08-09-2019 04:42 PM - edited 07-05-2021 10:50 AM
Hello,
I have an issue with a WLC out on a remote site - I dont have console access to the AP's but i have access to the GUI and CLI on the WLC
The WLC is a 2504 running version 8.0.120.0
The APs are in the same vlan as the management interface
The AP's get IP addresses and are talking to the WLC (I can see it in the debugs)
The issue I have is that there was a powercut at the site - after power was restored only my 3 2600 AP's will join the WLC my old 1242's will not join (these were joined previously, before the powercut!)- I have ran a capwap event all debug and get the below output:-
*spamApTask6: Aug 10 00:36:00.968: 00:24:c4:a1:bd:0c DTLS connection not found, creating new connection for 10:174:132:100 (7122) 10:174:132:2 (5246)
*spamApTask6: Aug 10 00:36:01.345: acDtlsPlumbControlPlaneKeys: lrad:10.174.132.100(7122) mwar:10.174.132.2(5246)
*spamApTask6: Aug 10 00:36:01.348: 00:24:c4:a1:bd:0c DTLS connection closed event receivedserver (10.174.132.2/5246) client (10.174.132.100/7122)
*spamApTask6: Aug 10 00:36:01.348: 00:24:c4:a1:bd:0c No entry exists for AP (10.174.132.100/7122)
*spamApTask6: Aug 10 00:36:01.348: 00:24:c4:a1:bd:0c No AP entry exist in temporary database for 10.174.132.100:7122
*spamApTask3: Aug 10 00:35:52.646: 00:26:52:d9:75:90 Discovery Request from 10.174.132.105:7034
*spamApTask3: Aug 10 00:35:52.646: 00:26:52:d9:75:90 Join Priority Processing status = 0, Incoming Ap's Priority 1, MaxLrads = 15, joined Aps =3
*spamApTask3: Aug 10 00:35:52.646: apModel: AIR-LAP1242G-A-K9
*spamApTask3: Aug 10 00:35:52.646: apType = 5 apModel: AIR-LAP1242G-A-K9
*spamApTask3: Aug 10 00:35:52.647: apType: Ox5 bundleApImageVer:
*spamApTask3: Aug 10 00:35:52.647: 00:26:52:d9:75:90 Discovery Response sent to 10.174.132.105 port 7034
*spamApTask3: Aug 10 00:35:52.647: 00:26:52:d9:75:90 Discovery Response sent to 10.174.132.105:7034
Can anyone assist - I have never seen anything like this before, NTP is configured correctly and the WLC has capacity on the licence.
i have tried rebooting the AP's via bouncding the switchports but still the same issue.
Is there anymore useful debugs that I should run?
08-16-2019 07:42 AM
Most probably the 1242 AP certificate has expired, it has a 10 year validity.
You check this by issuing CLI command in the WLC.
config ap cert-expiry-ignore mic enable
config ap cert-expiry-ignore ssc enable
Refer to:
***Please mark as an acceptable solution if it helped you***
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide