cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
5484
Views
5
Helpful
5
Replies
Highlighted
Beginner

9800-CL WLC - No valid AP manager found for controller

Standing up a 9800-CL wireless controller. 

Got through the initial deployment, the Day Zero config, and can log into the WLC, but I cannot get my AP's to join it.

AP models are 1832 and 3802. 

Tried WLC versions 16.11 and 16.12, both with the same results.

I can ping the WLC from the AP, and I can log into the GUI fine from my PC.

My AP's can reach the controller, but keep dropping the DTLS session when they try to join.

Here's the output from the console on the AP:

 

[*11/18/2019 22:08:20.0122] CAPWAP State: DTLS Teardown
[*11/18/2019 22:08:24.7707] No more AP manager addresses remain..
[*11/18/2019 22:08:24.7707] No valid AP manager found for controller 'C9800-CL' (ip: 10.10.221.200)
[*11/18/2019 22:08:24.7707] Failed to join controller C9800-CL.
[*11/18/2019 22:08:24.7707] Failed to join controller.
[*11/18/2019 09:58:31.0000]

 

5 REPLIES 5
Highlighted
VIP Mentor

Pls check this post as it describe a workaround for this issue

https://gblogs.cisco.com/ch-tech/setup-your-lab-with-catalyst-9800-cl/ 

 

HTH

Rasika

*** Pls rate all useful responses ***

Highlighted

Hello! Is there a solution description for IOS WLC 9800-CL? Thanks in advance. 

Best regards Diana 

Highlighted

I found the solution for my lab deployment. As I skipped the day-0 configuration Setup wizzard, I forgot to configure a trustpoint / certificate for the APs.

 

I had to manually create a trustpoint via CLI:

 

WLC_Lab#wireless config vwlc-ssc key-size 2048 signature-algo sha256 password 0 ...

WLC_Lab#show wireless management trustpoint
Trustpoint Name : WLC_Lab_WLC_TP
Certificate Info : Available
Certificate Type : SSC
Certificate Hash : a7fa051c906585774843fe2...
Private key Info : Available
FIPS suitability : Not Applicable

 

Now, the APs can connect to WLC. 

Best regards

Diana 

Highlighted

Yes, trustpoint certificate was my issue as well.

Thank you for posting the response!

Highlighted

Make sure you set NTP, have the country code and Trustpoint defined.
-Scott
*** Please rate helpful posts ***
Content for Community-Ad