cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
4566
Views
0
Helpful
12
Replies
Highlighted
Beginner

Aironet 1702I-A unable to join WLC 2504 running 8.0.100.0

I have two brand new aironet 1702I-A lightweight access points that I am trying to join to a new WLC 2504 running 8.0.100.0, I can see the discovery request come in but shortly after the following entry is logged by debug capwap on the controller:

*spamApTask1: Nov 05 17:27:04.031: 58:f3:9c:d9:59:c0 Discovery Response sent to x.x.252.100:38301

*spamApTask1: Nov 05 17:27:04.031: 58:f3:9c:d9:59:c0 Discovery Request from x.x.252.100:38301

*spamApTask1: Nov 05 17:27:04.031: 58:f3:9c:d9:59:c0 ApModel: AIR-CAP1702I-A-K9

*spamApTask1: Nov 05 17:27:04.031: 58:f3:9c:d9:59:c0 Join Priority Processing status = 0, Incoming Ap's Priority 1, MaxLrads = 5, joined Aps =0
*spamApTask1: Nov 05 17:27:04.031: apModel: AIR-CAP1702I-A-K9

*spamApTask1: Nov 05 17:27:04.031: apType = 42 apModel: AIR-CAP1702I-A-K9

*spamApTask1: Nov 05 17:27:04.031: apType: Ox2a bundleApImageVer:
*spamApTask1: Nov 05 17:27:04.031: Could not find image version of bundled AP(apType: 42)!!!
*spamApTask1: Nov 05 17:27:04.031: Unable to get AP Bundled Version. Using Controller Version!!!

*spamApTask1: Nov 05 17:27:04.031: apModel: AIR-CAP1702I-A-K9

*spamApTask1: Nov 05 17:27:04.031: apType = 42 apModel: AIR-CAP1702I-A-K9

*spamApTask1: Nov 05 17:27:04.031: apType: Ox2a bundleApImageVer:
*spamApTask1: Nov 05 17:27:04.031: Could not find image version of bundled AP(apType: 42)!!!
*spamApTask1: Nov 05 17:27:04.031: Unable to get AP Bundled Version. Using Controller Version!!!

From the AP side I see the following:

*Nov  5 16:45:31.999: AP has SHA2 MIC certificate - Using SHA2 MIC certificate for DTLS.

*Nov  5 16:45:32.000: %CAPWAP-5-DTLSREQSEND: DTLS connection request sent peer_ip: x.x.252.10 peer_port: 5246
*Nov  5 16:46:01.999: DTLS_CLIENT_ERROR: ../capwap/base_capwap/dtls/base_capwap_dtls_connection_db.c:2214 Max retransmission count reached for Connection 0x3BFC8B4!

*Nov  5 16:46:31.999: %DTLS-5-SEND_ALERT: Send FATAL : Close notify Alert to x.x.252.10:5246

Thanks in advance,

Ryan

1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted

You dont need the AP RMA'd just ask TAC for newer SW for the controller.  8.0.100.5  did the trick for us. We were seeing the excat same problem. It is not available from CCO newest there is  8.0.100.0.

View solution in original post

12 REPLIES 12
Highlighted
Cisco Employee

Hi ,

 

Looks strange. Join is denied because of some error. When these AP show this behavior:

> Do they have recovery image and if yes then what is the version ?

Can you push some different version of recovery image and then try.

> Or Is it happening after AP joins WLC and downloads full image.

If it is not urgent , I would say wait for 8.0 MR1 which is coming very soon.

Regards

Dhiresh

 

 

Highlighted

I opened a ticket with Cisco TAC after seeing bug ID CSCur50946, which seems to be a incorrect or corrupt certificate on access points manufactured in September or October of 2014. I am awaiting the delivery of the new units.

 

Thank you for your responses.

 

Ryan

Highlighted

Hi Ryan. 

I'm in the same situation. Did you have the new firmware?

Did you fix the situation? How?

 

Thanks

Highlighted

Hi Ryan,

8.0 MR1 is expected between anytime from mid-November to End of November. That must have the fix.

Regards

Dhiresh

 

Highlighted

Sorry, I do not have an update on this as I am still waiting for my RMA'd APs to show up.

Highlighted

You dont need the AP RMA'd just ask TAC for newer SW for the controller.  8.0.100.5  did the trick for us. We were seeing the excat same problem. It is not available from CCO newest there is  8.0.100.0.

View solution in original post

Highlighted

Hi ,

Yes that is correct. But as I said if it is not very urgent , wait for few more days and 8.0 MR1 would be posted on CCO. If cant wait , do as suggested above.

 

Regards

Dhiresh

**Please rate helpful posts**

Highlighted

Hi, Does the SW version 8.0.110.0 fix the problem? I have installed it but my 1702 don't appear on the controller and I can't see any capwap events for them.
Highlighted

In fact, some 1702 don't support DNS discovery out of the box.

You have to configure your DHCP with option 43 to make them find your controllers.

Highlighted
Hall of Fame Community Legend

Post the following output: 

 

1.  AP:  sh inventory

2.  AP:  sh ip interface brief

2.  WLC:  sh sysinfo

 

Highlighted
Beginner

Had the same problem. Contacted TAC and got 8.0.100.5 witch fixed the problem.

Highlighted

Hi,

 

I hit the same issue too. Do you have the SW 8.0.100.5 ? I'm quite urgent here.

Thanks.

 

Yap

Content for Community-Ad