial setup of a 4402 WLC and 35 Cisco Aironet LWAPPs. The WLC and the LWAPPs are configured in the same VLAN and a DHCP server is setup to serve the VLAN. The WLC is configured for LAYER2. The LWAPPs show link light on the switches they are plugged in to... but I cannot see them from the WLC. Any thoughts?"
Are the Lwapp APs in the same vlan as the management interface of the controller?
Can you verify you followed the following document to setup your WLC and LWAPPs?
If the WLC does not see the LWAPPs, then check that your DHCP server has option 43 correctly configured.
Again, thank you all for your posts.
I did follow that doc step-by-step for my initial setup. I did not set the DHCP Option 43 for this reason as per the doc:
Note: Option 43 is used if the APs reside in a different subnet.
And, as I stated the APs are NOT in a different VLAN/segment.
Any other thoughts?
Ok, so you have the ports on the controller connected to switchports that are set to trunk in 802.1q and you have the lwapps plugged into switchports in the same vlan as the management interface on the WLC and the switches are in the same vtp domain. The APs should see the controller without any issue. There was another thread in the wireless group in which the engineer received the autonomous APs instead of the lwapp APs which seems easy to given the similarity of the part #s.
Put a sniffer on the wire and capture soem traffic. Also, on the WLC, type in "debug lwapp events" + 'debug lwapp errors' and you should see a bunch of messages with the word "SPAM" in them
Thank you for your post eric. My config is as follows...
Switch port that the WLC plugs in to (CatOS):
set vlan 203 3/4
set port name 3/4 WLC Mgmt Port
set trunk 3/4 off dot1q 1-1005,1025-4094
Switch port that the LWAPP plugs in to (IOS):
description Cisco LWAPP
switchport access vlan 203
Is there something that I am missing there? I am certain that the APs are the correct model. Thanks!
Thank you! Setting up the trunking properly on the port the WLC connects to got me a little further. Now, once reset, I can see the APs doing a 'show cdp neighbor' command.
However, the APs are not getting IP addresses from my DHCP server. Do I need to be concerned with the OPTION43 and OPTION60 settings on my DHCP server?
Put the controller in Layer3 mode & reboot and they should start getting ips. I did this back in 3.2x code, maybe it has changed in 4.1.x, but that was how I was able to get ip addrs assigned to the APs.
In your original post you stated "...a DHCP server is setup to serve the VLAN...". Is the DHCP server actually in VLAN 203? If not, then you will need an IP helper address on your Layer 3 interface for VLAN203 which points to the DHCP IP address.
Provided your LWAPPs and WLC are both in the same VLAN, you shouldn't need to use DHCP Option 43. But it won't hurt to include it for some extra insurance.
Thanks for your post.
The DHCP server is not in the same VLAN. The ip-helper is configured. When I reset one of the APs I see it come up (in show cdp neighbors) and then disappear after a short time. It never recevies an IP. However, a laptop/PC will. Any thoughts?
You shouldn't need either option 43 or 60 for DHCP, given your configuration. Also, you won't need to convert to L3 operation.
It sounds like the real problem here is with your AP's not receiving a DHCP response. Of course, IP connectivity is a prerequisite for LWAPP Discovery.
Here are a few things to look at:
1.) Is the DHCP server in the same network (VLAN203)? If not, is the appropriate helper address provided on the gateway?
2.) Is there a DHCP scope established for VLAN203? Confirm that the addresses are in the right network, that the subnet mask is correct, and that the default gateway also corresponds to the subnet.
3.) Is the DHCP server receiving the request? Maybe a trace would shed some light.
Hope this helps! Good luck, and let us know how you did!
Thank you... I found a silly error on my part. However, the APs are still not registering. I have reset the APs and the WLC and the APs now have IP addresses but will not register. I can ping the APs but that is it. Any thoughts?
We can assume from past posts that you have the AP-Manager and Management interfaces on the same network (VLAN203) as the access port for your AP.
Have you tried to console into the AP directly (via the console port)? If you do this on startup you can confirm whether you have an IOS or LWAPP AP. (I know, it seems silly; but let's eliminate the obvious.)
Okay, assuming the above, let's go through the LWAPP process and see if we can figure it out...
1.) BROADCAST: This will work if the AP-Switch port is on the same subnet as the WLC Management interface.
2.) CONFIGURED: Not applicable because this AP has never been registered to this controller.
3.) OTAP: Not an option for us until we get at least one AP registered.
4.) DHCP: If you enable option 43, it will provide a unicast address for your WLC.
5.) DNS: I'm assuming that this lab environment does not have DNS available, so creating an entry for cisco-lwapp-controller.localdomain is not an option.
So, we're left with the dynamic LWAPP discovery process.
Unplug your AP from its power source (or switch port if PoE is enabled). Console into your controller (telnet, SSH, service port, etc.). Type the following:
debug lwapp events enable
Now power up the AP. Did anything come up on the controller console indicating that an LWAPP DISCOVERY REQUEST was detected? If not, then we still have a connectivity issue. I hate to beat a dead horse; but I'd take a fresh look at your switch port configs.
If you did see the LWAPP Discovery request, it should be followed by an LWAPP DISCOVERY RESPONSE. Type the following:
debug lwapp packet enable
Toward the bottom of the packet you should see info regarding the IE. The line after the 'Decode routine' line has a number. The last two digits indicate which LWAPP discovery mechanism is being used per the following list:
Does this shed any light at all? Don't worry; we'll get there. :-)
Thank you for your thorough and detailed post!
I tried the "debug lwapp events enable" and nothing appeared on the WLC console. To confirm my network config....
WLC port connection config (CAT OS):
set trunk 3/4 on dot1q 1-1005,1025-4094
AP port connection config:
description Cisco LWAPP
switchport access vlan 203
Any thoughts? Thanks!
Do you have physical access to the AP? If so, use a console cable to term into the CLI. (If you do this before power cycling the AP, you can watch the boot sequence to confirm that LWAPP is loading properly.)
I'm still concerned about the AP network connectivity. It could be that there's some sort of problem with the DHCP response or the response is not in the correct subnet for vlan203.
You said that you can ping the IP address of the AP. Just to rule something else out; try manually configuring IP info on the AP.
Via the console port of the AP:
lwapp ap ip address
lwapp ip default-gateway
lwapp controller ip address
Once these are set, save the config and power cycle the AP.
Also, do you have the AP-Manager interface in vlan203 with IP information which matches that subnet?
Is vlan203 the native vlan of the trunk?
Do you have the Management interface and AP_Manager interface tagging traffic for vlan 203?