Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
650
Views
0
Helpful
5
Replies

AP's don't join a remote WLC

Claudio Battan
Level 1
Level 1

‎04-26-2022 01:46 AM

Another case of AP's not joing at the WLC ...

The WLC is remote, virtual, 8.3.150.0 (but not upgradable due to some old ruins still present)
All the other branches work fine, but from this one this can't
I just attach a couple of debugs, if someone more skilled than me can find out WHAT is wrong ...
I don't know where to beat my head anymore ...

Thanks for any suggestion that works

Labels:
Preview file
94 KB
Preview file
103 KB
Preview file
60 KB
0 Helpful
5 Replies 5

Leo Laohoo
Hall of Fame
Hall of Fame

‎04-26-2022 02:01 AM

@Claudio Battan wrote:
*Mar  1 00:01:37.251: AP has SHA2 MIC certificate - Using SHA2 MIC certificate for DTLS.
*Mar  2 16:47:08.000: %CAPWAP-5-DTLSREQSEND: DTLS connection request sent peer_ip: 192.168.99.15 peer_port: 5246

Look at the time and date of the logs. 

The time and date went from Mar 1 00:01 to Mar 2 16:47.  This means the AP can "see" the controller but the controller has the wrong time and date.  

0 Helpful

Claudio Battan
Level 1
Level 1
In response to Leo Laohoo

‎04-26-2022 02:09 AM

Sorry Leo, but you don't think this is the problem:
> at the boot, the AP time starts at 0:00:00
> the WLC has the right time, synchronized NTP 
> if you look a little further in the LOG, you will see that the AP has synchronized with the WLC time:

*Mar 2 15:57:14.999: AP has SHA2 MIC certificate - Using SHA2 MIC certificate for DTLS.

0 Helpful

Leo Laohoo
Hall of Fame
Hall of Fame
In response to Claudio Battan

‎04-26-2022 02:24 AM - edited ‎04-26-2022 02:25 AM

I have peered into the logs for the 1700 and the 1852 and both are showing the logs to have the wrong time-and-date. 

1700 AP is going to a controller with an IP address of "192.168.99.15".  I do not see the 1852 making any attempts to find a controller.

Post the complete output to the following WLC output: 

  1. sh sysinfo
  2. sh time
0 Helpful

marce1000
VIP
VIP

‎04-26-2022 02:23 AM

 

     - Check for sufficient licenses with : show license summary

 M.



-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
    When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '
0 Helpful

Flavio Miranda
VIP
VIP

‎04-26-2022 02:41 AM

The Access Point is trying to join  192.168.99.15 peer_port: 5246 but on the TLS logs we see "with Local 172.16.102.15:5246"

 

One Access Points does not start capwap join process or the logs collected was something else.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card