09-18-2023 04:23 AM
Hi,
We have 2 9800-40 controllers on versions 17.3.6 and 17.9.3.
Both are configured with the same join profile and capwap configuration.
They have CAPWAP Advanced -> Data encryption both turned off.
If we capture the packets on the controller running version 17.9.3 we can see the data traffic and read it using Wireshark.
If we capture the packets ont he controller running version 17.3.6 we cannot see the data traffic since this is encrypted as DTLS.
Did anyone experience this before?
From CLI view both setups are the same.
09-18-2023 04:56 AM
- Note that if an access point does not support DTLS data encryption, DTLS is enabled only for the control plane, and a DTLS session for the data plane is not established : you may for instance for a particular AP (having clients) on both controllers compare the output of :
show platform hardware chassis active qfp feature wireless capwap datapath mac-address <APradio-mac> details
show platform hardware chassis active qfp feature wireless capwap datapath mac-address <APradio-mac> statistics
M.
09-18-2023 05:10 AM
Just reconnected the AP using a different Join profile and CAPWAP data seems to be visible again.
@marce1000 thanks for your quick reply! I didn't see any differences so I just connected a different Join profile. Seems to be working now.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide