Wireless Access

last person joined: yesterday 

Access network design for branch, remote, outdoor and campus locations with Aruba access points, and mobility controllers.
Expand all | Collapse all

Issues when trying to add 2 lasts AP to a Virtual Controller

This thread has been viewed 3 times
  • 1.  Issues when trying to add 2 lasts AP to a Virtual Controller

    Posted Aug 11, 2016 08:52 AM

     Hi ;)

    I currently have some issues when i'm trying to add the 2 last Aruba AP 205 running version 6.4.2.0-4.1.3 to a virtual controller which is handled by an AP135. All APs are now in production.

    I succeed to add 39 APs to this virtual controller but i got issues with the 2 lasts when trying to add them

    I tried to add them in this way :

    1) Automatic configuration enabled on the controller (GUI): not working
    2) Disabled Automatic configuration then add MAC address manually(GUI) : not working
    3) my last try was to add the MAC address with CLI : still not working

    Do you guys have some advices to succeed ?

    Regards,

    Gael


    #AP205


  • 2.  RE: Issues when trying to add 2 lasts AP to a Virtual Controller

    Posted Aug 11, 2016 10:25 AM

    Are these 205s or 205Hs?  If they are 205s, try to download the 4.1.3.x code separately and upgrade those two IAPs on a separate network.  4.1.3.x is not GA code so your APs probably won't be able to download them automatically when they join a cluster.



  • 3.  RE: Issues when trying to add 2 lasts AP to a Virtual Controller

    Posted Aug 11, 2016 10:54 AM

    I've tried to check it, i only have 205 for Type, so i can't tell if it's a S or HS model.

     

    You told i need to try to download this code and upload it into my AP then you wrote "4.1.3.x is not GA code" ? What do you mean  ?

     

    Thanks for answer ;)

     

     



  • 4.  RE: Issues when trying to add 2 lasts AP to a Virtual Controller

    Posted Aug 11, 2016 11:04 AM

    The 205 is a regular ceiling mount.  The 205H is a jack-mount .

     

    When an AP tries to join a cluster, it checks to see if it has the same version of code.  If it does not, it redirects the new AP to download from the cloud.  The latest GA code is 4.1.1.13, I believe, so it will not download the 4.1.3.x code automatically.  You would have to download that code manually and upgrade the new APs on a separate network to get them to join the cluster...

     



  • 5.  RE: Issues when trying to add 2 lasts AP to a Virtual Controller

    Posted Aug 12, 2016 02:57 AM

    Hi,

    Thanks for your answer.

     

    Before download code, i've just checked if all my ap + 2 which don't want to join got the same GA code, and all have 4.1.3 so i don't need to change this on the 2  failing AP right ?

     

    Regards

     

     



  • 6.  RE: Issues when trying to add 2 lasts AP to a Virtual Controller

    Posted Aug 12, 2016 06:55 AM

    If they both have the same version of code as the rest of the cluster, you should be able to add them without an issue.  You should type "show log system" on the commandline of any AP that does not join the cluster, to see what could be wrong...



  • 7.  RE: Issues when trying to add 2 lasts AP to a Virtual Controller

    Posted Aug 12, 2016 08:39 AM

    Alright, i've checked some logs on VC and failing AP and i found interesting stuff,i thought to check if the certificat are the same, so they are.

     172.26.0.160 is my VC so I think the AP know it but can't connect/join it.

    By the way could you tell me more on error debug -8949 ?

     

    check it out :

     

    2016-08-12 13:29:01 [primary tunnel] Starting rapper with lifetime p1 = 28000 p2 = 7200
    2016-08-12 13:29:01 [primary tunnel] Starting IAP rapper 0 to 172.26.0.160:8423 attmpt 0
    2016-08-12 13:29:01 [primary tunnel] lauch rapper command: rapper -c 172.26.0.160 -b 1 -i br0 -x -G 0 -r 8423 -l 28000 -L 7200 -w 1 -o /tmp/rapper.txt
    2016-08-12 13:29:01 [primary tunnel] Eth - Populate the PID 27299 in file /tmp/rapper_pid_1
    2016-08-12 13:29:01 [primary tunnel] tunnel_retry(266): setting up tunnel to primary tunnel, success.
    2016-08-12 13:29:01 [primary tunnel] tunnel_start_up_timer(775): tunnel primary tunnel start up timer
    2016-08-12 13:29:01 [primary tunnel] tunnel_stop_up_timer(640): stop up timer.
    2016-08-12 13:29:23 [primary tunnel] cli_proc_rapper_msg(849): Receive rapper msg from 59168 port.
    2016-08-12 13:29:23 [primary tunnel] Error!!!: Received RC_OPCODE_ERROR lms 172.26.0.160 tunnel 0.0.0.0 RC_ERROR_IKEP2_PKT1 debug-error:-8949
    2016-08-12 13:29:23 [primary tunnel] tunnel_err_msg_recv(1572): Error!!! Received RC_OPCODE_ERROR peer public ip 172.26.0.160 tunnel ip 0.0.0.0, controller ip 0.0.0.0, RC_ERROR_IKEP2_PKT1 debug-error:-8949
    2016-08-12 13:29:23 tunnel_err_msg_recv 1594: Cause tunnel down by ipsec error, index primary tunnel
    2016-08-12 13:29:32 [primary tunnel] tunnel_up_timeout(712): tunnel primary tunnel up timeout.
    2016-08-12 13:29:32 [primary tunnel] tunnel_up_timeout(758): primary tunnel tunnel is not up by retry 101387 times, the max retry times on one tunnel is 2.  try itself
    2016-08-12 13:29:32 [primary tunnel] State TUNNEL_STATE_RETRY Event TUNNEL_EVENT_TUNNEL_RETRY Next state TUNNEL_STATE_RETRY
    2016-08-12 13:29:32 [primary tunnel] tunnel_retry(198): tunnel primary tunnel, type ipsec tunnel, peer public address 172.26.0.160
    2016-08-12 13:29:32 [primary tunnel] tunnel_retry(211): setting up tunnel to primary tunnel, retry=101388
    2016-08-12 13:29:32 [primary tunnel] ipsec_tunnel_connect(1365): connect to primary tunnel, peer address 172.26.0.160.
    2016-08-12 13:29:32 [primary tunnel] ipsec_tunnel_connect(1371): stop primary tunnel first before connect to it
    2016-08-12 13:29:32 [primary tunnel] stop_rapper: client->pid=27299, tunnel public ip 0.0.0.0, peer tunnel ip 0.0.0.0, tunnel ip 0.0.0.0, port 8423
    2016-08-12 13:29:32 [primary tunnel] stop_rapper(1308): Kill client->pid=27299.
    2016-08-12 13:29:32 [primary tunnel] stop_rapper(1329): Waiting until the client 27299 is killed
    2016-08-12 13:29:32 [primary tunnel] stop_rapper(1341): result of wait4 27299 for pid (client->pid) 27299
    2016-08-12 13:29:32 addroute(487):Dst 0 mask 0 gw fe001aac
    2016-08-12 13:29:32 [primary tunnel] ipsec_tunnel_connect(1391): primary tunnel, cli_local_ip 172.26.0.186 netmask 255.255.0.0
    2016-08-12 13:29:32 addroute(487):Dst a0001aac mask 0 gw fe001aac
    2016-08-12 13:29:32 set_route_af: ioctl (SIOCADDRT) failed error no(17)
    2016-08-12 13:29:32 [primary tunnel] ipsec_tunnel_connect(1410): add route table destination 172.26.0.160, gw 172.26.0.254, interface br0.
    2016-08-12 13:29:32 [primary tunnel] Starting rapper with lifetime p1 = 28000 p2 = 7200
    2016-08-12 13:29:32 [primary tunnel] Starting IAP rapper 0 to 172.26.0.160:8423 attmpt 0
    2016-08-12 13:29:32 [primary tunnel] lauch rapper command: rapper -c 172.26.0.160 -b 1 -i br0 -x -G 0 -r 8423 -l 28000 -L 7200 -w 1 -o /tmp/rapper.txt
    2016-08-12 13:29:32 [primary tunnel] Eth - Populate the PID 27459 in file /tmp/rapper_pid_1
    2016-08-12 13:29:32 [primary tunnel] tunnel_retry(266): setting up tunnel to primary tunnel, success.
    2016-08-12 13:29:32 [primary tunnel] tunnel_start_up_timer(775): tunnel primary tunnel start up timer
    2016-08-12 13:29:32 [primary tunnel] tunnel_stop_up_timer(640): stop up timer.
    2016-08-12 13:29:54 [primary tunnel] cli_proc_rapper_msg(849): Receive rapper msg from 59168 port.
    2016-08-12 13:29:54 [primary tunnel] Error!!!: Received RC_OPCODE_ERROR lms 172.26.0.160 tunnel 0.0.0.0 RC_ERROR_IKEP2_PKT1 debug-error:-8949

     



  • 8.  RE: Issues when trying to add 2 lasts AP to a Virtual Controller

    Posted Aug 12, 2016 09:24 AM

    .



  • 9.  RE: Issues when trying to add 2 lasts AP to a Virtual Controller

    Posted Aug 12, 2016 09:34 AM

    Hold on.  Is that the VC's log or the AP that you are trying to join to the VC?



  • 10.  RE: Issues when trying to add 2 lasts AP to a Virtual Controller

    Posted Aug 16, 2016 02:23 AM

    Hi excuse me for the late i wasn't here yesterday.

     

    This is the "failing AP that are trying to join the VC "logs, excuse me i didn't mention it. I also check VC logs but there's not some interesting stuffs.

     

    Regards

     

    Gael



  • 11.  RE: Issues when trying to add 2 lasts AP to a Virtual Controller

    Posted Aug 16, 2016 09:48 AM

    This case can be closed. The support helped me to succeed the auto-join.

     

    I had to convert the 2 last AP like a "Default virtual controller mode" which is seemed weird to me..

     

    But now it's working !

     

    Thank you again !