Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
4591
Views
0
Helpful
3
Replies

Access points flapping

Marius Gunnerud
VIP
VIP

‎11-18-2015 12:22 PM - edited ‎07-05-2021 04:16 AM

My client has recently moved one of their branch offices from the WAN to a site 2 site VPN setup between an ASA5525 and ASA5506.  All traffic from the branch office goes over the VPN tunnel.

After the move to the VPN the APs keep flapping with the following error on the WLC:

Virtual Domain: ROOT-DOMAIN

 

NCS has detected a change in one or more alarms of category AP and severity Critical in Virtual Domain ROOT-DOMAIN.

The new severity of the following items is Clear:

 

  1. Message: AP 'AP1' associated with Controller '10.27.50.10' on Port number '13'.

 

 

  1. Message: AP 'AP2' associated with Controller '10.27.50.10' on Port number '13'.

 

 

E-mail will be suppressed up to 30 minutes for these changes.

We have played around with the MTU on the WLC but still getting the same result.  We have also adjusted the MTU and MSS on the VPN tunnel but still the same result.

One thing I should mention is that before we started to get these messages the location complained about slow performance to the HQ site and internett.  I saw that there were a lot of large packets that came in with the DF bit set.  I then configured the ASAs to clear the DF bit and the performance issues were solved.  I do not know if the flapping issue was there before this change.

Any ideas?

--
Please remember to select a correct answer and rate helpful posts
Labels:
0 Helpful
3 Replies 3

johnd2310
Level 8
Level 8

‎11-18-2015 04:45 PM

Hi,

Is there a pattern to the flapping? Does it happen at set intervals e.g. every 8 hours?

Thanks

John

**Please rate posts you find helpful**
0 Helpful

Marius Gunnerud
VIP
VIP
In response to johnd2310

‎11-18-2015 11:35 PM

Hi John,

There is no apparent pattern to the flapping.  sometimes it flaps server times every hour and then it is ok for a couple hours and then it starts up again.  Other times it flaps several times in 1 hour, then is ok for about 40 minutes and then starts flapping again.

--
Please remember to select a correct answer and rate helpful posts
0 Helpful

Marius Gunnerud
VIP
VIP
In response to johnd2310

‎11-23-2015 12:07 AM

It turns out that the switch interface connected to the ASA5506 had hardcoded speed and duplex to full / 100.  The ASA (configured with auto / auto) did not accept the speed 100 setting and negotiated itself to 1000.  Oddly enough all traffic, other than CAPWAP, was fine.  Once this was sorted out the APs associated with the WLC and have been stable every since.

Thanks for your reply

--
Please remember to select a correct answer and rate helpful posts
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card