Buy or Renew
Buy or Renew
Cisco Virtual Engineer generative AI bot now active in Wireless Discussion Forum. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
720
Views
0
Helpful
1
Replies

1242's not joining 2504 after reboot - Please help :)

clcartlidge
Level 1
Level 1

‎08-09-2019 04:42 PM - edited ‎07-05-2021 10:50 AM

Hello, 

 

I have an issue with a WLC out on a remote site - I dont have console access to the AP's but i have access to the GUI and CLI on the WLC

 

The WLC is a 2504 running version 8.0.120.0

 

The APs are in the same vlan as the management interface

 

The AP's get IP addresses and are talking to the WLC (I can see it in the debugs) 

 

The issue I have is that there was a powercut at the site - after power was restored only my 3 2600 AP's will join the WLC my old 1242's will not join (these were joined previously, before the powercut!)- I have ran a capwap event all debug and get the below output:-

 

 

*spamApTask6: Aug 10 00:36:00.968: 00:24:c4:a1:bd:0c DTLS connection not found, creating new connection for 10:174:132:100 (7122) 10:174:132:2 (5246)

*spamApTask6: Aug 10 00:36:01.345: acDtlsPlumbControlPlaneKeys: lrad:10.174.132.100(7122) mwar:10.174.132.2(5246)

*spamApTask6: Aug 10 00:36:01.348: 00:24:c4:a1:bd:0c DTLS connection closed event receivedserver (10.174.132.2/5246) client (10.174.132.100/7122)
*spamApTask6: Aug 10 00:36:01.348: 00:24:c4:a1:bd:0c No entry exists for AP (10.174.132.100/7122)
*spamApTask6: Aug 10 00:36:01.348: 00:24:c4:a1:bd:0c No AP entry exist in temporary database for 10.174.132.100:7122

 

 

 

*spamApTask3: Aug 10 00:35:52.646: 00:26:52:d9:75:90 Discovery Request from 10.174.132.105:7034

*spamApTask3: Aug 10 00:35:52.646: 00:26:52:d9:75:90 Join Priority Processing status = 0, Incoming Ap's Priority 1, MaxLrads = 15, joined Aps =3
*spamApTask3: Aug 10 00:35:52.646: apModel: AIR-LAP1242G-A-K9

*spamApTask3: Aug 10 00:35:52.646: apType = 5 apModel: AIR-LAP1242G-A-K9

*spamApTask3: Aug 10 00:35:52.647: apType: Ox5 bundleApImageVer:
*spamApTask3: Aug 10 00:35:52.647: 00:26:52:d9:75:90 Discovery Response sent to 10.174.132.105 port 7034

*spamApTask3: Aug 10 00:35:52.647: 00:26:52:d9:75:90 Discovery Response sent to 10.174.132.105:7034

 

 

Can anyone assist - I have never seen anything like this before, NTP is configured correctly and the WLC has capacity on the licence. 

 

i have tried rebooting the AP's via bouncding the switchports but still the same issue.

 

Is there anymore useful debugs that I should run? 

Labels:
0 Helpful
1 Reply 1

superego
Level 1
Level 1

‎08-16-2019 07:42 AM

Most probably the 1242 AP certificate has expired, it has a 10 year validity.

 

You check this by issuing CLI command in the WLC.

 

config ap cert-expiry-ignore mic enable

config ap cert-expiry-ignore ssc enable

 

Refer to:

https://community.cisco.com/t5/wireless-mobility-documents/lightweight-ap-fail-to-create-capwap-lwapp-connection-due-to/ta-p/3155111

 

***Please mark as an acceptable solution if it helped you***

 

 

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card