Buy or Renew
Buy or Renew
Cisco Virtual Engineer generative AI bot now active in Wireless Discussion Forum. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1879
Views
3
Helpful
4
Replies

Cisco WLC 2504 - %CAPWAP-3-DHCP_RENEW

Go to solution
Patrik Nechajev
Level 1
Level 1

‎06-08-2023 09:24 AM

Hello all,

i'm dealing with really strange issue. We currently have old WLC 2504 environment (will be replaced soon) with Cisco AP1602. Problem is that cert on 2504 is already expired so i'm using manual time. I have connected 4x AP1602. Two of them are in same network as WLC and those are working just fine. Other 2 are connected via flexconnect in different town (each 1 is in different location). 

Everything was working just fine till today. Suddenly two AP's connected via flexconnect disconnected and i'm not able to join them back again, nothing has changed. i'm getting this in console:

%CAPWAP-3-DHCP_RENEW: Could not discover WLC. Either IP address is not assigned or assigned IP is wrong. Renewing DHCP IP.

However AP will get correct IP and WLC IP from DHCP server, what is weird is that AP repeats process and gets another DHCP IP after some seconds.... And this exact issue is happening in two different locations, it holds for example 10.0.0.10 and after some seconds it will get next free one, eg. .11. 

I'm using DHCP option 43, i have also tried static IP assignment, reset to factory and same error. When i tried to connect affected AP to our second WLC via Flexconnect it started to work.... 

I have noticed that WLC time is backwards like 4 minutes to actual one since i configured it manually, could this cause the issues?

As i mentioned, 2 AP's in same subnet as WLC are working fine.... I have tried to shut one of them down and it joined WLC without problem after booting up again.

 

Anytone got any ideas?
Thanks!

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Patrik Nechajev
Level 1
Level 1
In response to Rich R

‎06-12-2023 04:18 AM

Hello, 

yes, problem solved. For some reason CAPWAP control port was blocked for those two locations, noone knows why and who did this but after we allowed it everything is back to normal...

Thank you,
Patrik

View solution in original post

4 Replies 4

Go to solution
Flavio Miranda
VIP
VIP

‎06-08-2023 04:39 PM

Hi

  "I have noticed that WLC time is backwards like 4 minutes to actual one since i configured it manually, could this cause the issues?"

 wouldn´t be bad idea. I would give that a try.  Any long on the WLC > Monitor>  AP join ?

Go to solution
Rich R
VIP
VIP

‎06-12-2023 04:11 AM - edited ‎06-12-2023 04:12 AM

I don't think time drift is causing your problem.  You don't mention what version of code you're running on.  Ideally you should be running 8.5.182.7 (assuming all your APs can support 8.5 code - certainly 1602 will).  If it's just those 4 1602's then 8.5.182.7 shouldn't be a problem.  You also need to have configured the workaround for FN63942 (see below) "config ap cert-expiry-ignore mic enable" because your AP certificates could have expired (that might be what changed).  They'll need to join first to pick up that config change - that might require more tweaking of the WLC date.

If not that, then it sounds like a routing/connectivity issue between the APs and WLC.  Can the APs ping the WLC?  No ACLs/firewalls blocking the CAPWAP?

------------------------------
Please click Helpful if this post helped you and Select as Solution (drop down menu at top right of this reply) if this answered your query.
------------------------------
TAC recommended codes for AireOS WLC's   and   TAC recommended codes for 9800 WLC's
Best Practices for AireOS WLC's,   Best Practices for 9800 WLC's   and   Cisco Wireless compatibility matrix
Check your 9800 WLC config with Wireless Config Analyzer using "show tech wireless" output or "config paging disable" then "show run-config" output on AireOS and use Wireless Debug Analyzer to analyze your WLC client debugs
Field Notice: FN63942 APs and WLCs Fail to Create CAPWAP Connections Due to Certificate Expiration
Field Notice: FN72424 Later Versions of WiFi 6 APs Fail to Join WLC - Software Upgrade Required
Field Notice: FN72524 IOS APs stuck in downloading state after 4 Dec 2022 due to Certificate Expired
- Fixed in 8.10.196.0, latest 9800 releases, 8.5.182.12 (8.5.182.13 for 3504) and 8.5.182.109 (IRCM, 8.5.182.111 for 3504)
Field Notice: FN70479 AP Fails to Join or Joins with 1 Radio due to Country Mismatch, RMA needed
How to avoid boot loop due to corrupted image on Wave 2 and Catalyst 11ax Access Points (CSCvx32806)
Field Notice: FN74035 - Wave2 APs DFS May Not Detect Radar After Channel Availability Check Time
Leo's list of bugs affecting 2800/3800/4800/1560 APs

Go to solution
Patrik Nechajev
Level 1
Level 1
In response to Rich R

‎06-12-2023 04:18 AM

Hello, 

yes, problem solved. For some reason CAPWAP control port was blocked for those two locations, noone knows why and who did this but after we allowed it everything is back to normal...

Thank you,
Patrik

Go to solution
Rich R
VIP
VIP
In response to Patrik Nechajev

‎06-12-2023 04:24 AM

TACACS logs to see who made the change (always comes in handy when people say "I didn't change anything")?

I did smile when you said above "nothing has changed" - that you knew about or that anybody is admitting to ...

------------------------------
Please click Helpful if this post helped you and Select as Solution (drop down menu at top right of this reply) if this answered your query.
------------------------------
TAC recommended codes for AireOS WLC's   and   TAC recommended codes for 9800 WLC's
Best Practices for AireOS WLC's,   Best Practices for 9800 WLC's   and   Cisco Wireless compatibility matrix
Check your 9800 WLC config with Wireless Config Analyzer using "show tech wireless" output or "config paging disable" then "show run-config" output on AireOS and use Wireless Debug Analyzer to analyze your WLC client debugs
Field Notice: FN63942 APs and WLCs Fail to Create CAPWAP Connections Due to Certificate Expiration
Field Notice: FN72424 Later Versions of WiFi 6 APs Fail to Join WLC - Software Upgrade Required
Field Notice: FN72524 IOS APs stuck in downloading state after 4 Dec 2022 due to Certificate Expired
- Fixed in 8.10.196.0, latest 9800 releases, 8.5.182.12 (8.5.182.13 for 3504) and 8.5.182.109 (IRCM, 8.5.182.111 for 3504)
Field Notice: FN70479 AP Fails to Join or Joins with 1 Radio due to Country Mismatch, RMA needed
How to avoid boot loop due to corrupted image on Wave 2 and Catalyst 11ax Access Points (CSCvx32806)
Field Notice: FN74035 - Wave2 APs DFS May Not Detect Radar After Channel Availability Check Time
Leo's list of bugs affecting 2800/3800/4800/1560 APs
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card