how-to_‎ > ‎cisco_wlc_‎ > ‎

Cisco New AP's 2700 and 3700 do not join WLC sw ver 7.x

posted Apr 28, 2015, 9:57 AM by Daniele Albrizio   [ updated Apr 28, 2015, 10:01 AM ]
They in fact come with firmware suitable for WLC SW version 8.x

This should be not a problem, but indeed they do not auto join the controller..
You will need either manually add a capwap exec command (that is you cannot preprovision the command without full controller connectivity since the command does not survive reboots).

# capwap ap controller ip address <wlc ip address>


Reboot the AP pushing the reset button to let it go in ROMMON mode and then issue the boot command (do not ask me why this should use different firmware/configuration cthan  the stock one).
I only know that this way I see these lines

*Mar  1 00:01:05.139: AP has SHA2 MIC certificate - Using SHA1 MIC certificate for DTLS.
*Apr 28 15:43:00.000: %CAPWAP-5-DTLSREQSEND: DTLS connection request sent peer_ip: peer_port: 5246
*Apr 28 15:43:00.495: %CAPWAP-5-DTLSREQSUCC: DTLS connection created sucessfully peer_ip: peer_port: 5246

instead of the failing one

*Mar  1 00:01:50.607: %CAPWAP-3-DHCP_RENEW: Could not discover WLC. Either IP address is not assigned or assigned IP is wrong. Renewing DHCP IP.

But the definitive solution to avoid the manually-preprovision-each-ap disaster is to accept all types of AP certificate on the WLC side.
This is a scrinshot of my WLC configuration - note that I use authorization list: