Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
New Member

LAP's are unable to join Cisco WLC

Dear all,

I  have moved my WLC to my datacentre from branch office. after movement i have updated DHCP options with the new ip address but all of my access point are not joining  to WLC.Kindly check the attached cofiguration of WLC as well as LAP logs and It will be a great help if somebody can help me to relsolve this issue.

Please note that  for datacenter -  Branch connectivity we are using L3  MPLS line and there is no firewall between the office and I am using Ver 7 software on my WLC

New Member

Re: LWAP are unable to join Cisco WLC

Do i need to configure any of the below

1. REAP or HREAP (I am using LAP 1131)

2. DNS to discover controller. currently i am not using DNS

3. Any configuration on switch or router side

Hall of Fame Super Gold

Re: LWAP are unable to join Cisco WLC

Try configuring DNS entry for "CISCO-LWAPP-CONTROLLER".

If you can console into the LWAP, try the command "lwapp ap controller ip add " and see what happens.

Hope this helps.

Please don't forget to rate useful posts.  Thanks.

Re: LAP's are unable to join Cisco WLC

As said you can add it into your DNS ior you can manualloy input the controller IP address.

Also, it would appear your DHCP isn't properly configured for option 43, this will give out your controller IP addresses with the DHCP, instructions below:

Hope this helps.



New Member

Re: LAP's are unable to join Cisco WLC


Your DHCP option 43 is good

From your file ‘AP error logs.txt’ it’s clear that the DHCP server provides option 43 that point to

I also see that the controller name is AEDXBWLC01. The AP cannot guess this name so this means that it can communicate with the controller.

You do not need to configure DNS

Your DNS server is not configured with CISCO-LWAPP-CONTROLLER.localdomain. But you do not need to configure DNS since you already have a working option 43.

If you want to use DNS you should configure both CISCO-CAPWAP-CONTROLLER.localdomain and CISCO-LWAPP-CONTROLLER.localdomain, where localdomain is the access point domain name. Old software use LWAPP and new software uses CAPWAP.

What might cause the problems?

I believe that you have a certificate mismatch between the controller and the AP. In order to fix this you can manually add the AP to the AP authorization list.

In order to allow APs to join, use one of these options:

  • Add them to the authorization list of the WLC: use the config auth-list add mic command.
  • Add them as clients to the RADIUS server. The Called-Station-ID is the MAC address of the controller. If you separate the APs into groups, you can create policies to define which APs can authenticate against which Called-Station-IDs.


  • You can debug to see what’s happening when the AP tries to join the controller.
  • You can also use this debug to obtain the Ethernet address for the AP:

(Cisco Controller) >debug lwapp events enable

Mon May 22 12:00:21 2006: Received LWAPP DISCOVERY REQUEST from AP 00:0b:85:5b:fb:d0 to ff:ff:ff:ff:ff:ff on port '1'

Mon May 22 12:00:21 2006: Successful transmission of LWAPP Discovery-Response to AP 00:0b:85:5b:fb:d0 on Port 1


CreatePlease to create content