Troubleshooting AP joining issues aren’t as difficult as long as you know where to look for the correct log messages.
Staring at the Cisco access point, the LEDs cycle between green, red, and amber. That’s an indication of a discovery or join in progress but it continues to cycle through those LED colors.
There could be an issue with the access point not finding the controller or attempting to join the controller on the wrong VLAN.
Here are some commands to help find out what the issue could be.
One thing to note is if you’re consoled into the controller you can switch between AP and controller level commands.
To get to AP level from controller type in the following command:
To get back to controller command line from the AP cisco shell you must log out.
This is useful for displaying debug messages from the controller or from the access point.
Cisco Mobility Express Controller Debug Messages
To get basic CAPWAP events such as discovery requests from access points enable the following command:
debug capwap events enable
Here’s example output from an access point with IP address 192.168.1.2 trying to discovery a controller.
(Cisco Controller) >spamApTask0: Aug 18 06:29:11.142: 18:18:18:18:18:18 Discovery Request from 192.168.1.2:5256
It’s very basic output and it doesn’t say whether or not it was successful.
To see more detail you can enable the following command:
debug capwap detail enable
For access points unable to join a controller it would be beneficial to see if any errors occur. Use the following command to enable debug errors:
debug capwap errors enable
Here’s some example output from this command:
spamApTask0: Aug 18 06:37:42.982: 18:18:18:18:18:18 Discovery Request received on wrong VLAN '0' on interface '1', management VLAN = ‘10', AP Manager VLAN = ’10’, dropping the packet
spamApTask0: Aug 18 06:37:42.982: 18:8b:45:08:b0:20 State machine handler: Failed to process msg type = 1 state = 0 from 192.168.1.10:5248
spamApTask0: Aug 18 06:37:42.982: 00:00:00:00:00:00 Failed to parse CAPWAP packet from 192.168.1.10:5248
The amount of detail is enough to show why my access point is unable to join the controller. The discovery request was received on the wrong VLAN, the native VLAN, while my controller management and AP manager sit on VLAN 10. The controller drops the packet and we have an error.
The fix was to place the access point on the correct VLAN on the switch port. An example configuration for that switch port:
switch(config-if)#switchport trunk native vlan 10 switch(config-if)#switchport mode trunk
For more information, here is the Cisco Mobility Express Deployment Guide – Release 22.214.171.124
In summary, to troubleshoot AP joining issues we must start with the basics. Ensure the AP has IP connectivity and can reach the controller. If more troubleshooting is required, utilize available debug commands to find out the reason for the AP not being able to join the controller.