Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

2602i does not Join to 3850 WLC

Trying to join 2602i to 3850 wlc but after join to WLC, the access point keeps rebooting

AP Console log:

APc067.afa7.1ee4#
*Nov 29 23:32:55.027: %CAPWAP-3-ERRORLOG: Go join a capwap controller
*Nov 29 23:32:55.000: %CAPWAP-5-DTLSREQSEND: DTLS connection request sent peer_ip: 10.129.0.254 peer_port: 5246
*Nov 29 23:32:55.223: %CAPWAP-5-DTLSREQSUCC: DTLS connection created sucessfully peer_ip: 10.129.0.254 peer_port: 5246
*Nov 29 23:32:55.223: %CAPWAP-5-SENDJOIN: sending Join Request to 10.129.0.254
., 1)29 23:33:13.415: %CAPWAP-3-ERRORLOG: Retransmission count for packet exceeded max(UNKNOWN_MESSAGE_TYPE (5)
*Nov 29 23:33:13.415: %CAPWAP-3-ERRORLOG: GOING BACK TO DISCOVER MODE
*Nov 29 23:33:19.299: %LWAPP-3-CLIENTERRORLOG: LWAPP LED Init: incorrect led state 255
*Nov 29 23:33:19.319: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to administratively down
*Nov 29 23:33:19.323: %LINK-5-CHANGED: Interface Dot11Radio1, changed state to administratively down
*Nov 29 23:33:19.327: %LINK-6-UPDOWN: Interface Dot11Radio0, changed state to up
*Nov 29 23:33:19.347: %LINK-6-UPDOWN: Interface Dot11Radio1, changed state to up
*Nov 29 23:33:20.323: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to down
*Nov 29 23:33:20.351: %LINK-6-UPDOWN: Interface Dot11Radio1, changed state to down
*Nov 29 23:33:20.359: %LINK-5-CHANGED: Interface Dot11Radio1, changed state to reset
*Nov 29 23:33:21.343: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to up
*Nov 29 23:33:21.351: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio1, changed state to down
*Nov 29 23:33:21.379: %LINK-6-UPDOWN: Interface Dot11Radio1, changed state to up
*Nov 29 23:33:21.387: %LINK-6-UPDOWN: Interface Dot11Radio0, changed state to down
*Nov 29 23:33:21.395: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to reset
*Nov 29 23:33:22.379: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio1, changed state to up
*Nov 29 23:33:22.387: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to down
*Nov 29 23:33:22.415: %LINK-6-UPDOWN: Interface Dot11Radio0, changed state to up
*Nov 29 23:33:23.415: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to up
Not in Bound state.
*Nov 29 23:34:14.847: %CAPWAP-3-DHCP_RENEW: Could not discover WLC using DHCP IP. Renewing DHCP IP.
*Nov 29 23:34:19.847: %CAPWAP-3-ERRORLOG: Invalid event 40 & state 2 combination.
*Nov 29 23:34:19.967: %DHCP-6-ADDRESS_ASSIGN: Interface BVI1 assigned DHCP address 10.129.0.212, mask 255.255.255.128, hostname APc067.afa7.1ee4

Translating "CISCO-CAPWAP-CONTROLLER"...domain server (255.255.255.255)
*Nov 29 23:34:25.847: %CAPWAP-3-ERRORLOG: Did not get log server settings from DHCP.

*Nov 29 23:34:34.847: %CAPWAP-3-ERRORLOG: Could Not resolve CISCO-CAPWAP-CONTROLLER
*Nov 29 23:35:04.847: %CAPWAP-3-ERRORLOG: Go join a capwap controller
*Nov 29 23:35:04.000: %CAPWAP-5-DTLSREQSEND: DTLS connection request sent peer_ip: 10.129.0.254 peer_port: 5246
*Nov 29 23:35:04.223: %CAPWAP-5-DTLSREQSUCC: DTLS connection created sucessfully peer_ip: 10.129.0.254 peer_port: 5246
*Nov 29 23:35:04.223: %CAPWAP-5-SENDJOIN: sending Join Request to 10.129.0.254
., 1)29 23:35:22.411: %CAPWAP-3-ERRORLOG: Retransmission count for packet exceeded max(UNKNOWN_MESSAGE_TYPE (5)
*Nov 29 23:35:22.411: %CAPWAP-3-ERRORLOG: GOING BACK TO DISCOVER MODE
*Nov 29 23:35:27.479: %LWAPP-3-CLIENTERRORLOG: LWAPP LED Init: incorrect led state 255
*Nov 29 23:35:27.499: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to administratively down
*Nov 29 23:35:27.499: %LINK-5-CHANGED: Interface Dot11Radio1, changed state to administratively down
*Nov 29 23:35:27.503: %LINK-6-UPDOWN: Interface Dot11Radio0, changed state to up
*Nov 29 23:35:27.527: %LINK-6-UPDOWN: Interface Dot11Radio1, changed state to up
*Nov 29 23:35:28.503: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to down
*Nov 29 23:35:28.531: %LINK-6-UPDOWN: Interface Dot11Radio1, changed state to down
*Nov 29 23:35:28.539: %LINK-5-CHANGED: Interface Dot11Radio1, changed state to reset
*Nov 29 23:35:29.523: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to up
*Nov 29 23:35:29.531: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio1, changed state to down
*Nov 29 23:35:29.559: %LINK-6-UPDOWN: Interface Dot11Radio1, changed state to up
*Nov 29 23:35:29.567: %LINK-6-UPDOWN: Interface Dot11Radio0, changed state to down
*Nov 29 23:35:29.575: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to reset
*Nov 29 23:35:30.559: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio1, changed state to up
*Nov 29 23:35:30.567: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to down
*Nov 29 23:35:30.595: %LINK-6-UPDOWN: Interface Dot11Radio0, changed state to up
*Nov 29 23:35:31.595: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to up

WLC Log:

Nov 29 23:40:46.469: *%LWAPP-3-RD_ERR7: 1 wcm:  Invalid country code () for AP c0:25:5c:68:7f:10

Nov 29 23:40:46.469: *%LWAPP-3-RD_ERR9: 1 wcm:  APs c0:25:5c:68:7f:10 country code changed from () to (GB )

Nov 29 23:40:46.470: %CAPWAP-3-AP_PORT_CFG: AP connected port Gi1/0/24 is not an access port.

Nov 29 23:40:46.471: *%LWAPP-3-RD_ERR7: 1 wcm:  Invalid country code () for AP c0:25:5c:68:7f:10

Nov 29 23:40:46.471: *%LWAPP-3-RD_ERR9: 1 wcm:  APs c0:25:5c:68:7f:10 country code changed from () to (GB )

Nov 29 23:40:46.471: *%LWAPP-3-VALIDATE_ERR: 1 wcm:  Validation of SPAM Vendor Specific Payload failed - AP  c0:25:5c:68:7f:10

54C1BR01A01254#

Nov 29 23:40:46.474: *%LOG-3-Q_IND: 1 wcm:  Validation of SPAM Vendor Specific Payload failed - AP  c0:25:5c:68:7f:10

Nov 29 23:40:46.474: *%CAPWAP-3-DATA_TUNNEL_CREATE_ERR2: 1 wcm:  Failed to create CAPWAP data tunnel with interface id: 0xd670c00000002a for AP: c025.5c68.7f10 Error Reason: Capwap Data Tunnel create retry exceeded max retry count.

Nov 29 23:41:09.584: *%CAPWAP-3-INVALID_STATE_EVENT: 1 wcm:  Invalid AP event (CAPWAP Discovery Request) and state (CAPWAP Join Response) combination

Invalid AP event (CAPWAP Discovery Request) and state (CAPWAP Join Response) combination

Nov 29 23:42:55.496: *%LWAPP-3-RD_ERR7: 1 wcm:  Invalid country code () for AP c0:25:5c:68:7f:10

Nov 29 23:42:55.496: *%LWAPP-3-RD_ERR9: 1 wcm:  APs c0:25:5c:68:7f:10 country code changed from () to (GB )

Nov 29 23:42:55.496: *%LWAPP-3-RD_ERR7: 1 wcm:  Invalid country code () for AP c0:25:5c:68:7f:10

Nov 29 23:42:55.496: *%LWAPP-3-RD_ERR9: 1 wcm:  APs c0:25:5c:68:7f:10 country code changed from () to (GB )

Nov 29 23:42:55.496: *%LWAPP-3-VALIDATE_ERR: 1 wcm:  Validation of SPAM Vendor Specific Payload failed - AP  c0:25:5c:68:7f:10

54C1BR01A01254(config)#

Nov 29 23:42:55.499: %CAPWAP-3-AP_PORT_CFG: AP connected port Gi1/0/24 is not an access port.

Nov 29 23:42:55.499: *%LOG-3-Q_IND: 1 wcm:  Validation of SPAM Vendor Specific Payload failed - AP  c0:25:5c:68:7f:10

Nov 29 23:42:55.500: *%CAPWAP-3-DATA_TUNNEL_CREATE_ERR2: 1 wcm:  Failed to create CAPWAP data tunnel with interface id: 0xcb73c00000002b for AP: c025.5c68.7f10 Error Reason: Capwap Data Tunnel create retry exceeded max retry count.

GB  - United Kingdom : 802.11a Indoor,Outdoor/ 802.11b / 802.11g

Invalid AP event (CAPWAP Discovery Request) and state (CAPWAP Join Response) combination
Nov 29 23:42:55.496: *%LWAPP-3-RD_ERR7: 1 wcm:  Invalid country code () for AP c0:25:5c:68:7f:10
Nov 29 23:42:55.496: *%LWAPP-3-RD_ERR9: 1 wcm:  APs c0:25:5c:68:7f:10 country code changed from () to (GB )
Nov 29 23:42:55.496: *%LWAPP-3-RD_ERR7: 1 wcm:  Invalid country code () for AP c0:25:5c:68:7f:10
Nov 29 23:42:55.496: *%LWAPP-3-RD_ERR9: 1 wcm:  APs c0:25:5c:68:7f:10 country code changed from () to (GB )
Nov 29 23:42:55.496: *%LWAPP-3-VALIDATE_ERR: 1 wcm:  Validation of SPAM Vendor Specific Payload failed - AP  c0:25:5c:68:7f:10

Nov 29 23:42:55.499: %CAPWAP-3-AP_PORT_CFG: AP connected port Gi1/0/24 is not an access port.
Nov 29 23:42:55.499: *%LOG-3-Q_IND: 1 wcm:  Validation of SPAM Vendor Specific Payload failed - AP  c0:25:5c:68:7f:10
Nov 29 23:42:55.500: *%CAPWAP-3-DATA_TUNNEL_CREATE_ERR2: 1 wcm:  Failed to create CAPWAP data tunnel with interface id: 0xcb73c00000002b for AP: c025.5c68.7f10 Error Reason: Capwap Data Tunnel create retry exceeded max retry count.

and sometimes:

Nov 30 21:16:56.781: *%CAPWAP-3-ALREADY_IN_JOIN: 1 wcm:  Dropping join request from AP c025.5c68.7f10 - AP is already in joined state

Nov 30 21:16:56.785: *%CAPWAP-3-DATA_TUNNEL_DELETE_ERR2: 1 wcm:  Failed to delete CAPWAP data tunnel with interface id: 0x0 from internal database. Reason: AVL database entry not found

Sh Wirless Country Configured:

GB  - United Kingdom : 802.11a Indoor,Outdoor/ 802.11b / 802.11g


Sh version (AP):


LWAPP image version 10.1.100.0
1 Gigabit Ethernet interface
2 802.11 Radios

32K bytes of flash-simulated non-volatile configuration memory.
Base ethernet MAC Address: C0:67:AF:A7:1E:E4
Part Number                          : 73-14588-02
PCA Assembly Number                  : 800-37899-01
PCA Revision Number                  : A0
PCB Serial Number                    : FOC17353HXS
Top Assembly Part Number             : 800-38356-01
Top Assembly Serial Number           : FCZ1743P1VC
Top Revision Number                  : A0
Product/Model Number                 : AIR-SAP2602I-E-K9

Configuration register is 0xF

APc067.afa7.1ee4#
APc067.afa7.1ee4#^C
Not in Bound state.
*Nov 30 20:04:56.019: %CAPWAP-3-DHCP_RENEW: Could not discover WLC using DHCP IP. Renewing DHCP IP.
*Nov 30 20:05:01.019: %CAPWAP-3-ERRORLOG: Invalid event 40 & state 2 combination.c
*Nov 30 20:05:01.139: %DHCP-6-ADDRESS_ASSIGN: Interface BVI1 assigned DHCP address 10.129.0.211, mask 255.255.255.128, hostname APc067.afa7.1ee4

Translating "CISCO-CAPWAP-CONTROLLER"...domain server (255.255.255.255)
*Nov 30 20:05:07.019: %CAPWAP-3-ERRORLOG: Did not get log server settings from DHCP.

Sh ver (Switch):

Base Ethernet MAC Address          : d0:c7:89:75:c3:00
Motherboard Assembly Number        : 73-12238-06
Motherboard Serial Number          : FOC172896LQ
Model Revision Number              : B0
Motherboard Revision Number        : D0
Model Number                       : WS-C3850-24T
System Serial Number               : FOC1729V133


Switch Ports Model              SW Version        SW Image              Mode
------ ----- -----              ----------        ----------            ----
*    1 32    WS-C3850-24T       03.03.00SE        cat3k_caa-universalk9 INSTALL
     2 32    WS-C3850-24T       03.03.00SE        cat3k_caa-universalk9 INSTALL


Switch 02
---------
Switch uptime                      : 5 days, 23 hours, 2 minutes
Base Ethernet MAC Address          : ec:e1:a9:df:93:80
Motherboard Assembly Number        : 73-12238-06
Motherboard Serial Number          : FOC17236GD1
Model Revision Number              : B0
Motherboard Revision Number        : D0
Model Number                       : WS-C3850-24T
System Serial Number               : FOC1725V0FT

Configuration register is 0x102

1 ACCEPTED SOLUTION

Accepted Solutions
VIP Purple

Re: 2602i does not Join to 3850 WLC

Hi Kamin,

The AP is connected to an access switch which is connected via trunk port to 3850. the access port is in a same vlan as wireless management VLAN.AP  is not connected directly to 3850 as this switch is not poe capable.

That is the reason why it is not working for you. Your AP should directly connected to a 3850 switch to get this working. If it is not POE then you have to use a power adapter to power the AP. Refer the below reference link for more information.

Q.

Does the Cisco Catalyst 3850 support indirectly connected access points?

A. No. The Cisco Catalyst 3850 switch will always terminate the CAPWAP tunnel locally. Pass-through mode or indirectly connected access point is not supported at this time.

http://www.cisco.com/en/US/prod/collateral/switches/ps5718/ps12686/qa_c67-722110.html

HTH

Rasika

**** Pls rate all useful respones ****

7 REPLIES
Hall of Fame Super Gold

Re: 2602i does not Join to 3850 WLC

Kamin,

Didn't you create another thread of the same topic?

Sent from Cisco Technical Support Nintendo App

VIP Purple

Re: 2602i does not Join to 3850 WLC

Makesure followings are configured correctly

1. Your 3850 should have ipbase or ipservices image with active AP count license on it.

2. Your 3850 should configured as Mobility Controller (MC), by default it is MA.

3. AP needs to be directly connected to your 3850 switchport (configured for access vlan on the same vlan as wlc mgt interface)

4. 3850 is configured for NTP & valid country code to comply with AP regulatory domain..

Below error msg indicate something is wrong in the above configurations.

Nov 29 23:40:46.469: *%LWAPP-3-RD_ERR7: 1 wcm:  Invalid country code () for AP c0:25:5c:68:7f:10

Nov 29 23:40:46.469: *%LWAPP-3-RD_ERR9: 1 wcm:  APs c0:25:5c:68:7f:10 country code changed from () to (GB )

Nov 29 23:40:46.470: %CAPWAP-3-AP_PORT_CFG: AP connected port Gi1/0/24 is not an access port.

.

Nov 29 23:40:46.474: *%CAPWAP-3-DATA_TUNNEL_CREATE_ERR2: 1 wcm:  Failed to create CAPWAP data tunnel with interface id: 0xd670c00000002a for AP: c025.5c68.7f10 Error Reason: Capwap Data Tunnel create retry exceeded max retry count.

If you provide below output we can verify above

1. show license right-to-use summary

2. show wireless mobility summary

3. show run | in wireless
4. sh cdp neighbors | in AIR

Please refer below post for more detail.

http://mrncciew.com/2013/09/29/getting-started-with-3850/

HTH

Rasika

*** Pls rate all useful responses ***

New Member

Re: 2602i does not Join to 3850 WLC

Hi,

3850 is in MC mode.

The AP is connected to an access switch which is connected via trunk port to 3850. the access port is in a same vlan as wireless management VLAN.AP  is not connected directly to 3850 as this switch is not poe capable.

Country code is set to GB as th AP is ion Europe domain.

NTP has been configured

1- show license right-to-use summary :

-----------------------------------------------
  ipservices   permanent   N/A      Lifetime
  apcount      base        0        Lifetime
  apcount      adder       4        Lifetime

--------------------------------------------

License Level In Use: ipservices
License Level on Reboot: ipservices
Evaluation AP-Count: Disabled
Total AP Count Licenses: 4
AP Count Licenses In-use: 1
AP Count Licenses Remaining: 3

the one which is in use is my AP which has issue. keeps rebooting:

2. show wireless mobility summary

Mobility Controller Summary:

Mobility Role                                   : Mobility Controller
Mobility Protocol Port                          : 16666
Mobility Group Name                             : BSTAR
Mobility Oracle IP Address                      : 0.0.0.0
DTLS Mode                                       : Enabled
Mobility Domain ID for 802.11r                  : 0x276d
Mobility Keepalive Interval                     : 10
Mobility Keepalive Count                        : 3
Mobility Control Message DSCP Value             : 48
Mobility Domain Member Count                    : 1

Link Status is Control Link Status : Data Link Status

Controllers configured in the Mobility Domain:

IP               Public IP        Group Name       Multicast IP     Link Status
-------------------------------------------------------------------------------
10.129.0.254     -                BSTAR            0.0.0.0          UP   : UP

3- Show run | in Wireless

qos wireless-default-untrust

wireless mobility controller

wireless mobility group name BSTAR

wireless management interface Vlan10

wireless wps ap-authentication

VIP Purple

Re: 2602i does not Join to 3850 WLC

Hi Kamin,

The AP is connected to an access switch which is connected via trunk port to 3850. the access port is in a same vlan as wireless management VLAN.AP  is not connected directly to 3850 as this switch is not poe capable.

That is the reason why it is not working for you. Your AP should directly connected to a 3850 switch to get this working. If it is not POE then you have to use a power adapter to power the AP. Refer the below reference link for more information.

Q.

Does the Cisco Catalyst 3850 support indirectly connected access points?

A. No. The Cisco Catalyst 3850 switch will always terminate the CAPWAP tunnel locally. Pass-through mode or indirectly connected access point is not supported at this time.

http://www.cisco.com/en/US/prod/collateral/switches/ps5718/ps12686/qa_c67-722110.html

HTH

Rasika

**** Pls rate all useful respones ****

New Member

Re: 2602i does not Join to 3850 WLC

Thanks.

I'l try to provide some POE injectors and test again. but in this way all the 3850 switches should be POE.

VIP Purple

2602i does not Join to 3850 WLC

Yes, If you are buying switches for access layer (thinking about future), go with PoE version of it. If you think 3850 is too expensive you can lookat 3650 series switches as well which will support this CA (converged access) deployment model.

Here is the link for that

http://www.cisco.com/en/US/partner/docs/switches/lan/catalyst3650/software/release/3se/release_notes/OL30563.html

By the way thanks for using rating system.

Rasika

Hall of Fame Super Gold

Re: 2602i does not Join to 3850 WLC

Duplicate posts.  Go here and here.

3721
Views
5
Helpful
7
Replies
CreatePlease to create content