Buy or Renew
Buy or Renew
Cisco Virtual Engineer generative AI bot now active in Wireless Discussion Forum. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1997
Views
5
Helpful
5
Replies

AP3602 cannot join vWLC with error message

Go to solution
eigrpy
Level 4
Level 4

‎01-28-2021 06:46 PM - edited ‎07-05-2021 01:07 PM

Hello, AP3602E can ping vWLC(8.0.152.0), but cannot join it. I got the below error message from the AP. Do you think it is certificate expired or something else? Thank you

 

 

*Jan 13 02:32:41.003: %DTLS-5-SEND_ALERT: Send FATAL : Bad certificate Alert to 10.0.100.111:5246
*Jan 13 02:32:41.007: %DTLS-5-SEND_ALERT: Send FATAL : Close notify Alert to 10.0.100.111:5246
*Jan 13 02:33:59.000: %CAPWAP-5-DTLSREQSEND: DTLS connection request sent peer_ip: 10.0.100.111 peer_port: 5246
*Jan 13 02:34:04.999: DTLS_CLIENT_ERROR: ../capwap/base_capwap/dtls/base_capwap_dtls_handshake.c:929 Unexpected message received while expecting HelloVerifyRequest
*Jan 13 02:34:04.999: %DTLS-5-SEND_ALERT: Send FATAL : Unexpected message Alert to 10.0.100.111:5246
*Jan 13 02:34:04.999: %DTLS-5-SEND_ALERT: Send FATAL : Close notify Alert to 10.0.100.111:5246
*Jan 13 02:35:07.000: %CAPWAP-5-DTLSREQSEND: DTLS connection request sent peer_ip: 10.0.100.111 peer_port: 5246
*Jan 13 02:35:20.999: DTLS_CLIENT_ERROR: ../capwap/base_capwap/dtls/base_capwap_dtls_handshake.c:929 Unexpected message received while expecting HelloVerifyRequest
*Jan 13 02:35:20.999: %DTLS-5-SEND_ALERT: Send FATAL : Unexpected message Alert to 10.0.100.111:5246
*Jan 13 02:35:20.999: %DTLS-5-SEND_ALERT: Send FATAL : Close notify Alert to 10.0.100.111:5246

0 Helpful
2 Accepted Solutions

Accepted Solutions

Go to solution
TJ-20933766
Spotlight
Spotlight

‎01-28-2021 06:50 PM

Are you seeing any errors on the vWLC side? I also noticed that the time/date is off. Could have a negative effect on the certificates but not sure if the time synchronizes to NTP before or after connection with the vWLC.

View solution in original post

Go to solution
TJ-20933766
Spotlight
Spotlight
In response to eigrpy

‎02-01-2021 11:20 AM

The post was listed on Jan 28th and the logs showed a date of Jan 13th. I made an assumption that the logs were not 15 days old plus the asterisk (*) at the beginning of a log entry usually means that the time/date stamp cannot be trusted because the clock is not synchronized with an NTP server.

View solution in original post

0 Helpful
5 Replies 5

Go to solution
TJ-20933766
Spotlight
Spotlight

‎01-28-2021 06:50 PM

Are you seeing any errors on the vWLC side? I also noticed that the time/date is off. Could have a negative effect on the certificates but not sure if the time synchronizes to NTP before or after connection with the vWLC.

Go to solution
eigrpy
Level 4
Level 4
In response to TJ-20933766

‎01-28-2021 07:25 PM - edited ‎01-28-2021 08:34 PM

Thank you. its time issue

0 Helpful

Go to solution
eigrpy
Level 4
Level 4
In response to eigrpy

‎02-01-2021 10:52 AM - edited ‎02-01-2021 11:56 AM

Hi Tyson

You are right, the date and time is not correct in these log above, but why you say "I also noticed that the time/date is off" ? Thanks

0 Helpful

Go to solution
TJ-20933766
Spotlight
Spotlight
In response to eigrpy

‎02-01-2021 11:20 AM

The post was listed on Jan 28th and the logs showed a date of Jan 13th. I made an assumption that the logs were not 15 days old plus the asterisk (*) at the beginning of a log entry usually means that the time/date stamp cannot be trusted because the clock is not synchronized with an NTP server.

0 Helpful

Go to solution
eigrpy
Level 4
Level 4
In response to TJ-20933766

‎02-01-2021 12:01 PM

Thank you!

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card