Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
654
Views
10
Helpful
4
Replies

Air-AP1142N-K-K9 compatibles with WLC 2504

Go to solution
SeokGeunChoi73564
Beginner
Beginner

‎12-06-2021 06:59 PM - edited ‎12-06-2021 07:01 PM

Hi, I'm trying to connect AP to WLC

But I think firmware compatible doesn't match.

AP : Air-AP1142N-K-K9

c1140-k9w8-mx.153-3.JC8/c1140-k9w8-xx.153-3.JC8

 

WLC : WLC 2504

8.2.160.0

 

Am I have to do upgrade/downgrade of WLC or AP?

If I need to do, where I can find firmware files?

(AP1140 series firmware don't exist on software.cisco.com)

+

AP can't connect with WLC 2504 - 8.2.160.0 (192.168.1.91)

Dec 7 01:55:34.017: DTLS_CLIENT_ERROR: ../capwap/base_capwap/capwap/base_capwap_wtp_dtls.c:509 Certificate verified failed!
Dec 7 01:55:34.017: %DTLS-5-SEND_ALERT: Send FATAL : Bad certificate Alert to 192.168.1.91:5246
Dec 7 01:55:34.018: %DTLS-5-SEND_ALERT: Send FATAL : Close notify Alert to 192.168.1.91:5246
Dec 7 01:56:39.000: %CAPWAP-5-DTLSREQSEND: DTLS connection request sent peer_ip: 192.168.1.91 peer_port: 5246
Dec 7 01:56:45.001: DTLS_CLIENT_ERROR: ../capwap/base_capwap/dtls/base_capwap_dtls_handshake.c:929 Unexpected message received while expecting HelloVerifyRequest
Dec 7 01:56:45.001: %DTLS-5-SEND_ALERT: Send FATAL : Unexpected message Alert to 192.168.1.91:5246
Dec 7 01:56:45.001: %DTLS-5-SEND_ALERT: Send FATAL : Close notify Alert to 192.168.1.91:5246
Dec 7 01:57:44.000: %CAPWAP-5-DTLSREQSEND: DTLS connection request sent peer_ip: 192.168.1.91 peer_port: 5246
Dec 7 01:57:58.001: DTLS_CLIENT_ERROR: ../capwap/base_capwap/dtls/base_capwap_dtls_handshake.c:929 Unexpected message received while expecting HelloVerifyRequest
Dec 7 01:57:58.001: %DTLS-5-SEND_ALERT: Send FATAL : Unexpected message Alert to 192.168.1.91:5246
Dec 7 01:57:58.001: %DTLS-5-SEND_ALERT: Send FATAL : Close notify Alert to 192.168.1.91:5246
Dec 7 01:58:49.000: %CAPWAP-5-DTLSREQSEND: DTLS connection request sent peer_ip: 192.168.254.200 peer_port: 5246
Dec 7 01:59:18.999: DTLS_CLIENT_ERROR: ../capwap/base_capwap/dtls/base_capwap_dtls_connection_db.c:2214 Max retransmission count reached for Connection 0x28F52A0!

 

0 Helpful
2 Accepted Solutions

Accepted Solutions

Go to solution
Sandeep Choudhary
Mentor
Mentor

‎12-06-2021 11:20 PM

Hi,

 

Looks like certificate of the access points had expired due to their age.

Please run the below mentioned command on WLC and check again.

 

WLC#config ap cert-expiry-ignore mic enable

 

Regards

Dont forget to rate helpful posts

View solution in original post

Go to solution
davidc_86
Beginner
Beginner
In response to Sandeep Choudhary

‎09-02-2022 04:11 AM

Hi, i seem to have a problem like this, i have a 2504 in a lab setup that rejects the 1142 access points though i have a 3702 connected. i did try this conmmand and it did help, but still no good. if anyone has any ideas, i did update the wlc to 8.5. If anyone can see what ive done wrong that be great thanks.

WLC#config ap cert-expiry-ignore mic enable

Ap log:  

Translating "CISCO-CAPWAP-CONTROLLER"...domain server (10.0.30.1)

*Sep 2 10:54:18.000: %CAPWAP-5-DTLSREQSEND: DTLS connection request sent peer_ip: 10.0.30.109 peer_port: 5246
*Sep 2 10:54:19.430: %CAPWAP-5-DTLSREQSUCC: DTLS connection created sucessfully peer_ip: 10.0.30.109 peer_port: 5246
*Sep 2 10:54:19.430: %CAPWAP-5-SENDJOIN: sending Join Request to 10.0.30.109
*Sep 2 10:54:19.433: %DTLS-5-ALERT: Received WARNING : Close notify alert from 10.0.30.109
*Sep 2 10:54:19.433: %DTLS-5-SEND_ALERT: Send FATAL : Close notify Alert to 10.0.30.109:5246
*Sep 2 10:54:19.000: %CAPWAP-5-DTLSREQSEND: DTLS connection request sent peer_ip: 10.0.30.109 peer_port: 5246
*Sep 2 10:54:19.430: %CAPWAP-5-DTLSREQSUCC: DTLS connection created sucessfully peer_ip: 10.0.30.109 peer_port: 5246
*Sep 2 10:54:19.431: %CAPWAP-5-SENDJOIN: sending Join Request to 10.0.30.109
*Sep 2 10:54:19.435: %DTLS-5-ALERT: Received WARNING : Close notify alert from 10.0.30.109
*Sep 2 10:54:19.435: %DTLS-5-SEND_ALERT: Send FATAL : Close notify Alert to 10.0.30.109:5246

wlc

Manufacturer's Name.............................. Cisco Systems Inc.
Product Name..................................... Cisco Controller
Product Version.................................. 8.5.103.0
Bootloader Version............................... 1.0.20
Field Recovery Image Version..................... 7.6.101.1
Firmware Version................................. PIC 16.0


OUI File Last Update Time........................ Sun Sep 07 10:44:07 IST 2014


Build Type....................................... DATA + WPS

System Name...................................... CiscoWlc
System Location..................................
System Contact...................................
System ObjectID.................................. 1.3.6.1.4.1.9.1.1279
IP Address....................................... 10.0.30.109
IPv6 Address..................................... ::
Last Reset....................................... Power on reset
System Up Time................................... 0 days 0 hrs 35 mins 42 secs

--More-- or (q)uit
System Timezone Location.........................
System Stats Realtime Interval................... 5
System Stats Normal Interval..................... 180

Configured Country............................... Multiple Countries : AU,US
Operating Environment............................ Commercial (0 to 40 C)
Internal Temp Alarm Limits....................... 0 to 65 C
Internal Temperature............................. +33 C
External Temperature............................. +37 C
Fan Status....................................... 3900 rpm

State of 802.11b Network......................... Enabled
State of 802.11a Network......................... Enabled
Number of WLANs.................................. 1
Number of Active Clients......................... 0

OUI Classification Failure Count................. 0

Burned-in MAC Address............................ 50:06:04:CA:60:A0
Maximum number of APs supported.................. 75
System Nas-Id....................................
WLC MIC Certificate Types........................ SHA1


Time............................................. Fri Sep 2 11:06:08 2022

Timezone delta................................... 0:0
Timezone location................................

NTP Servers
NTP Polling Interval......................... 5000

Index NTP Key Index NTP Server Status NTP Msg Auth Status
------- ----------------------------------------------------------------------------------------------
1 0 168.61.215.74 In Sync AUTH DISABLED

Ap

Cisco IOS Software, C1140 Software (C1140-K9W8-M), Version 15.3(3)JD17, RELEASE SOFTWARE (fc2)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2019 by Cisco Systems, Inc.
Compiled Fri 12-Apr-19 05:21 by prod_rel_team

ROM: Bootstrap program is C1140 boot loader
BOOTLDR: C1140 Boot Loader (C1140-BOOT-M) Version 12.4(18a)JA3, RELEASE SOFTWARE (fc1)

cisco AIR-LAP1142N-A-K9 (PowerPC405ex) processor (revision B0) with 98294K/32768K bytes of memory.
Processor board ID FTX1432K16K
PowerPC405ex CPU at 586Mhz, revision number 0x147E
Last reset from watchdog timer expired
LWAPP image version 8.3.150.0
1 Gigabit Ethernet interface
2 802.11 Radios

32K bytes of flash-simulated non-volatile configuration memory.
Base ethernet MAC Address: F8:66:F2:67:5B:DE
Part Number : 73-11451-08
PCB Serial Number : FOC14300A6J
Top Assembly Part Number : 800-31273-04
Top Assembly Serial Number : FTX1432K16K
Top Revision Number : A0
Product/Model Number : AIR-LAP1142N-A-K9

 

 

 

 

 

 

View solution in original post