Try ti review in Security / AP policies that "accept manufacture installed certificate" are enabled, also "authorize mic aps against auth-list or AAA" are disabled unless you are using a AAA or internal MAC-filter to authorize the join in this WLC.
Cheers 2014-02-05 <[email protected]>: > Send CCIE_Wireless mailing list submissions to > [email protected] > > To subscribe or unsubscribe via the World Wide Web, visit > http://onlinestudylist.com/cgi-bin/mailman/listinfo/ccie_wireless > or, via email, send a message with subject or body 'help' to > [email protected] > > You can reach the person managing the list at > [email protected] > > When replying, please edit your Subject line so it is more specific > than "Re: Contents of CCIE_Wireless digest..." > > > Today's Topics: > > 1. Re: AP not joined to WLC (cisco 2006) > > > ---------------------------------------------------------------------- > > Message: 1 > Date: Wed, 5 Feb 2014 08:46:25 +0000 (GMT) > From: cisco 2006 <[email protected]> > To: Brendon Hwang <[email protected]> > Cc: "[email protected]" > <[email protected]> > Subject: Re: [OSL | CCIE_Wireless] AP not joined to WLC > Message-ID: > <[email protected]> > Content-Type: text/plain; charset="iso-8859-1" > > I can only get these output > > > > (Cisco Controller) debug>capwap errors enable? > > (Cisco Controller) debug>*spamApTask1: Feb 04 22:06:27.284: > sshpmFreePublicKeyHandle: freeing public key > > *spamApTask0: Feb 04 23:40:31.348: d0:c7:89:0b:1f:40 State machine > handler: Failed to process ?msg type = 3 state = 0 from 10.128.20.13:8308 > > ?? > (Cisco Controller) debug> > (Cisco Controller) debug> ?*spamApTask0: Feb 04 23:40:31.348: > d0:c7:89:0b:1f:40 Failed to parse CAPWAP packet from 10.128.20.13:8308 > > *spamApTask1: Feb 04 23:42:01.311: 00:00:00:00:00:00 Invalid event > Capwap_heart_beat_timer_expiry & state Capwap_no_state combination > > *spamApTask1: Feb 04 23:42:01.311: d0:c7:89:0b:1f:40 Event = > Capwap_heart_beat_timer_expiry State = Capwap_no_state > > *spamApTask1: Feb 04 23:42:01.311: Failed to process timer message 1 > > ? > > (Cisco Controller) debug>capwap events enable? > > (Cisco Controller) debug>*spamApTask1: Feb 04 23:43:31.927: > d0:c7:89:0b:1a:b0 DTLS connection not found, creating new connection for > 10:128:20:12 (38710) 10:128:20:10 (5246) > > *spamApTask1: Feb 04 23:43:32.403: d0:c7:89:0b:1a:b0 Allocated index from > main list, Index: 127 > > *spamApTask1: Feb 04 23:43:32.403: d0:c7:89:0b:1a:b0 DTLS keys for Control > Plane are plumbed successfully for AP 10.128.20.12. Index 128 > > *spamApTask2: Feb 04 23:43:32.403: d0:c7:89:0b:1a:b0 DTLS Session > established server (10.128.20.10:5246), client (10.128.20.12:38710) > *spamApTask2: Feb 04 23:43:32.403: d0:c7:89:0b:1a:b0 Starting wait join > timer for AP: 10.128.20.12:38710 > > *spamApTask1: Feb 04 23:43:37.403: d0:c7:89:0b:1a:b0 Join Request from > 10.128.20.12:38710 > > *spamApTask1: Feb 04 23:43:37.404: d0:c7:89:0b:1a:b0 Deleting AP entry > 10.128.20.12:38710 from temporary database. > *spamApTask1: Feb 04 23:43:37.404: d0:c7:89:0b:1a:b0 MIC AP is not allowed > to join by config > > > > > On Wednesday, 5 February 2014, 11:30, Brendon Hwang <[email protected]> > wrote: > > Hello, > > You can try below. ?I am not sure what info had been delivered from you to > other guys hence I just ask few useful information you can gather if > console is possible. > > show capwap client config > show capwap client rcb > > - do this if AP keeps on rebooting > Debug capwap client no-r ?? > > - mainly you can use below for useful info. > debug capwap client event > > > Regards, > Brendon > > > > > On 5 Feb 2014, at 6:38 pm, cisco 2006 <[email protected]> wrote: > > No I don't have . > But if it is neccesary need I will try to access the AP . But what outputs > of commands do you want.? > > > Please not that all interfaces in the same vlan? > > Interfaces Entries 1 - 6 of 6 > Interface Name VLAN Identifier IP Address Interface Type Dynamic AP > Management ? > ? > > > > On Wednesday, 5 February 2014, 10:30, Brendon Hwang <[email protected]> > wrote: > > Do you have a console connection to AP by any chance? > > > Regards, > Brendon > > > > > On 5 Feb 2014, at 6:24 pm, cisco 2006 <[email protected]> wrote: > > It is 5508? > > > > On Wednesday, 5 February 2014, 10:15, Andreas di Zazzo < > [email protected]> wrote: > > Btw what controller is it? Since it looks like the access-points are > running MESH image. The virtual WLC do not support that. > ? > From:[email protected] [mailto: > [email protected]] On Behalf Of cisco 2006 > Sent: den 5 februari 2014 08:03 > To: Jeff Rensink > Cc: [email protected] > Subject: Re: [OSL | CCIE_Wireless] AP not joined to WLC > ? > Also see this output? > ? > ? > (Cisco Controller) >debug capwap errors enable? > (Cisco Controller) >*spamApTask1: Feb 04 03:18:49.454: d0:c7:89:0b:1f:40 > Join Request: Total msgEleLen = 0? > ? > *spamApTask0: Feb 04 21:58:15.193: d0:c7:89:0b:1f:40 State machine > handler: Failed to process ?msg type = 3 state = 0 from 10.128.20.13:8308 > ? > *spamApTask0: Feb 04 21:58:15.193: d0:c7:89:0b:1f:40 Failed to parse > CAPWAP packet from 10.128.20.13:8308 > ? > *spamApTask1: Feb 04 21:58:25.977: d0:c7:89:0b:1a:b0 Echo Timer Expiry: > Missing Echo from APd0:c7:89:0b:1a:b0, Closing dtls Connection. > *spamApTask1: Feb 04 21:58:42.448: d0:c7:89:0b:1a:b0 State machine > handler: Failed to process ?msg type = 3 state = 0 from 10.128.20.12:38711 > ? > *spamApTask1: Feb 04 21:58:42.448: d0:c7:89:0b:1a:b0 Failed to parse > CAPWAP packet from 10.128.20.12:38711 > ? > q*spamApTask0: Feb 04 21:59:08.726: d0:c7:89:0b:1f:40 DTLS connection was > closed > *spamApTask1: Feb 04 21:59:24.357: d0:c7:89:0b:1f:40 State machine > handler: Failed to process ?msg type = 3 state = 0 from 10.128.20.13:8309 > ? > *spamApTask1: Feb 04 21:59:24.358: d0:c7:89:0b:1f:40 Failed to parse > CAPWAP packet from 10.128.20.13:8309 > ? > *spamApTask1: Feb 04 21:59:35.981: d0:c7:89:0b:1a:b0 DTLS connection was > closed > ? > ? > On Wednesday, 5 February 2014, 9:53, cisco 2006 <[email protected]> > wrote: > The following are the output of the controller . Also notice that the > exchange of control data is in plain text as follows > ? > Wireless > all aps > ap > advanced > ?Current Data Encryption > Status???????plain text > ? > Please let me know if need any further information . > ? > ? > (Cisco Controller) >show ap retransmit all > Global control packet retransmit interval: 3 > Global control packet retransmit count: 5 > AP Name???????????? Retransmit Interval? Retransmit count > ------------------? -------------------? ------------------- > AP6c41.6a29.7355?????? N/A(Mesh mode)????? N/A(Mesh mode) > ? > ? > (Cisco Controller) >show country code > Configured Country............................. US? - United States > Configured Country Codes > ??????? US? - United States............................. 802.11a > Indoor,Outdoor / 802.11b / 802.11g > ? > ? > ? > On Wednesday, 5 February 2014, 2:11, Jeff Rensink <[email protected]> > wrote: > What do you mean by this? ?Can you give us a screenshot of your Country > codes screen? (or a "show country" command in the CLI) > > > Regards, > ? > Jeff Rensink : Sr Instructor : iPexpert > CCIE # 24834 :: Wireless / R&S > :: World-Class Cisco Certification Training > > > Direct: +1.810.326.1444 > :: Free Videos > :: Free Training / Product Offerings > :: CCIE Blog > :: Twitter > ? > On Tue, Feb 4, 2014 at 9:22 AM, cisco 2006 <[email protected]> wrote: > > > also when I configured the country code , it appairs not configured in > regularity domains. > > > > > > > ------------------------------ > On Tue, Feb 4, 2014 6:02 PM AST (Arabian) Maxim Risman wrote: > > >Hello, what is the WLC version code you are running ? > > > >Thank you. > > > > > >On Tue, Feb 4, 2014 at 4:56 AM, cisco 2006 <[email protected]> wrote: > > > >> Dear All, > >> I need you help to solve this issue in my wireless LAN . > >> When I connect the AP 3600 to the Switch the AP get the IP from the DHCP > >> but it is not joined with the WLC 5508 and I get > this output from the > >> controller . I have to mention that the mangement interface , dynamic > >> interface and APs in the same VLAN . > >> > >> > >> > >> > >> ?*All APs* > >> ? ? *Entries 1 - 2 of 2* > >> > >> ?*Current Filter* > >> ?*None* > >> > >> ?[Change Filter] [Clear Filter] > >> > >> ? ?*Number of APs* > >> > >> > >> ?*AP Name* > >> > >> ?*AP Model* > >> ?*AP MAC* > >> ?*AP Up Time* > >> ?*Admin Status* > >> ?*Operational Status* > >> ?*Port* > >> ?*AP Mode* > >> ?*Certificate Type* > >> ?*OEAP* > >> ?*Primary SW version* > >> ?*Backup SW version* > >> ?*AP Sub Mode* > >> ?*Download Status* > >> ?*Upgrade Role (Master/Slave)* > >> > >> > >> > >> > >> ?*AP Join Stats* > >> ? ?*Entries 1 - 2 of 2* > >> > >> ? ?*Current Filter:* > >> ?None > >> > >> ?[Change Filter] [Clear Filter] > >> > >> > >> > ?*Base Radio MAC* > >> ?*AP Name* > >> ?*Status* > >> ?*Ethernet MAC* > >> ?*IP Address* > >> ?*Last Join Time* > >> > >> > >> > >> > >> > >> ?*AP Join Stats Detail >* > >> > >> ? ?*General* > >> > >> ? Base MAC Address > >> ? ? AP Name > >> ? ? Ethernet MAC Address > >> ? ? IP Address > >> ? ? Status > >> ? ? *Last AP Join* > >> > >> ? *Timestamp* > >> ?*Message* > >> > ? ? ? ?*Discovery Phase Statistics* > >> > >> ? Requests Received > >> ? ? Responses Sent > >> ? ? Unsuccessful Request Processed > >> ? ? Reason For Last Unsuccessful Attempt > >> ? ? Last Successful Attempt Time > >> ? ? Last Unsuccessful Attempt Time > >> ? ? *Join Phase Statistics* > >> > >> ? Requests Received > >> ? ? Responses Sent > >> ? ? Unsuccessful Request Processed > >> ? ? Reason For Last Unsuccessful Attempt > >> ? ? Last Successful Attempt Time > >> ? ? Last Unsuccessful Attempt Time > >> ? ? *Configuration Phase Statistics* > >> > >> ? Requests Received > >> ? ? Responses Sent > >> ? ? Unsuccessful Request Processed > >> ? ? Reason For Last Unsuccessful Attempt > >> ? ? Last Successful Attempt Time > >> ? ? Last Unsuccessful Attempt Time > >> > >> ?*Last Error Summary* > >> > >> ? Last AP Message Decryption Failure > >> ? ? Last AP Connection Failure > >> ? ? Last AP Disconnect Reason > >> ? ? Last Error Occurred > >> ? ? Last Error Occurred Reason > >> ? ? Last Join Error > Timestamp > >> > >> > >> _______________________________________________ > >> Free CCIE R&S, Collaboration, Data Center, Wireless & Security Videos :: > >> > >> iPexpert on YouTube: www.youtube.com/ipexpertinc > >> > > > > > > > >-- > >Best Regards > > > >Maxim Risman > > _______________________________________________ > Free CCIE R&S, Collaboration, Data Center, Wireless & Security Videos :: > > iPexpert on YouTube: www.youtube.com/ipexpertinc > ? > ? > ? > _______________________________________________ > Free CCIE R&S, Collaboration, Data Center, Wireless & Security Videos :: > > iPexpert on YouTube: www.youtube.com/ipexpertinc > ? > > _______________________________________________ > Free CCIE R&S, Collaboration, Data Center, Wireless & Security Videos :: > > iPexpert on YouTube: www.youtube.com/ipexpertinc > -------------- next part -------------- > An HTML attachment was scrubbed... > URL: > </archives/ccie_wireless/attachments/20140205/2c65df39/attachment.html> > > ------------------------------ > > _______________________________________________ > Free CCIE R&S, Collaboration, Data Center, Wireless & Security Videos :: > > iPexpert on YouTube: www.youtube.com/ipexpertinc > > End of CCIE_Wireless Digest, Vol 58, Issue 18 > ********************************************* >
_______________________________________________ Free CCIE R&S, Collaboration, Data Center, Wireless & Security Videos :: iPexpert on YouTube: www.youtube.com/ipexpertinc
