07-27-2017 06:16 AM - edited 07-05-2021 07:26 AM
I have discovered a serious problem with 1142 APs after moving them to a newer controller version. They were previously ether on WISM or 3750G controllers running 7.0.240.0 or similar. I have moved them to either 2504 or 5520 controller running 8.3.112.0.
Some 1142s ported over fine and are working normally but quite a few broke completely.
It seems any that are HW revision V01 printed on the back are working 100%
I am testing others i have some v02 and v06 i think....
I have a lot of V04 APs that are now broken. If I plug into the console and manage to erase the NVRAM so that I can get them to rejoin a controller on an older software version.
There is nothing in the release notes or bugs i can find to say these are not supported!
A console output from the AP I get the following in an infinite loop.
*Jul 27 12:49:56.458: %CAPWAP-5-CHANGED: CAPWAP changed state to DISCOVERY
*Jul 27 12:49:56.458: %CAPWAP-5-CHANGED: CAPWAP changed state to DISCOVERY
*Jul 27 12:49:56.515: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to administratively down
*Jul 27 12:49:56.515: %LINK-5-CHANGED: Interface Dot11Radio1, changed state to administratively down
*Jul 27 12:49:56.525: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to reset
*Jul 27 12:49:56.540: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to up
*Jul 27 12:49:57.152: status of voice_diag_test from WLC is false
*Jul 27 12:49:57.160: %LINK-5-CHANGED: Interface Dot11Radio1, changed state to reset
*Jul 27 12:49:57.176: %LINK-3-UPDOWN: Interface Dot11Radio1, changed state to up
*Jul 27 12:49:57.000: %CAPWAP-5-DTLSREQSEND: DTLS connection request sent peer_ip: 10.1.1.1 peer_port: 5246
*Jul 27 12:49:57.000: %CAPWAP-5-CHANGED: CAPWAP changed state to
*Jul 27 12:49:57.611: %CAPWAP-5-DTLSREQSUCC: DTLS connection created sucessfully peer_ip: 10.1.1.1 peer_port: 5246
*Jul 27 12:49:57.612: %CAPWAP-5-SENDJOIN: sending Join Request to 10.1.1.1
*Jul 27 12:49:57.612: %CAPWAP-5-CHANGED: CAPWAP changed state to JOIN
*Jul 27 12:50:02.611: %CAPWAP-5-SENDJOIN: sending Join Request to 10.1.1.1
*Jul 27 12:50:02.626: %CAPWAP-3-ERRORLOG: Validate Msg: msg type 4 does not supported payload 215
*Jul 27 12:50:02.626: %LWAPP-3-CLIENTERRORLOG: Validate Msg: msg type 4 does not supported payload 215
*Jul 27 12:50:02.626: %LWAPP-3-CLIENTERRORLOG: Validate Msg: error in unknown payload (received length = 9, payload type = 215)
*Jul 27 12:50:02.626: %CAPWAP-3-ERRORLOG: Failed to validate vendor specific message element type 215 len 9.
*Jul 27 12:50:02.627: %CAPWAP-3-ERRORLOG: Config status: Failed to validate vendor specific message element.
*Jul 27 12:50:02.627: %CAPWAP-3-ERRORLOG: Failed to decode join response.
*Jul 27 12:50:02.670: %DTLS-5-SEND_ALERT: Send FATAL : Close notify Alert to 10.1.1.1:5246
*Jul 27 12:50:02.670: %CAPWAP-3-ERRORLOG: CAPWAP SM handler: Failed to process message type 4 state 4.
07-27-2017 07:48 AM
HV revision V06 do not seem to be affected, they are upgrading OK.
My revision V02 APs are not powering on so I can't test them.
So it just seems to be V04 affected.
I should mention these are all AIR-LAP1142N-E-K9 European AP and the controllers are set correctly to the UK (GB) country code.
07-28-2017 12:09 AM
You wrote in the title 8.3.112.0 while in the body 8.2.112.0, I assume you mean 8.3.x?
You might hit a certificate/age issue here, check: http://www.cisco.com/c/en/us/support/docs/field-notices/639/fn63942.html
07-28-2017 02:07 AM
Yes it should have said 8.3.112.0. I have edited my post.
I looked at the certificate expiry issue. I disabled the age check and also tried setting the controller time back 2 years but that has made no difference.
I also get this problem with AP802GN-E-K9 build in to some 887W routers.
07-28-2017 02:20 AM
Ok, if you also have checked the time and made sure that there are enough free licenses, only one little detail comes to mind. Make sure that the MIC Certificates on the WLC are allowed.
If that doesn't help, I suggest to open a TAC.
07-28-2017 04:15 AM
MICs are allowed no licence capacity issues. Will try to open a TAC.
08-27-2018 05:15 AM
Hello,
Did you have a response from the TAC for your issue ?
Thanks,
Abel
10-04-2018 11:00 AM
Well, I have the same issue, but with a 1141 v4 model.
I had to download manually the IOS, and update from the AP.
From ap:
AP#debug capwap console cli
AP#archive download-sw /overwrite tftp://<tftp-server>/<path-to-code>
After doing that, the AP recognice the WLC and join without problem.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide