I was able to test and setup a few Cisco 1552 lightweight outdoor mesh AP. It's controller-based, heavy and rugged AP. It could connect via wireless radio (hence mesh) to another AP that's in mesh going back to the wired LAN. The short and thick antenna is the 5 GHz and the long and thin antenna is the 2.4 GHz. The power injector is enclosed in a metal chassis and has two ports, one going to the switch and the other to the AP.
Here are the steps that I did for the Cisco 1552 APs to join the WLC and form a mesh wireless network:
1) I added the AP's MAC addresses under Security > AAA > TACACS+ > MAC Filtering.
You add the AP MAC address (usually ends with "c") and not the Base MAC address (usually ends with a "0"). Notice there are two MAC addresses when you do a show mac address-table interface x on a switch.
Switch#show mac address-table interface f0/11
Mac Address Table
-------------------------------------------
Vlan Mac Address Type Ports
---- ----------- -------- -----
10 2c31.2473.1230 DYNAMIC Fa0/11
10 2c31.2473.123c DYNAMIC Fa0/11
2) Next is I chose the AP role: one AP as the root AP (RAP), which is the one connected to the wired LAN, and the rest were mesh AP (MAP). The AP started to join the WLC and got it's image file after choosing the AP role and set the country to US in the WLC under Wireless > Country. I've tried setting to different countries such as SG, AU and NZ but none of them seem to work.
APe089.9dff.abc0>
*Jul 27 14:47:41.999: %DTLS-5-SEND_ALERT: Send FATAL : Close notify Alert to 172.27.196.25:5246sh
*Jul 27 14:47:42.035: %LWAPP-3-CLIENTERRORLOG: LWAPP LED Init: incorrect led state 255 ve
*Jul 27 14:47:52.095: %CAPWAP-3-ERRORLOG: Go join a capwap controller
*Jul 27 14:47:52.000: %CAPWAP-5-DTLSREQSEND: DTLS connection request sent peer_ip: 172.27.196.25 peer_port: 5246
*Jul 27 14:47:52.535: %CAPWAP-5-DTLSREQSUCC: DTLS connection created sucessfully peer_ip: 172.27.196.25 peer_port: 5246
*Jul 27 14:47:52.535: %CAPWAP-5-SENDJOIN: sending Join Request to 172.27.196.25
*Jul 27 14:47:52.535: %CAPWAP-3-ERRORLOG: Invalid event 10 & state 5 combination.
*Jul 27 14:47:52.535: %CAPWAP-3-ERRORLOG: CAPWAP SM handler: Failed to process message type 10 state 5.
*Jul 27 14:47:52.535: %CAPWAP-3-ERRORLOG: Failed to handle capwap control message from controller
*Jul 27 14:47:52.535: %CAPWAP-3-ERRORLOG: Failed to process encrypted capwap packet from 172.27.196.25
*Jul 27 14:47:57.535: %CAPWAP-5-SENDJOIN: sending Join Request to 172.27.196.25
*Jul 27 14:48:32.859: %MESH-3-TIMER_EXPIRED: Mesh Lwapp join timer expired
*Jul 27 14:48:32.859: %MESH-3-TIMER_EXPIRED: Mesh Lwapp join failed expired
*Jul 27 14:48:32.859: %MESH-6-LINK_UPDOWN: Mesh station e089.9dff.cxyz link Down
% CDP is not supported on this interface, or for this encapsulation
*Jul 27 14:48:51.999: %DTLS-5-SEND_ALERT: Send FATAL : Close notify Alert to 172.27.196.25:5246
*Jul 27 14:48:52.035: %LWAPP-3-CLIENTERRORLOG: LWAPP LED Init: incorrect led state 255
*Jul 27 14:49:32.459: %MESH-6-CAPWAP_RESTART: Mesh Capwap re-started
% CDP is not supported on this interface, or for this encapsulation
*Jul 27 14:49:37.495: %LWAPP-3-CLIENTERRORLOG: LWAPP LED Init: incorrect led state 255
*Jul 27 14:49:47.551: %CAPWAP-3-ERRORLOG: Go join a capwap controller
*Jul 27 14:49:48.000: %CAPWAP-5-DTLSREQSEND: DTLS connection request sent peer_ip: 172.27.196.25 peer_port: 5246
*Jul 27 14:49:48.535: %CAPWAP-5-DTLSREQSUCC: DTLS connection created sucessfully peer_ip: 172.27.196.25 peer_port: 5246
*Jul 27 14:49:48.535: %CAPWAP-5-SENDJOIN: sending Join Request to 172.27.196.25
*Jul 27 14:49:48.535: %CAPWAP-3-ERRORLOG: Invalid event 10 & state 5 combination.
*Jul 27 14:49:48.535: %CAPWAP-3-ERRORLOG: CAPWAP SM handler: Failed to process message type 10 state 5.
*Jul 27 14:49:48.535: %CAPWAP-3-ERRORLOG: Failed to handle capwap control message from controller
*Jul 27 14:49:48.535: %CAPWAP-3-ERRORLOG: Failed to process encrypted capwap packet from 172.27.196.25
*Jul 27 14:49:53.535: %CAPWAP-5-SENDJOIN: sending Join Request to 172.27.196.25
% CDP is not supported on this interface, or for this encapsulation
*Jul 27 14:50:47.999: %DTLS-5-SEND_ALERT: Send FATAL : Close notify Alert to 172.27.196.25:5246
*Jul 27 14:50:48.035: %LWAPP-3-CLIENTERRORLOG: LWAPP LED Init: incorrect led state 255
*Jul 27 14:50:58.095: %CAPWAP-3-ERRORLOG: Go join a capwap controller
// AP 1552 JOINED WLC AFTER ADDING MAC ADDRESS TO MAC FILTERING
examining image...!
extracting info (285 bytes)
Image info:
Version Suffix: k9w8-.152-4.JB6
Image Name: c1520-k9w8-mx.152-4.JB6
Version Directory: c1520-k9w8-mx.152-4.JB6
Ios Image Size: 123392
Total Image Size: 8581632
Image Feature: WIRELESS LAN|LWAPP
Image Family: C1520
Wireless Switch Management Version: 7.6.130.0
Extracting files...
c1520-k9w8-mx.152-4.JB6/ (directory) 0 (bytes)
extracting c1520-k9w8-mx.152-4.JB6/file_hashes (3118 bytes)
extracting c1520-k9w8-mx.152-4.JB6/8001.img (186860 bytes)!!!!!!
*Jul 27 14:50:58.000: %CAPWAP-5-DTLSREQSEND: DTLS connection request sent peer_ip: 172.27.196.25 peer_port: 5246
*Jul 27 14:50:58.531: %CAPWAP-5-DTLSREQSUCC: DTLS connection created sucessfully peer_ip: 172.27.196.25 peer_port: 5246
*Jul 27 14:50:58.531: %CAPWAP-5-SENDJOIN: sending Join Request to 172.27.196.25
*Jul 27 14:50:58.535: %CAPWAP-3-ERRORLOG: Invalid event 10 & state 5 combination.
*Jul 27 14:50:58.535: %CAPWAP-3-ERRORLOG: CAPWAP SM handler: Failed to process message type 10 state 5.
*Jul !!!!!!!!
extracting c1520-k9w8-mx.152-4.JB6/final_hash.sig (513 bytes)
extracting c1520-k9w8-mx.152-4.JB6/c1520-k9w8-mx.152-4.JB6 (116954 bytes)!27 14:50:58.535: %CAPWAP-3-ERRORLOG: Failed to handle capwap control message from controller
*Jul 27 14:50:58.535: %CAPWAP-3-ERRORLOG: Failed to process encrypted capwap packet from 172.27.196.25perform archive download capwap:/c1520 tar file
*Jul 27 14:50:58.575: %CAPWAP-6-AP_IMG_DWNLD: Required image not found on AP. Downloading image from Controller.
*Jul 27 14:50:58.575: Loading file /c1520...
!!!!!!!!
extracting c1520-k9w8-mx.152-4.JB6/c1520_avr_3.img (14720 bytes)!
extracting c1520-k9w8-mx.152-4.JB6/c1520_avr_2.img (10624 bytes)!
extracting c1520-k9w8-mx.152-4.JB6/c1520_avr_7.img (33152 bytes)!!!
extracting c1520-k9w8-mx.152-4.JB6/8003.img (1043824 bytes)!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
extracting c1520-k9w8-mx.152-4.JB6/c1520_avr_6.img (14720 bytes)!
extracting c1520-k9w8-mx.152-4.JB6/img_sign_rel_sha2.cert (1371 bytes)
extracting c1520-k9w8-mx.152-4.JB6/J2.bin (8888 bytes)!
extracting c1520-k9w8-mx.152-4.JB6/info (285 bytes)
extracting c1520-k9w8-mx.152-4.JB6/I5.bin (20200 bytes)!
extracting c1520-k9w8-mx.152-4.JB6/H4.bin (1212 bytes)
extracting c1520-k9w8-mx.152-4.JB6/H5.bin (34340 bytes)!!!
extracting c1520-k9w8-mx.152-4.JB6/c1520-k9w8-xx.152-4.JB6 (6954849 bytes)!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
*Jul 27 14:52:02.819: %MESH-3-TIMER_EXPIRED: Mesh Lwapp join timer expired!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
extracting c1520-k9w8-mx.152-4.JB6/I2.bin (2828 bytes)!
extracting c1520-k9w8-mx.152-4.JB6/J5.bin (70296 bytes)!!!!!
extracting c1520-k9w8-mx.152-4.JB6/final_hash (141 bytes)
extracting c1520-k9w8-mx.152-4.JB6/H8.bin (2020 bytes)
extracting c1520-k9w8-mx.152-4.JB6/img_sign_rel.cert (1375 bytes)!
extracting c1520-k9w8-mx.152-4.JB6/c1520_avr_5.img (6784 bytes)
extracting c1520-k9w8-mx.152-4.JB6/c1520_avr_1.img (10368 bytes)!
extracting c1520-k9w8-mx.152-4.JB6/H2.bin (9696 bytes)!
extracting c1520-k9w8-mx.152-4.JB6/c1520_avr_4.img (14464 bytes)!
extracting info.ver (285 bytes)
Deleting current version: flash:/c1520-k9w8-mx.152-4.JA1...
Set booting path to recovery image: ''...done.
New software image installed in flash:/c1520-k9w8-mx.152-4.JB6
Writing out the event log to uflash:/event.log ...
Configuring system to use new image...done.
archive download: takes 91 seconds
*Jul 27 14:52:30.127: image upgrade successfully, system is now reloading
*Jul 27 14:52:30.159: %SYS-5-RELOAD: Reload requested by capwap image download proc. Reload Reason: NEW IMAGE DOWNLOAD.
*Jul 27 14:52:30.159: %LWAPP-5-CHANGED: CAPWAP changed state to DOWN
Write of event.log done
IOS Bootloader - Starting system.
Xmodem file system is available.
flashfs[0]: 32 files, 3 directories
flashfs[0]: 0 orphaned files, 0 orphaned directories
flashfs[0]: Total bytes: 31868928
flashfs[0]: Bytes used: 8655360
flashfs[0]: Bytes available: 23213568
flashfs[0]: flashfs fsck took 17 seconds.
Reading cookie from flash parameter block...done.
Base Ethernet MAC address: e0:89:9d:ff:cf:e0
Loading "flash:/c1520-k9w8-mx.152-4.JB6/c1520-k9w8-mx.152-4.JB6"...##############
File "flash:/c1520-k9w8-mx.152-4.JB6/c1520-k9w8-mx.152-4.JB6" uncompressed and installed, entry point: 0x3000
executing...
IOS Secondary Bootloader - Starting system.
Xmodem file system is available.
flashfs[0]: 32 files, 3 directories
flashfs[0]: 0 orphaned files, 0 orphaned directories
flashfs[0]: Total bytes: 31868928
flashfs[0]: Bytes used: 8655360
flashfs[0]: Bytes available: 23213568
flashfs[0]: flashfs fsck took 5 seconds.
Reading cookie from flash parameter block...done.
Base Ethernet MAC address: e0:89:9d:ff:ab:c0
Boot CMD: 'boot flash:/c1520-k9w8-mx.152-4.JB6/c1520-k9w8-xx.152-4.JB6;flash:/c1520-k9w8-mx.152-4.JB6/c1520-k9w8-mx.152-4.JB6'
Loading "flash:/c1520-k9w8-mx.152-4.JB6/c1520-k9w8-xx.152-4.JB6"...####################
File "flash:/c1520-k9w8-mx.152-4.JB6/c1520-k9w8-xx.152-4.JB6" uncompressed and installed, entry point: 0x3000
executing...
Restricted Rights Legend
Use, duplication, or disclosure by the Government is
subject to restrictions as set forth in subparagraph
(c) of the Commercial Computer Software - Restricted
Rights clause at FAR sec. 52.227-19 and subparagraph
(c) (1) (ii) of the Rights in Technical Data and Computer
Software clause at DFARS sec. 252.227-7013.
cisco Systems, Inc.
170 West Tasman Drive
San Jose, California 95134-1706
Cisco IOS Software, C1550 Software (C1520-K9W8-M), Version 15.2(4)JB6, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2014 by Cisco Systems, Inc.
Compiled Fri 22-Aug-14 13:14 by prod_rel_team
Initializing flashfs...
flashfs[3]: 32 files, 3 directories
flashfs[3]: 0 orphaned files, 0 orphaned directories
flashfs[3]: Total bytes: 31610880
flashfs[3]: Bytes used: 8655360
flashfs[3]: Bytes available: 22955520
flashfs[3]: flashfs fsck took 4 seconds.
flashfs[3]: Initialization complete.
flashfs[4]: 0 files, 1 directories
flashfs[4]: 0 orphaned files, 0 orphaned directories
flashfs[4]: Total bytes: 5806080
flashfs[4]: Bytes used: 1024
flashfs[4]: Bytes available: 5805056
flashfs[4]: flashfs fsck took 0 seconds.
flashfs[4]: Initialization complete....done Initializing flashfs.
Radio0 present 8364B 8000 A8020000 0 A8030000 30
Rate table has 336 entries (20 legacy/64 11n/252 11ac)
POWER TABLE FILENAME = flash:/c1520-k9w8-mx.152-4.JB6/J2.bin
Radio1 present 8364B 8000 B8020000 0 B8030000 13
POWER TABLE FILENAME = flash:/c1520-k9w8-mx.152-4.JB6/J5.bin
Radio2 not present 0 0 0 0 0 11
This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.
A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html
If you require further assistance please contact us by sending email to
export@cisco.com.
cisco AIR-CAP1552EU-A-K9 (PowerPC 8349) processor (revision A0) with 98294K/32768K bytes of memory.
Processor board ID FTX1905P07E
PowerPC 8349 CPU at 533MHz, revision number 0x0031
Last reset from power source change
LWAPP image version 7.6.130.0
4 Gigabit Ethernet interfaces
2 802.11 Radios
32K bytes of flash-simulated non-volatile configuration memory.
Base ethernet MAC Address: E0:89:9D:FF:AB:C0
Part Number : 73-13538-02
PCA Assembly Number : 800-31224-01
PCA Revision Number : 03
PCB Serial Number : FOC19028123
Top Assembly Part Number : 800-38848-04
Top Assembly Serial Number : FTX1905P456
Top Revision Number : A0
Product/Model Number : AIR-CAP1552EU-A-K9
% Please define a domain-name first.
Press RETURN to get started!
*Mar 1 00:00:06.755: %SOAP_FIPS-2-SELF_TEST_IOS_SUCCESS: IOS crypto FIPS self test passed (11)
*Mar 1 00:00:07.515: %SOAP_FIPS-2-SELF_TEST_HW_SUCCESS: HW crypto FIPS self test passed (1-4)
*Mar 1 00:00:07.515: Registering HW DTLS
*Mar 1 00:00:07.979: m8349_ether_enable: MACCFG1 sync timeout
*Mar 1 00:00:09.763: %LINK-6-UPDOWN: Interface Ethernet4, changed state to up
*Mar 1 00:00:10.631: %SOAP_FIPS-2-SELF_TEST_RAD_SUCCESS: RADIO crypto FIPS self test passed on interface Dot11Radio 0 (4)
*Mar 1 00:00:10.639: %LINK-6-UPDOWN: Interface GigabitEthernet0, changed state to up
*Mar 1 00:00:10.639: %LINK-6-UPDOWN: Interface GigabitEthernet1, changed state to up
To check if all APs got registered look under Wireless > All APs and check for REG under Operational Status.
Here are some useful show commands on the WLC.
Here are the steps that I did for the Cisco 1552 APs to join the WLC and form a mesh wireless network:
1) I added the AP's MAC addresses under Security > AAA > TACACS+ > MAC Filtering.
You add the AP MAC address (usually ends with "c") and not the Base MAC address (usually ends with a "0"). Notice there are two MAC addresses when you do a show mac address-table interface x on a switch.
Switch#show mac address-table interface f0/11
Mac Address Table
-------------------------------------------
Vlan Mac Address Type Ports
---- ----------- -------- -----
10 2c31.2473.1230 DYNAMIC Fa0/11
10 2c31.2473.123c DYNAMIC Fa0/11
2) Next is I chose the AP role: one AP as the root AP (RAP), which is the one connected to the wired LAN, and the rest were mesh AP (MAP). The AP started to join the WLC and got it's image file after choosing the AP role and set the country to US in the WLC under Wireless > Country. I've tried setting to different countries such as SG, AU and NZ but none of them seem to work.
APe089.9dff.abc0>
*Jul 27 14:47:41.999: %DTLS-5-SEND_ALERT: Send FATAL : Close notify Alert to 172.27.196.25:5246sh
*Jul 27 14:47:42.035: %LWAPP-3-CLIENTERRORLOG: LWAPP LED Init: incorrect led state 255 ve
*Jul 27 14:47:52.095: %CAPWAP-3-ERRORLOG: Go join a capwap controller
*Jul 27 14:47:52.000: %CAPWAP-5-DTLSREQSEND: DTLS connection request sent peer_ip: 172.27.196.25 peer_port: 5246
*Jul 27 14:47:52.535: %CAPWAP-5-DTLSREQSUCC: DTLS connection created sucessfully peer_ip: 172.27.196.25 peer_port: 5246
*Jul 27 14:47:52.535: %CAPWAP-5-SENDJOIN: sending Join Request to 172.27.196.25
*Jul 27 14:47:52.535: %CAPWAP-3-ERRORLOG: Invalid event 10 & state 5 combination.
*Jul 27 14:47:52.535: %CAPWAP-3-ERRORLOG: CAPWAP SM handler: Failed to process message type 10 state 5.
*Jul 27 14:47:52.535: %CAPWAP-3-ERRORLOG: Failed to handle capwap control message from controller
*Jul 27 14:47:52.535: %CAPWAP-3-ERRORLOG: Failed to process encrypted capwap packet from 172.27.196.25
*Jul 27 14:47:57.535: %CAPWAP-5-SENDJOIN: sending Join Request to 172.27.196.25
*Jul 27 14:48:32.859: %MESH-3-TIMER_EXPIRED: Mesh Lwapp join timer expired
*Jul 27 14:48:32.859: %MESH-3-TIMER_EXPIRED: Mesh Lwapp join failed expired
*Jul 27 14:48:32.859: %MESH-6-LINK_UPDOWN: Mesh station e089.9dff.cxyz link Down
% CDP is not supported on this interface, or for this encapsulation
*Jul 27 14:48:51.999: %DTLS-5-SEND_ALERT: Send FATAL : Close notify Alert to 172.27.196.25:5246
*Jul 27 14:48:52.035: %LWAPP-3-CLIENTERRORLOG: LWAPP LED Init: incorrect led state 255
*Jul 27 14:49:32.459: %MESH-6-CAPWAP_RESTART: Mesh Capwap re-started
% CDP is not supported on this interface, or for this encapsulation
*Jul 27 14:49:37.495: %LWAPP-3-CLIENTERRORLOG: LWAPP LED Init: incorrect led state 255
*Jul 27 14:49:47.551: %CAPWAP-3-ERRORLOG: Go join a capwap controller
*Jul 27 14:49:48.000: %CAPWAP-5-DTLSREQSEND: DTLS connection request sent peer_ip: 172.27.196.25 peer_port: 5246
*Jul 27 14:49:48.535: %CAPWAP-5-DTLSREQSUCC: DTLS connection created sucessfully peer_ip: 172.27.196.25 peer_port: 5246
*Jul 27 14:49:48.535: %CAPWAP-5-SENDJOIN: sending Join Request to 172.27.196.25
*Jul 27 14:49:48.535: %CAPWAP-3-ERRORLOG: Invalid event 10 & state 5 combination.
*Jul 27 14:49:48.535: %CAPWAP-3-ERRORLOG: CAPWAP SM handler: Failed to process message type 10 state 5.
*Jul 27 14:49:48.535: %CAPWAP-3-ERRORLOG: Failed to handle capwap control message from controller
*Jul 27 14:49:48.535: %CAPWAP-3-ERRORLOG: Failed to process encrypted capwap packet from 172.27.196.25
*Jul 27 14:49:53.535: %CAPWAP-5-SENDJOIN: sending Join Request to 172.27.196.25
% CDP is not supported on this interface, or for this encapsulation
*Jul 27 14:50:47.999: %DTLS-5-SEND_ALERT: Send FATAL : Close notify Alert to 172.27.196.25:5246
*Jul 27 14:50:48.035: %LWAPP-3-CLIENTERRORLOG: LWAPP LED Init: incorrect led state 255
*Jul 27 14:50:58.095: %CAPWAP-3-ERRORLOG: Go join a capwap controller
// AP 1552 JOINED WLC AFTER ADDING MAC ADDRESS TO MAC FILTERING
examining image...!
extracting info (285 bytes)
Image info:
Version Suffix: k9w8-.152-4.JB6
Image Name: c1520-k9w8-mx.152-4.JB6
Version Directory: c1520-k9w8-mx.152-4.JB6
Ios Image Size: 123392
Total Image Size: 8581632
Image Feature: WIRELESS LAN|LWAPP
Image Family: C1520
Wireless Switch Management Version: 7.6.130.0
Extracting files...
c1520-k9w8-mx.152-4.JB6/ (directory) 0 (bytes)
extracting c1520-k9w8-mx.152-4.JB6/file_hashes (3118 bytes)
extracting c1520-k9w8-mx.152-4.JB6/8001.img (186860 bytes)!!!!!!
*Jul 27 14:50:58.000: %CAPWAP-5-DTLSREQSEND: DTLS connection request sent peer_ip: 172.27.196.25 peer_port: 5246
*Jul 27 14:50:58.531: %CAPWAP-5-DTLSREQSUCC: DTLS connection created sucessfully peer_ip: 172.27.196.25 peer_port: 5246
*Jul 27 14:50:58.531: %CAPWAP-5-SENDJOIN: sending Join Request to 172.27.196.25
*Jul 27 14:50:58.535: %CAPWAP-3-ERRORLOG: Invalid event 10 & state 5 combination.
*Jul 27 14:50:58.535: %CAPWAP-3-ERRORLOG: CAPWAP SM handler: Failed to process message type 10 state 5.
*Jul !!!!!!!!
extracting c1520-k9w8-mx.152-4.JB6/final_hash.sig (513 bytes)
extracting c1520-k9w8-mx.152-4.JB6/c1520-k9w8-mx.152-4.JB6 (116954 bytes)!27 14:50:58.535: %CAPWAP-3-ERRORLOG: Failed to handle capwap control message from controller
*Jul 27 14:50:58.535: %CAPWAP-3-ERRORLOG: Failed to process encrypted capwap packet from 172.27.196.25perform archive download capwap:/c1520 tar file
*Jul 27 14:50:58.575: %CAPWAP-6-AP_IMG_DWNLD: Required image not found on AP. Downloading image from Controller.
*Jul 27 14:50:58.575: Loading file /c1520...
!!!!!!!!
extracting c1520-k9w8-mx.152-4.JB6/c1520_avr_3.img (14720 bytes)!
extracting c1520-k9w8-mx.152-4.JB6/c1520_avr_2.img (10624 bytes)!
extracting c1520-k9w8-mx.152-4.JB6/c1520_avr_7.img (33152 bytes)!!!
extracting c1520-k9w8-mx.152-4.JB6/8003.img (1043824 bytes)!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
extracting c1520-k9w8-mx.152-4.JB6/c1520_avr_6.img (14720 bytes)!
extracting c1520-k9w8-mx.152-4.JB6/img_sign_rel_sha2.cert (1371 bytes)
extracting c1520-k9w8-mx.152-4.JB6/J2.bin (8888 bytes)!
extracting c1520-k9w8-mx.152-4.JB6/info (285 bytes)
extracting c1520-k9w8-mx.152-4.JB6/I5.bin (20200 bytes)!
extracting c1520-k9w8-mx.152-4.JB6/H4.bin (1212 bytes)
extracting c1520-k9w8-mx.152-4.JB6/H5.bin (34340 bytes)!!!
extracting c1520-k9w8-mx.152-4.JB6/c1520-k9w8-xx.152-4.JB6 (6954849 bytes)!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
*Jul 27 14:52:02.819: %MESH-3-TIMER_EXPIRED: Mesh Lwapp join timer expired!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
extracting c1520-k9w8-mx.152-4.JB6/I2.bin (2828 bytes)!
extracting c1520-k9w8-mx.152-4.JB6/J5.bin (70296 bytes)!!!!!
extracting c1520-k9w8-mx.152-4.JB6/final_hash (141 bytes)
extracting c1520-k9w8-mx.152-4.JB6/H8.bin (2020 bytes)
extracting c1520-k9w8-mx.152-4.JB6/img_sign_rel.cert (1375 bytes)!
extracting c1520-k9w8-mx.152-4.JB6/c1520_avr_5.img (6784 bytes)
extracting c1520-k9w8-mx.152-4.JB6/c1520_avr_1.img (10368 bytes)!
extracting c1520-k9w8-mx.152-4.JB6/H2.bin (9696 bytes)!
extracting c1520-k9w8-mx.152-4.JB6/c1520_avr_4.img (14464 bytes)!
extracting info.ver (285 bytes)
Deleting current version: flash:/c1520-k9w8-mx.152-4.JA1...
Set booting path to recovery image: ''...done.
New software image installed in flash:/c1520-k9w8-mx.152-4.JB6
Writing out the event log to uflash:/event.log ...
Configuring system to use new image...done.
archive download: takes 91 seconds
*Jul 27 14:52:30.127: image upgrade successfully, system is now reloading
*Jul 27 14:52:30.159: %SYS-5-RELOAD: Reload requested by capwap image download proc. Reload Reason: NEW IMAGE DOWNLOAD.
*Jul 27 14:52:30.159: %LWAPP-5-CHANGED: CAPWAP changed state to DOWN
Write of event.log done
IOS Bootloader - Starting system.
Xmodem file system is available.
flashfs[0]: 32 files, 3 directories
flashfs[0]: 0 orphaned files, 0 orphaned directories
flashfs[0]: Total bytes: 31868928
flashfs[0]: Bytes used: 8655360
flashfs[0]: Bytes available: 23213568
flashfs[0]: flashfs fsck took 17 seconds.
Reading cookie from flash parameter block...done.
Base Ethernet MAC address: e0:89:9d:ff:cf:e0
Loading "flash:/c1520-k9w8-mx.152-4.JB6/c1520-k9w8-mx.152-4.JB6"...##############
File "flash:/c1520-k9w8-mx.152-4.JB6/c1520-k9w8-mx.152-4.JB6" uncompressed and installed, entry point: 0x3000
executing...
IOS Secondary Bootloader - Starting system.
Xmodem file system is available.
flashfs[0]: 32 files, 3 directories
flashfs[0]: 0 orphaned files, 0 orphaned directories
flashfs[0]: Total bytes: 31868928
flashfs[0]: Bytes used: 8655360
flashfs[0]: Bytes available: 23213568
flashfs[0]: flashfs fsck took 5 seconds.
Reading cookie from flash parameter block...done.
Base Ethernet MAC address: e0:89:9d:ff:ab:c0
Boot CMD: 'boot flash:/c1520-k9w8-mx.152-4.JB6/c1520-k9w8-xx.152-4.JB6;flash:/c1520-k9w8-mx.152-4.JB6/c1520-k9w8-mx.152-4.JB6'
Loading "flash:/c1520-k9w8-mx.152-4.JB6/c1520-k9w8-xx.152-4.JB6"...####################
File "flash:/c1520-k9w8-mx.152-4.JB6/c1520-k9w8-xx.152-4.JB6" uncompressed and installed, entry point: 0x3000
executing...
Restricted Rights Legend
Use, duplication, or disclosure by the Government is
subject to restrictions as set forth in subparagraph
(c) of the Commercial Computer Software - Restricted
Rights clause at FAR sec. 52.227-19 and subparagraph
(c) (1) (ii) of the Rights in Technical Data and Computer
Software clause at DFARS sec. 252.227-7013.
cisco Systems, Inc.
170 West Tasman Drive
San Jose, California 95134-1706
Cisco IOS Software, C1550 Software (C1520-K9W8-M), Version 15.2(4)JB6, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2014 by Cisco Systems, Inc.
Compiled Fri 22-Aug-14 13:14 by prod_rel_team
Initializing flashfs...
flashfs[3]: 32 files, 3 directories
flashfs[3]: 0 orphaned files, 0 orphaned directories
flashfs[3]: Total bytes: 31610880
flashfs[3]: Bytes used: 8655360
flashfs[3]: Bytes available: 22955520
flashfs[3]: flashfs fsck took 4 seconds.
flashfs[3]: Initialization complete.
flashfs[4]: 0 files, 1 directories
flashfs[4]: 0 orphaned files, 0 orphaned directories
flashfs[4]: Total bytes: 5806080
flashfs[4]: Bytes used: 1024
flashfs[4]: Bytes available: 5805056
flashfs[4]: flashfs fsck took 0 seconds.
flashfs[4]: Initialization complete....done Initializing flashfs.
Radio0 present 8364B 8000 A8020000 0 A8030000 30
Rate table has 336 entries (20 legacy/64 11n/252 11ac)
POWER TABLE FILENAME = flash:/c1520-k9w8-mx.152-4.JB6/J2.bin
Radio1 present 8364B 8000 B8020000 0 B8030000 13
POWER TABLE FILENAME = flash:/c1520-k9w8-mx.152-4.JB6/J5.bin
Radio2 not present 0 0 0 0 0 11
This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.
A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html
If you require further assistance please contact us by sending email to
export@cisco.com.
cisco AIR-CAP1552EU-A-K9 (PowerPC 8349) processor (revision A0) with 98294K/32768K bytes of memory.
Processor board ID FTX1905P07E
PowerPC 8349 CPU at 533MHz, revision number 0x0031
Last reset from power source change
LWAPP image version 7.6.130.0
4 Gigabit Ethernet interfaces
2 802.11 Radios
32K bytes of flash-simulated non-volatile configuration memory.
Base ethernet MAC Address: E0:89:9D:FF:AB:C0
Part Number : 73-13538-02
PCA Assembly Number : 800-31224-01
PCA Revision Number : 03
PCB Serial Number : FOC19028123
Top Assembly Part Number : 800-38848-04
Top Assembly Serial Number : FTX1905P456
Top Revision Number : A0
Product/Model Number : AIR-CAP1552EU-A-K9
% Please define a domain-name first.
Press RETURN to get started!
*Mar 1 00:00:06.755: %SOAP_FIPS-2-SELF_TEST_IOS_SUCCESS: IOS crypto FIPS self test passed (11)
*Mar 1 00:00:07.515: %SOAP_FIPS-2-SELF_TEST_HW_SUCCESS: HW crypto FIPS self test passed (1-4)
*Mar 1 00:00:07.515: Registering HW DTLS
*Mar 1 00:00:07.979: m8349_ether_enable: MACCFG1 sync timeout
*Mar 1 00:00:09.763: %LINK-6-UPDOWN: Interface Ethernet4, changed state to up
*Mar 1 00:00:10.631: %SOAP_FIPS-2-SELF_TEST_RAD_SUCCESS: RADIO crypto FIPS self test passed on interface Dot11Radio 0 (4)
*Mar 1 00:00:10.639: %LINK-6-UPDOWN: Interface GigabitEthernet0, changed state to up
*Mar 1 00:00:10.639: %LINK-6-UPDOWN: Interface GigabitEthernet1, changed state to up
To check if all APs got registered look under Wireless > All APs and check for REG under Operational Status.
Here are some useful show commands on the WLC.
You'll see DTLS and SHA2 MIC certificate error logs when you console to the AP 1552. You'll need to accept (tick) the Manufactured Installed Certificate (MIC) on the WLC. Just go to SECURITY > AAA > AP Policies.
*Nov 13 08:18:49.000: %CAPWAP-5-DTLSREQSEND: DTLS connection request sent peer_ip: 172.27.20.6 peer_port: 5246
*Nov 13 08:18:49.323: %CAPWAP-5-DTLSREQSUCC: DTLS connection created sucessfully peer_ip: 172.27.20.6 peer_port: 5246
*Nov 13 08:18:49.323: %CAPWAP-5-SENDJOIN: sending Join Request to 172.27.20.6
*Nov 13 08:18:49.327: %DTLS-5-ALERT: Received WARNING : Close notify alert from 172.27.20.6
*Nov 13 08:18:49.327: %DTLS-5-SEND_ALERT: Send FATAL : Close notify Alert to 172.27.20.6:5246
*Nov 13 08:18:49.327: AP has SHA2 MIC certificate - Using SHA2 MIC certificate for DTLS.
*Nov 13 08:18:49.323: %CAPWAP-5-DTLSREQSUCC: DTLS connection created sucessfully peer_ip: 172.27.20.6 peer_port: 5246
*Nov 13 08:18:49.323: %CAPWAP-5-SENDJOIN: sending Join Request to 172.27.20.6
*Nov 13 08:18:49.327: %DTLS-5-ALERT: Received WARNING : Close notify alert from 172.27.20.6
*Nov 13 08:18:49.327: %DTLS-5-SEND_ALERT: Send FATAL : Close notify Alert to 172.27.20.6:5246
*Nov 13 08:18:49.327: AP has SHA2 MIC certificate - Using SHA2 MIC certificate for DTLS.
Good job
ReplyDelete