Re: 4400 DTLS error AP will not register.

st.scot.222 · ‎01-11-2011

I have just upgraded one of our 4400 to 7.0.98.0. Most of the AP re-registered with out issues. I have two AIR-LAP1142N-E-K9 on a remote site that will not re-register.

I have pointed them to another 2125 WLC ( 7.0.98.0) and they register fine. Point them to yet another 4400 (7.0.98.0) I get the same issue.

I am getting this error when the register on the 4400s.

*Jan 11 14:39:24.000: %CAPWAP-3-ERRORLOG: Selected MWAR 'abzewwlc'(index 1).
*Jan 11 14:39:24.000: %CAPWAP-3-ERRORLOG: Go join a capwap controller
*Jan 11 07:05:55.000: %CAPWAP-5-DTLSREQSEND: DTLS connection request sent peer_ip: 144.46.211.5 peer_port: 5246
*Jan 11 07:06:55.000: %DTLS-5-SEND_ALERT: Send FATAL : Close notify Alert to 144.46.211.5:5246

I suspect it may be as they both have In the client config.Then again maybe not.

Configured Switch 1 Addr 158.139.177.203
Configured Switch 2 Addr 144.46.214.25

Question 1 if I do a "clear config except static IP" will I still be able to telnet tp them or will they default to no telnet no ssh ?

Question 2 any idea how to get past this DTLS error ?

Federico Ziliotto · ‎01-13-2011

Hi Stuart,

Could you please attch the following info:

1. From the 440x WLC:

show run-config

2. From the 2125 WLC (when the affected 1142 AP is registered to it):

show ap config general

Regards,

Fede

--

If this helps you and/or answers your question please mark the question as "answered" and/or rate it, so other users can easily find it.

Federico Ziliotto · ‎01-13-2011

Thank you for the attachments Stuart.

The AP is configured with wrong parameters for the 4402 WLC.

On the AP we have:

Primary Cisco Switch Name........................ lonwlc01

Primary Cisco Switch IP Address.................. 144.46.214.25

Secondary Cisco Switch Name...................... abzewwlc

Secondary Cisco Switch IP Address................ 144.46.211.4

But the 4402 WLC actually has:

System Name...................................... abzwwwlc

IP Address....................................... 144.46.211.6

Also, if you'd like the AP to join the 4402 as a first choice, you should configure it as follows:

Primary Cisco Switch Name........................ abzwwwlc

Primary Cisco Switch IP Address.................. 144.46.211.6

Secondary Cisco Switch Name...................... lonwlc01

Secondary Cisco Switch IP Address................ 144.46.214.25

In case of replies from both controllers, the primary will always be the preferred one.

Regards,

Fede

--

If this helps you and/or answers your question please mark the question as "answered" and/or rate it, so other users can easily find it.

st.scot.222 · ‎01-13-2011

Hi Fede

lonwlc01 is the 2125 WLC. When I register to lonwlc01 the AP works, unfortunately I can not use this WLC as it is further way and has not got the AP groups I need.

abzwwwlc is one of our many 4400. When I force it to register to abzwwwlc or any other 4400 then I get the DTLS error shown above.

Regards Stuart

Federico Ziliotto · ‎01-13-2011

Hi Stuart,

Please note that the AP is configured with wrong parameters for the 4402 WLC.

On the AP we have:

Primary Cisco Switch Name........................ lonwlc01

Primary Cisco Switch IP Address.................. 144.46.214.25

Secondary Cisco Switch Name...................... abzewwlc

Secondary Cisco Switch IP Address................ 144.46.211.4

But the 4402 WLC actually has:

System Name...................................... abzwwwlc

IP Address....................................... 144.46.211.6

Also, if you'd like the AP to join the 4402 as a first choice, you should configure it as follows:

Primary Cisco Switch Name........................ abzwwwlc

Primary Cisco Switch IP Address.................. 144.46.211.6

Secondary Cisco Switch Name...................... lonwlc01

Secondary Cisco Switch IP Address................ 144.46.214.25

Regards,

Fede

--

If this helps you and/or answers your question please mark the question as "answered" and/or rate it, so other users can easily find it.