Solved: APs don't join new WLC

joan.luque · ‎03-07-2014

Hi all,

I had to changed our WLC due a RMA. Now the APs don't join the WLC:

spamApTask0: Mar 07 14:58:25.789: #CAPWAP-3-DTLS_DB_ERR: capwap_ac_sm.c:7305 4c:4e:35:b3:da:37: Failed to create DTLS connection for AP 10:169:2:171 (15781).

*spamApTask6: Mar 07 14:58:25.582: #CAPWAP-3-DTLS_DB_ERR: capwap_ac_sm.c:7305 4c:4e:35:b3:e3:85: Failed to create DTLS connection for AP 10:169:2:147 (15930).

*spamApTask6: Mar 07 14:58:25.527: #CAPWAP-3-DTLS_DB_ERR: capwap_ac_sm.c:7305 4c:4e:35:b3:e3:a3: Failed to create DTLS connection for AP 10:169:2:145 (15932).

*spamApTask3: Mar 07 14:58:25.193: #CAPWAP-3-DTLS_DB_ERR: capwap_ac_sm.c:7305 4c:4e:35:57:b2:63: Failed to create DTLS connection for AP 10:169:2:160 (31527).

*spamApTask5: Mar 07 14:58:25.117: #CAPWAP-3-DTLS_DB_ERR: capwap_ac_sm.c:7305 4c:4e:35:b3:da:2b: Failed to create DTLS connection for AP 10:169:2:167 (15780).

*spamApTask0: Mar 07 14:58:24.971: #CAPWAP-3-DTLS_DB_ERR: capwap_ac_sm.c:7305 4c:4e:35:b3:e3:d1: Failed to create DTLS connection for AP 10:169:2:177 (15935).

*spamApTask7: Mar 07 14:58:24.516: #CAPWAP-3-DTLS_DB_ERR: capwap_ac_sm.c:7305 4c:4e:35:57:b2:f9: Failed to create DTLS connection for AP 10:169:2:142 (31537).

*spamApTask4: Mar 07 14:58:24.345: #CAPWAP-3-DTLS_DB_ERR: capwap_ac_sm.c:7305 4c:4e:35:57:bb:fb: Failed to create DTLS connection for AP 10:169:2:153 (31680).

*spamApTask0: Mar 07 14:58:23.737: #CAPWAP-3-DTLS_DB_ERR: capwap_ac_sm.c:7305 4c:4e:35:b3:da:37: Failed to create DTLS connection for AP 10:169:2:171 (15781).

*spamApTask6: Mar 07 14:58:23.535: #CAPWAP-3-DTLS_DB_ERR: capwap_ac_sm.c:7305 4c:4e:35:b3:e3:85: Failed to create DTLS connection for AP 10:169:2:147 (15930).

The only way that I found to solve it has been perform a reset factory default on APs. Unfortunately the APs have not SSH, TELNET or HTTP access enabled and I haven't physical access to all the APs.

Are there some other way to solve thas?

Scott Fella · ‎03-07-2014

It has to be, becaue if a factory wipe fixes it, then the WLC is out of the picture as being the issue.

Thanks,

Scott

*****Help out other by using the rating system and marking answered questions as "Answered"*****

-Scott
*** Please rate helpful posts ***

View solution in original post

Scott Fella · ‎03-07-2014

I have not ever seen that... I would open a TAC case to see what they can see. I'm assuming you have the same code version you are running on the old WLC?

Thanks,

Scott

*****Help out other by using the rating system and marking answered questions as "Answered"*****

-Scott
*** Please rate helpful posts ***

Sandeep Choudhary · ‎03-07-2014

Hi Joan,

spamApTask0: Mar 07 14:58:25.789: #CAPWAP-3-DTLS_DB_ERR: capwap_ac_sm.c:7305 4c:4e:35:b3:da:37: Failed to create DTLS connection for AP  10:169:2:171 (15781).

As per logs this is the problem related to Certificate. Make sure that time setting on WLC is correct and updated.

means Unable to create the DTLS database entry for the AP.

Can you paste more info:

From WLC: Sh sysinfo

From AP: sh version

Also paste the entire bootup process from AP console.

Scott is right , for this kind of things you must raise a TAC case.

Regards

Dont forget to rate helpful posts

joan.luque · ‎03-07-2014

Hi,

I'm pretty sure that the problem is due to certificate issue. The WLC config is OK (is the same than the old controller).

I can't provide logs from APs because I haven't access to it :/

I think I'll have to make a factory default (manually) on all APs.

Kind regards,

Scott Fella · ‎03-07-2014

It has to be, becaue if a factory wipe fixes it, then the WLC is out of the picture as being the issue.

Thanks,

Scott

*****Help out other by using the rating system and marking answered questions as "Answered"*****

-Scott
*** Please rate helpful posts ***

Sandeep Choudhary · ‎03-07-2014

How many times you will make AP factory default ? if after once reset it again shows the same error then raise a TAC case they can guide you.

Regards