cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
7352
Views
5
Helpful
18
Replies

ap fails to join WLC [dtls_disconnect: ERROR shutting down]

Hi.

ap fails to join WLC

 

WLC : 5508

AP : 2802

 

Ping is no problem.

WLC time is my current time.
The time between WLC and AP seems to be different, but does it matter?

I will attach AP and WLC logs.

What is the problem ??

 

-AP LOG-

May 9 04:49:16 kernel: [*05/09/2020 04:49:16.0551] CAPWAP State: Discovery
May 9 04:49:16 kernel: [*05/09/2020 04:49:16.0574] Discovery Request sent to 172.20.201.9, discovery type STATIC_CONFIG(1)
May 9 04:49:16 kernel: [*05/09/2020 04:49:16.0595] Discovery Request sent to 172.20.201.9, discovery type STATIC_CONFIG(1)
May 9 04:49:16 kernel: [*05/09/2020 04:49:16.0612] Discovery Request sent to 255.255.255.255, discovery type UNKNOWN(0)
May 9 04:49:16 kernel: [*05/09/2020 04:49:16.0619] Discovery Response from 172.20.201.9
May 9 04:49:16 kernel: [*05/09/2020 04:49:16.0705] Discovery Response from 172.20.201.9
May 9 04:49:26 kernel: [*05/09/2020 04:49:26.0000]
May 9 04:49:26 kernel: [*05/09/2020 04:49:26.0000] CAPWAP State: DTLS Setup
May 9 04:50:23 kernel: [*05/09/2020 04:50:23.0133] dtls_disconnect: ERROR shutting down dtls connection ...

2 Accepted Solutions

Accepted Solutions

AP Running Image     : 8.3.150.0
Primary Boot Image   : 8.3.150.0
Backup Boot Image    : 8.3.143.0

Ok, so this AP has joined a controller in the past.  

Do this command on the AP: 

capwap ap erase all

See if this works.

View solution in original post

Hi.
There was NAC appliance on site.
We allowed AP IP and everything is normal.
Thanks for your interest in my question.

View solution in original post

18 Replies 18

Leo Laohoo
Hall of Fame
Hall of Fame
May  9 04:56:26 kernel: [*05/09/2020 04:56:26.6105] CAPWAP State: Discovery
May  9 04:56:26 kernel: [*05/09/2020 04:56:26.6162] Discovery Request sent to 172.20.201.9, discovery type STATIC_CONFIG(1)
May  9 04:56:26 kernel: [*05/09/2020 04:56:26.6176] Discovery Request sent to 172.20.201.9, discovery type STATIC_CONFIG(1)
May  9 04:56:26 kernel: [*05/09/2020 04:56:26.6196] Discovery Request sent to 255.255.255.255, discovery type UNKNOWN(0)

Check firewall. 

Logs in the AP shows the AP sending out join request to the controller, however, there is no response from the WLC.

Thank you for answer.
But it doesn't go through the firewall.

Can the AP ping the WLC IP address?

Post the complete output to the following WLC command: 

show ap join stats detailed <AP NAME>

NOTE:   Put the output in a TEXT file (instead of an XLS).

WLC and AP can be ping.
The APs is not joined to the WLC, so cannot perform the command you request.


@JustTakeTheFirstStep wrote:
so cannot perform the command you request.

I don't care. 

Enter the command in the WLC and post the complete output.  

(Cisco Controller) >show ap join stats detailed C4B2.39F7.2A02
No join information found for AP: c4:b2:39:f7:2a:02

Good.
This means something is blocking the AP's Join Request from reaching the controller.
What happens if the AP and the WLC in the same VLAN?

WLC and AP are not the same vlan.
However, other APs that were installed in the past are already joined to WLC.
However, only two APs installed today are not joining.
One good news is that one of the two unjoined APs succeeded in joining.
One does not know why the join succeeded.

AP Running Image     : 8.3.150.0
Primary Boot Image   : 8.3.150.0
Backup Boot Image    : 8.3.143.0

Ok, so this AP has joined a controller in the past.  

Do this command on the AP: 

capwap ap erase all

See if this works.

Hi.
There was NAC appliance on site.
We allowed AP IP and everything is normal.
Thanks for your interest in my question.

Hey! Thanks, this worked for me.

Hi @Leo Laohoo 

I have an air-ap1832i-a-k9 and suddenly the WLC stopped to adopt it.
In fact, I can do ping between the devices.
Take a look:

WLC's log

*spamApTask3: Sep 08 18:14:44.355: %CAPWAP-3-DTLS_DB_ERR: capwap_ac_sm.c:9442 Failed to create DTLS connection for AP's IP (5256).

AP's log

Sep 8 21:07:56 kernel: [*09/08/2023 21:07:56.0000] CAPWAP State: DTLS Setup
Sep 8 21:08:53 kernel: [*09/08/2023 21:08:53.0222] dtls_disconnect: ERROR shutting down dtls connection ...
Sep 8 21:08:53 kernel: [*09/08/2023 21:08:53.0222]
Sep 8 21:08:53 kernel: [*09/08/2023 21:08:53.0222]
Sep 8 21:08:53 kernel: [*09/08/2023 21:08:53.0222] CAPWAP State: DTLS Teardown
Sep 8 21:07:56 kernel: [*09/08/2023 21:08:57.7807] No more AP manager addresses remain..
Sep 8 21:07:56 kernel: [*09/08/2023 21:08:57.7807] No valid AP manager found for controller 'MyWLC_CISCO' (ip: ...)
Sep 8 21:07:56 kernel: [*09/08/2023 21:08:57.7807] Failed to join controller MyWLC_CISCO.
Sep 8 21:07:56 kernel: [*09/08/2023 21:08:57.7807] Failed to join controller.
Sep 8 21:07:56 kernel: [*09/08/2023 21:07:56.0000]
Sep 8 21:07:56 kernel: [*09/08/2023 21:07:56.0000] CAPWAP State: DTLS Setup
Sep 8 21:08:53 kernel: [*09/08/2023 21:08:53.0222] dtls_disconnect: ERROR shutting down dtls connection ...
Sep 8 21:08:53 kernel: [*09/08/2023 21:08:53.0222]
Sep 8 21:08:53 kernel: [*09/08/2023 21:08:53.0222]
Sep 8 21:08:53 kernel: [*09/08/2023 21:08:53.0222] CAPWAP State: DTLS Teardown
Sep 8 21:08:54 FIPS[17413]: *** shell: FIPS Mode = disabled ***
Sep 8 21:08:57 kernel: [*09/08/2023 21:08:57.7807]
Sep 8 21:08:57 kernel: [*09/08/2023 21:08:57.7807] CAPWAP State: Discovery
Sep 8 21:08:57 kernel: [*09/08/2023 21:08:57.7807] Discovery Request sent to ..., discovery type STATIC_CONFIG(1)
Sep 8 21:08:57 kernel: [*09/08/2023 21:08:57.7907] Discovery Request sent to ..., discovery type STATIC_CONFIG(1)
Sep 8 21:08:57 kernel: [*09/08/2023 21:08:57.7907] Discovery Request sent to ..., discovery type STATIC_CONFIG(1)
Sep 8 21:08:57 kernel: [*09/08/2023 21:08:57.7907] Discovery Request sent to 255.255.255.255, discovery type UNKNOWN(0)
Sep 8 21:08:57 kernel: [*09/08/2023 21:08:57.7907] Discovery Response from ...
Sep 8 21:10:09 kernel: [*09/08/2023 21:10:09.0000] Discovery Response from ...
Sep 8 21:10:09 kernel: [*09/08/2023 21:10:09.0000]
Sep 8 21:10:09 kernel: [*09/08/2023 21:10:09.0000] CAPWAP State: DTLS Setup

I tried differents solutions and the problem still have, include validate the time in the WLC.

Do you have some idea what's wrong?

Thxs.-

J.

And what firmware is the controller on?

@Leo Laohoo Version: 8.3.133.0