05-08-2019 05:45 AM - edited 07-05-2021 10:21 AM
I have two 1602 APs that are doing the same thing. They initially join the 7500 controller, download the needed software, but after they reboot, they fail to re-join. Here is the log info from one of the APs:
*Apr 22 23:36:17.067: AP has SHA2 MIC certificate - Using SHA2 MIC certificate for DTLS.
*Apr 22 23:36:17.000: %CAPWAP-5-DTLSREQSEND: DTLS connection request sent peer_ip: 10.1.6.60 peer_port: 5246
*Apr 22 23:36:19.183: DTLS_CLIENT_ERROR: ../capwap/base_capwap/dtls/base_capwap_dtls_handshake.c:929 Unexpected message received while expecting HelloVerifyRequest
*Apr 22 23:36:19.183: %DTLS-5-SEND_ALERT: Send FATAL : Unexpected message Alert to "WLC IP ADDRESS REMOVED FOR PRIVACY REASONS"
*Apr 22 23:36:19.183: %DTLS-5-SEND_ALERT: Send FATAL : Close notify Alert to "WLC IP ADDRESS REMOVED FOR PRIVACY REASONS"
*Apr 22 23:37:22.067: AP has SHA2 MIC certificate - Using SHA2 MIC certificate for DTLS.
*Apr 22 23:37:22.000: %CAPWAP-5-DTLSREQSEND: DTLS connection request sent peer_ip: 10.1.6.60 peer_port: 5246
*Apr 22 23:37:28.571: DTLS_CLIENT_ERROR: ../capwap/base_capwap/dtls/base_capwap_dtls_record.c:394 BD is not of DTLS Change Cipher Spec type
*Apr 22 23:37:28.571: %DTLS-5-SEND_ALERT: Send FATAL : Internal error Alert to "WLC IP ADDRESS REMOVED FOR PRIVACY REASONS"
*Apr 22 23:37:28.571: %DTLS-5-SEND_ALERT: Send FATAL : Close notify Alert to "WLC IP ADDRESS REMOVED FOR PRIVACY REASONS"
05-08-2019 08:13 AM
Try using the command config ap primary-base <wlcname> <ip address>
if its not joining post the output of the AP console logs. Lets check the error logs.
05-08-2019 08:30 AM - edited 05-08-2019 08:38 AM
Here are the AP logs. It repeats this over and over:
*May 7 23:35:23.000: %CAPWAP-5-DTLSREQSEND: DTLS connection request sent peer_ip: "WLC IP HIDDEN FOR PRIVACY REASONS" peer_port: 5246
*May 7 23:35:29.579: DTLS_CLIENT_ERROR: ../capwap/base_capwap/dtls/base_capwap_dtls_record.c:394 BD is not of DTLS Change Cipher Spec type
*May 7 23:35:29.579: %DTLS-5-SEND_ALERT: Send FATAL : Internal error Alert to "WLC IP HIDDEN FOR PRIVACY REASONS"
*May 7 23:35:29.579: %DTLS-5-SEND_ALERT: Send FATAL : Close notify Alert to "WLC IP HIDDEN FOR PRIVACY REASONS"
*May 7 23:36:28.067: AP has SHA2 MIC certificate - Using SHA2 MIC certificate for DTLS.
05-08-2019 08:40 AM
05-08-2019 08:42 AM
05-08-2019 09:16 AM
05-08-2019 10:08 AM
05-08-2019 10:12 AM
Also noticed this in bold:
*May 7 23:39:06.000: %CAPWAP-5-DTLSREQSEND: DTLS connection request sent peer_ip: 10.1.6.60 peer_port: 5246
*May 7 23:39:12.575: DTLS_CLIENT_ERROR: ../capwap/base_capwap/dtls/base_capwap_dtls_record.c:394 BD is not of DTLS Change Cipher Spec type
*May 7 23:39:12.575: %DTLS-5-SEND_ALERT: Send FATAL : Internal error Alert to "IP HIDDEN FOR PRIVACY REASONS"
*May 7 23:39:12.575: %DTLS-5-SEND_ALERT: Send FATAL : Close notify Alert to "IP HIDDEN FOR PRIVACY REASONS"
*May 7 23:40:39.067: AP has SHA2 MIC certificate - Using SHA2 MIC certificate for DTLS.
05-08-2019 10:24 AM
05-08-2019 12:20 PM
05-08-2019 08:08 PM
05-09-2019 05:32 AM
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide