Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
661
Views
2
Helpful
6
Replies

CSCvc60648 - debug client cleanup dot1xDoesPmkIdMatchPmk2

Go to solution
Pinurana32
Level 1
Level 1

‎03-18-2025 12:29 PM

Access points are unable to join the WLC 5500

 

debug client cleanup dot1xDoesPmkIdMatchPmk2
CSCvc60648  

 

any workaround for this Bug . 

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Mark Elsen
Hall of Fame
Hall of Fame
In response to Pinurana32

‎03-18-2025 01:05 PM

 

 - @Pinurana32  : A common issue on these platforms (AP + controller) is that the certificates on the
                           APs are expired , then the APs suddenly without warning can no longer join

    Checkout : https://www.cisco.com/c/en/us/support/docs/field-notices/639/fn63942.html
    for an explanation and countermeasures

 M.



-- Let everything happen to you  
       Beauty and terror
      Just keep going    
       No feeling is final
Reiner Maria Rilke (1899)

View solution in original post

0 Helpful
6 Replies 6

Go to solution
Mark Elsen
Hall of Fame
Hall of Fame

‎03-18-2025 12:36 PM

 

  - This is not related to AP joining  issues ; please scrutinize the bug report ,

  M.



-- Let everything happen to you  
       Beauty and terror
      Just keep going    
       No feeling is final
Reiner Maria Rilke (1899)

Go to solution
Pinurana32
Level 1
Level 1
In response to Mark Elsen

‎03-18-2025 12:46 PM

Thanks Marce for the update ,When we are trying to debug getting below for all access points .

All of the sudden ,15 access points not joining WLC 

AIR-CT5508-K9

apfMsConnTask_1: Mar 18 13:57:18.015: [SA] dot1xDoesPmkIdMatchPmk2, Received 11w Flag: 0
*apfMsConnTask_1: Mar 18 13:57:18.015: [SA] dot1xDoesPmkIdMatchPmk2, Received 11w Flag: 0
*apfMsConnTask_1: Mar 18 13:57:20.585: [SA] dot1xDoesPmkIdMatchPmk2, Received 11w Flag: 0
*apfMsConnTask_1: Mar 18 13:57:20.585: [SA] dot1xDoesPmkIdMatchPmk2, Received 11w Flag: 0
*apfMsConnTask_6: Mar 18 13:57:20.816: [SA] dot1xDoesPmkIdMatchPmk2, Received 11w Flag: 0
*apfMsConnTask_6: Mar 18 13:57:20.816: [SA] dot1xDoesPmkIdMatchPmk2, Received 11w Flag: 0
*apfMsConnTask_1: Mar 18 13:57:21.575: [SA] dot1xDoesPmkIdMatchPmk2, Received 11w Flag: 0
*apfMsConnTask_1: Mar 18 13:57:21.575: [SA] dot1xDoesPmkIdMatchPmk2, Received 11w Flag: 0
*apfMsConnTask_4: Mar 18 13:57:24.203: [SA] dot1xDoesPmkIdMatchPmk2, Received 11w Flag: 0
*apfMsConnTask_6: Mar 18 13:57:25.373: [SA] dot1xDoesPmkIdMatchPmk2, Received 11w Flag: 0
*apfMsConnTask_6: Mar 18 13:57:25.373: [SA] dot1xDoesPmkIdMatchPmk2, Received 11w Flag: 0
*apfMsConnTask_6: Mar 18 13:57:36.715: [SA] dot1xDoesPmkIdMatchPmk2, Received 11w Flag: 0
*apfMsConnTask_1: Mar 18 13:57:39.112: [SA] dot1xDoesPmkIdMatchPmk2, Received 11w Flag: 0
*apfMsConnTask_1: Mar 18 13:57:39.112: [SA] dot1xDoesPmkIdMatchPmk2, Received 11w Flag: 0
*apfMsConnTask_1: Mar 18 13:57:43.810: [SA] dot1xDoesPmkIdMatchPmk2, Received 11w Flag: 0
*apfMsConnTask_1: Mar 18 13:57:43.810: [SA] dot1xDoesPmkIdMatchPmk2, Received 11w Flag: 0
*apfMsConnTask_0: Mar 18 13:57:50.451: [SA] dot1xDoesPmkIdMatchPmk2, Received 11w Flag: 0
*apfMsConnTask_0: Mar 18 13:57:54.745: [SA] dot1xDoesPmkIdMatchPmk2, Received 11w Flag: 0
*apfMsConnTask_0: Mar 18 13:57:54.745: [SA] dot1xDoesPmkIdMatchPmk2, Received 11w Flag: 0
*apfMsConnTask_1: Mar 18 13:57:55.010: [SA] dot1xDoesPmkIdMatchPmk2, Received 11w Flag: 0
*apfMsConnTask_1: Mar 18 13:57:55.010: [SA] dot1xDoesPmkIdMatchPmk2, Received 11w Flag: 0
*apfMsConnTask_0: Mar 18 13:58:06.840: [SA] dot1xDoesPmkIdMatchPmk2, Received 11w Flag: 0
*apfMsConnTask_0: Mar 18 13:58:06.840: [SA] dot1xDoesPmkIdMatchPmk2, Received 11w Flag: 0
*apfMsConnTask_0: Mar 18 13:58:10.878: [SA] dot1xDoesPmkIdMatchPmk2, Received 11w Flag: 0
*apfMsConnTask_0: Mar 18 13:58:10.878: [SA] dot1xDoesPmkIdMatchPmk2, Received 11w Flag: 0
*apfMsConnTask_0: Mar 18 13:58:19.160: [SA] dot1xDoesPmkIdMatchPmk2, Received 11w Flag: 0
*apfMsConnTask_0: Mar 18 13:58:19.160: [SA] dot1xDoesPmkIdMatchPmk2, Received 11w Flag: 0
*apfMsConnTask_6: Mar 18 13:58:20.326: [SA] dot1xDoesPmkIdMatchPmk2, Received 11w Flag: 0
*apfMsConnTask_4: Mar 18 13:58:24.466: [SA] dot1xDoesPmkIdMatchPmk2, Received 11w Flag: 0
*apfMsConnTask_0: Mar 18 13:58:27.285: [SA] dot1xDoesPmkIdMatchPmk2, Received 11w Flag: 0

 

(Cisco Controller) >debug client a0ec.f926.792c

0 Helpful

Go to solution
Mark Elsen
Hall of Fame
Hall of Fame
In response to Pinurana32

‎03-18-2025 12:56 PM

 

  - You are mixing up issues ; the APs not joining is a different problem and not related to client issues ;
     post the full boot process of an AP that can no longer join,

  M.



-- Let everything happen to you  
       Beauty and terror
      Just keep going    
       No feeling is final
Reiner Maria Rilke (1899)
0 Helpful

Go to solution
Pinurana32
Level 1
Level 1

‎03-18-2025 12:57 PM

If anyone faced the similar issue in past ,please do sugguest .

0 Helpful

Go to solution
Mark Elsen
Hall of Fame
Hall of Fame
In response to Pinurana32

‎03-18-2025 01:05 PM

 

 - @Pinurana32  : A common issue on these platforms (AP + controller) is that the certificates on the
                           APs are expired , then the APs suddenly without warning can no longer join

    Checkout : https://www.cisco.com/c/en/us/support/docs/field-notices/639/fn63942.html
    for an explanation and countermeasures

 M.



-- Let everything happen to you  
       Beauty and terror
      Just keep going    
       No feeling is final
Reiner Maria Rilke (1899)
0 Helpful

Go to solution
Pinurana32
Level 1
Level 1
In response to Mark Elsen

‎03-18-2025 01:45 PM

Marce ,Thank you so much for your help . Issue resolved after running this command :     config ap cert-expiry-ignore mic enable .

Customers Also Viewed These Support Documents