AP registration fails in remote subnet

  • 14 January 2014
  • 6 replies

I have a strange Problem:

On my V2110 Controller I use the esa0 Interface for the AP registration.

If my AP's (Siemens AP2610) are in the same subnet, everythings works
fine. Now i want to bring one AP to a remote subnet, the registration fails, but the controller knows the new AP IP address ( I can telnet the AP and ping the controller and the controller can ping the AP (no firewall between them). There is also a DNS Record "controller.domain.name" pointing to the

So there must be a communication between AP and EWC, because i can ping and enable/disble Telnet. But the AP is not shown in the active AP list.

I don't know where I misconfigured it.

6 replies

Userlevel 6
Hi Andre

Further to what Ron has said, you can try to change the controller config so that the controller won't try to upgrade the APs firmware, under AP settings, global AP settings, AP Maintenance, check the radio button for "Upgrade when AP connects using settings from Controlled Upgrade", this would help rule out firmware upgrade being an issue.

If the AP comes up as connected then you can troubleshoot why the upgrade didn't work, common reasons are ACL's or ETS policy blocking TFTP or a bad route.

If you still have issues I would recommend that you take a wired trace of the AP trying to connect using wireshark and a full show technical-support file, then place a call into the GTAC so that we might help.

Best regards

it was a routing problem.

I added static route to the remote Subnet via the esa0 subnet gateway and upon next boot it the AP is marked as online

Thanks for your support!!!
Userlevel 7

I'd do it from scratch.
If there is an DHCP server in the subnet of the AP it's an easy task.
telnet to the AP and clear the config = set factory
delete the AP in the EWC database = in access approvel delete the AP
after the AP is back with no config (beside the IP/mask,gateway from DHCP) set the controller IP via a static entry = set authip 1

is the link from the EWC to the AP via a VPN with a lower MTU ?

There is (currently) no VPN in between.
For testing purposes its just another subnet in my office. So MTU shouldn't be a problem.

After the reset, the AP gets a remote IP address via DHCP and also the EWC IP via DHCP Option 78.
THe AP connects to the EWC and appoves it:

But it is still not active

The LED states on the AP are:
Left: solid green
Center: blinking green
Right: off
Documentation says: "Connecting to Enterasys Wireless Controller: Upgrading to higher version"

The AP console session shows the following:

There is no 802.1x configruation on the Switch-Port.
Userlevel 7

right now the only thing that I'd think of is...
a) software on the AP is too old to connect
b) routing issue

for a) please let me know the controller version that you use and also the output from the AP for the command "version"

for b) could it be that your admin interface is enabled and there is a default route entry on this port.
So that the AP try to connect to the ESA0 port but the return packet is routed out via the admin interface.
If that is the case could you shutdown the admin interface for the test?

I have same problem and adding static routes solves the problem.