Standing up a 9800-CL wireless controller.
Got through the initial deployment, the Day Zero config, and can log into the WLC, but I cannot get my AP's to join it.
AP models are 1832 and 3802.
Tried WLC versions 16.11 and 16.12, both with the same results.
I can ping the WLC from the AP, and I can log into the GUI fine from my PC.
My AP's can reach the controller, but keep dropping the DTLS session when they try to join.
Here's the output from the console on the AP:
[*11/18/2019 22:08:20.0122] CAPWAP State: DTLS Teardown
[*11/18/2019 22:08:24.7707] No more AP manager addresses remain..
[*11/18/2019 22:08:24.7707] No valid AP manager found for controller 'C9800-CL' (ip: 10.10.221.200)
[*11/18/2019 22:08:24.7707] Failed to join controller C9800-CL.
[*11/18/2019 22:08:24.7707] Failed to join controller.
Pls check this post as it describe a workaround for this issue
*** Pls rate all useful responses ***
I found the solution for my lab deployment. As I skipped the day-0 configuration Setup wizzard, I forgot to configure a trustpoint / certificate for the APs.
I had to manually create a trustpoint via CLI:
WLC_Lab#wireless config vwlc-ssc key-size 2048 signature-algo sha256 password 0 ...
WLC_Lab#show wireless management trustpoint
Trustpoint Name : WLC_Lab_WLC_TP
Certificate Info : Available
Certificate Type : SSC
Certificate Hash : a7fa051c906585774843fe2...
Private key Info : Available
FIPS suitability : Not Applicable
Now, the APs can connect to WLC.