Troubleshooting the Access Point Join Process

Access points can fail to join a controller for many reasons: a RADIUS authorization is pending; self-signed certificates are not enabled on the controller; the access point’s and controller’s regulatory domains don’t match, and so on.

Using the access point GUI, you can view join process failures in the AP Join Stats page. To view this page, select Monitor > Statistics > AP Join, and then click the MAC address of the AP.

Alternatively, you can use the following CLI command to get a list of all APs that attempted to join the controller:

show ap join stats summary all

To view details of a join process failure, use the following command:

show ap join stats detailed <ap base radio MAC address>

Controller software enables you to configure the access points to send all CAPWAP-related errors to a syslog server. You do not need to enable any debug commands on the controller because all of the CAPWAP error messages can be viewed from the syslog server itself.

The state of the access point is not maintained on the controller until it receives a CAPWAP join request from the access point. Therefore, it can be difficult to determine why the CAPWAP discovery request from a certain access point was rejected. In order to troubleshoot such joining problems without enabling CAPWAP debug commands on the controller, the controller collects information for all access points that send a discovery message to it and maintains information for any access points that have successfully joined it.

The controller collects all join-related information for each access point that sends a CAPWAP discovery request to the controller. Collection begins with the first discovery message received from the access point and ends with the last configuration payload sent from the controller to the access point.

You can view join-related information for up to three times the maximum number of access points supported by the platform for the 2500 series controllers and the Controller Network Module within the Cisco 28/37/38xx Series Integrated Services Routers.

Note The maximum number of access points varies for the Cisco WiSM2, depending on which controller software release is being used.

When the controller is maintaining join-related information for the maximum number of access points, it does not collect information for any more access points.

An access point sends all syslog messages to IP address 255.255.255.255 by default when any of the following conditions are met:

22

Page 22
Image 22
Cisco Systems 3700 Troubleshooting the Access Point Join Process, Show ap join stats detailed ap base radio MAC address