Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
9909
Views
4
Helpful
6
Replies

C9120 AP Not Joining C9800-L-F-K9 WLC (DTLS Handshake Expired)

viraj patil
Level 1
Level 1

‎12-24-2023 12:02 AM

Hello Team,

we have replaced 90 access points till now and they connected as well with WLC. But for 02 access points, it's giving the error of "DTLS Handshake expired". Please help to resolve this issue.

WLC Model = C9800-L-F-K9

AP Model = C9120AXE & C9120AXI

WLC Version = 17.3.6

Labels:
0 Helpful
6 Replies 6

balaji.bandi
Hall of Fame
Hall of Fame

‎12-24-2023 01:23 AM

Hope i take this as new AP ?

Can you do Factory reset and try to re-join

Also connect console cable and post complete boot logs here to understand the issue ?

what Version of AP - is some mode of the AP shipping later 2022 (i dont remember) need new code 17.9.4a on WLC ( also suggest to upgrade to new code on WLC is advised all the time for better bug fixes)

check some filed notice :

https://www.cisco.com/c/en/us/support/docs/field-notices/639/fn63942.html

https://www.cisco.com/c/en/us/support/docs/field-notices/724/fn72424.html

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

marce1000
Hall of Fame
Hall of Fame

‎12-24-2023 07:29 AM

 

              - Go for  17.9.4a  = recommended release ,

 M.



-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
    When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '

Scott Fella
Hall of Fame
Hall of Fame

‎12-24-2023 03:01 PM

Here is a nice guide to help with ap's not joining issues:

https://www.cisco.com/c/en/us/support/docs/wireless/catalyst-9800-series-wireless-controllers/218396-troubleshoot-catalyst-9800-ap-join-or-di.html

-Scott
*** Please rate helpful posts ***

Rich R
VIP
VIP

‎01-04-2024 08:37 AM

If the APs have old version of software installed they might not be able to join to the WLC.

As others have said upgrade WLC to TAC recommended version as per the link below.

You might also need to upgrade the AP software manually before it can join - for 17.3.6 that would be 15.3(3)JPJ9:
https://software.cisco.com/download/home/286322988/type/286288051/release/15.3.3-JPJ9

------------------------------
Please click Helpful if this post helped you and Select as Solution (drop down menu at top right of this reply) if this answered your query.
------------------------------
TAC recommended codes for AireOS WLC's   and   TAC recommended codes for 9800 WLC's
Best Practices for AireOS WLC's,   Best Practices for 9800 WLC's   and   Cisco Wireless compatibility matrix
Check your 9800 WLC config with Wireless Config Analyzer using "show tech wireless" output or "config paging disable" then "show run-config" output on AireOS and use Wireless Debug Analyzer to analyze your WLC client debugs
Field Notice: FN63942 APs and WLCs Fail to Create CAPWAP Connections Due to Certificate Expiration
Field Notice: FN72424 Later Versions of WiFi 6 APs Fail to Join WLC - Software Upgrade Required
Field Notice: FN72524 IOS APs stuck in downloading state after 4 Dec 2022 due to Certificate Expired
- Fixed in 8.10.196.0, latest 9800 releases, 8.5.182.12 (8.5.182.13 for 3504) and 8.5.182.109 (IRCM, 8.5.182.111 for 3504)
Field Notice: FN70479 AP Fails to Join or Joins with 1 Radio due to Country Mismatch, RMA needed
How to avoid boot loop due to corrupted image on Wave 2 and Catalyst 11ax Access Points (CSCvx32806)
Field Notice: FN74035 - Wave2 APs DFS May Not Detect Radar After Channel Availability Check Time
Leo's list of bugs affecting 2800/3800/4800/1560 APs
Default AP console baud rate from 17.12.x is 115200 - introduced by CSCwe88390
0 Helpful

alaangaldino
Level 1
Level 1

‎02-25-2025 03:55 AM

Follow the procedure for correction

For AP Models 2802, 3802, 4800, 9105, 9115, 9120

  1. While connected to the console, power cycle the AP.

  2. During bootup, when you see Hit ESC key to stop autoboot, press the Escape key

  3. This should bring you to (u-boot)> prompt.

  4. Run these commands

(u-boot)> ubi part fs

(u-boot)> ubi remove part1 (or part2 if corrupted image is in part2)

(u-boot)> ubi create part1 (or part2 if corrupted image is in part2)

(u-boot)> boot

 

0 Helpful

Rich R
VIP
VIP
In response to alaangaldino

‎02-25-2025 07:05 AM - edited ‎02-25-2025 07:06 AM

@alaangaldino those instructions are only relevant if the active software partition is corrupted - which should not be the case with a new AP.  And in that case those instructions alone may not be enough to guide the user to resolving the issue.  Those instructions are copied from the technote at https://www.cisco.com/c/en/us/support/docs/wireless/catalyst-9800-series-wireless-controllers/220443-how-to-avoid-boot-loop-due-to-corrupted.html and should be read as part of the entire technote for full understanding of the issue, and the resolution, and the alternative methods for resolving it - if corrupted active partition is the root cause of the problem.  Note the link to the technote is already included in the links in my signature on my previous reply above.

------------------------------
Please click Helpful if this post helped you and Select as Solution (drop down menu at top right of this reply) if this answered your query.
------------------------------
TAC recommended codes for AireOS WLC's   and   TAC recommended codes for 9800 WLC's
Best Practices for AireOS WLC's,   Best Practices for 9800 WLC's   and   Cisco Wireless compatibility matrix
Check your 9800 WLC config with Wireless Config Analyzer using "show tech wireless" output or "config paging disable" then "show run-config" output on AireOS and use Wireless Debug Analyzer to analyze your WLC client debugs
Field Notice: FN63942 APs and WLCs Fail to Create CAPWAP Connections Due to Certificate Expiration
Field Notice: FN72424 Later Versions of WiFi 6 APs Fail to Join WLC - Software Upgrade Required
Field Notice: FN72524 IOS APs stuck in downloading state after 4 Dec 2022 due to Certificate Expired
- Fixed in 8.10.196.0, latest 9800 releases, 8.5.182.12 (8.5.182.13 for 3504) and 8.5.182.109 (IRCM, 8.5.182.111 for 3504)
Field Notice: FN70479 AP Fails to Join or Joins with 1 Radio due to Country Mismatch, RMA needed
How to avoid boot loop due to corrupted image on Wave 2 and Catalyst 11ax Access Points (CSCvx32806)
Field Notice: FN74035 - Wave2 APs DFS May Not Detect Radar After Channel Availability Check Time
Leo's list of bugs affecting 2800/3800/4800/1560 APs
Default AP console baud rate from 17.12.x is 115200 - introduced by CSCwe88390
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card