Hi guys, i'll try to explain our trouble as best as i can:
Im trying to do some basic scenario here. Picture this: One L3 Switch connecting a 4402 Controller, 3 Administrative Vlans for APs (63, 93 and 127) and 3 Vlans for clients (one for each Administrative vlan, 16, 64 and 95 respectively). Also, in one of the administrative vlans (63) lives the Management and AP Manager interfaces of the controller. The L3 Switch does the DHCP business also, including giving the Controller IP (option 43).
Here is the deal: When i try to connect one LWAP AP in to the same VLAN as the controller (63) it does gets an IP address of the segment and also gets the Controller IP. BUT, it cannot reach the Controller Management interface, not by ping nor by registering. (i connected a laptop to chek this behavior and it cant ping the Management Interface either)
Then, if i connect the same AP to another VLAN (say.. 93)it will get an IP address of the segment, IP of the controller and it will reach the Controller by means of PING and also discovery request/discovery response. BUT, it wont register with the controller. In both cases, the L3 switch can ping just fine the APs and the Management Interface.
After sniffing little bit I can see that the AP does in fact send the Join request message to the AP Manager interface of the Controller, but it wont get an answer. Then, in the CLI of the Controller (debug lwapp events enable) i can see that the controller does recive the discovery request and send the discovery response messages, but never sees the join request frome the AP.
Configs of the switch and controller attached.
Also, i checked the date of the controller and its up to date, the certificates of the APs should be fine, they will expire in 2 o 3 more years.
Oh, and the Controller its not directly connected to the Switch, its connected to another 3500 switch using a GBIC, but its just used as a media converter... after that switch its connected to a trunk in the L3 Switch.. and yes, the Switch with the controller has all the needed vlans configured so they can be seen on the trunks.
Hi again... guess what? I came to work today, turned on all the equipment.. and it works! God knows why but now the APs can register. For your information I did reset the devices before, so i dont know what happened.
Anyway there is still a problem. If the APs are in the same VLAN as the controller, they cant see it. And this goes for every device, if I have 2 APs and one laptop in the same vlan they cant ping each other but can ping their GW. Any comments on this?
Hi Omar, exactly this strange behaviour i observed on a customer site. In a 30AP/"WLC environment the half of the APs can Discover and Join, the others can Discover, send their Join Request but the Controller will never answer. We tried everything, nothing helps. Any Idea? Regards, Michael
Well, our APs does register, the only way the cannot join is when both of them are in the same VLAN.
But even this i think i've solved it. If I connect the AP to the same Switch where the Controller lives, it does register, even if they are in the same vlan. But, if i connect the AP to the switch where the routing (ip int vlan) lives, it wont register if its in an access port of the same vlan as the controller.
Transferring Crash file from standby:
Login to the Active WLC in HA.
(Cisco Controller) >transfer upload datatype crash
(Cisco Controller) >transfer upload filename <Desired filename>
(Cisco Controller) >transfer up...
This is the start of a display filter cross reference between Wireshark and OmniPeek.
The 1st installment is a table of advanced filters. More filters will be added as time allows.
It is a living doc, so check back for changes every so often
Please feel ...
I have created a Powershell script to automatically add a Wireless Guest User on Cisco WLCs. (tested on 2500 Series)
The script should be completely self explanatory.
Powershell SNMP Module (Install-Module -Name SNMP)
SNMP Write Access to...