Ok all good stuff.

Correct your AP is getting an IP address. However, you need to set up DHCP option 43, DNS, IP FORWARD, or put the AP on the same broadcast domain as the WLC. Or manual prime. These "methods" are how the access points finds and joins the WLC.

Here is an exmaple of option 43

http://www.cisco.com/en/US/tech/tk722/tk809/technologies_configuration_example09186a00808714fe.shtml

So you need to understand what each one does and what makes the most sense in your enviroment to use.

Again, just becuase the AP as an IP address. Does not mean it joined the WLC.

Does this help or are you still confused ?

The problem do not is the AP IP address.

When the DHCP is the same WLC or module,  the option 43 is configured by default.

Also set the option 43 in the router, but the result was the same.

Even config the AP by console port. (lwap ap ip address.....lwap controller ip address, etc.)

Thanks.

Option 43 is not set by default. If you are using option 43, it sounds like its not working propertly. Post your option 43 config of your router so we can take a peek.

You can also console into a AP. You can see what the ap is telling us ...

I don't cant see the AP logs.

But now the WiSM shown this logs...

*osapi_ping_rx: Jul 20 08:04:20.344: %OSAPI-3-TASK_SET_TICKLE: osapi_task.c:3886  Task osapi_ping_rx requesting 1 second timer. Minimum is 20.Setting to 20

again, i think you need to console into the AP. You also need to read that link to make sure you have your option 43 is configured proprtly. Its sounds like the ap isnt joing the controller.

The option 43 is configured, and APs is configured by console port (lwapp ap controller ip address

Now the log is...

*osapi_ping_rx: Aug 29 18:42:20.000: %OSAPI-3-TASK_SET_TICKLE: osapi_task.c:3886  Task osapi_ping_rx requesting 1 second timer. Minimum is 20.Setting to 20.

*emWeb: Aug 29 18:35:41.654: %SYSTEM-3-NOTIFY_SAVE_FAIL: nvstore.c:167 Failed to save data for a Non-volatile component. Registrar ID: 42.

*nim_t: Aug 29 18:32:30.548: %SIM-3-PORT_UP: sim.c:9943 Physical port 1 is up!.

*nim_t: Aug 29 18:32:27.775: %SIM-3-PORT_DOWN: sim.c:9946 Physical port 1 is down!.

*nim_t: Aug 29 18:32:26.769: %SIM-3-PORT_UP: sim.c:9943 Physical port 1 is up!.

*fp_main_task: Aug 29 18:26:59.028: %CNFGR-3-INV_COMP_ID: cnfgr.c:2219 Invalid Component Id : Unrecognized (77) in cfgConfiguratorInit.

*fp_main_task: Aug 29 18:26:58.958: %RFID-3-INVALID_NOTIFICATION_INTERVAL: rfid_cfg.c:419 Illegal rfid rssi notification interval value 0-- defaulting.

*fp_main_task: Aug 29 18:26:58.948: %LOG-3-Q_IND: rrmCfg.c:1501 RRM LOG: Airewave Director: Configuration has been sanitized -- save configuration to commit

*fp_main_task: Aug 29 18:26:58.733: %RRM-3-RRM_LOGMSG: rrmCfg.c:1501 RRM LOG: Airewave Director: Configuration has been sanitized -- save configuration to commit

*fp_main_task: Aug 29 18:26:43.585: %MM-3-MEMBER_ADD_FAILED: mm_dir.c:909 Could not add Mobility Member. Reason: IP already assigned, Member-Count:1,MAC: 00:00:00:00:00:00, IP: 0.0.0.0

*fp_main_task: Aug 29 18:26:43.377: %DTL-3-DSNET_CONF_FAILED: dtl_ds.c:424 Unable to set symmetric mobility tunneling to disabled on Distribution Service interface.

*fp_main_task: Aug 29 18:26:43.364: %SYSTEM-3-PASSWD_STORE_INTEGRITY_FAILED: passwd_store.c:470 Cannot retrieve secret from store -- integrity check failed.

*fp_main_task: Aug 29 18:26:33.393: %CNFGR-3-INV_COMP_ID: cnfgr.c:2219 Invalid Component Id : Unrecognized (36) in cfgConfiguratorInit.

*mfpKeyRefreshTask: Aug 29 18:26:33.392: %SSHPM-3-NOT_INIT: bsnrandom.c:619 Random context not initialized

Here's a stupid question:  Can the WAP ping the management IP address of the WiSM?

Dont worry...

Yes.

(Cisco Controller) >show dhcp summary

  Scope Name                   Enabled          Address Range
APs                              Yes      172.23.24.100 -> 172.23.24.150

(Cisco Controller) >show dhcp leases

       MAC                IP         Lease Time Remaining
e8:b7:48:f5:35:46    172.23.24.100    23 hours 59 minutes 39 seconds
e8:b7:48:d6:e6:9d    172.23.24.101    23 hours 59 minutes 40 seconds
00:07:7d:13:06:eb    172.23.24.102    23 hours 59 minutes 41 seconds
00:07:7d:2d:69:e5    172.23.24.103    23 hours 59 minutes 7 seconds
e8:b7:48:2c:64:1c    172.23.24.104    23 hours 59 minutes 11 seconds
e8:b7:48:f5:1f:b4    172.23.24.105    23 hours 59 minutes 18 seconds

(Cisco Controller) >ping 172.23.24.100

Send count=3, Receive count=3 from 172.23.24.100

(Cisco Controller) >

Can the wireless access point (WAP) ping the management IP address of the WiSM?

Hello,

You have stated on several occasions that the DHCP pool has been configured with Option 43, but you have not posted the requested output of this configuration.  Please provide the output of this command as well as the IP address of the management interface so we can verify the hex value, if applicable, is configure properly.

If you do not want to provide this information, you can perform the following debug from the AP's console

#debug dhcp detail

You will see whether or not the "Option 43" information is received, as well as a message showing the deciphered decimal IP that the AP is trying to use to send a join request to.  I would perform this debug at the AP's console as well as the following from the WLC CLI to see if any joins are arriving at the controller:

#debug client

Perform a reload on the AP to see if we see the disovery/join traffic to the controller; post the outputs requested to your reply and we can examine what is happening.

If you are not seeing any join requests for this AP at the WLC then the AP is not communicating to the WLC either because option 43 is incorrect or the AP is in another vlan than the management interface with no other disvoery mechanisms in place.

For reference, the following link explains a light weight APs registration process to a WLC; good info, including Option 43, and other discovery mechanisms, as well as the APs "preference" for joining discovered vs configured WLCs, etc.

http://www.cisco.com/en/US/tech/tk722/tk809/technologies_tech_note09186a00806c9e51.shtml

The option 43 is......

ip dhcp pool APs

network 172.23.24.0 255.255.255.0

default-router 172.23.24.1

option 43 hex f108ac140194ac140196

The problem is not the option 43, the problem is between the module WiSM and SUP720.

I Replace WiSM for a WLC4402 and APs were recorded without problems

debug WiSM.....

URA_NUNOA_SW_6500_CLH#

Aug 31 16:27:20.818: WiSM-Evt:dman_cntrl_db_search_by_mac: Found mac 68ef.bd2f.2d22 for slot/port 2/1

Aug 31 16:27:20.822: WiSM-Evt:dman_reg_arp_added: cntrl 2/1 got an ip 172.20.1.178 68ef.bd2f.2d22/68ef.bd2f.2d                            22

Aug 31 16:27:20.822: WiSM-Evt:dman_cntrl_db_search_by_mac: Found mac 68ef.bd30.58e2 for slot/port 2/2

Aug 31 16:27:20.822: WiSM-Evt:dman_reg_arp_added: cntrl 2/2 got an ip 172.20.1.179 68ef.bd30.58e2/68ef.bd30.58                            e2

Aug 31 16:27:35.822: WiSM-Evt:dman_proc_keepalive_tmr_handler: keepalive timer expired for 2/1

Aug 31 16:27:35.822: WiSM-Evt:dman_proc_keepalive_tmr_handler: keepalive timer expired for 2/2

Aug 31 16:27:55.822: WiSM-Evt:dman_proc_keepalive_tmr_handler: keepalive timer expired for 2/1

Aug 31 16:27:55.822: WiSM-Evt:dman_proc_keepalive_tmr_handler: keepalive timer expired for 2/2

Aug 31 16:28:00.822: WiSM-Evt:dman_cntrl_db_search_by_mac: Found mac 68ef.bd30.58e2 for slot/port 2/2

Aug 31 16:28:00.822: WiSM-Evt:dman_reg_arp_added: cntrl 2/2 got an ip 172.20.1.179 68ef.bd30.58e2/68ef.bd30.58                            e2

Aug 31 16:28:00.822: WiSM-Evt:dman_cntrl_db_search_by_mac: Found mac 68ef.bd2f.2d22 for slot/port 2/1

Aug 31 16:28:00.822: WiSM-Evt:dman_reg_arp_added: cntrl 2/1 got an ip 172.20.1.178 68ef.bd2f.2d22/68ef.bd2f.2d                            22

Aug 31 16:28:15.822: WiSM-Evt:dman_proc_keepalive_tmr_handler: keepalive timer expired for 2/1

Aug 31 16:28:15.822: WiSM-Evt:dman_proc_keepalive_tmr_handler: keepalive timer expired for 2/2

Aug 31 16:28:35.822: WiSM-Evt:dman_proc_keepalive_tmr_handler: keepalive timer expired for 2/1

Aug 31 16:28:35.822: WiSM-Evt:dman_proc_keepalive_tmr_handler: keepalive timer expired for 2/2

Aug 31 16:28:40.818: WiSM-Evt:dman_cntrl_db_search_by_mac: Found mac 68ef.bd2f.2d22 for slot/port 2/1

Aug 31 16:28:40.818: WiSM-Evt:dman_reg_arp_added: cntrl 2/1 got an ip 172.20.1.178 68ef.bd2f.2d22/68ef.bd2f.2d22

Aug 31 16:28:40.822: WiSM-Evt:dman_cntrl_db_search_by_mac: Found mac 68ef.bd30.58e2 for slot/port 2/2

Aug 31 16:28:40.822: WiSM-Evt:dman_reg_arp_added: cntrl 2/2 got an ip 172.20.1.179 68ef.bd30.58e2/68ef.bd30.58e2

Aug 31 16:28:55.822: WiSM-Evt:dman_proc_keepalive_tmr_handler: keepalive timer expired for 2/1

Aug 31 16:28:55.822: WiSM-Evt:dman_proc_keepalive_tmr_handler: keepalive timer expired for 2/2

You are now describing a new problem (ie. a bigger problem, although this is most likely leading to the AP join failure symptoms).  Can you verify the following for your WiSM module.  This information is coming from the WiSM config and troubleshooting guide.

http://www.cisco.com/en/US/products/hw/modules/ps2706/products_tech_note09186a00808330a9.shtml

Is the wism showing "Oper-Up" for both WLCs on this WiSM?

#sh wism status

Do you have your etherchannel load balancing configured properly for: src-dst-ip ?

#show etherchannel load balance

Are you etherchannel interfaces up and permitting traffic?

#show etherchannel summary

Also, form the WLC logs above

*fp_main_task: Aug 29 18:26:43.364: %SYSTEM-3-PASSWD_STORE_INTEGRITY_FAILED: passwd_store.c:470 Cannot retrieve secret from store -- integrity check failed.

Explanation    The system failed an integrity check. The secret might have been compromised.

Recommended Action    Reconfigure the secret for security reasons.

You might want to recreate your enable secret; I don't think this is applicable to your problem but should be addressed.