Troubleshooting

Using the Reset Button

Using the Reset button (see CW9176I Top View with Connectors and Ports), you can reset the AP to factory default.

To reset the AP to the default factory-shipped configuration, perform the following steps:

  1. Unplug the AP from the power source.

  2. Hold the Reset button.

  3. Power on the AP.

    Press, and continue to press the Reset button for the duration corresponding to your requirements listed in the table below:

    0-5 seconds

    Blinks green for Meraki mode, and blue for Catalyst mode.

    > 10 seconds

    The AP undergoes configuration wipe.

    > 20 seconds

    Ap resets completely and enters maintain management mode.

    > 30 seconds

    Configures FIPS in Catalyst mode.

    > 60 seconds

    The LED light turns solid pink, which indicates a factory reset.

    > 90 seconds

    LED turns off.

Troubleshooting the Access Point to Cisco Controller Join Process


Note


As specified in the Cisco Wireless Solutions Software Compatibility Matrix, ensure that your controller is running Cisco IOS XE 17.15.2 or a later release to support the Cisco CW9176I AP.

Access points can fail to join a controller for many reasons—a RADIUS authorization is pending, self-signed certificates are not enabled on the controller, the access point and the controller regulatory domains do not match, and so on.

Controller software enables you to configure the access points to send all CAPWAP-related errors to a syslog server. All the CAPWAP error messages can be viewed from the syslog server itself.

If the CW9176I is in Meraki Management mode, it does not attempt to join the Cisco 9800 Wireless Controller model. Contact the Meraki support team to perform the migration procedure on the AP.

The state of the access point is not maintained on the controller. It can be difficult to determine why the discovery request from a certain access point was rejected. In order to troubleshoot such joining problems, we recommend that you run trace commands on the Cisco Catalyst 9800 Wireless Controller.

The controller collects all the join-related information for each access point that sends a CAPWAP discovery request to the controller. Collection begins with the first discovery message received from the access point and ends with the last configuration payload sent from the controller to the access point.

When the controller is maintaining join-related information for the maximum number of access points, it does not collect information for any more access points.

An access point sends all the syslog messages to the IP address 255.255.255.255 by default.

You can also configure a DHCP server to return a syslog server IP address to the access point using Option 7 on the server. The access point then starts sending all the syslog messages to this IP address.

When the access point joins a controller for the first time, the controller sends the global syslog server IP address (the default is 255.255.255.255) to the access point.

The AP sends all the syslog messages to this IP address until it is overridden by the following configuration:

  • The access point is still connected to the same controller, and the global syslog server IP address configuration on the controller has been changed using the syslog host syslog-ip-address command. In this case, the controller sends the new global syslog server IP address to the access point.

    To configure the global syslog server IP address, run these commands:

    1. configure terminal

    2. ap profile ap-profile-name

    3. syslog host syslog-ip-address

    4. exit

  • The access point is disconnected from the controller and joins another controller. In this case, the new controller sends its global syslog server IP address to the access point.

  • Whenever a new syslog server IP address overrides the existing syslog server IP address, the old address is erased from persistent storage, and the new address is stored in its place. The access point also starts sending all the syslog messages to the new IP address, provided the access point can reach the syslog server IP address.


Note


You can configure the syslog server for access points and view the access point join information only from the controller CLI.

Important Information for Controller-Based Deployments

Keep these guidelines in mind when you use Cisco CW9176I APs:

  • The AP does not support Wireless Domain Services (WDS) and cannot communicate with WDS devices. However, the controller provides functionality equivalent to WDS when the AP joins it.

  • CAPWAP does not support Layer 2. The AP must get an IP address and discover the controller using Layer 3, DHCP, DNS, or IP subnet broadcast.

  • The AP console port is enabled for monitoring and debug purposes.


    Note


    The default band rate is 115200.


  • All the configuration commands are disabled when the AP is connected to a controller.

Configuring DHCP Option 43

You can use DHCP Option 43 to provide a list of controller IP addresses to the access points, enabling them to find and join a controller.

The following is a DHCP Option 43 configuration example on a Windows 2003 Enterprise DHCP server for use with Cisco Catalyst lightweight access points. For other DHCP server implementations, see the product documentation for configuring DHCP Option 43. In Option 43, you should use the IP address of the controller management interface.


Note


DHCP Option 43 is limited to one access point type per DHCP pool. You must configure a separate DHCP pool for each access point type.

The Cisco CW9176I access point uses the type-length-value (TLV) format for DHCP Option 43. DHCP servers must be programmed to return the option based on the access point DHCP Vendor Class Identifier (VCI) string (DHCP Option 43). The VCI string for the Cisco CW9176I access point is:

Cisco AP CW9176I

The following is the format of the TLV block:

  • Type: 0xf1 (decimal 241)

  • Length: Number of controller IP addresses x 4

  • Value: IP addresses of the wireless controller management interfaces listed sequentially in Hex code.

To configure DHCP Option 43 in the embedded Cisco IOS DHCP server, follow these steps:


Note


The procedure describes configuration process for an AP that has completed the intial discovery process. For more information on day 0 workflow, see Global Use Access Points.


Procedure


Step 1

Enter the configuration mode

Step 2

Create the DHCP pool, including the necessary parameters, such as default router and name server. A DHCP scope example is as follows:


ip dhcp pool <pool name> 
network <IP Network> <Netmask> 
default-router <Default router> 
dns-server <DNS Server> 

Here:

<pool name> is the name of the DHCP pool, such as AP9176I.

<IP Network> is the network IP address where the controller resides, such as 10.0.15.1.

<Netmask> is the subnet mask, such as 255.255.255.0.

<Default router> is the IP address of the default router, such as 10.0.0.1.

<DNS Server> is the IP address of the DNS server, such as 10.0.10.2.

Step 3

Add the Option 43 line using the following syntax:


option 43 hex <hex string> 

The hex string is assembled by concatenating the following TLV values:

Type + Length + Value

For example, if there are two controllers with management interface IP addresses, 10.126.126.2 and 10.127.127.2, the type is f1(hex), the length is 2 * 4 = 8 = 08 (hex), and the IP addresses translate to 0a7e7e02 and 0a7f7f02. Assembling the string then yields f1080a7e7e020a7f7f02. The resulting Cisco IOS command added to the DHCP scope is option 43 hex f1080a7e7e020a7f7f02.