Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

AIR-CAP1602I-R-K9 cannot connect to WLC/WiSM2

Hello all,

I have a problem with a WiSM2 running on 7.4.110.13. It is installed in Russia and we are trying to connect new 1600 APs AIR-CAP1602I-R-K9 for the -R Regulatory. But the AP cannot connect/join to the WLC.

Product Version.................................. 7.4.110.13

Configured Country:

Configured Country............................... RU  - Russian Federation

Time is synchronized with an NTP Server and location is set.

No auth-list is configured, and MIC is enabled.

Authorize MIC APs against Auth-list or AAA ...... disabled
Authorize LSC APs against Auth-List ............. disabled
APs Allowed to Join
  AP with Manufacturing Installed Certificate.... yes
  AP with Self-Signed Certificate................ no
  AP with Locally Significant Certificate........ no

I have 500 free licenses:

Licensed Feature    Max Count         Current Count     Remaining Count
-----------------------------------------------------------------------
AP Count            500               0                 500

I also did a reset of the AP using the Mode button. But this did not change anything.

If I enable the following debugging "debug capwap error enable" I get the following messages:

*spamApTask2: Mar 18 15:54:47.407: 88:5a:92:58:67:d0 State machine handler: Failed to process  msg type = 1 state = 0 from 172.31.140.132:34430

*spamApTask2: Mar 18 15:54:47.407: 88:5a:92:58:67:d0 Failed to parse CAPWAP packet from 172.31.140.132:34430

So the first packet the WLC gets from the AP is immediately dropped.

Any idea?

  • Other Wireless - Mobility Subjects
11 REPLIES
New Member

Maybe a "debug capwap payload

Maybe a "debug capwap payload enable" gives anyone an idea.

*spamApTask1: Mar 18 16:25:19.338: 88:5a:92:c3:f7:c0 Board data options: antType 1, apType 0, joinPriority 1

*spamApTask0: Mar 18 16:25:19.338: Start of Packet

*spamApTask0: Mar 18 16:25:19.338: Ethernet Source MAC (LRAD):      64:AE:0C:41:D2:40

*spamApTask0: Mar 18 16:25:19.338: Msg Type       :
*spamApTask0: Mar 18 16:25:19.338:    DISCOVERY_REQUEST

*spamApTask0: Mar 18 16:25:19.338: Msg Length     :   70

*spamApTask0: Mar 18 16:25:19.338: Msg SeqNum     :   0

*spamApTask0: Mar 18 16:25:19.338:
        IE            :   UNKNOWN IE 58

*spamApTask0: Mar 18 16:25:19.338:      IE Length     :   1

*spamApTask0: Mar 18 16:25:19.338:      Decode routine not available, Printing Hex Dump

*spamApTask0: Mar 18 16:25:19.338: 00000000: 03                                                .


*spamApTask0: Mar 18 16:25:19.338:
        IE            :   UNKNOWN IE 50

*spamApTask0: Mar 18 16:25:19.338:      IE Length     :   46

*spamApTask0: Mar 18 16:25:19.338:      Decode routine not available, Printing Hex Dump

*spamApTask0: Mar 18 16:25:19.339: 00000000: 00 00 00 00 00 00 00 00  00 00 00 00 46 47 4c 31  ............FGL1
00000010: 37 34 35 53 32 41 32 00  00 00 00 00 00 00 00 00  745S2A2.........
00000020: 00 00 00 00 01 01 00 0
*spamApTask0: Mar 18 16:25:19.339:
        IE            :   RAD_PAYLOAD

*spamApTask0: Mar 18 16:25:19.339:      IE Length     :   14

*spamApTask0: Mar 18 16:25:19.339:              H/W  Version            :   1

*spamApTask0: Mar 18 16:25:19.339:              H/W  Release            :   0

*spamApTask0: Mar 18 16:25:19.339:              H/W  Maint              :   0

*spamApTask0: Mar 18 16:25:19.339:              H/W  Build              :   0

*spamApTask0: Mar 18 16:25:19.339:              S/W  Version            :   7

*spamApTask0: Mar 18 16:25:19.339:              S/W  Release            :   5

*spamApTask0: Mar 18 16:25:19.339:              S/W  Maint              :   1

*spamApTask0: Mar 18 16:25:19.339:              S/W  Build              :   73

*spamApTask0: Mar 18 16:25:19.339:              Boot Version            :   15

*spamApTask0: Mar 18 16:25:19.339:              Boot Release            :   2

*spamApTask0: Mar 18 16:25:19.339:              Boot Maint              :   2

*spamApTask0: Mar 18 16:25:19.339:              Boot Build              :   0

*spamApTask0: Mar 18 16:25:19.339:              numSlots       :   0

*spamApTask0: Mar 18 16:25:19.339:              numFilledSlots :   0

disable-all *spamApTask0: Mar 18 16:25:19.339: End of Packet

VIP Purple

Hi,Paste the output of these

Hi,

Paste the output of these commands:

From WLC: sh sysinfo

From AP: sh version

also connect console to AP and then reboot it and paste the whole entire boot process here.

Regards

Dont forget to rate helpful posts

New Member

show sysinfoManufacturer's

show sysinfo

Manufacturer's Name.............................. Cisco Systems Inc.

Product Name..................................... Cisco Controller
Product Version.................................. 7.4.110.13
Bootloader Version............................... 1.0.16
Field Recovery Image Version..................... 7.0.43.32
Firmware Version................................. FPGA 1.6, Env 0.0, USB console 2.2
Build Type....................................... DATA + WPS

System Name...................................... rus-wism-01-3
System Location..................................
System Contact...................................
System ObjectID.................................. 1.3.6.1.4.1.9.1.1293
Redundancy Mode.................................. Disabled
IP Address....................................... 172.25.16.148
Last Reset....................................... Software reset
System Up Time................................... 5 days 21 hrs 24 mins 2 secs
System Timezone Location......................... (GMT +1:00) Amsterdam, Berlin, Rome, Vienna
System Stats Realtime Interval................... 5
System Stats Normal Interval..................... 180

Configured Country............................... RU  - Russian Federation

--More-- or (q)uit

State of 802.11b Network......................... Enabled
State of 802.11a Network......................... Enabled
Number of WLANs.................................. 9
Number of Active Clients......................... 0

Memory Current Usage............................. Unknown
Memory Average Usage............................. Unknown
CPU Current Usage................................ Unknown
CPU Average Usage................................ Unknown

Burned-in MAC Address............................ 6C:20:56:2C:5C:E0
Maximum number of APs supported.................. 500

 


AP885a.9258.67d3#sh vers
Cisco IOS Software, C1600 Software (AP1G2-RCVK9W8-M), Version 15.2(4)JA1, RELEASE SOFTWARE (fc2)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2013 by Cisco Systems, Inc.
Compiled Tue 30-Jul-13 23:41 by prod_rel_team

ROM: Bootstrap program is C1600 boot loader
BOOTLDR: C1600 Boot Loader (AP1G2-BOOT-M) LoaderVersion 15.2(2)JAX, RELEASE SOFTWARE (fc1)

AP885a.9258.67d3 uptime is 22 hours, 25 minutes
System returned to ROM by power-on
System image file is "flash:/ap1g2-rcvk9w8-mx/ap1g2-rcvk9w8-mx"
Last reload reason:

 

This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.

A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html

If you require further assistance please contact us by sending email to
export@cisco.com.

cisco AIR-CAP1602I-R-K9 (PowerPC) processor (revision B0) with 98294K/32768K bytes of memory.
Processor board ID FGL1745S2AM
PowerPC CPU at 533Mhz, revision number 0x2151
Last reset from power-on
LWAPP image version 7.5.1.73
1 Gigabit Ethernet interface

32K bytes of flash-simulated non-volatile configuration memory.
Base ethernet MAC Address: 88:5A:92:58:67:D3
Part Number                          : 73-14671-04
PCA Assembly Number                  : 000-00000-00
PCA Revision Number                  :
PCB Serial Number                    : FOC174185AV
Top Assembly Part Number             : 800-38552-01
Top Assembly Serial Number           : FGL1745S2AM
Top Revision Number                  : A0
Product/Model Number                 : AIR-CAP1602I-R-K9

 

Configuration register is 0xF

 


AP885a.9258.67d3#relo
AP885a.9258.67d3#reload
Proceed with reload? [confirm]
Writing out the event log to flash:/event.log ...


*Mar  1 22:41:20.092: %SYS-5-RELOAD: Reload requested by cisco on console. Reload Reason: Reload Command.
*Mar  1 22:41:20.092: %LWAPP-5-CHANGED: CAPWAP changed state to DOWN
Write of event.log done


*Mar  1 22:41:23.844: %CAPWAP-3-ERRORLOG: Could Not resolve CISCO-CAPWAP-CONTROLLER
Boot from flash

IOS Bootloader - Starting system.
 FLASH CHIP: Spansion S25FL256
Xmodem file system is available.
flashfs[0]: 10 files, 2 directories
flashfs[0]: 0 orphaned files, 0 orphaned directories
flashfs[0]: Total bytes: 31936000
flashfs[0]: Bytes used: 6816768
flashfs[0]: Bytes available: 25119232
flashfs[0]: flashfs fsck took 9 seconds.
Reading cookie from SEEPROM
Base Ethernet MAC address: 88:5a:92:58:67:d3
 ************* loopback_mode = 0
Loading "flash:/ap1g2-rcvk9w8-mx/ap1g2-rcvk9w8-mx"...#####################
File "flash:/ap1g2-rcvk9w8-mx/ap1g2-rcvk9w8-mx" uncompressed and installed, entry point: 0x100000
executing...

              Restricted Rights Legend

Use, duplication, or disclosure by the Government is
subject to restrictions as set forth in subparagraph
(c) of the Commercial Computer Software - Restricted
Rights clause at FAR sec. 52.227-19 and subparagraph
(c) (1) (ii) of the Rights in Technical Data and Computer
Software clause at DFARS sec. 252.227-7013.

           cisco Systems, Inc.
           170 West Tasman Drive
           San Jose, California 95134-1706

 

Cisco IOS Software, C1600 Software (AP1G2-RCVK9W8-M), Version 15.2(4)JA1, RELEASE SOFTWARE (fc2)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2013 by Cisco Systems, Inc.
Compiled Tue 30-Jul-13 23:41 by prod_rel_team

Initializing flashfs...
 FLASH CHIP: Spansion S25FL256

flashfs[2]: 10 files, 2 directories
flashfs[2]: 0 orphaned files, 0 orphaned directories
flashfs[2]: Total bytes: 31808000
flashfs[2]: Bytes used: 6816768
flashfs[2]: Bytes available: 24991232
flashfs[2]: flashfs fsck took 9 seconds.
flashfs[2]: Initialization complete.
flashfs[3]: 0 files, 1 directories
flashfs[3]: 0 orphaned files, 0 orphaned directories
flashfs[3]: Total bytes: 11999232
flashfs[3]: Bytes used: 1024
flashfs[3]: Bytes available: 11998208
flashfs[3]: flashfs fsck took 1 seconds.
flashfs[3]: Initialization complete....done Initializing flashfs.

This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
no ip http server
       ^
% Invalid input detected at '^' marker.

use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.

A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html

If you require further assistance please contact us by sending email to
export@cisco.com.

cisco AIR-CAP1602I-R-K9 (PowerPC) processor (revision B0) with 98294K/32768K bytes of memory.
Processor board ID FGL1745S2AM
PowerPC CPU at 533Mhz, revision number 0x2151
Last reset from power-on
LWAPP image version 7.5.1.73
1 Gigabit Ethernet interface

32K bytes of flash-simulated non-volatile configuration memory.
Base ethernet MAC Address: 88:5A:92:58:67:D3
Part Number                          : 73-14671-04
PCA Assembly Number                  : 000-00000-00
PCA Revision Number                  :
PCB Serial Number                    : FOC174185AV
Top Assembly Part Number             : 800-38552-01
Top Assembly Serial Number           : FGL1745S2AM
Top Revision Number                  : A0
Product/Model Number                 : AIR-CAP1602I-R-K9
% Please define a domain-name first.
Translating "CISCO-CAPWAP-CONTROLLER"...domain server (255.255.255.255)


Press RETURN to get started!


*Mar  1 00:00:12.427: %LWAPP-3-CLIENTERRORLOG: Config load from flash failed. Initialising Cfg

*Mar  1 00:00:13.487: %LINK-6-UPDOWN: Interface GigabitEthernet0, changed state to up
*Mar  1 00:00:14.511: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0, changed state to up
*Mar  1 00:00:14.939: %SYS-5-RESTART: System restarted --
Cisco IOS Software, C1600 Software (AP1G2-RCVK9W8-M), Version 15.2(4)JA1, RELEASE SOFTWARE (fc2)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2013 by Cisco Systems, Inc.
Compiled Tue 30-Jul-13 23:41 by prod_rel_team
*Mar  1 00:00:15.951: %LINEPROTO-5-UPDOWN: Line protocol on Interface BVI1, changed state to up

logging facility kern
        ^
% Invalid input detected at '^' marker.

logging trap emergencies
        ^
% Invalid input detected at '^' marker.

*Mar  1 00:00:26.975: %CAPWAP-3-ERRORLOG: Could Not resolve CISCO-CAPWAP-CONTROLLER
*Mar  1 00:00:26.975: %LWAPP-3-CLIENTERRORLOG: LWAPP LED Init: incorrect led state 255
*Mar  1 00:00:26.975: %LWAPP-3-CLIENTERRORLOG: Config load from flash failed. Initialising Cfg

*Mar  1 00:00:26.975: %CAPWAP-3-ERRORLOG: Failed to load configuration from flash. Resetting to default configlwapp_crypto_init: MIC Present and Parsed Successfully

no bridge-group 1 source-learning
                   ^
% Invalid input detected at '^' marker.
%Default route without gateway, if not a point-to-point interface, may impact performance
*Mar  1 00:00:39.451: %CDP_PD-4-POWER_OK: All radios disabled - NEGOTIATED inline power source
Translating "CISCO-CAPWAP-CONTROLLER"...domain server (255.255.255.255)

*Mar  1 00:01:02.739: %CAPWAP-3-ERRORLOG: Could Not resolve CISCO-CAPWAP-CONTROLLER
Translating "CISCO-CAPWAP-CONTROLLER"...domain server (255.255.255.255)

*Mar  1 00:01:21.739: %CAPWAP-3-ERRORLOG: Could Not resolve CISCO-CAPWAP-CONTROLLER
Translating "CISCO-CAPWAP-CONTROLLER"...domain server (255.255.255.255)

*Mar  1 00:01:39.454: %CDP_PD-4-POWER_OK: All radios disabled - NEGOTIATED inline power source
*Mar  1 00:01:40.738: %CAPWAP-3-ERRORLOG: Could Not resolve CISCO-CAPWAP-CONTROLLER

VIP Purple

Ap is not able to find the

Ap is not able to find the WLC.

From where AP will get the IP ??

Did you configued any DHCP pool fro APs to get ip ??

 

Try to create a DHCP pool for AP on layer 3 switch ...example:

keep AP and WLC on same subet :)

ip dhcp excluded-address 172.25.16.1 172.25.16.170
ip dhcp excluded-address 172.25.16.185 172.25.16.254

ip dhcp pool WirelessLAN
   network 172.25.16.0 255.255.255.0
   default-router 172.25.16.254 
   option 43 ip 172.25.16.148
   lease 3

Regards

 

New Member

As this is a test AP

As this is a test AP connected in the HQ, I configured it with an static IP Address and also configured the WLC IP manually.

AP885a.9258.67d3#sh capwap ip config

LWAPP Static IP Configuration
IP Address         172.31.140.132
IP netmask         255.255.255.0
Default Gateway    172.31.140.1
Primary Controller 172.25.16.148

In other places we use DHCP.

But you can be sure that all the APs find the WLC, otherwise I would not see the incomimg DISCOVERY_REQUEST in the debugging. Right?

VIP Purple

paste the whole console log

paste the whole console log from AP(reboot it and then paste entire bootup process).

 

Regards

 

New Member

You can find it above:show

You can find it above:

  • show sysinfo of WLC
  • show version of AP
  • Console output during bootup
VIP Purple

Hey ,can you ping WLC from AP

Hey ,

can you ping WLC from AP ?

try to create a DHCP pool and remove static entries.

I dont see any join request from client to WLC.

There must be something wrong between WLC and AP.

 

 

Regards

New Member

Yes, I can ping the AP from

Yes, I can ping the AP from the WLC.

(rus-wism-01-3) >ping 172.31.140.132

Send count=3, Receive count=3 from 172.31.140.132

And when you check my first entry on that discussion you can see that the debugging on the controller logs the following messages:

*spamApTask2: Mar 18 15:54:47.407: 88:5a:92:58:67:d0 State machine handler: Failed to process  msg type = 1 state = 0 from 172.31.140.132:34430

*spamApTask2: Mar 18 15:54:47.407: 88:5a:92:58:67:d0 Failed to parse CAPWAP packet from 172.31.140.132:34430

So the DISCOVERY_REQUEST sent by the AP is received by tye WLC (see also the debug below). Then the WLC logs "Failed to process..." and drops the request.

541
Views
0
Helpful
11
Replies
This widget could not be displayed.