03-28-2016 10:17 AM - edited 03-28-2016 11:38 AM
We have some APs that were switched to backup controller(switch in their terminology) and refuse to go back to LMS.
We rebooted them several times, but now luck.
What would be the known reasons for that?
What commands we can run to troubleshoot this problem?
Solved! Go to Solution.
03-28-2016 10:45 AM
- can you ping the other controller from the AP console ?
- do you have enough licenses ?
- Do you CPSec enabled ?
- did you write mem or save config on the primary controller
Sent from Outlook for iPhone
Lead Mobility Engineer @ Integration Partners
AMFX | ACMX | ACDX | ACCX | CWAP | CWDP | CWNA
03-28-2016 11:04 AM - edited 03-28-2016 12:17 PM
> can you ping the other controller from the AP console ?
I am not able to test this, because everything is remote for me and I access the network through the VPN
What I can see that I can ping AP from the LMS itself.
> do you have enough licenses ?
#show license limits License Limits -------------- Limit Value ----- ----- 24 Access Points 24 RF Protect 0 xSec Module 0 120abg Upgrade 0 121abg Upgrade 0 124abg Upgrade 0 125abg Upgrade 24 Next Generation Policy Enforcement Firewall Module 0 Advanced Cryptography 0 Service provider AP
All 24 AP are licensed. 15 APs are connected to the LMS, 9 APs are connected to the backup controller.
>- Do you CPSec enabled ?
#show running-config | include cpsec Building Configuration... no cpsec-enable
> did you write mem or save config on the primary controller
Not sure how it related to my problem...
03-28-2016 11:48 AM
On the controller where the AP is now do a "show ap config ap-name xxxxx" See it it has listed as the primary and backup controller. Also do both controllers have the same AOS? I had issues once caused by mismatched AOS versions.
03-28-2016 12:14 PM - edited 03-28-2016 12:15 PM
I run ""show ap config ap-name xxxxx" on both (LMS and Backup LMS controller) for one of the AP which is switched to backup LMS and one which is on primary LMS, configuration is identical (I have removed real IPs and changed profiel name for security reasons):
.... Parameter 802.11g 802.11a Source --------- ------- ------- ------ ..... LMS IP "IP1" "IP1" ap system-profile "Profile1" Backup "IP2" "IP2" ap system-profile "Profile1" LMS IPv6 N/A N/A ap system-profile "Profile1" Backup LMS IPv6 N/A N/A ap system-profile "Profile1" LMS Preemption Enabled Enabled ap system-profile "Profile1" LMS Hold-down Period 600 sec 600 sec ap system-profile "Profile1" LMS ping interval 20 20 ap system-profile "Profile1" ....
AOS is the same on both controllers, bootstrap is different but it never were the problem before.
Also didn't mentioned that Backup LMS is the Master controller for all LMS controllers, but I am not sure it is relevant.
Backup LMS is:
ArubaOS (MODEL: Aruba3600), Version 126.96.36.199
Copyright (c) 2002-2015, Aruba Networks, Inc.
Compiled on 2015-01-15 at 18:50:32 PST (build 48122) by p4build
ROM: System Bootstrap, Version CPBoot 188.8.131.52 (build 28907)
ArubaOS (MODEL: Aruba3400), Version 184.108.40.206 Website: http://www.arubanetworks.com Copyright (c) 2002-2015, Aruba Networks, Inc. Compiled on 2015-01-15 at 18:50:32 PST (build 48122) by p4build ROM: System Bootstrap, Version CPBoot 220.127.116.11 (build 34552)
03-28-2016 02:21 PM
Just throwing out ideas but you should be able to manually reprovision the APs to the correct controller from the backup controller. If the system profiles are correct then how about DHCP options, or ADP turned on?
Are the APs on the same subnet as the backup controller? Can you share the matching system profile settings for us?
03-28-2016 03:17 PM
I tried one, doesn't look it helps.
All APs are receiving IP address from DHCP. ADP is on.
Subnet for AP and LMS is the same.
SUbnets for LMS and backup LMS are different.
Sorry, what do you mean by "matching system profile settings"? All configuration is identical for all APs. Also everything was working before fine.
The only difference is that 9 APs that are in question sit on the different physical switch. Another 15 APs that are working fine are sitting on another physical switch.
When LMS losts powere or rebooted all APs are switching to Backup LMS. In this case we reboot the switch where APs are connected, AP are losing power, reboot and go back to LMS. Those 9 APs do not want to switch back, in spite of the fact we rebooted their switch numerous times already.
I have a feeling that all this is related to the switch where those APs are connected. I can login to the switch and ping LMS and Backup LMS .
Still lost where to look ...
03-28-2016 06:44 PM
OK so you are saying that all 24 APs are in the same AP group which means they have the same system profile and 15 are working as expect but the 9 that are not are on a different switch AND that even though they are on a different switch all 24 are on the same subnet as the LMS?
If by chance the second switch has a different subnet do extended pings from the vlan source IP instead of a standard ping which would likely use the connected interface as the source for the ping. "ping IP" enter and follow the prompts choose "yes" for extended pings and enter the default gateway IP of the APs for the source.
Also are the 9 APs on the backup funtioning correctly and in the same AP group as the 15 on the LMS? Any flags on the backup controller for these APs when you do a "show ap database long"
03-28-2016 07:05 PM - edited 03-28-2016 07:07 PM
1) All 24 access points are in the same AP Group and have identical configuration.
2) All 24 access points are on the same subnet and have the same default gateway
The only difference is the physical connection (15 AP on one switch, 9 ap on another switch).
I run "show ap database long" on the backup controller (which is the master controller). Nine access points that are switched to backup controller are showing "D" flag.
Below is the result for two APs (one is switched and one is not)
AP Database ----------- Name Group AP Type IP Address Status Flags Switch IP Standby IP Wired MAC Address Serial # Port FQLN Outer IP User ---- ----- ------- ---------- ------ ----- --------- ---------- ----------------- -------- ---- ---- -------- ---- ... 6c:f3:7f:ca:30:b0 Group1 105 AP-IP-Address1 Up 9h:31m:11s D BACKUP-LMS-IP-ADDRESS 0.0.0.0 6c:f3:7f:ca:30:b0 BT0251796 N/A N/A N/A 6c:f3:7f:ca:30:b5 Group1 105 AP-IP-Address2 Up 11h:35m:27s LMS-IP-ADDRESS 0.0.0.0 6c:f3:7f:ca:30:b5 BT0251801 N/A N/A ....
Also, you can note that uptime for the AP which is switched is less, because we were rebooting it, trying to fix the issue.
I would imagine that 9 APs that are not working are not seeing the LMS correctly, but I can ping LMS from their switch no problem. Unfortunately, I do not see any troubleshooting opportunities "fom inside "the AP itself.
03-28-2016 07:09 PM
On the AP with the issue, please execute "show ap debug-log ap-name <name of ap>" to see how it came up....
Aruba Customer Engineering
Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base