Wireless Access

Hey there,

I have a local controller (7010) in Austin with two WAPs connected directly to the controller.  The controller is connected to a cable mode that is in bridge mode.  The local IPSec's back to the Master which is at our Colo in PGH Pa.

The WAP's will not come up on the Master although they are whitelisted on the Master.  I am not sure if I have the LMS config right... Any thoughts?

Thanks,

rif

You are missing a great deal of information.

If anything you should do a "show datapath session table <ip address of AP>" on the controller to see if traffic is even being sent there.  What discovery method is the AP using?

One of the APs came up as an IAP originally and I converted it by pointing to the public address of the Master the other AP was not browsable to so I am not sure what its deal is. 

Which controller are you suggesting I issue the "show datapath session table <ip address of AP>" command on?  And bderp! I don't which discovery method is being used!

rif

when i run the sh data path command on the local I see it reaching our to the Master first on 4500 then on 514?

rif

If you convert an AP from IAP to campus AP, the controller you used to convert it is hardcoded as the master in the AP.  Theoretically it will always point to that controller unless you change that by provisioning it.  Finding out what an AP is using for discovery is fundamental to troubleshooting why an AP is not coming up.  If youi don't have a discovery mechanism, it won't find the controller, and you need to create one...

Thanks Colin,

I now have console access.  One round of attempting the conversion from IAP to CAP by pointing it to the master for converstion didn't work.  While i have CMD access to the AP  how do you suggest I find out/config its discovery method?

thanks

It should say in the console output.  But you have two different issues:

Converting and AP and Making it Come up as a CAP.  Can you SSH into the IAP and ping the master before the conversion?

I cannot now.  I am no longer on sight for console access and machine I was teamview'ing into to get access to the WAP's is not responding.  Is there any way to use the controller to telnet or ssh to the WAPs?

rif

Unless the AP is under control of a controller, you cannot send it the command to allow communication.  You need to come up with a plan when you have physical access to it.

Ok.  I will see if I can get that teamviewer session turned back up...

rif

By the way if you can point me to some documentation on how to configure routing through the IPSec tunnel between the Master and the Local I can then telnet or ssh to the IAP's remotely...

rif

That is not a good approach.  If the AP has not attached to a controller, you cannot telnet or SSH into it.  If it does connect to a controller, you do not need to telnet or SSH into it.  You also cannot see discovery messages, unless you are connected to the console.  I would open a case with TAC so that they can unravel your issue and work out the details.  Otherwise you might just end up being frustrated by trying to guess what is happening.

Colin,

Thank you, I will do that.  I do have a question about that routing senario though.  If the IAP is plugged directly into the controller and getting its TCP/IP settings via DHCP from that controller could I theoretically ssh to the IAP if I could route to it?

Thanks again,

rif

You can SSH into an IAP that is routable, period.  It does not depend on a controller.  You cannot telnet into a Campus AP, unless it has contacted a controller and is under control of that controller.

Ok we are good to go!  The problem was mainly a Cradlepoint router plugged into the network was screwing things up! Thank you for your time it wasn't wasted I learned a lot!

Thanks again,

rif