%CAPWAP-3-DATA_KEEPALIVE_ERR: Failed to receive data keep-alive

ajc · ‎08-19-2020

We are getting the following error message multiple times on an AP migrated to SD-WAN (travelling via IPSEC instead of previous MPLS WAN Link), meaning encapsulation for CAPWAP + IPSEC Encap.

*Aug 19 16:27:36.000: %CAPWAP-3-DATA_KEEPALIVE_ERR: Failed to receive data keep-alive *Aug 19 16:27:36.000: %DTLS-5-SEND_ALERT: Send FATAL : Close notify Alert to 172.1.1.1:5246

I checked another post about AP GROUP Name using "_" as the reason but that is not the case for us. So further investigation lead me to the following link thinking that some larger packets were dropped so MTU could be a reason.

https://www.cisco.com/c/en/us/support/docs/wireless/wireless-lan-controller-software/211405-Configure-CAPWAP-Path-MTU-Discovery.html

Next the MTU negotiated by the AP to the WLC

(Cisco Controller) >show ap config general APTESTING

Cisco AP Identifier.............................. 520
Cisco AP Name.................................... APTESTING
CAPWAP Path MTU.................................. 576
Cisco AP Group Name.............................. TESTINGACCESSPOINT
Primary Cisco Switch Name........................ DC-WiFi-WLC

%CAPWAP-3-DATA_KEEPALIVE_ERR: Failed to receive data keep-alive

The Effect of Enabled Probe Suppression in a MACRO/Micro Cell Architecture of Cisco AP3802I

Security Vulnerabilities Disclosed for SAE Handshake – no update needed for Cisco Wireless products

Recovery of missing 8540/5520 Manufacturing Installed Certificates