cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
588
Views
10
Helpful
4
Replies

Air-AP1142N-K-K9 compatibles with WLC 2504

Hi, I'm trying to connect AP to WLC

But I think firmware compatible doesn't match.

AP : Air-AP1142N-K-K9

c1140-k9w8-mx.153-3.JC8/c1140-k9w8-xx.153-3.JC8

 

WLC : WLC 2504

8.2.160.0

 

Am I have to do upgrade/downgrade of WLC or AP?

If I need to do, where I can find firmware files?

(AP1140 series firmware don't exist on software.cisco.com)

+

AP can't connect with WLC 2504 - 8.2.160.0 (192.168.1.91)

Dec 7 01:55:34.017: DTLS_CLIENT_ERROR: ../capwap/base_capwap/capwap/base_capwap_wtp_dtls.c:509 Certificate verified failed!
Dec 7 01:55:34.017: %DTLS-5-SEND_ALERT: Send FATAL : Bad certificate Alert to 192.168.1.91:5246
Dec 7 01:55:34.018: %DTLS-5-SEND_ALERT: Send FATAL : Close notify Alert to 192.168.1.91:5246
Dec 7 01:56:39.000: %CAPWAP-5-DTLSREQSEND: DTLS connection request sent peer_ip: 192.168.1.91 peer_port: 5246
Dec 7 01:56:45.001: DTLS_CLIENT_ERROR: ../capwap/base_capwap/dtls/base_capwap_dtls_handshake.c:929 Unexpected message received while expecting HelloVerifyRequest
Dec 7 01:56:45.001: %DTLS-5-SEND_ALERT: Send FATAL : Unexpected message Alert to 192.168.1.91:5246
Dec 7 01:56:45.001: %DTLS-5-SEND_ALERT: Send FATAL : Close notify Alert to 192.168.1.91:5246
Dec 7 01:57:44.000: %CAPWAP-5-DTLSREQSEND: DTLS connection request sent peer_ip: 192.168.1.91 peer_port: 5246
Dec 7 01:57:58.001: DTLS_CLIENT_ERROR: ../capwap/base_capwap/dtls/base_capwap_dtls_handshake.c:929 Unexpected message received while expecting HelloVerifyRequest
Dec 7 01:57:58.001: %DTLS-5-SEND_ALERT: Send FATAL : Unexpected message Alert to 192.168.1.91:5246
Dec 7 01:57:58.001: %DTLS-5-SEND_ALERT: Send FATAL : Close notify Alert to 192.168.1.91:5246
Dec 7 01:58:49.000: %CAPWAP-5-DTLSREQSEND: DTLS connection request sent peer_ip: 192.168.254.200 peer_port: 5246
Dec 7 01:59:18.999: DTLS_CLIENT_ERROR: ../capwap/base_capwap/dtls/base_capwap_dtls_connection_db.c:2214 Max retransmission count reached for Connection 0x28F52A0!

 

2 Accepted Solutions

Accepted Solutions

Sandeep Choudhary
VIP Mentor VIP Mentor
VIP Mentor

Hi,

 

Looks like certificate of the access points had expired due to their age.

Please run the below mentioned command on WLC and check again.

 

WLC#config ap cert-expiry-ignore mic enable

 

Regards

Dont forget to rate helpful posts

View solution in original post

Hi, i seem to have a problem like this, i have a 2504 in a lab setup that rejects the 1142 access points though i have a 3702 connected. i did try this conmmand and it did help, but still no good. if anyone has any ideas, i did update the wlc to 8.5. If anyone can see what ive done wrong that be great thanks.

WLC#config ap cert-expiry-ignore mic enable

Ap log:  

Translating "CISCO-CAPWAP-CONTROLLER"...domain server (10.0.30.1)

*Sep 2 10:54:18.000: %CAPWAP-5-DTLSREQSEND: DTLS connection request sent peer_ip: 10.0.30.109 peer_port: 5246
*Sep 2 10:54:19.430: %CAPWAP-5-DTLSREQSUCC: DTLS connection created sucessfully peer_ip: 10.0.30.109 peer_port: 5246
*Sep 2 10:54:19.430: %CAPWAP-5-SENDJOIN: sending Join Request to 10.0.30.109
*Sep 2 10:54:19.433: %DTLS-5-ALERT: Received WARNING : Close notify alert from 10.0.30.109
*Sep 2 10:54:19.433: %DTLS-5-SEND_ALERT: Send FATAL : Close notify Alert to 10.0.30.109:5246
*Sep 2 10:54:19.000: %CAPWAP-5-DTLSREQSEND: DTLS connection request sent peer_ip: 10.0.30.109 peer_port: 5246
*Sep 2 10:54:19.430: %CAPWAP-5-DTLSREQSUCC: DTLS connection created sucessfully peer_ip: 10.0.30.109 peer_port: 5246
*Sep 2 10:54:19.431: %CAPWAP-5-SENDJOIN: sending Join Request to 10.0.30.109
*Sep 2 10:54:19.435: %DTLS-5-ALERT: Received WARNING : Close notify alert from 10.0.30.109
*Sep 2 10:54:19.435: %DTLS-5-SEND_ALERT: Send FATAL : Close notify Alert to 10.0.30.109:5246

wlc

Manufacturer's Name.............................. Cisco Systems Inc.
Product Name..................................... Cisco Controller
Product Version.................................. 8.5.103.0
Bootloader Version............................... 1.0.20
Field Recovery Image Version..................... 7.6.101.1
Firmware Version................................. PIC 16.0


OUI File Last Update Time........................ Sun Sep 07 10:44:07 IST 2014


Build Type....................................... DATA + WPS

System Name...................................... CiscoWlc
System Location..................................
System Contact...................................
System ObjectID.................................. 1.3.6.1.4.1.9.1.1279
IP Address....................................... 10.0.30.109
IPv6 Address..................................... ::
Last Reset....................................... Power on reset
System Up Time................................... 0 days 0 hrs 35 mins 42 secs

--More-- or (q)uit
System Timezone Location.........................
System Stats Realtime Interval................... 5
System Stats Normal Interval..................... 180

Configured Country............................... Multiple Countries : AU,US
Operating Environment............................ Commercial (0 to 40 C)
Internal Temp Alarm Limits....................... 0 to 65 C
Internal Temperature............................. +33 C
External Temperature............................. +37 C
Fan Status....................................... 3900 rpm

State of 802.11b Network......................... Enabled
State of 802.11a Network......................... Enabled
Number of WLANs.................................. 1
Number of Active Clients......................... 0

OUI Classification Failure Count................. 0

Burned-in MAC Address............................ 50:06:04:CA:60:A0
Maximum number of APs supported.................. 75
System Nas-Id....................................
WLC MIC Certificate Types........................ SHA1


Time............................................. Fri Sep 2 11:06:08 2022

Timezone delta................................... 0:0
Timezone location................................

NTP Servers
NTP Polling Interval......................... 5000

Index NTP Key Index NTP Server Status NTP Msg Auth Status
------- ----------------------------------------------------------------------------------------------
1 0 168.61.215.74 In Sync AUTH DISABLED

Ap

Cisco IOS Software, C1140 Software (C1140-K9W8-M), Version 15.3(3)JD17, RELEASE SOFTWARE (fc2)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2019 by Cisco Systems, Inc.
Compiled Fri 12-Apr-19 05:21 by prod_rel_team

ROM: Bootstrap program is C1140 boot loader
BOOTLDR: C1140 Boot Loader (C1140-BOOT-M) Version 12.4(18a)JA3, RELEASE SOFTWARE (fc1)

cisco AIR-LAP1142N-A-K9 (PowerPC405ex) processor (revision B0) with 98294K/32768K bytes of memory.
Processor board ID FTX1432K16K
PowerPC405ex CPU at 586Mhz, revision number 0x147E
Last reset from watchdog timer expired
LWAPP image version 8.3.150.0
1 Gigabit Ethernet interface
2 802.11 Radios

32K bytes of flash-simulated non-volatile configuration memory.
Base ethernet MAC Address: F8:66:F2:67:5B:DE
Part Number : 73-11451-08
PCB Serial Number : FOC14300A6J
Top Assembly Part Number : 800-31273-04
Top Assembly Serial Number : FTX1432K16K
Top Revision Number : A0
Product/Model Number : AIR-LAP1142N-A-K9

 

 

 

 

 

 

View solution in original post

4 Replies 4

Leo Laohoo
VIP Community Legend VIP Community Legend
VIP Community Legend

Post the complete output to the following commands:

  1. AP:  sh version
  2. AP:  dir
  3. AP:  sh ip int brief
  4. WLC:  sh sysinfo
  5. WLC:  sh time

Sandeep Choudhary
VIP Mentor VIP Mentor
VIP Mentor

Hi,

 

Looks like certificate of the access points had expired due to their age.

Please run the below mentioned command on WLC and check again.

 

WLC#config ap cert-expiry-ignore mic enable

 

Regards

Dont forget to rate helpful posts

Thanks Sandeep Choudhary !

Problem solved

Hi, i seem to have a problem like this, i have a 2504 in a lab setup that rejects the 1142 access points though i have a 3702 connected. i did try this conmmand and it did help, but still no good. if anyone has any ideas, i did update the wlc to 8.5. If anyone can see what ive done wrong that be great thanks.

WLC#config ap cert-expiry-ignore mic enable

Ap log:  

Translating "CISCO-CAPWAP-CONTROLLER"...domain server (10.0.30.1)

*Sep 2 10:54:18.000: %CAPWAP-5-DTLSREQSEND: DTLS connection request sent peer_ip: 10.0.30.109 peer_port: 5246
*Sep 2 10:54:19.430: %CAPWAP-5-DTLSREQSUCC: DTLS connection created sucessfully peer_ip: 10.0.30.109 peer_port: 5246
*Sep 2 10:54:19.430: %CAPWAP-5-SENDJOIN: sending Join Request to 10.0.30.109
*Sep 2 10:54:19.433: %DTLS-5-ALERT: Received WARNING : Close notify alert from 10.0.30.109
*Sep 2 10:54:19.433: %DTLS-5-SEND_ALERT: Send FATAL : Close notify Alert to 10.0.30.109:5246
*Sep 2 10:54:19.000: %CAPWAP-5-DTLSREQSEND: DTLS connection request sent peer_ip: 10.0.30.109 peer_port: 5246
*Sep 2 10:54:19.430: %CAPWAP-5-DTLSREQSUCC: DTLS connection created sucessfully peer_ip: 10.0.30.109 peer_port: 5246
*Sep 2 10:54:19.431: %CAPWAP-5-SENDJOIN: sending Join Request to 10.0.30.109
*Sep 2 10:54:19.435: %DTLS-5-ALERT: Received WARNING : Close notify alert from 10.0.30.109
*Sep 2 10:54:19.435: %DTLS-5-SEND_ALERT: Send FATAL : Close notify Alert to 10.0.30.109:5246

wlc

Manufacturer's Name.............................. Cisco Systems Inc.
Product Name..................................... Cisco Controller
Product Version.................................. 8.5.103.0
Bootloader Version............................... 1.0.20
Field Recovery Image Version..................... 7.6.101.1
Firmware Version................................. PIC 16.0


OUI File Last Update Time........................ Sun Sep 07 10:44:07 IST 2014


Build Type....................................... DATA + WPS

System Name...................................... CiscoWlc
System Location..................................
System Contact...................................
System ObjectID.................................. 1.3.6.1.4.1.9.1.1279
IP Address....................................... 10.0.30.109
IPv6 Address..................................... ::
Last Reset....................................... Power on reset
System Up Time................................... 0 days 0 hrs 35 mins 42 secs

--More-- or (q)uit
System Timezone Location.........................
System Stats Realtime Interval................... 5
System Stats Normal Interval..................... 180

Configured Country............................... Multiple Countries : AU,US
Operating Environment............................ Commercial (0 to 40 C)
Internal Temp Alarm Limits....................... 0 to 65 C
Internal Temperature............................. +33 C
External Temperature............................. +37 C
Fan Status....................................... 3900 rpm

State of 802.11b Network......................... Enabled
State of 802.11a Network......................... Enabled
Number of WLANs.................................. 1
Number of Active Clients......................... 0

OUI Classification Failure Count................. 0

Burned-in MAC Address............................ 50:06:04:CA:60:A0
Maximum number of APs supported.................. 75
System Nas-Id....................................
WLC MIC Certificate Types........................ SHA1


Time............................................. Fri Sep 2 11:06:08 2022

Timezone delta................................... 0:0
Timezone location................................

NTP Servers
NTP Polling Interval......................... 5000

Index NTP Key Index NTP Server Status NTP Msg Auth Status
------- ----------------------------------------------------------------------------------------------
1 0 168.61.215.74 In Sync AUTH DISABLED

Ap

Cisco IOS Software, C1140 Software (C1140-K9W8-M), Version 15.3(3)JD17, RELEASE SOFTWARE (fc2)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2019 by Cisco Systems, Inc.
Compiled Fri 12-Apr-19 05:21 by prod_rel_team

ROM: Bootstrap program is C1140 boot loader
BOOTLDR: C1140 Boot Loader (C1140-BOOT-M) Version 12.4(18a)JA3, RELEASE SOFTWARE (fc1)

cisco AIR-LAP1142N-A-K9 (PowerPC405ex) processor (revision B0) with 98294K/32768K bytes of memory.
Processor board ID FTX1432K16K
PowerPC405ex CPU at 586Mhz, revision number 0x147E
Last reset from watchdog timer expired
LWAPP image version 8.3.150.0
1 Gigabit Ethernet interface
2 802.11 Radios

32K bytes of flash-simulated non-volatile configuration memory.
Base ethernet MAC Address: F8:66:F2:67:5B:DE
Part Number : 73-11451-08
PCB Serial Number : FOC14300A6J
Top Assembly Part Number : 800-31273-04
Top Assembly Serial Number : FTX1432K16K
Top Revision Number : A0
Product/Model Number : AIR-LAP1142N-A-K9

 

 

 

 

 

 

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Recognize Your Peers