The Mesh AP 1500 (MAP) MAC address and the Manufactured Installed Certificate (MIC) are not selected under the access point (AP) policy. When this issue occurs, the Unable to free public key for AP error message appears.
Thu Jan 26 20:23:27 2006: sshpmGetIssuerHandles: Cert is issued by Cisco Systems.
Thu Jan 26 20:23:27 2006: sshpmGetIssuerHandles: SSC is not allowed by config;
Thu Jan 26 20:23:27 2006: LWAPP Join-Request does not include valid certificate
in CERTIFICATE_PAYLOAD from AP 00:13:5f:f9:dc:b0.
Thu Jan 26 20:23:27 2006: sshpmFreePublicKeyHandle: called with (nil)
Thu Jan 26 20:23:27 2006: sshpmFreePublicKeyHandle: NULL argument.
Thu Jan 26 20:23:27 2006: Unable to free public key for AP 00:13:5F:F9:DC:B0
Thu Jan 26 20:23:27 2006: spamDeleteLCB: stats timer not initialized for AP
Thu Jan 26 20:23:27 2006: spamProcessJoinRequest : spamDecodeJoinReq failed
Verify that the Wireless LAN Controller (WLC) time and time zone are correct. Also, add the MAC address of the MAP to the MAC filtering list.
From the GUI, choose WebGUI > Controller > Security, and click MAC filtering under AAA on the left side of the page.
Add the MAC address and the appropriate data, and click Apply.
Choose MIC from the drop-down menu.
Check the self signed cert check box under Security > AP policy.
MIC stands for Manufactured Installed Certificate. APs made after December 2005 have a digital certificate installed on them at the factory. APs before this date need to have a Self Signed Certificate (SSC) generated when they are converted to LWAPP.
The combination of the AP policies and the MAC filter list is necessary because of Cisco bug ID CSCsf21233. The MAPs must be added to the MAC filter list, but at times, they do not work unless they are added to the AP policy list.
Hello, I have an AP Aironet 1832i with Mobility Express 8.8 installed, and I can't seem to find the following:- Session Timeout (https://www.cisco.com/c/en/us/td/docs/wireless/controller/8-8/config-guide/b_cg88/wlan_timeouts.html). It mentions ...
I found some trouble about Wifi internet cannot print out data but LAN can print.I use access point for CISCO WAP-150 and just update version of firmware to 220.127.116.11 on middle last week. but just found trouble on Monday. and for CORE SWITCH i use CISCO SG-...
I’m working on a migration from 5508 to a 9800 WLC, and I notice that the local mac filter command “username xxxx:xxxx:xxxx mac ” does not have an option to add a description. Does anyone knows if there is a way to add a description to a user MAC address ...
Hello Community! We have a highly secure environment with NAC on switchports. We need APs to use pre-provisioned(during staging) LSC certificates (same for DTLS encryption and AP Auth on the WLC) during 802.1x EAP-TLS authentication on the NAC switch...