Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

Register remote AP to Controller through a VPN site to site

Hi,

Does it possible register a Lightweight AP to remote Controller that are comunicated through a VPN site to site?

best regards

1 ACCEPTED SOLUTION

Accepted Solutions
VIP Purple

As a side note, you should

As a side note, you should upgrade your controller to a supported firmware version. Go for 7.4.121.0 for AireOS version & upgrade your FUS to 1.9.0.0 as well. The version you are running is having multiple critical bugs.

Product Version.................................. 7.4.100.60
Bootloader Version............................... 1.0.1
Field Recovery Image Version..................... 6.0.182.0
Firmware Version................................. FPGA 1.3, Env 1.6, USB console 1.27

Here are the release note for these versions. FUS upgrade will take around 30-40min, so get sufficient outage window for the upgrade (at least 1 hour for both)

http://www.cisco.com/c/en/us/td/docs/wireless/controller/release/notes/crn74mr02.html

http://www.cisco.com/c/en/us/td/docs/wireless/controller/release/notes/fus_rn_OL-31390-01.pdf

HTH

Rasika

*** Pls rate all useful responses ***

13 REPLIES
Cisco Employee

yes it is :)

yes it is :)

VIP Purple

Yes it is possible.Normally

Yes it is possible.

Normally this technology is called flexconnect(old name was H-REAP).

Here are the modes:

http://www.cisco.com/c/en/us/support/docs/wireless-mobility/wireless-lan-wlan/81680-hreap-modes.html

HREAP Design:

http://www.cisco.com/c/en/us/support/docs/wireless/5500-series-wireless-controllers/71250-h-reap-design-deploy.html

 

Regards

Dont forget to rate helpful posts

Community Member

ok, I before configured H

ok, I before configured H-REAP an FlexConnect, but through a Point to Point Link, and the AP refistered normally, now I´m triying to do it through a VPN site to site and the console AP only sends this messenge repeatly

%CAPWAP-3-ERRORLOG: Could Not resolve CISCO-CAPWAP-CONTROLLER
Translating "CISCO-CAPWAP-CONTROLLER"...domain server (255.255.255.255)

Ping responses from AP to WLC and from WLC to AP, do you have any idea of why the AP doesn´t register?

thanks

VIP Purple

Check:is AP got the IP via

Check:

is AP got the IP via DHCP or statically ?

is there a Way for AP to find WLC ?

 

reboot the AP and post the entite bootup process here als paste the output of these commands:

sh sysinfo from WLC

sh version from AP

 

 

Regards

Dont forget to rate helpful posts

Community Member

Hi,I configured the IP

Hi,

I configured the IP statically using the commands

capwap ap controller ip address
capwap ap ip address
capwap ap ip default-gateway

Here is the outputs

AP7c69.f640.de6e#
reload
Proceed with reload? [confirm]
Writing out the event log to flash:/event.log ...


*Jul 20 05:20:34.079: %SYS-5-RELOAD: Reload requested by cisco on console. Reload Reason: Reload Command.
*Jul 20 05:20:34.095: %LWAPP-5-CHANGED: CAPWAP changed state to DOWN
Translating "CISCO-CAPWAP-CONTROLLER"...domain server (255.255.255.255)
Write of event.log done

IOS Bootloader - Starting system.
flash is writable
FLASH CHIP:  Numonyx Mirrorbit (0089)
Xmodem file system is available.
flashfs[0]: 52 files, 8 directories
flashfs[0]: 0 orphaned files, 0 orphaned directories
flashfs[0]: Total bytes: 31997952
flashfs[0]: Bytes used: 13725696
flashfs[0]: Bytes available: 18272256
flashfs[0]: flashfs fsck took 27 seconds.
Reading cookie from SEEPROM
Base Ethernet MAC address: 7c:69:f6:40:de:6e
Ethernet speed is 100 Mb - FULL Duplex
Loading "flash:/ap3g2-k9w8-mx.152-4.JB4/ap3g2-k9w8-mx.152-4.JB4"...##########################

File "flash:/ap3g2-k9w8-mx.152-4.JB4/ap3g2-k9w8-mx.152-4.JB4" uncompressed and installed, entry point: 0x2003000
executing...

Secondary Bootloader - Starting system.
Tide MB - 32MB of flash
Xmodem file system is available.
flashfs[0]: 52 files, 8 directories
flashfs[0]: 0 orphaned files, 0 orphaned directories
flashfs[0]: Total bytes: 31997952
flashfs[0]: Bytes used: 13725696
flashfs[0]: Bytes available: 18272256
flashfs[0]: flashfs fsck took 18 seconds.
Base Ethernet MAC address: 7c:69:f6:40:de:6e
Boot CMD: 'boot  flash:/ap3g2-k9w8-mx.152-4.JB4/ap3g2-k9w8-xx.152-4.JB4;flash:/ap3g2-k9w8-mx.152-4.JB4/ap3g2-k9w8-mx.152-4.JB4'
Loading "flash:/ap3g2-k9w8-mx.152-4.JB4/ap3g2-k9w8-xx.152-4.JB4"...######################################
File "flash:/ap3g2-k9w8-mx.152-4.JB4/ap3g2-k9w8-xx.152-4.JB4" uncompressed and installed, entry point: 0x1003000
executing...

              Restricted Rights Legend

Use, duplication, or disclosure by the Government is
subject to restrictions as set forth in subparagraph
(c) of the Commercial Computer Software - Restricted
Rights clause at FAR sec. 52.227-19 and subparagraph
(c) (1) (ii) of the Rights in Technical Data and Computer
Software clause at DFARS sec. 252.227-7013.

           cisco Systems, Inc.
           170 West Tasman Drive
           San Jose, California 95134-1706

 

Cisco IOS Software, C3600 Software (AP3G2-K9W8-M), Version 15.2(4)JB4, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2014 by Cisco Systems, Inc.
Compiled Thu 06-Mar-14 10:41 by prod_rel_team

Tide MB - 32MB of flash
Initializing flashfs...

flashfs[3]: 52 files, 8 directories
flashfs[3]: 0 orphaned files, 0 orphaned directories
flashfs[3]: Total bytes: 31739904
flashfs[3]: Bytes used: 13725696
flashfs[3]: Bytes available: 18014208
flashfs[3]: flashfs fsck took 11 seconds.
flashfs[3]: Initialization complete.
flashfs[4]: 0 files, 1 directories
flashfs[4]: 0 orphaned files, 0 orphaned directories
flashfs[4]: Total bytes: 11999232
flashfs[4]: Bytes used: 1024
flashfs[4]: Bytes available: 11998208
flashfs[4]: flashfs fsck took 1 seconds.
flashfs[4]: Initialization complete.
Copying radio files from flash: to ram:
Copy in progress...CCCCC
Copy in progress...CCC
Copy in progress...CCCC
Copy in progress...CCCC
Copy in progress...CC
Copy in progress...CCC
Copy in progress...CC
Copy in progress...CCCCC
Uncompressing radio files...
...done Initializing flashfs.

Radio0  present 8764 8000 0 A8000000 A8010000 0
Rate table has 650 entries (20 legacy/224 11n/406 11ac)

POWER TABLE FILENAME = ram:/B2.bin

Radio1  present 8764 8000 0 88000000 88010000 4
POWER TABLE FILENAME = ram:/B5.bin

This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.

A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html

If you require further assistance please contact us by sending email to
export@cisco.com.


%Error opening flash:/ap3g2-rcvk9w8-mx/info (No such file or directory)cisco AIR-CAP2602E-A-K9 (PowerPC) processor (revision A0) with 204790K/57344K bytes of memory.
Processor board ID FTX1732J076
PowerPC CPU at 800MHz, revision number 0x2151
Last reset from power-on
LWAPP image version 7.6.100.0
1 Gigabit Ethernet interface
2 802.11 Radios

32K bytes of flash-simulated non-volatile configuration memory.
Base ethernet MAC Address: 7C:69:F6:40:DE:6E
Part Number                          : 73-14511-02
PCA Assembly Number                  : 800-37898-01
PCA Revision Number                  : A0
PCB Serial Number                    : FOC17292QAP
Top Assembly Part Number             : 800-38357-01
Top Assembly Serial Number           : FTX1732J076
Top Revision Number                  : A0
Product/Model Number                 : AIR-SAP2602E-A-K9   
% Please define a domain-name first.


Press RETURN to get started!


*Mar  1 00:00:15.579: %SOAP_FIPS-2-SELF_TEST_IOS_SUCCESS: IOS crypto FIPS self test passed (11)
*Mar  1 00:00:16.035: Registering HW DTLS
APAVC: Initial WLAN Buffers Given to System is  2500
APAVC:  WlanPAKs 18174 RadioPaks  17566

*Mar  1 00:00:18.415: %LINK-6-UPDOWN: Interface GigabitEthernet0, changed state to up
*Mar  1 00:00:22.223: %SOAP_FIPS-2-SELF_TEST_RAD_SUCCESS: RADIO crypto FIPS self test passed on interface Dot11Radio 0 (4)
*Mar  1 00:00:28.551: %SOAP_FIPS-2-SELF_TEST_RAD_SUCCESS: RADIO crypto FIPS self test passed on interface Dot11Radio 1 (4)
*Mar  1 00:00:28.755: Wait until the stile protocol list is initialized.

*Mar  1 00:00:31.767: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0, changed state to down
*Mar  1 00:00:33.955: Start STILE Activation

*Jul 20 05:20:33.043: %SYS-5-RESTART: System restarted --
Cisco IOS Software, C3600 Software (AP3G2-K9W8-M), Version 15.2(4)JB4, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2014 by Cisco Systems, Inc.
Compiled Thu 06-Mar-14 10:41 by prod_rel_team
*Jul 20 05:20:33.043: %SNMP-5-COLDSTART: SNMP agent on host AP7c69.f640.de6e is undergoing a cold start
*Jul 20 05:20:34.315: %LINEPROTO-5-UPDOWN: Line protocol on Interface BVI1, changed state to upERROR: Failed to configure ethernet promiscuous mode. Interface Descriptor mismatch
*Jul 20 05:20:48.399: %SOAP_FIPS-2-SELF_TEST_HW_SUCCESS: HW crypto FIPS self test passed (2-8)
*Jul 20 05:20:48.399: DPAA Initialization Complete
*Jul 20 05:20:48.399: %SYS-3-HARIKARI: Process DPAA INIT top-level routine exited
*Jul 20 05:20:49.403: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0, changed state to up
*Jul 20 05:20:55.163: APAVC: Succeeded to activate all the STILE protocols.

*Jul 20 05:20:55.163: APAVC: Registering with CFT
APAVC: CFT registration of delete callback succeeded
APAVC: Reattaching  Original Buffer pool for system use
Pool-ReAtach: paks 18174 radio17566

Translating "CISCO-CAPWAP-CONTROLLER"...domain server (255.255.255.255)

*Jul 20 05:21:06.515: %CAPWAP-3-ERRORLOG: Could Not resolve CISCO-CAPWAP-CONTROLLER
*Jul 20 05:21:06.515: %LWAPP-3-CLIENTERRORLOG: LWAPP LED Init: incorrect led state 255
*Jul 20 05:21:06.539: %LINK-6-UPDOWN: Interface Dot11Radio0, changed state to uplwapp_crypto_init: MIC Present and Parsed Successfully

*Jul 20 05:21:06.743: %SSH-5-ENABLED: SSH 2.0 has been enabled
*Jul 20 05:21:06.743: %LINK-6-UPDOWN: Interface Dot11Radio1, changed state to up
*Jul 20 05:21:06.767: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to reset
*Jul 20 05:21:06.767: %LINK-5-CHANGED: Interface Dot11Radio1, changed state to reset
*Jul 20 05:21:07.539: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to down
*Jul 20 05:21:07.743: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio1, changed state to down
*Jul 20 05:21:16.755: Logging LWAPP message to 255.255.255.255.

Translating "CISCO-CAPWAP-CONTROLLER"...domain server (255.255.255.255)

*Jul 20 05:21:35.759: %CAPWAP-3-ERRORLOG: Could Not resolve CISCO-CAPWAP-CONTROLLER
Translating "CISCO-CAPWAP-CONTROLLER"...domain server (255.255.255.255)
*Jul 20 05:21:48.039: %CDP_PD-4-POWER_OK: Full power - NEGOTIATED inline power source
*Jul 20 05:21:49.139: %LINK-6-UPDOWN: Interface Dot11Radio0, changed state to up
*Jul 20 05:21:50.139: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to up
*Jul 20 05:21:50.235: %LINK-6-UPDOWN: Interface Dot11Radio1, changed state to up
*Jul 20 05:21:51.235: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio1, changed state to up

*Jul 20 05:21:54.759: %CAPWAP-3-ERRORLOG: Could Not resolve CISCO-CAPWAP-CONTROLLER
Translating "CISCO-CAPWAP-CONTROLLER"...domain server (255.255.255.255)

 

 

AP7c69.f640.de6e#sh version
Cisco IOS Software, C3600 Software (AP3G2-K9W8-M), Version 15.2(4)JB4, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2014 by Cisco Systems, Inc.
Compiled Thu 06-Mar-14 10:41 by prod_rel_team

ROM: Bootstrap program is C3600 boot loader
BOOTLDR: C3600 Boot Loader (AP3G2-BOOT-M) LoaderVersion 12.4(25e)JA1, RELEASE SOFTWARE (fc1)

AP7c69.f640.de6e uptime is 15 minutes
System returned to ROM by power-on
System image file is "flash:/ap3g2-k9w8-mx.152-4.J
Translating "CISCO-CAPWAP-CONTROLLER"...domain server (255.255.255.255)B4/ap3g2-k9w8-xx.152-4.JB4"
Last reload reason:

 

This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.

A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html

If you require further assistance please contact us by sending email to
export@cisco.com.

cisco AIR-CAP2602E-A-K9 (PowerPC) processor (revision A0) with 204790K/57344K bytes of memory.
Processor board ID FTX1732J076
PowerPC CPU at 800MHz, revision number 0x2151
Last reset from power-on
LWAPP image version 7.6.100.0
1 Gigabit Ethernet interface
2 802.11 Radios

32K bytes of flash-simulated non-volatile configuration memory.
Base ethernet MAC Address: 7C:69:F6:40:DE:6E
Part Number                          : 73-14511-02
PCA Assembly Number                  : 800-37898-01
PCA Revision Number                  : A0
PCB Serial Number                    : FOC17292QAP
Top Assembly Part Number             : 800-38357-01
Top Assembly Serial Number           : FTX1732J076
Top Revision Number                  : A0
Product/Model Number                 : AIR-SAP2602E-A-K9   

 

Configuration register is 0xF

 

(Cisco Controller) >show sysinfo

Manufacturer's Name.............................. Cisco Systems Inc.
Product Name..................................... Cisco Controller
Product Version.................................. 7.4.100.60
Bootloader Version............................... 1.0.1
Field Recovery Image Version..................... 6.0.182.0
Firmware Version................................. FPGA 1.3, Env 1.6, USB console 1.27
Build Type....................................... DATA + WPS

System Name...................................... WLC
System Location..................................
System Contact...................................
System ObjectID.................................. 1.3.6.1.4.1.9.1.1069
Redundancy Mode.................................. Disabled
IP Address....................................... 10.10.30.187
Last Reset....................................... Power on reset
System Up Time................................... 36 days 18 hrs 10 mins 27 secs
System Timezone Location.........................
System Stats Realtime Interval................... 5
System Stats Normal Interval..................... 180

Configured Country............................... MX  - Mexico

--More-- or (q)uit
Operating Environment............................ Commercial (0 to 40 C)
Internal Temp Alarm Limits....................... 0 to 65 C
Internal Temperature............................. +40 C
External Temperature............................. +28 C
Fan Status....................................... OK

State of 802.11b Network......................... Enabled
State of 802.11a Network......................... Enabled
Number of WLANs.................................. 3
Number of Active Clients......................... 4

Memory Current Usage............................. Unknown
Memory Average Usage............................. Unknown
CPU Current Usage................................ Unknown
CPU Average Usage................................ Unknown

Burned-in MAC Address............................ 50:57:A8:C7:0A:20
Power Supply 1................................... Present, OK
Power Supply 2................................... Absent
Maximum number of APs supported.................. 12

 

I realized that the reglatory domain configured on WLC and local APs is Mexico-N and the AP I testing is US-A, I didn´t have to enable multiple regulatory domains using newer WLC software releases, but I´ll enable to be sure

thanks.

 

 

VIP Purple

Yes, It will not join to this

Yes, It will not join to this WLC because AP is in different regulatery domain.

WLC is in mexco but AP is in -A- America Domain.It must be in -N- domain.

You can try to enable two country (Mexico and USA)on wlc then check it out.

 

Regards

Dont forget to rate helpful posts

Community Member

Hi,Currently I can´t enable

Hi,

Currently I can´t enable American domain, because I need shutdown the radios, but I got an American regulatory domain AP and happend the same behavior

best regards

VIP Purple

You need a mexican domain AP

You need a mexican domain AP to connect to this WLC (country configured as mexico).

 

regards

Community Member

Yes,I´m testing now with

Yes,I´m testing now with mexican domain AP, but it still doesn´t connect

VIP Purple

As a side note, you should

As a side note, you should upgrade your controller to a supported firmware version. Go for 7.4.121.0 for AireOS version & upgrade your FUS to 1.9.0.0 as well. The version you are running is having multiple critical bugs.

Product Version.................................. 7.4.100.60
Bootloader Version............................... 1.0.1
Field Recovery Image Version..................... 6.0.182.0
Firmware Version................................. FPGA 1.3, Env 1.6, USB console 1.27

Here are the release note for these versions. FUS upgrade will take around 30-40min, so get sufficient outage window for the upgrade (at least 1 hour for both)

http://www.cisco.com/c/en/us/td/docs/wireless/controller/release/notes/crn74mr02.html

http://www.cisco.com/c/en/us/td/docs/wireless/controller/release/notes/fus_rn_OL-31390-01.pdf

HTH

Rasika

*** Pls rate all useful responses ***

Cisco Employee

capwap ports opened on the

capwap ports opened on the firewall ?

Community Member

Yes, all IP traffic is

Yes, all IP traffic is allowed

Community Member

After ugrade code to 7.6.110

After ugrade code to 7.6.110 and FUS, the AP has registered without any problem,

thanks.

594
Views
0
Helpful
13
Replies
CreatePlease to create content