cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

429
Views
0
Helpful
27
Replies
Beginner

Re: Cisco WLC 5508 will not allow access points to connect do to a DTLS failure.

By the way I've upgraded the WLC version to 85.151.0 the very latest release.   Also 2800 series access points seem to connect without an issue.   Just the 3702E fails???????

Hall of Fame Community Legend

Re: Cisco WLC 5508 will not allow access points to connect do to a DTLS failure.

Console into the AP and post the complete output to the command "dir".
Beginner

Re: Cisco WLC 5508 will not allow access points to connect do to a DTLS failure.

Here is a dir /recursive  on the 3702E:

 

AP843d.c6c7.08e8-Chamber-ROAM2#dir /recursive
Directory of flash:/*

Directory of flash:/

2 -rwx 64 Mar 14 2019 19:04:31 +00:00 sensord_CSPRNG0
3 -rwx 66419 Mar 14 2019 19:04:39 +00:00 event.log
Directory of flash:/ap3g2-rcvk9w8-mx/

39 -rwx 215867 Mar 1 1993 00:03:49 +00:00 ap3g2-rcvk9w8-mx
40 -rwx 73 Mar 1 1993 00:03:49 +00:00 ap3g2-rcvk9w8-tx
41 -rwx 7045122 Mar 1 1993 00:05:19 +00:00 ap3g2-rcvk9w8-xx
42 -rwx 276 Mar 1 1993 00:05:19 +00:00 info
43 -rwx 438 Mar 1 1993 00:05:19 +00:00 file_hashes
44 -rwx 141 Mar 1 1993 00:05:19 +00:00 final_hash
45 -rwx 513 Mar 1 1993 00:05:19 +00:00 final_hash.sig
46 -rwx 1375 Mar 1 1993 00:05:19 +00:00 img_sign_rel.cert
47 -rwx 1371 Mar 1 1993 00:05:19 +00:00 img_sign_rel_sha2.cert
Directory of flash:/

4 -rwx 0 Mar 1 1993 00:00:34 +00:00 config.txt
Directory of flash:/configs/

No files in directory
--More-- Directory of flash:/ap3g2-k9w8-mx.153-3.JF8/

86 -rwx 8176 Feb 22 2019 19:35:28 +00:00 U2.bin
87 -rwx 15184 Feb 22 2019 19:35:28 +00:00 F2.bin
88 -rwx 8366 Feb 22 2019 19:35:28 +00:00 file_hashes
89 -rwx 605570 Feb 22 2019 19:35:35 +00:00 8006.img
84 -rwx 2333 Feb 22 2019 19:35:35 +00:00 B5.bin
91 -rwx 1371 Feb 22 2019 19:35:35 +00:00 img_sign_rel_sha2.cert
92 -rwx 2213 Feb 22 2019 19:35:35 +00:00 E5.bin
93 -rwx 7008 Feb 22 2019 19:35:36 +00:00 Y2.bin
94 -rwx 512 Feb 22 2019 19:35:36 +00:00 final_hash.sig
95 -rwx 288 Feb 22 2019 19:35:36 +00:00 info
96 -rwx 9031 Feb 22 2019 19:35:36 +00:00 MCU.bin
97 -rwx 5840 Feb 22 2019 19:35:36 +00:00 HA2.bin
98 -rwx 141 Feb 22 2019 19:35:36 +00:00 final_hash
99 -rwx 4547 Feb 22 2019 19:35:36 +00:00 R5.bin
100 -rwx 16352 Feb 22 2019 19:35:37 +00:00 X2.bin
101 -rwx 1916 Feb 22 2019 19:35:37 +00:00 X5.bin
102 -rwx 2460 Feb 22 2019 19:35:37 +00:00 triggerfish_cpld.img
Directory of flash:/ap3g2-k9w8-mx.153-3.JF8/

Directory of flash:/ap3g2-k9w8-mx.153-3.JF8/html/

--More-- Directory of flash:/ap3g2-k9w8-mx.153-3.JF8/html/level/

Directory of flash:/ap3g2-k9w8-mx.153-3.JF8/html/level/1/

Directory of flash:/ap3g2-k9w8-mx.153-3.JF8/html/level/1/images/

107 -rwx 1648 Feb 22 2019 19:35:37 +00:00 cisco-logo-2007.gif
108 -rwx 2822 Feb 22 2019 19:35:37 +00:00 itp-logo.png
109 -rwx 732 Feb 22 2019 19:35:37 +00:00 background_web41.jpg
110 -rwx 399 Feb 22 2019 19:35:37 +00:00 info.gif
111 -rwx 19671 Feb 22 2019 19:35:38 +00:00 login_homeap.gif
Directory of flash:/ap3g2-k9w8-mx.153-3.JF8/html/level/1/

112 -rwx 17290 Feb 22 2019 19:35:38 +00:00 sitewide.js
113 -rwx 20442 Feb 22 2019 19:35:38 +00:00 forms.js
114 -rwx 29225 Feb 22 2019 19:35:38 +00:00 config.js
115 -rwx 779 Feb 22 2019 19:35:39 +00:00 config-oeap.js
116 -rwx 512 Feb 22 2019 19:35:39 +00:00 back.shtml
117 -rwx 41801 Feb 22 2019 19:35:40 +00:00 officeExtendap.css
118 -rwx 1540 Feb 22 2019 19:35:40 +00:00 ap_home.shtml.gz
119 -rwx 95957 Feb 22 2019 19:35:41 +00:00 jquery-1.11.3.min.js
120 -rwx 563 Feb 22 2019 19:35:41 +00:00 appsui.js
Directory of flash:/ap3g2-k9w8-mx.153-3.JF8/html/level/
--More--
Directory of flash:/ap3g2-k9w8-mx.153-3.JF8/html/level/15/

122 -rwx 967 Feb 22 2019 19:35:41 +00:00 easyApManagement.html
123 -rwx 3350 Feb 22 2019 19:35:41 +00:00 officeExtendapMain.shtml.gz
124 -rwx 3147 Feb 22 2019 19:35:41 +00:00 officeExtendapConfig.shtml.gz
125 -rwx 7514 Feb 22 2019 19:35:42 +00:00 officeExtendapBanner.htm
126 -rwx 985 Feb 22 2019 19:35:42 +00:00 officeExtendapSummary.htm
127 -rwx 5721 Feb 22 2019 19:35:42 +00:00 officeExtendapHelp.htm
128 -rwx 988 Feb 22 2019 19:35:42 +00:00 officeExtendapEvent.shtml.gz
129 -rwx 3371 Feb 22 2019 19:35:42 +00:00 easyApManagementSummary.shtml.gz
130 -rwx 4999 Feb 22 2019 19:35:42 +00:00 easyApManagementConfig.shtml.gz
Directory of flash:/ap3g2-k9w8-mx.153-3.JF8/

131 -rwx 8176 Feb 22 2019 19:35:42 +00:00 Q2.bin
132 -rwx 4220 Feb 22 2019 19:35:42 +00:00 F5.bin
133 -rwx 230279 Feb 22 2019 19:35:45 +00:00 ap3g2-k9w8-mx.153-3.JF8
134 -rwx 12848 Feb 22 2019 19:35:45 +00:00 V2.bin
--More-- 135 -rwx 2049 Feb 22 2019 19:35:45 +00:00 HA5.bin
136 -rwx 30368 Feb 22 2019 19:35:45 +00:00 C2.bin
137 -rwx 3609 Feb 22 2019 19:35:45 +00:00 U5.bin
138 -rwx 15184 Feb 22 2019 19:35:45 +00:00 R2.bin
139 -rwx 12724480 Feb 22 2019 19:41:12 +00:00 ap3g2-k9w8-xx.153-3.JF8
140 -rwx 73 Feb 22 2019 19:41:12 +00:00 ap3g2-k9w8-tx.153-3.JF8
141 -rwx 18818 Feb 22 2019 19:41:14 +00:00 uart_firmware_upgrade.bin
142 -rwx 1875 Feb 22 2019 19:41:14 +00:00 Y5.bin
143 -rwx 576021 Feb 22 2019 19:42:33 +00:00 8004.img
144 -rwx 16361 Feb 22 2019 19:42:35 +00:00 C5.bin
145 -rwx 1375 Feb 22 2019 19:42:35 +00:00 img_sign_rel.cert
146 -rwx 514 Feb 22 2019 19:42:35 +00:00 V5.bin
147 -rwx 10512 Feb 22 2019 19:42:36 +00:00 B2.bin
148 -rwx 3957 Feb 22 2019 19:42:37 +00:00 Q5.bin
149 -rwx 19856 Feb 22 2019 19:42:40 +00:00 E2.bin
Directory of flash:/

6 -rwx 368 Sep 27 2019 17:42:27 +00:00 capwap-saved-config-bak
7 -rwx 64 Mar 14 2019 19:04:31 +00:00 sensord_CSPRNG1
8 -rwx 368 Sep 27 2019 17:37:27 +00:00 capwap-saved-config
10 -rwx 282 Sep 27 2019 17:37:27 +00:00 env_vars
11 -rwx 11288 Sep 27 2019 17:42:27 +00:00 private-multiple-fs
40900608 bytes total (18895872 bytes free)
AP843d.c6c7.08e8-Chamber-ROAM2#
AP843d.c6c7.08e8-Chamber-ROAM2#
AP843d.c6c7.08e8-Chamber-ROAM2#
AP843d.c6c7.08e8-Chamber-ROAM2#
AP843d.c6c7.08e8-Chamber-ROAM2#

Hall of Fame Community Legend

Re: Cisco WLC 5508 will not allow access points to connect do to a DTLS failure.

Try this on the AP:
debug capwap console cli
delete /f /r flash:/ap3g2-k9w8-mx.153-3.JF8/
reboot
Beginner

Re: Cisco WLC 5508 will not allow access points to connect do to a DTLS failure.

OK I will try it.  Thank you.

Beginner

Re: Cisco WLC 5508 will not allow access points to connect do to a DTLS failure.

Leo,

 

I tried deleting the directory and nothing has changed.   The access point downloaded the same version of LWAPP software and rebooted.   I then tried to connect the access point to the 5508 controller  (by disabling the 2504) and I got the same DTLS version error message.   The version of the downloaded software was the same as the original ap3g2-k9w8-mx.153-3.JF8 did you expect a change versions from the controller?   Thank you.

Hall of Fame Community Legend

Re: Cisco WLC 5508 will not allow access points to connect do to a DTLS failure.

Check the controller license and see if there AP license has been breached or not.
Beginner

Re: Cisco WLC 5508 will not allow access points to connect do to a DTLS failure.

No the licensing has not changed.   Other access points like the 2800 and 3800 can connect without a problem.   It is just the 3702 that has a problem with the connection.   What should the license look like?   The active license simply states that 12 access points are the maximum supported I only have 7 access points.

Hall of Fame Community Legend

Re: Cisco WLC 5508 will not allow access points to connect do to a DTLS failure.

Can you post the complete output to the command "sh capwap ap client rcb".

Console into the AP and enter this command: capwap ap primary-base <WLC NAME> <WLC IP address>

Beginner

Re: Cisco WLC 5508 will not allow access points to connect do to a DTLS failure.

The commands do not produce any output.   The "sh capwap ap client rcb"  doesn't work all on the access point or on the controller?   Not sure why.  The sh capwap ap client rcb is incorrect should be sh capwap client rcb.   One thing I see is the software version number is incorrect command shows 8.5.135.0 and the controller is running 8.5.135.0.

 

Access Point:

 

AP843d.c6c7.08e8-Chamber-ROAM2#$rimary-base Glacier_Bear 172.31.56.242
AP843d.c6c7.08e8-Chamber-ROAM2#

AdminState : ADMIN_ENABLED
SwVer : 8.5.135.0
NumFilledSlots : 2
Name : AP843d.c6c7.08e8-Chamber-ROAM2
Location : default location
MwarName : Glacier_Bear
MwarApMgrIp : 172.31.56.242
MwarHwVer : 0.0.0.0
ApMode : Local
ApSubMode : Not Configured
OperationState : DTLS SETUP
CAPWAP Path MTU : 576
Link-Encryption (AP) : Disabled
Link-Encryption (MWAR) : Disabled
Prefer-mode : IPv4
LinkAuditing : disabled
AP Rogue Detection Mode : Enabled
AP Tcp MSS Adjust : Disabled
Predownload Status : None
Auto Immune Status : Disabled
RA Guard Status : Disabled
Efficient Upgrade State : Disabled
Efficient Upgrade Role : None
TFTP Server : Disabled
Antenna Band Mode : Unknown
Universal AP Priming mode : Unprimed
802.11bg(0) Radio
ADMIN State = DISABLE [2]
OPER State = DOWN [1]
CONFIG State = UP [2]
HW State = UP [4]
Radio Mode : Local
GPR Period : 0
Beacon Period : 0
DTIM Period : 0
World Mode : 1
VoceraFix : 0
Dfs peakdetect : 1
Fragmentation Threshold : 0
Current Tx Power Level : 2
Current Channel : 2
Current Bandwidth : 20
802.11a(1) Radio
ADMIN State = ENABLE [1]
OPER State = DOWN [1]
CONFIG State = UP [2]
HW State = UP [4]
Radio Mode : Local
GPR Period : 0
Beacon Period : 0
DTIM Period : 0
World Mode : 1
VoceraFix : 0
Dfs peakdetect : 1
Fragmentation Threshold : 0
Current Tx Power Level : 1
Current Channel : 120
Current Bandwidth : 20

HYPERLOCATION ADMIN STATE : 0
WLC GATEWAY MAC : 00:00:00:00:00:00
WLC HYPERLOCATION SRC PORT : 0
Remote Machine's IP : 0.0.0.0
Cisco Trustsec Config
CTS Override state : Disabled
AP InlineTagging : Disabled
SGACL Enforcement : Disabled

Hall of Fame Community Legend

Re: Cisco WLC 5508 will not allow access points to connect do to a DTLS failure.

I've got one more trick ...
In CLI, post the complete output to the command "sh ap join stats detailed AP843d.c6c7.08e8-Chamber-ROAM2".
Beginner

Re: Cisco WLC 5508 will not allow access points to connect do to a DTLS failure.

In CLI, post the complete output to the command "sh ap join stats detailed AP843d.c6c7.08e8-Chamber-ROAM2"

 

This command doesn't work on the access point side.   Something is wrong with the syntax.

 

Regards,

 

Doug

Highlighted
Hall of Fame Community Legend

Re: Cisco WLC 5508 will not allow access points to connect do to a DTLS failure.

That command is for the WLC.
CreatePlease to create content
Content for Community-Ad
August's Community Spotlight Awards