Can you attach a screenshot about the AP policies of your WLC???
2014-02-05 <[email protected]>: > Send CCIE_Wireless mailing list submissions to > [email protected] > > To subscribe or unsubscribe via the World Wide Web, visit > http://onlinestudylist.com/cgi-bin/mailman/listinfo/ccie_wireless > or, via email, send a message with subject or body 'help' to > [email protected] > > You can reach the person managing the list at > [email protected] > > When replying, please edit your Subject line so it is more specific > than "Re: Contents of CCIE_Wireless digest..." > > > Today's Topics: > > 1. Re: CCIE_Wireless Digest, Vol 58, Issue 20 (cisco 2006) > > > ---------------------------------------------------------------------- > > Message: 1 > Date: Wed, 5 Feb 2014 10:52:51 +0000 (GMT) > From: cisco 2006 <[email protected]> > To: cisco 2006 <[email protected]>, Raul Manzano > <[email protected]>, "[email protected]" > <[email protected]> > Subject: Re: [OSL | CCIE_Wireless] CCIE_Wireless Digest, Vol 58, Issue > 20 > Message-ID: > <[email protected]> > Content-Type: text/plain; charset="iso-8859-1" > > Trap Logs ???? > Number of Traps since last reset?? 11635 ?? > Number of Traps since log last viewed?? 5767 ?? > Log > System Time > Trap > 0 Wed Feb 5 01:42:43 2014 AP Disassociated. Base Radio > MAC:d0:c7:89:0b:1a:b0 > 1 Wed Feb 5 01:42:43 2014 AP's Interface:1(802.11a) Operation State Down: > Base Radio MAC:d0:c7:89:0b:1a:b0 Cause=New Discovery Status:NA > 2 Wed Feb 5 01:42:43 2014 AP's Interface:0(802.11b) Operation State Down: > Base Radio MAC:d0:c7:89:0b:1a:b0 Cause=New Discovery Status:NA > 3 Wed Feb 5 01:40:17 2014 Configuration Saved from Web Interface > 4 Wed Feb 5 01:38:08 2014 AAA Authentication Failure for > UserName:6c416a297355 User Type: WLAN USER > 5 Wed Feb 5 01:38:02 2014 AAA Authentication Failure for > UserName:6c416a297355 User Type: WLAN USER > 6 Wed Feb 5 01:37:47 2014 AAA Authentication Failure for > UserName:6c416a297355 User Type: WLAN USER > 7 Wed Feb 5 01:37:41 2014 AAA Authentication Failure for > UserName:6c416a297355 User Type: WLAN USER > 8 Wed Feb 5 01:37:26 2014 AAA Authentication Failure for > UserName:6c416a297355 User Type: WLAN USER > 9 Wed Feb 5 01:37:20 2014 AAA Authentication Failure for > UserName:6c416a297355 User Type: WLAN USER > > > > On Wednesday, 5 February 2014, 13:35, cisco 2006 <[email protected]> > wrote: > > Yes it is disable > > > > On Wednesday, 5 February 2014, 12:20, Raul Manzano <[email protected]> > wrote: > > Ok, but?"authorize mic aps against auth-list or AAA" is enable or disable, > because this option, unless you want to authorizate your AP against AAA or > MAc-filtering must be disabled. > > Cheers > > > > 2014-02-05 <[email protected]>: > > Send CCIE_Wireless mailing list submissions to > >? ? ? ? [email protected] > > > >To subscribe or unsubscribe via the World Wide Web, visit > >? ? ? ? http://onlinestudylist.com/cgi-bin/mailman/listinfo/ccie_wireless > >or, via email, send a message with subject or body 'help' to > >? ? ? ? [email protected] > > > >You can reach the person managing the list at > >? ? ? ? [email protected] > > > >When replying, please edit your Subject line so it is more specific > >than "Re: Contents of CCIE_Wireless digest..." > > > > > >Today's Topics: > > > >? ?1. Re: CCIE_Wireless Digest, Vol 58, Issue 18 (cisco 2006) > > > > > >---------------------------------------------------------------------- > > > >Message: 1 > >Date: Wed, 5 Feb 2014 09:11:11 +0000 (GMT) > >From: cisco 2006 <[email protected]> > >To: Raul Manzano <[email protected]>, > >? ? ? ? "[email protected]" > >? ? ? ? <[email protected]> > >Subject: Re: [OSL | CCIE_Wireless] CCIE_Wireless Digest, Vol 58, Issue > >? ? ? ? 18 > >Message-ID: > >? ? ? ? <[email protected]> > >Content-Type: text/plain; charset="iso-8859-1" > > > > > > > >Yes , I did the accept manufacture installed certificate but I recieved > this : > > > > > > > >Reason For Last Unsuccessful Attempt ? ?RADIUS authorization is pending > for the AP > > > > > > > > > >On Wednesday, 5 February 2014, 11:57, Raul Manzano <[email protected]> > wrote: > > > >Try ti review in Security / AP policies that "accept manufacture > installed certificate" are enabled, also "authorize mic aps against > auth-list or AAA" are disabled unless you are using a AAA or internal > MAC-filter to authorize the join in this WLC. > > > >Cheers > > > > > > > >2014-02-05 <[email protected]>: > > > >Send CCIE_Wireless mailing list submissions to > >>? ? ? ? [email protected] > >> > >>To subscribe or unsubscribe via the World Wide Web, visit > >>? ? ? ? > http://onlinestudylist.com/cgi-bin/mailman/listinfo/ccie_wireless > >>or, via email, send a message with subject or body 'help' to > >>? ? ? ? [email protected] > >> > >>You can reach the person managing the list at > >>? ? ? ? [email protected] > >> > >>When replying, please edit your Subject line so it is more specific > >>than "Re: Contents of CCIE_Wireless digest..." > >> > >> > >>Today's Topics: > >> > >>? ?1. Re: AP not joined to WLC (cisco 2006) > >> > >> > >>---------------------------------------------------------------------- > >> > >>Message: 1 > >>Date: Wed, 5 Feb 2014 08:46:25 +0000 (GMT) > >>From: cisco 2006 <[email protected]> > >>To: Brendon Hwang <[email protected]> > >>Cc: "[email protected]" > >>? ? ? ? <[email protected]> > >>Subject: Re: [OSL | CCIE_Wireless] AP not joined to WLC > >>Message-ID: > >>? ? ? ? <[email protected]> > >>Content-Type: text/plain; charset="iso-8859-1" > >> > >>I can only get these output > >> > >> > >> > >>(Cisco Controller) debug>capwap errors enable? > >> > >>(Cisco Controller) debug>*spamApTask1: Feb 04 22:06:27.284: > sshpmFreePublicKeyHandle: freeing public key > >> > >>*spamApTask0: Feb 04 23:40:31.348: d0:c7:89:0b:1f:40 State machine > handler: Failed to process ?msg type = 3 state = 0 from 10.128.20.13:8308 > >> > >>?? > >>(Cisco Controller) debug> > >>(Cisco Controller) debug> ?*spamApTask0: Feb 04 23:40:31.348: > d0:c7:89:0b:1f:40 Failed to parse CAPWAP packet from 10.128.20.13:8308 > >> > >>*spamApTask1: Feb 04 23:42:01.311: 00:00:00:00:00:00 Invalid event > Capwap_heart_beat_timer_expiry & state Capwap_no_state combination > >> > >>*spamApTask1: Feb 04 23:42:01.311: d0:c7:89:0b:1f:40 Event = > Capwap_heart_beat_timer_expiry State = Capwap_no_state > >> > >>*spamApTask1: Feb 04 23:42:01.311: Failed to process timer message 1 > >> > >>? > >> > >>(Cisco Controller) debug>capwap events enable? > >> > >>(Cisco Controller) debug>*spamApTask1: Feb 04 23:43:31.927: > d0:c7:89:0b:1a:b0 DTLS connection not found, creating new connection for > 10:128:20:12 (38710) 10:128:20:10 (5246) > >> > >>*spamApTask1: Feb 04 23:43:32.403: d0:c7:89:0b:1a:b0 Allocated index > from main list, Index: 127 > >> > >>*spamApTask1: Feb 04 23:43:32.403: d0:c7:89:0b:1a:b0 DTLS keys for > Control Plane are plumbed successfully for AP 10.128.20.12. Index 128 > >> > >>*spamApTask2: Feb 04 23:43:32.403: d0:c7:89:0b:1a:b0 DTLS Session > established server (10.128.20.10:5246), client (10.128.20.12:38710) > >>*spamApTask2: Feb 04 23:43:32.403: d0:c7:89:0b:1a:b0 Starting wait join > timer for AP: 10.128.20.12:38710 > >> > >>*spamApTask1: Feb 04 23:43:37.403: d0:c7:89:0b:1a:b0 Join Request from > 10.128.20.12:38710 > >> > >>*spamApTask1: Feb 04 23:43:37.404: d0:c7:89:0b:1a:b0 Deleting AP entry > 10.128.20.12:38710 from temporary database. > >>*spamApTask1: Feb 04 23:43:37.404: d0:c7:89:0b:1a:b0 MIC AP is not > allowed to join by config > >> > >> > >> > >> > >>On Wednesday, 5 February 2014, 11:30, Brendon Hwang <[email protected]> > wrote: > >> > >>Hello, > >> > >>You can try below. ?I am not sure what info had been delivered from you > to other guys hence I just ask few useful information you can gather if > console is possible. > >> > >>show capwap client config > >>show capwap client rcb > >> > >>- do this if AP keeps on rebooting > >>Debug capwap client no-r ?? > >> > >>- mainly you can use below for useful info. > >>debug capwap client event > >> > >> > >>Regards, > >>Brendon > >> > >> > >> > >> > >>On 5 Feb 2014, at 6:38 pm, cisco 2006 <[email protected]> wrote: > >> > >>No I don't have . > >>But if it is neccesary need I will try to access the AP . But what > outputs of commands do you want.? > >> > >> > >>Please not that all interfaces in the same vlan? > >> > >>Interfaces Entries 1 - 6 of 6 > >>Interface Name VLAN Identifier IP Address Interface Type Dynamic AP > Management ? > >>? > >> > >> > >> > >>On Wednesday, 5 February 2014, 10:30, Brendon Hwang <[email protected]> > wrote: > >> > >>Do you have a console connection to AP by any chance? > >> > >> > >>Regards, > >>Brendon > >> > >> > >> > >> > >>On 5 Feb 2014, at 6:24 pm, cisco 2006 <[email protected]> wrote: > >> > >>It is 5508? > >> > >> > >> > >>On Wednesday, 5 February 2014, 10:15, Andreas di Zazzo < > [email protected]> wrote: > >> > >>Btw what controller is it? Since it looks like the access-points are > running MESH image. The virtual WLC do not support that. > >>? > >>From:[email protected] [mailto: > [email protected]] On Behalf Of cisco 2006 > >>Sent: den 5 februari 2014 08:03 > >>To: Jeff Rensink > >>Cc: [email protected] > >>Subject: Re: [OSL | CCIE_Wireless] AP not joined to WLC > >>? > >>Also see this output? > >>? > >>? > >>(Cisco Controller) >debug capwap errors enable? > >>(Cisco Controller) >*spamApTask1: Feb 04 03:18:49.454: d0:c7:89:0b:1f:40 > Join Request: Total msgEleLen = 0? > >>? > >>*spamApTask0: Feb 04 21:58:15.193: d0:c7:89:0b:1f:40 State machine > handler: Failed to process ?msg type = 3 state = 0 from 10.128.20.13:8308 > >>? > >>*spamApTask0: Feb 04 21:58:15.193: d0:c7:89:0b:1f:40 Failed to parse > CAPWAP packet from 10.128.20.13:8308 > >>? > >>*spamApTask1: Feb 04 21:58:25.977: d0:c7:89:0b:1a:b0 Echo Timer Expiry: > Missing Echo from APd0:c7:89:0b:1a:b0, Closing dtls Connection. > >>*spamApTask1: Feb 04 21:58:42.448: d0:c7:89:0b:1a:b0 State machine > handler: Failed to process ?msg type = 3 state = 0 from 10.128.20.12:38711 > >>? > >>*spamApTask1: Feb 04 21:58:42.448: d0:c7:89:0b:1a:b0 Failed to parse > CAPWAP packet from 10.128.20.12:38711 > >>? > >>q*spamApTask0: Feb 04 21:59:08.726: d0:c7:89:0b:1f:40 DTLS connection > was closed > >>*spamApTask1: Feb 04 21:59:24.357: d0:c7:89:0b:1f:40 State machine > handler: Failed to process ?msg type = 3 state = 0 from 10.128.20.13:8309 > >>? > >>*spamApTask1: Feb 04 21:59:24.358: d0:c7:89:0b:1f:40 Failed to parse > CAPWAP packet from 10.128.20.13:8309 > >>? > >>*spamApTask1: Feb 04 21:59:35.981: d0:c7:89:0b:1a:b0 DTLS connection was > closed > >>? > >>? > >>On Wednesday, 5 February 2014, 9:53, cisco 2006 <[email protected]> > wrote: > >>The following are the output of the controller . Also notice that the > exchange of control data is in plain text as follows > >>? > >>Wireless > all aps > ap > advanced > ?Current Data Encryption > Status???????plain text > >>? > >>Please let me know if need any further information . > >>? > >>? > >>(Cisco Controller) >show ap retransmit all > >>Global control packet retransmit interval: 3 > >>Global control packet retransmit count: 5 > >>AP Name???????????? Retransmit Interval? Retransmit count > >>------------------? -------------------? ------------------- > >>AP6c41.6a29.7355?????? N/A(Mesh mode)????? N/A(Mesh mode) > >>? > >>? > >>(Cisco Controller) >show country code > >>Configured Country............................. US? - United States > >>Configured Country Codes > >>??????? US? - United States............................. 802.11a > Indoor,Outdoor / 802.11b / 802.11g > >>? > >>? > >>? > >>On Wednesday, 5 February 2014, 2:11, Jeff Rensink <[email protected]> > wrote: > >>What do you mean by this? ?Can you give us a screenshot of your Country > codes screen? (or a "show country" command in the CLI) > >> > >> > >>Regards, > >>? > >>Jeff Rensink : Sr Instructor : iPexpert > >>CCIE # 24834 :: Wireless / R&S > >>:: World-Class Cisco Certification Training > >> > >> > >>Direct: +1.810.326.1444 > >>:: Free Videos > >>:: Free Training / Product Offerings > >>:: CCIE Blog > >>:: Twitter > >>? > >>On Tue, Feb 4, 2014 at 9:22 AM, cisco 2006 <[email protected]> wrote: > >> > >> > >>also when I configured the country code , it appairs not configured in > regularity domains. > >> > >> > >> > >> > >> > >> > >>------------------------------ > >>On Tue, Feb 4, 2014 6:02 PM AST (Arabian) Maxim Risman wrote: > >> > >>>Hello, what is the WLC version code you are running ? > >>> > >>>Thank you. > >>> > >>> > >>>On Tue, Feb 4, 2014 at 4:56 AM, cisco 2006 <[email protected]> wrote: > >>> > >>>> Dear All, > >>>> I need you help to solve this issue in my wireless LAN . > >>>> When I connect the AP 3600 to the Switch the AP get the IP from the > DHCP > >>>> but it is not joined with the WLC 5508 and I get > >>?this output from the > >>>> controller . I have to mention that the mangement interface , dynamic > >>>> interface and APs in the same VLAN . > >>>> > >>>> > >>>> > >>>> > >>>> ?*All APs* > >>>> ? ? *Entries 1 - 2 of 2* > >>>> > >>>> ?*Current Filter* > >>>> ?*None* > >>>> > >>>> ?[Change Filter] [Clear Filter] > >>>> > >>>> ? ?*Number of APs* > >>>> > >>>> > >>>> ?*AP Name* > >>>> > >>>> ?*AP Model* > >>>> ?*AP MAC* > >>>> ?*AP Up Time* > >>>> ?*Admin Status* > >>>> ?*Operational Status* > >>>> ?*Port* > >>>> ?*AP Mode* > >>>> ?*Certificate Type* > >>>> ?*OEAP* > >>>> ?*Primary SW version* > >>>> ?*Backup SW version* > >>>> ?*AP Sub Mode* > >>>> ?*Download Status* > >>>> ?*Upgrade Role (Master/Slave)* > >>>> > >>>> > >>>> > >>>> > >>>> ?*AP Join Stats* > >>>> ? ?*Entries 1 - 2 of 2* > >>>> > >>>> ? ?*Current Filter:* > >>>> ?None > >>>> > >>>> ?[Change Filter] [Clear Filter] > >>>> > >>>> > >>>> > >>??*Base Radio MAC* > >>>> ?*AP Name* > >>>> ?*Status* > >>>> ?*Ethernet MAC* > >>>> ?*IP Address* > >>>> ?*Last Join Time* > >>>> > >>>> > >>>> > >>>> > >>>> > >>>> ?*AP Join Stats Detail >* > >>>> > >>>> ? ?*General* > >>>> > >>>> ? Base MAC Address > >>>> ? ? AP Name > >>>> ? ? Ethernet MAC Address > >>>> ? ? IP Address > >>>> ? ? Status > >>>> ? ? *Last AP Join* > >>>> > >>>> ? *Timestamp* > >>>> ?*Message* > >>>> > >>?? ? ? ?*Discovery Phase Statistics* > >>>> > >>>> ? Requests Received > >>>> ? ? Responses Sent > >>>> ? ? Unsuccessful Request Processed > >>>> ? ? Reason For Last Unsuccessful Attempt > >>>> ? ? Last Successful Attempt Time > >>>> ? ? Last Unsuccessful Attempt Time > >>>> ? ? *Join Phase Statistics* > >>>> > >>>> ? Requests Received > >>>> ? ? Responses Sent > >>>> ? ? Unsuccessful Request Processed > >>>> ? ? Reason For Last Unsuccessful Attempt > >>>> ? ? Last Successful Attempt Time > >>>> ? ? Last Unsuccessful Attempt Time > >>>> ? ? *Configuration Phase Statistics* > >>>> > >>>> ? Requests Received > >>>> ? ? Responses Sent > >>>> ? ? Unsuccessful Request Processed > >>>> ? ? Reason For Last Unsuccessful Attempt > >>>> ? ? Last Successful Attempt Time > >>>> ? ? Last Unsuccessful Attempt Time > >>>> > >>>> ?*Last Error Summary* > >>>> > >>>> ? Last AP Message Decryption Failure > >>>> ? ? Last AP Connection Failure > >>>> ? ? Last AP Disconnect Reason > >>>> ? ? Last Error Occurred > >>>> ? ? Last Error Occurred Reason > >>>> ? ? Last Join Error > >>?Timestamp > >>>> > >>>> > >>>> _______________________________________________ > >>>> Free CCIE R&S, Collaboration, Data Center, Wireless & Security Videos > :: > >>>> > >>>> iPexpert on YouTube: www.youtube.com/ipexpertinc > >>>> > >>> > >>> > >>> > >>>-- > >>>Best Regards > >>> > >>>Maxim Risman > >> > >>_______________________________________________ > >>Free CCIE R&S, Collaboration, Data Center, Wireless & Security Videos :: > >> > >>iPexpert on YouTube: www.youtube.com/ipexpertinc > >>? > >>? > >>? > >>_______________________________________________ > >>Free CCIE R&S, Collaboration, Data Center, Wireless & Security Videos :: > >> > >>iPexpert on YouTube: www.youtube.com/ipexpertinc > >>? > >> > >>_______________________________________________ > >>Free CCIE R&S, Collaboration, Data Center, Wireless & Security Videos :: > >> > >>iPexpert on YouTube: www.youtube.com/ipexpertinc > >>-------------- next part -------------- > >>An HTML attachment was scrubbed... > >>URL: > </archives/ccie_wireless/attachments/20140205/2c65df39/attachment.html> > >> > >>------------------------------ > >> > >>_______________________________________________ > >>Free CCIE R&S, Collaboration, Data Center, Wireless & Security Videos :: > >> > >>iPexpert on YouTube: www.youtube.com/ipexpertinc > >> > >>End of CCIE_Wireless Digest, Vol 58, Issue 18 > >>********************************************* > >> > > > >_______________________________________________ > >Free CCIE R&S, Collaboration, Data Center, Wireless & Security Videos :: > > > >iPexpert on YouTube: www.youtube.com/ipexpertinc > >-------------- next part -------------- > >An HTML attachment was scrubbed... > >URL: > </archives/ccie_wireless/attachments/20140205/48f384fe/attachment.html> > > > >------------------------------ > > > >_______________________________________________ > >Free CCIE R&S, Collaboration, Data Center, Wireless & Security Videos :: > > > >iPexpert on YouTube: www.youtube.com/ipexpertinc > > > >End of CCIE_Wireless Digest, Vol 58, Issue 20 > >********************************************* > > > > _______________________________________________ > Free CCIE R&S, Collaboration, Data Center, Wireless & Security Videos :: > > iPexpert on YouTube: www.youtube.com/ipexpertinc > > > > _______________________________________________ > Free CCIE R&S, Collaboration, Data Center, Wireless & Security Videos :: > > iPexpert on YouTube: www.youtube.com/ipexpertinc > -------------- next part -------------- > An HTML attachment was scrubbed... > URL: > </archives/ccie_wireless/attachments/20140205/cc59d588/attachment.html> > > ------------------------------ > > _______________________________________________ > Free CCIE R&S, Collaboration, Data Center, Wireless & Security Videos :: > > iPexpert on YouTube: www.youtube.com/ipexpertinc > > End of CCIE_Wireless Digest, Vol 58, Issue 25 > ********************************************* >
_______________________________________________ Free CCIE R&S, Collaboration, Data Center, Wireless & Security Videos :: iPexpert on YouTube: www.youtube.com/ipexpertinc
