Print

Experience cases of handling wireless terminal association failure

2020-12-26 Published

Network Topology

The AP is registered to the AC at Layer 3 and is forwarded locally.

Problem Description

The feedback that the wireless terminal fails to associate but not fails to get the address. During the association, the dis wlan client on the AC filters the mac address of the terminal, and the terminal table entries cannot be viewed. Try to collect debug from the AC, but there is no terminal association request.

Process Analysis

Check the wireless configuration and map files, no problem. Try to create a service vlan interface on the AP to automatically obtain the address, indicating that the AP uplink is no problem. When viewing the AP running status with the command dis wlan ap name XXX ver, it was found that the establishment of the data tunnel between the AP and AC failed and the status was down.  

CAPWAP data-tunnel status: Down 

When the AP is registered, it is registered and managed through the control port UDP 5246 of CAPWAP. The AP registration status is normal, indicating that the control tunnel is normal. The data tunnel is down, indicating that the data tunnel between AP and AC is not established, or the link between AP and AC is unstable, or the link between AP and AC is blocked on UDP 5247 port, and the data tunnel port of CAPWAP is UDP 5247. 

By default, the association point is the AC, that is, the association request message interaction of the wireless terminal requires the AP to send it to the AC through the data tunnel. Here, the data tunnel is down and the association request cannot be delivered to the AC, so the association fails.

Solution

1. Try to adjust the wireless association point at the AP, which can be temporarily avoided

[AC]wlan service-template 1 

[AC-wlan-st-1]client association-location ap  

2. Further investigate the blocking of UDP 5247 port between AP and AC, and check whether the problem comes from an intermediate device.