Hi all,

We are trying to deploy our wireless network using wireless controller function on Cisco 4500 Sup8E.

However, we have got a very weird problem with Cisco 3702E AP joining Cisco 4500 Sup8E WLC.

Device information:

- Cisco Sup8E: cat4500es8-UNIVERSALK9-M - Version 03.07.03E 

'WS-X45-SUP8-E'
   License Level: ipbase   Type: Permanent Right-To-Use

StoreIndex: 6 Feature: apcount  Version: 1.0
      License Type: PermanentRightToUse
      License State: Active, Not in Use, EULA accepted
      License Count: 100/0

Configured Country.............................: VN  - Vietnam
  Configured Country Codes
  VN  - Vietnam : 802.11a Indoor,Outdoor/ 802.11b / 802.11g

- Cisco 3702E AP:

AIR-CAP3702E-E-K9

Connection:  AP connects to an access port on Cisco 4500 Sup8E, AP is on same VLAN with wireless management interface of WLC. AP and WLC can ping successfully.

Problem: AP cannot join WLC with the following log. It seems that AP and WLC could not establish DTLS connection. I cannot find any errors within the log files for further investigation.

- Log on WLC: attachment (WLC-01.txt)

Loop with messages:

DTLS connection find by 0x1facf4e4 with Local 172.29.149.131:5246  Peer 172.29.149.175:33324
ecbd.1d4b.57b0 Buffer length 69, alloc_len 73
ecbd.1d4b.57b0 record=Handshake epoch=0 seq=0
ecbd.1d4b.57b0 con->rx_seq_valid 255 con->rx_epoch 1 epoch 0
ecbd.1d4b.57b0 Epoch 0 expired
ecbd.1d4b.57b0 Nothing to be done for this packet! 0x225f57f0

- Log on AP: attachment (AP-01.txt)

Loop with messages:

%CAPWAP-3-ERRORLOG: Selected MWAR 'SW-3F_1'(index 0).
%CAPWAP-3-ERRORLOG: Go join a capwap controller
%CAPWAP-5-DTLSREQSEND: DTLS connection request sent peer_ip: 172.29.149.131 peer_port: 5246
DTLS_CLIENT_ERROR: ../capwap/base_capwap/dtls/base_capwap_dtls_connection_db.c:2176 Max retransmission count reached!
%DTLS-5-SEND_ALERT: Send FATAL : Close notify Alert to 172.29.149.131:5246

Many thanks in advanced!