Dear all,

we have just rolled out our new wlc 8540 and defined the DNS/DHCP option 43 settings. As a result the APs (2702E / 2802I) will disover the wlc but for some reason the JOIN request keeps failing for both.

We have the following errors on the APs:

2802I:

[*08/14/2017 15:22:39.7687] CAPWAP State: Discovery

[*08/14/2017 15:22:39.7689] Got WLC settings(10.33.6.2) from DHCP.

[*08/14/2017 15:22:39.7715] DNS resolved CISCO-CAPWAP-CONTROLLER.unibas.ch

[*08/14/2017 15:22:39.7715] DNS discover addr: 10.33.6.2

[*08/14/2017 15:22:39.7788] Discovery Request sent to 10.33.6.2 with discovery type set to CAPWAP_DISCOVERY_TYPE_DHCP(2)

[*08/14/2017 15:22:39.7800] Discovery Request sent to 10.33.6.2 with discovery type set to CAPWAP_DISCOVERY_TYPE_DNS(3)

[*08/14/2017 15:22:39.7813] Discovery Request sent to 255.255.255.255 with discovery type set to CAPWAP_DISCOVERY_TYPE_UNKNOWN(0)

[*08/14/2017 15:22:39.7815] Discovery Response from 10.33.6.2

[*08/14/2017 15:22:49.0002] Discovery Response from 10.33.6.2

[*08/14/2017 15:22:49.0000] CAPWAP State: DTLS Setup

[*08/14/2017 15:22:50.6097] CAPWAP State: Join

[*08/14/2017 15:22:50.6115] Sending Join request to 10.33.6.2 through port 5248

[*08/14/2017 15:23:46.0167] CAPWAP State: DTLS Teardown

[*08/14/2017 15:23:46.0197] Dropping dtls packet since session is not established. a210602, 147e, a250307, 1480, (nil)

2702I also fails after JOIN Request with error:

LWAPP-3-CLIENTERRORLOG: Config load from flash failed.

On the WLC we see packets incoming from the AP which has the IP address: 10.37.3.7:

*spamApTask7: Aug 14 17:29:56.925: 00:1e:7a:83:37:40 CAPWAP Control Msg Received from 10.37.3.7:5248

*spamApTask7: Aug 14 17:29:56.925: a0:e0:af:00:59:00 packet received of length 218 from 10.37.3.7:5248

*spamApTask7: Aug 14 17:29:56.925: a0:e0:af:00:59:00 Msg Type = 1 Capwap state = 0

*spamApTask7: Aug 14 17:29:56.925: a0:e0:af:00:59:00 msgEleLength = 1 msgEleType = 20

*spamApTask7: Aug 14 17:29:56.925: a0:e0:af:00:59:00 Vendor specific payload from AP  A0:E0:AF:00:59:00 validated

*spamApTask7: Aug 14 17:29:56.925: a0:e0:af:00:59:00 Total msgEleLen = 26

*spamApTask7: Aug 14 17:29:56.925: a0:e0:af:00:59:00 msgEleLength = 22 msgEleType = 37

*spamApTask7: Aug 14 17:29:56.925: a0:e0:af:00:59:00 Total msgEleLen = 0

*spamApTask7: Aug 14 17:29:56.925: a0:e0:af:00:59:00 1. 0 0

*spamApTask7: Aug 14 17:29:56.925: a0:e0:af:00:59:00 2. 232 3

*spamApTask7: Aug 14 17:29:56.925: a0:e0:af:00:59:00 3. 0 0

*spamApTask7: Aug 14 17:29:56.925: a0:e0:af:00:59:00 4. 112 23

*spamApTask7: Aug 14 17:29:56.925: a0:e0:af:00:59:00 Discovery resp: AC Descriptor message element len = 40

*spamApTask7: Aug 14 17:29:56.925: a0:e0:af:00:59:00 acName = wlc-klb70-181-a5-01

*spamApTask7: Aug 14 17:29:56.925: a0:e0:af:00:59:00 Discovery resp:AC Name message element length = 63

*spamApTask7: Aug 14 17:29:56.925: a0:e0:af:00:59:00 Discovery resp: WTP Radio Information msg length = 72

*spamApTask7: Aug 14 17:29:56.925: a0:e0:af:00:59:00 Discovery resp: CAPWAP Control IPV6 Address len = 82

*spamApTask7: Aug 14 17:29:56.925: a0:e0:af:00:59:00 Discovery resp: Mwar type payload len = 93

*spamApTask7: Aug 14 17:29:56.926: a0:e0:af:00:59:00 Discovery resp: Expire MIC type payload len = 107

*spamApTask7: Aug 14 17:29:56.926: a0:e0:af:00:59:00 Discovery resp: Time sync payload len = 122

                                                                    *spamApTask7: Aug 14 17:29:56.926: a0:e0:af:00:59:00 WTP already released

*spamApTask7: Aug 14 17:30:06.422: 00:1e:7a:83:37:40 CAPWAP Control Msg Received from 10.37.3.7:5248

*spamApTask7: Aug 14 17:30:06.422: 00:1e:7a:83:37:40 CAPWAP Control Msg Received from 10.37.3.7:5248

*spamApTask7: Aug 14 17:30:06.985: 00:1e:7a:83:37:40 CAPWAP Control Msg Received from 10.37.3.7:5248

*spamApTask7: Aug 14 17:30:08.025: dtlLradEntryAdd: lrad-a250307(5248) mwar-a210602(5246)

*spamApTask7: Aug 14 17:30:08.025: DTL Adding AP 74 - 10.37.3.7

*spamApTask7: Aug 14 17:30:08.025: 00:1e:7a:83:37:40 DTLS connection 0x177ac410 established

*spmApTask7: Aug 14 17:30:08.025: CAPWAP DTLS session established msg

*spamApTask7: Aug 14 17:30:12.694: 00:1e:7a:83:37:40 CAPWAP Control Msg Received from 10.37.3.7:5248

*spaApTask7: Aug 14 17:30:12.694: a0:e0:af:00:59:00 Msg Type = 3 Capwap state = 0

*spamApTask7: Aug 14 17:30:12.694: a0:e0:af:00:59:00 Vendor specific payload from AP  A0:E0:AF:00:59:00 validated

*spamApTask7: Aug 14 17:30:12.694: a0:e0:af:00:59:00 Total msgEleLen = 93

 Does anyone have an idea what the could cause this JOIN fail ?

Thanks,

Thorsten