Cisco无线控制器C9800-CL:配置AP上线
Cisco无线控制器C9800-CL:配置AP上线
(1)AP与无线控制器在同一个二层环境。AP加电进行启动。
(2)无线控制器的管理ip
(3)AP配置上线
AP与无线控制器在同一个二层环境。可以正常发现到AP。
2024/12/22 17:35:59.094042 {wncd_x_R0-0}{1}: [ewlc-dtls-sessmgr] [20050]: (ERR): DTLS cert-chain config not done or not available, dropping packet
2024/12/22 17:35:59.094175 {wncd_x_R0-0}{1}: [capwapac-smgr-srvr] [20050]: (ERR): DTLS session init failure for remote-IP: 192.168.125.143, local-port: 5246
2024/12/22 17:35:59.094393 {wncd_x_R0-0}{1}: [capwapac-smgr-srvr] [20050]: (ERR): IPv4: 192.168.125.143 Failed to Process DTLS Hello message from loadbalancer server
2024/12/22 17:35:59.094399 {wncd_x_R0-0}{1}: [loadbalance-notify] [20050]: (ERR): MAC: 88f0.317e.dc2c DTLS msg from server handling failed, reason: Invalid argument
查看上不了线的原因:DTLS cert-chain not available
验证9800 WLC是否已启用AP身份验证列表。
WLC#show ap auth
WLC#show ap auth-list
Authorize APs against MAC : Disabled
Authorize APs against Serial Num : Disabled
Authorize APs using Calling ID : Disabled
Authorization Method List : default
WLC#
WLC#
WLC#show crypto pki certificates
Router Self-Signed Certificate
Status: Available
Certificate Serial Number (hex): 01
Certificate Usage: General Purpose
Issuer:
cn=IOS-Self-Signed-Certificate-1763817938
Subject:
Name: IOS-Self-Signed-Certificate-1763817938
cn=IOS-Self-Signed-Certificate-1763817938
Validity Date:
start date: 17:22:10 UTC Dec 22 2024
end date: 17:22:10 UTC Dec 22 2034
Associated Trustpoints: TP-self-signed-1763817938
Storage: nvram:IOS-Self-Sig#1.cer
CA Certificate
Status: Available
Certificate Serial Number (hex): 01
Certificate Usage: Signature
Issuer:
cn=Cisco Licensing Root CA
o=Cisco
Subject:
cn=Cisco Licensing Root CA
o=Cisco
Validity Date:
start date: 03:48:47 UTC May 31 2013
end date: 03:48:47 UTC May 31 2038
Associated Trustpoints: SLA-TrustPoint Trustpool
Storage: nvram:CiscoLicensi#1CA.cer
WLC#
查看ap的证书时间:
AP88f0.317e.dc2c#show crypto pki certificates
CA Certificate
Status: Available
Certificate Serial Number (hex): 00
Certificate Usage: General Purpose
Issuer:
e=support@airespace.com
cn=ca
ou=none
o=airespace Inc
l=San Jose
st=California
c=US
Subject:
e=support@airespace.com
cn=ca
ou=none
o=airespace Inc
l=San Jose
st=California
c=US
Validity Date:
start date: 23:38:55 UTC Feb 12 2003
end date: 23:38:55 UTC Nov 11 2012
Associated Trustpoints: airespace-old-root-cert
Storage:
CA Certificate
Status: Available
Certificate Serial Number (hex): 00
Certificate Usage: Signature
Issuer:
e=support@airespace.com
cn=Airespace Root CA
ou=Engineering
o=Airespace Inc.
l=San Jose
st=California
c=US
Subject:
e=support@airespace.com
cn=Airespace Root CA
ou=Engineering
o=Airespace Inc.
l=San Jose
st=California
c=US
Validity Date:
start date: 13:41:22 UTC Jul 31 2003
end date: 13:41:22 UTC Apr 29 2013
Associated Trustpoints: airespace-new-root-cert
Storage:
CA Certificate
Status: Available
Certificate Serial Number (hex): 03
Certificate Usage: General Purpose
Issuer:
e=support@airespace.com
cn=Airespace Root CA
ou=Engineering
o=Airespace Inc.
l=San Jose
st=California
c=US
Subject:
e=support@airespace.com
cn=Airespace Device CA
ou=Engineering
o=Airespace Inc.
l=San Jose
st=California
c=US
Validity Date:
start date: 22:37:13 UTC Apr 28 2005
end date: 22:37:13 UTC Jan 26 2015
Associated Trustpoints: airespace-device-root-cert
Storage:
CA Certificate
Status: Available
Certificate Serial Number (hex): 5FF87B282B54DC8D42A315B568C9ADFF
Certificate Usage: Signature
Issuer:
cn=Cisco Root CA 2048
o=Cisco Systems
Subject:
cn=Cisco Root CA 2048
o=Cisco Systems
Validity Date:
start date: 20:17:12 UTC May 14 2004
end date: 20:25:42 UTC May 14 2029
Associated Trustpoints: Trustpool cisco-root-cert
Storage:
Certificate
Status: Available
Certificate Serial Number (hex): 53F5677200000001B1DC
Certificate Usage: General Purpose
Issuer:
cn=Cisco Manufacturing CA
o=Cisco Systems
Subject:
Name: AP3G2-88f0317edc2c
e=support@cisco.com
cn=AP3G2-88f0317edc2c
o=Cisco Systems
l=San Jose
st=California
c=US
CRL Distribution Points:
http://www.cisco.com/security/pki/crl/cmca.crl
Validity Date:
start date: 14:53:03 UTC Apr 16 2014
end date: 15:03:03 UTC Apr 16 2024
Associated Trustpoints: Cisco_IOS_MIC_cert
Storage:
CA Certificate
Status: Available
Certificate Serial Number (hex): 6A6967B3000000000003
Certificate Usage: Signature
Issuer:
cn=Cisco Root CA 2048
o=Cisco Systems
Subject:
cn=Cisco Manufacturing CA
o=Cisco Systems
CRL Distribution Points:
http://www.cisco.com/security/pki/crl/crca2048.crl
Validity Date:
start date: 22:16:01 UTC Jun 10 2005
end date: 20:25:42 UTC May 14 2029
Associated Trustpoints: Trustpool Cisco_IOS_MIC_cert
Storage:
AP88f0.317e.dc2c#
AP注册需要查找的那个接口:
WLC#show wireless interface summary
Wireless Interface Summary
Interface Name Interface Type VLAN ID IP Address IP Netmask NAT-IP Address MAC Address
--------------------------------------------------------------------------------------------------
Vlan1 Management 1 192.168.125.99 255.255.255.0 0.0.0.0 001e.e531.17ff
WLC#
2、本资源基本为原创,部分来源其他付费资源平台或互联网收集,如有侵权请联系及时处理。
3、本站大部分文章的截图来源实验测试环境,请不要在生产环境中随意模仿,以免带来灾难性后果。
转载请保留出处: www.zh-cjh.com珠海陈坚浩博客 » Cisco无线控制器C9800-CL:配置AP上线
作者: cjh
手机扫一扫,手机上查看此文章: |
一切源于价值!
其他 模板文件不存在: ./template/plugins/comment/pc/index.htm