Reset Search
 

 

Article

ExtremeCloud IQ - Advanced CAPWAP Troubleshooting

« Go Back

Information

 
TitleExtremeCloud IQ - Advanced CAPWAP Troubleshooting
Symptoms
Devices (APs, switches) having issues connecting consistently and stably to XIQ via CAPWAP
Environment
ExtremeCloud IQ (XIQ)
Cause
-- Possible issues with DNS
-- Possible VLAN issues
-- Possible blocking of required ports
-- Possible Redirector issues
Resolution
(After SSH’ing to an AP in question)
  • Ping the default gateway
    • If this fails, skip to setting the IP address and default gateway manually (see instructions below)
  • Ping google at 8.8.8.8
    • If it works we know we can get out to the internet (skip to pinging google.com to test DNS)
    • If it fails it means we don’t have internet access (skip to setting IP address and default gateway manually)
  • Ping google.com
    • If this fails but we were able to get to 8.8.8.8, we know DNS is not working (skip to setting DNS manually)
  • Manually setting IP address and Default gateway
    • Enter the following commands:
      • Int mgt0 ip <ip address> /<netmask>. For example if the IP address was 10.10.10.60 and the netmask was 255.255.255.0, the command would be int mgt0 ip 10.10.10.60/24
      • Ip route default gateway <address. For example, if the default gateway was 10.10.10.0, the command would be ip route default gateway 10.10.10.60
  • Setting DNS manually
    • Enter the following command:
      • Dns server-ip <address>. For example, if the DNS address was 8.8.4.4, the command would be dns server-ip 8.8.4.4.
      • If you want to see what the current DNS settings are, run the command show dns
      • You can also check the DNS settings for your network policy by going to (Configuration> Select Network Policy> Additional Settings> Management server Settings> DNS Server> Modify> Check what the DNS server is).
  • Check the VLAN
    • Run a VLAN probe by entering the following command:
      • int mgt0 dhcp-probe vlan-range # # (if you want to run a range you would do 1 5 for example, if you want to do one you would just do 5 5 for example. So if I was running a VLAN probe for VLAN 5, the command would be int mgt0 dhcp-probe vlan-range 5 5)
      • To set the VLAN you want to use manually, run the command int mgt0 vlan #. So if I wanted to set the VLAN to 5, the command would be int mgt0 vlan 5
      • If the VLAN probe fails, we need to make sure the port is set correctly on the back end
  • Check the ports
    • We need UDP 12222 and TCP 22 allowing outbound traffic on any firewall or content filter you have
    • To confirm that TCP 22 is open, run the following command:
      • exec _test tcp-service host <XIQ IP> port 22. So if my hive manager address was 10.10.10.60, the command would be exec _test tcp-service host 10.10.10.60 port 22
    • If you still can’t get out, try switching over to HTTP instead of UDP by running the following commands in order:
      • capwap client transport http
      • save config
      • no CAPWAP client enable
      • CAPWAP client enable
  • Ask to check the Redirector to make sure the AP is pointed at the correct VHM ID (be sure to provide them with the serial number of the device, and your VHM ID which can be found by going to Help> About Hive Manager). *If you are using a virtual appliance or on premise hive manager, just ask Support to make sure the serial number is not assigned to anything in our redirector
             **If the device has connected to your hive manager before, this is likely not your issue
  • If you’ve performed all of these steps and the device still does not connect to your hive manager, set the device back to factory default settings and run through this guide one more time
    • You can set the device to factory default settings two ways:
      • You can hold down the reset button on the device for 10 seconds
      • You can run the command reset config
  • If it still doesn’t connect, run CAPWAP debugs (see below)

Enabling CAPWAP debugs

  • SSH in to the AP
  • Run the following commands:
    • _debug capwap info
    • _debug capwap basic
    • _debug capwap stat
    • _debug capwap delay

Disabling CAPWAP debugs

  • Rebooting the AP will remove the debugs.
  • Alternatively, they can be disabled with the following commands:
    • no _debug capwap info
    • no _debug capwap basic
    • no _debug capwap stat
    • no _debug capwap delay
  • Run the command show log buff | include all debug
Additional notes

Feedback

 

Was this article helpful?


   

Feedback

Please tell us how we can make this article more useful.

Characters Remaining: 255