Cisco Cisco 2000 Series Wireless LAN Controller Troubleshooting Guide
Primary Controller system name (previously configured on LAP)
a.
Secondary Controller system name (previously configured on LAP)
b.
Tertiary Controller system name (previously configured on LAP)
c.
Master controller (if the LAP has not been previously configured with any Primary,
Secondary, or Tertiary controller names. Used to always know which controller brand new
LAPs join)
Secondary, or Tertiary controller names. Used to always know which controller brand new
LAPs join)
d.
If none of the above are seen, load balance across controllers using the excess capacity value
in the discovery response.
in the discovery response.
If two controllers have the same excess capacity, then send the join request to the first
controller that responded to the discovery request with a discovery response. If a single
controller has multiple AP-managers on multiple interfaces, choose the AP-manager interface
with the least number of APs.
controller that responded to the discovery request with a discovery response. If a single
controller has multiple AP-managers on multiple interfaces, choose the AP-manager interface
with the least number of APs.
The controller will respond to all discovery requests without checking certificates or AP
credentials. However, join requests must have a valid certificate in order to get a join
response from the controller. If the LAP does not receive a join response from its choice, the
LAP will try the next controller in the list unless the controller is a configured controller
(Primary/Secondary/Tertiary).
credentials. However, join requests must have a valid certificate in order to get a join
response from the controller. If the LAP does not receive a join response from its choice, the
LAP will try the next controller in the list unless the controller is a configured controller
(Primary/Secondary/Tertiary).
e.
When it receives the join reply, the AP checks to make sure it has the same image as that of the
controller. If not, the AP downloads the image from the controller and reboots to load the new image
and starts the process all over again from step 1.
controller. If not, the AP downloads the image from the controller and reboots to load the new image
and starts the process all over again from step 1.
5.
If it has the same software image, it asks for the configuration from the controller and moves into the
registered state on the controller.
registered state on the controller.
After you download the configuration, the AP might reload again to apply the new configuration.
Therefore, an extra reload can occur and is a normal behavior.
Therefore, an extra reload can occur and is a normal behavior.
6.
Debug from the Controller
There are a few debug commands on the controller you can use in order to see this entire process on the CLI .
debug lwapp events enable
—Shows discovery packets and join packets.
•
debug lwapp packet enable
— Shows packet level information of the discovery and join packets.
•
debug pm pki enable
—Shows certificate validation process.
•
debug disable-all
—Turns off debugs.
•
With a terminal application that can capture output to a log file, console in or secure shell (SSH)/Telnet to
your controller, and enter these commands:
your controller, and enter these commands:
config session timeout 120
config serial timeout 120
show run-config (and spacebar thru to collect all)
config serial timeout 120
show run-config (and spacebar thru to collect all)
debug mac addr <ap-mac-address>
(in xx:xx:xx:xx:xx format)
debug client <ap-mac-address>
debug lwapp events enable
debug lwapp errors enable
debug pm pki enable
debug lwapp errors enable
debug pm pki enable
After capturing the debugs, use the debug disable-all command to turn off all debugs.
The next sections show the output of these debug commands when the LAP registers with the controller.