Buy or Renew
Buy or Renew
Cisco Virtual Engineer generative AI bot now active in Wireless Discussion Forum. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1160
Views
10
Helpful
7
Replies

2802i Failing to Join 9800-CL

scottbreslin
Level 1
Level 1

‎10-06-2022 12:31 PM

Hi,

I have a 2802i that will not sustain a connection to a 9800-CL.   The WLC is running version 17.03.04 software release.  The AP join the WLC and broadcasts SSID for a few seconds  but then drops the connection.

I have trustpoint configured on WLC:

WLC#show wireless management trustpoint
Trustpoint Name : WLC_WLC_TP
Certificate Info : Available
Certificate Type : SSC
Certificate Hash : 5e470c136e2b1ecd0fee05dac60f057742ba12f0
Private key Info : Available
FIPS suitability : Not Applicable

Output from AP:

[*10/06/2022 12:19:39.0788] Discovery Response from 192.168.1.201
[*10/06/2022 12:19:39.0792] Discovery Response from 192.168.1.201
[*10/06/2022 12:19:48.0003]
[*10/06/2022 12:19:48.0003] CAPWAP State: DTLS Setup
[*10/06/2022 12:19:48.8927] First connect to vWLC, accept vWLC by default
[*10/06/2022 12:19:48.8927]
[*10/06/2022 12:19:48.9447]
[*10/06/2022 12:19:48.9447] CAPWAP State: Join
[*10/06/2022 12:19:48.9479] Sending Join request to 192.168.1.201 through port 5264
[*10/06/2022 12:19:49.0494] Join Response from 192.168.1.201
[*10/06/2022 12:19:49.0494] AC accepted join request with result code: 0
[*10/06/2022 12:19:49.0730] Received wlcType 0, timer 30
[*10/06/2022 12:19:49.2144]
[*10/06/2022 12:19:49.2144] CAPWAP State: Image Data
[*10/06/2022 12:19:49.2148] AP image version 17.3.5.43 backup 17.6.4.56, Controller 17.3.5.43
[*10/06/2022 12:19:49.2148] Version is the same, do not need update.
[*10/06/2022 12:19:49.2434] upgrade.sh: Script called with args:[NO_UPGRADE]
[*10/06/2022 12:19:49.3012] do NO_UPGRADE, part2 is active part
[*10/06/2022 12:19:49.3079]
[*10/06/2022 12:19:49.3079] CAPWAP State: Configure
[*10/06/2022 12:19:50.4192] DOT11_CFG[1]: Starting radio 1
[*10/06/2022 12:19:51.1120] DOT11_DRV[1]: Started Radio 1
[*10/06/2022 12:19:51.1126] DOT11_CFG[0]: Starting radio 0
[*10/06/2022 12:19:51.7759] DOT11_DRV[0]: Started Radio 0
[*10/06/2022 12:19:52.0913] Null cert id for TLV_AP_CACERTS_CONFIG_PAYLOAD
[*10/06/2022 12:19:52.2590]
[*10/06/2022 12:19:52.2590] CAPWAP State: Run
[*10/06/2022 12:19:52.2887] AP has joined controller
[*10/06/2022 12:19:53.8342] Previous AP mode is 0, change to 0
[*10/06/2022 12:19:54.0608] chpasswd: password for user changed
[*10/06/2022 12:19:54.2214]
[*10/06/2022 12:19:54.2214] Same LSC mode, no action needed
[*10/06/2022 12:19:54.2215] TLV ID 2584 not found
[*10/06/2022 12:19:54.2215] TLV-DEC-ERR-1: No proc for 2584
[*10/06/2022 12:19:54.8366] TLV ID 1356 not found
[*10/06/2022 12:19:54.8366] TLV-DEC-ERR-1: No proc for 1356
[*10/06/2022 12:19:55.7979] Got WSA Server config TLVs
[*10/06/2022 12:19:56.6013] AP tag change to Lab_TAG
[*10/06/2022 12:19:56.6816] flags value is 1
[*10/06/2022 12:19:57.1770] Powering down BLE radio
[*10/06/2022 12:20:19.9320] set cleanair [slot0][band0] enabled
[*10/06/2022 12:20:19.9736] set cleanair [slot0][band1] enabled
[*10/06/2022 12:20:19.9969] set cleanair [slot1][band1] enabled
[*10/06/2022 12:21:43.2191] FOUND CONFIGURED WLC (Primary) REDISCOVER TO CONNECT WITH THAT.
[*10/06/2022 12:21:43.2926]
[*10/06/2022 12:21:43.2926] CAPWAP State: DTLS Teardown
[*10/06/2022 12:21:43.3625] DOT11_DRV[0]: Stopped Radio 0
[*10/06/2022 12:21:43.3824] DOT11_DRV[1]: Stopped Radio 1
[*10/06/2022 12:21:44.4663] upgrade.sh: Script called with args:[ABORT]
[*10/06/2022 12:21:44.5233] do ABORT, part2 is active part
[*10/06/2022 12:21:44.5387] upgrade.sh: Cleanup tmp files ...
[*10/06/2022 12:21:44.5728] Dropping dtls packet since session is not established. Peer 192.168.1.201-5246, Local 192.168.1.207-5264, conn (nil)
[*10/06/2022 12:21:44.5730] Discarding msg CAPWAP_WTP_EVENT_REQUEST(type 9) in CAPWAP state: DTLS Teardown(4).
[*10/06/2022 12:21:44.5730] Discarding msg CAPWAP_WTP_EVENT_REQUEST(type 9) in CAPWAP state: DTLS Teardown(4).

Can someone please advise?

Thanks

Labels:
0 Helpful
7 Replies 7

Haydn Andrews
VIP Alumni
VIP Alumni

‎10-06-2022 02:16 PM

Do other APs join the WLC?

*****Help out other by using the rating system and marking answered questions as "Answered"*****
*** Please rate helpful posts ***
0 Helpful

scottbreslin
Level 1
Level 1
In response to Haydn Andrews

‎10-06-2022 02:23 PM

I only have this AP to hand, as its part of a Lab setup

0 Helpful

Leo Laohoo
Hall of Fame
Hall of Fame

‎10-06-2022 03:14 PM

"sh run | include wireless management".  Is there an output to this command?

0 Helpful

Kasun Bandara
VIP
VIP

‎10-06-2022 10:23 PM

check this thread if you are in scenario like flex connect or highly overloaded network.

https://community.cisco.com/t5/wireless/capwap-state-dtls-teardown/td-p/4160587

 

Please rate this and mark as solution/answer, if this resolved your issue
Good luck
KB
0 Helpful

reccon
Level 1
Level 1

‎10-07-2022 12:25 AM

[*10/06/2022 12:21:43.2191] FOUND CONFIGURED WLC (Primary) REDISCOVER TO CONNECT WITH THAT.

According to that message I would assume that there is primary controller configured on the AP and it's tying to connect to this controller instead of 192.168.1.201

Did you check that on the AP?

Rich R
VIP
VIP

‎10-07-2022 06:49 AM

Yep I thought the same as @reccon - check the primary/secondary/tertiary controllers set on the AP.
Or just do a factory default reset on the AP to clear out whatever is set.

------------------------------
Please click Helpful if this post helped you and Select as Solution (drop down menu at top right of this reply) if this answered your query.
------------------------------
TAC recommended codes for AireOS WLC's   and   TAC recommended codes for 9800 WLC's
Best Practices for AireOS WLC's,   Best Practices for 9800 WLC's   and   Cisco Wireless compatibility matrix
Check your 9800 WLC config with Wireless Config Analyzer using "show tech wireless" output or "config paging disable" then "show run-config" output on AireOS and use Wireless Debug Analyzer to analyze your WLC client debugs
Field Notice: FN63942 APs and WLCs Fail to Create CAPWAP Connections Due to Certificate Expiration
Field Notice: FN72424 Later Versions of WiFi 6 APs Fail to Join WLC - Software Upgrade Required
Field Notice: FN72524 IOS APs stuck in downloading state after 4 Dec 2022 due to Certificate Expired
- Fixed in 8.10.196.0, latest 9800 releases, 8.5.182.12 (8.5.182.13 for 3504) and 8.5.182.109 (IRCM, 8.5.182.111 for 3504)
Field Notice: FN70479 AP Fails to Join or Joins with 1 Radio due to Country Mismatch, RMA needed
How to avoid boot loop due to corrupted image on Wave 2 and Catalyst 11ax Access Points (CSCvx32806)
Field Notice: FN74035 - Wave2 APs DFS May Not Detect Radar After Channel Availability Check Time
Leo's list of bugs affecting 2800/3800/4800/1560 APs
0 Helpful

scottbreslin
Level 1
Level 1

‎10-07-2022 08:32 AM

Thank you for all the replies.  I have now sorted the issue, basically I had created the certificate on the vwlc before configuring NTP.  Therefore, I think there was some sort of mismatch with the date and time stamp.  Adding NTP and then re-creating the certificate has now rectified the issue.

Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card