01-07-2013 10:41 AM - edited 07-03-2021 11:18 PM
I'm getting this error msg with my AP. It sees the IP address of the AP Manager of the WLC 44002, however it times out.
Note: The operating mode for this AP is H-REAP
The WLC is at the DataCenter.
We have APs working at other remote site (MPLS, Network)
The AP (1262) i'm having an issue with is at a remote with regular internet.
I have already configured port fowarding on the Linksys router for port 5246
Please Help!
======
Jan 7 14:28:55.000: %CAPWAP-5-DTLSREQSEND: DTLS connection request sent peer_ip: 10.1.99.3 peer_port: 5246
*Jan 7 14:29:25.003: DTLS_CLIENT_ERROR: ../dtls/dtls_connection_db.c:2017 Max retransmission count reached!
*Jan 7 14:29:25.003: %DTLS-3-HANDSHAKE_RETRANSMIT: Max retransmit count for 10.1.99.3 is reached.
*Jan 7 14:29:55.048: %DTLS-5-SEND_ALERT: Send FATAL : Close notify Alert to 10.1.99.3:5246
*Jan 7 14:29:55.102: %CAPWAP-5-CHANGED: CAPWAP changed state to DISCOVERY
*Jan 7 14:29:55.102: %CAPWAP-5-CHANGED: CAPWAP changed state to DISCOVERY
*Jan 7 14:29:55.162: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to administratively down
*Jan 7 14:29:55.162: %LINK-5-CHANGED: Interface Dot11Radio1, changed state to administratively down
*Jan 7 14:29:55.171: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to reset
*Jan 7 14:29:55.180: status of voice_diag_test from WLC is false
*Jan 7 14:29:55.180: %LINK-3-UPDOWN: Interface Dot11Radio1, changed state to up
*Jan 7 14:29:55.190: %LINK-3-UPDOWN: Interface Dot11Radio0, changed state to up
*Jan 7 14:29:55.199: %LINK-5-CHANGED: Interface Dot11Radio1, changed state to reset
*Jan 7 14:31:04.000: %CAPWAP-5-DTLSREQSEND: DTLS connection request sent peer_ip: 10.1.99.3 peer_port: 5246
*Jan 7 14:31:04.000: %CAPWAP-5-CHANGED: CAPWAP changed state to
VH-SAT-AP1-1262#
*Jan 7 14:31:34.003: DTLS_CLIENT_ERROR: ../dtls/dtls_connection_db.c:2017 Max retransmission count reached!
*Jan 7 14:31:34.003: %DTLS-3-HANDSHAKE_RETRANSMIT: Max retransmit count for 10.1.99.3 is reached.
01-07-2013 11:32 AM
Hi,
Allow port forwarding for udp port 5247 as well.
udp port 5246 is used for control while udp 5247 is used for data.
HTH
Amjad
Sent from Cisco Technical Support iPad App
01-07-2013 11:54 AM
Amjad:
Thanks I did also. Still not working.
01-07-2013 11:57 AM
Make sure you enable the 5246 to both the management and AP-Manager IP address.
HTH,
Steve
------------------------------------------------------------------------------------------------
Please remember to rate useful posts, and mark questions as answered
01-07-2013 12:05 PM
Stephen:
Thanks,
Not sure i understand what you mean by,:
I already enableed port forwarding on the Linksys router for the inside ip address of the AP.
01-07-2013 12:34 PM
I was speaking of the outbound direction.
HTH,
Steve
------------------------------------------------------------------------------------------------
Please remember to rate useful posts, and mark questions as answered
01-07-2013 01:43 PM
Can you post the following command outputs:
1. WLC: sh sysinfo;
2. AP: sh version; and
3. AP: sh inventory
01-07-2013 01:59 PM
leolaohoo:
Thanks,
///////////////////////////////////
AP1-1262#sh sysinfo
^
% Invalid input detected at '^' marker.
!!
AP1-1262 uptime is 2 minutes
System returned to ROM by power-on
System image file is "flash:/ap3g1-k9w8-mx.124-23c.JA5/ap3g1-k9w8-mx.124-23c.JA5"
This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.
A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html
If you require further assistance please contact us by sending email to
cisco AIR-LAP1262N-N-K9 (PowerPC460exr) processor (revision A0) with 81910K/49152K bytes of memory.
Processor board ID FTX1616E48X
PowerPC460exr CPU at 666Mhz, revision number 0x18A8
Last reset from power-on
LWAPP image version 7.0.235.0
1 Gigabit Ethernet interface
2 802.11 Radio(s)
32K bytes of flash-simulated non-volatile configuration memory.
Base ethernet MAC Address: 2C:54:2D:9E:02:DE
Part Number : 73-12175-05
PCA Assembly Number : 800-32268-05
PCA Revision Number : A0
PCB Serial Number : FOC16140D19
Top Assembly Part Number : 800-33866-01
Top Assembly Serial Number : FTX1616E48X
Top Revision Number : A0
Product/Model Number : AIR-LAP1262N-N-K9
Configuration register is 0xF
!!!
AP1-1262#sho inventory
NAME: "AP1260", DESCR: "Cisco Aironet 1260 Series (IEEE 802.11n) Access Point"
PID: AIR-LAP1262N-N-K9 , VID: V01, SN: FTX1616E48X
01-07-2013 06:39 PM
Go to the WLC and post the output to the command "sh sysinfo".
01-08-2013 10:42 AM
Leolaohoo:
Thanks.
(Cisco Controller) >show sysinfo
Manufacturer's Name.............................. Cisco Systems Inc.
Product Name..................................... Cisco Controller
Product Version.................................. 7.0.235.0
RTOS Version..................................... 7.0.235.0
Bootloader Version............................... 4.0.219.0
Emergency Image Version.......................... N/A
Build Type....................................... DATA + WPS
System Name...................................... WLC-4400
System Location..................................
System Contact...................................
System ObjectID.................................. 1.3.6.1.4.1.14179.1.1.4.3
IP Address....................................... 10.1.99.5
System Up Time................................... 32 days 23 hrs 18 mins 28 secs
System Timezone Location.........................
Configured Country............................... US - United States
Operating Environment............................ Commercial (0 to 40 C)
Internal Temp Alarm Limits....................... 0 to 65 C
Internal Temperature............................. +37 C
--More-- or (q)uit
State of 802.11b Network......................... Enabled
State of 802.11a Network......................... Enabled
Number of WLANs.................................. 5
Number of Active Clients......................... 6
Burned-in MAC Address............................ 00:18:B9:EA:91:00
Crypto Accelerator 1............................. Absent
Crypto Accelerator 2............................. Absent
Power Supply 1................................... Absent
Power Supply 2................................... Present, OK
Maximum number of APs supported.................. 50
01-08-2013 01:16 PM
PID: AIR-LAP1262N-N-K9
Configured Country............................... US - United States
And there's your answer why.
Your AP has a regulatory domain of "-N" whilst your controller is configured for the US (regulatory domain "-A").
My next question would be: WHERE is the location of this AP's installation?
01-08-2013 04:14 PM
Thanks.
This issue came up originally when we got the AP, but don't remember what became of it.
WLC and APs are installed in TX.
See this AP works on a MPLS network site (AP was primed with the WLC Management Private IP address).
But this remote site, also in TX,.
The AP was primed (with the WLC Manangment Public IP address) before deployment. remote-worker at this site only have regular intermet
01-09-2013 12:56 AM
Ok, the WLC and the AP are located in the US. I have a solution but it's not recommended.
1. Talk to your authorized Cisco reseller and get them to replace the AP with the correct regulatory domain; or
2. Go to Wireless > Country and add Mexico.
Option 2 is not recommended because there are some regulatory rules that may not be compatible with the US.
This issue came up originally when we got the AP, but don't remember what became of it.
Now you know what "became of it": Somebody didn't care and shoved it under the carpet
01-09-2013 09:51 AM
Leolaohoo:
Thanks for taking the time to help me with this issue.
So here is the question: Using the same AP ( AIR-LAP1262N-N-K9), how come HREAP worked on an MPLS network, but not work on a regular internet?
01-09-2013 10:03 AM
Explain to us what you mean by Internet? The AP can join if it in your mpls but not Internet?
Sent from Cisco Technical Support iPhone App
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide