I'm trying to configure a AP61 as remote AP with the old username/passwd method. I'm doing this on a controller with only the base license so no toying around with my roles. This remote AP then connects over the LAN to the controller.
Reasoning is to get a bridges SSID without enabling CPS on the controller
I've configured the vpn settings, created a local-userdb user and provisioned the AP with those settings.
After provisioning the AP does not show up in the database but it does not reboot at all either. I do not have any ipsec or isakmp sa's for this rap though.
Looking at the datapath I can see the 4500 from ap to controller fine, but the reverse direction (controller > AP) has a Y flag (no syn).
There is only a single router between rap and controller without any ACL or firewalling. A traceroute or ping works fine in either direction.
What is going wrong here? Anybody got a clue?