01-14-2021 12:53 AM - edited 07-05-2021 01:00 PM
[*01/14/2021 08:21:25.2478]CAPWAP State: DTLS Setup
[*01/14/2021 08:21:25.0004] dtls_connectionDB_add_connection: Number of DTLS connections exceeded two
[*01/14/2021 08:21:25.2478] dtls_load_ca_certs: LSC Root Certificate not present
[*01/14/2021 08:21:25.2508] dtls_verify_con_cert: Controller certificate verification error
[*01/14/2021 08:21:25.2508] dtls_process_packet: controller cert verification failed
[*01/14/2021 08:21:25.2512] DTLS: Received packet 0x11cf000 caused DTLS to close connection
[*01/14/2021 08:21:25.2512] sendPacketToDtls: DTLS: Closing connection 0x1189400.
[*01/14/2021 08:21:25.2512] Lost connection to the controller, going to restart CAPWAP...
[*01/14/2021 08:21:25.2513] Restarting CAPWAP State Machine.
[*01/14/2021 08:21:25.2514] Discarding msg CAPWAP_WTP_EVENT_REQUEST(type 9) in CAPWAP state: DTLS Setup(3).
[*01/14/2021 08:21:25.2519] Failed to disconnect DTLS-CTRL session.
[*01/14/2021 08:21:25.2520] CAPWAP State: DTLS Teardown
[*01/14/2021 08:21:25.2573] DTLS: Error while processing DTLS packet 0x11d3000.
[*01/14/2021 08:21:29.9413] No more AP manager addresses remain..
[*01/14/2021 08:21:29.9414] No valid AP manager found for controller 'MMWOR-WLC' (ip: 10.1.1.5)
[*01/14/2021 08:21:29.9414] Failed to join controller MMWOR-WLC.
[*01/14/2021 08:21:29.9414] Failed to join controller.
01-14-2021 01:33 AM
@ansari.mohsin9121 wrote:
[*01/14/2021 08:21:29.9414] No valid AP manager found for controller 'MMWOR-WLC' (ip: 10.1.1.5)
Does the controller have enough licenses?
01-14-2021 04:47 AM
Yes still 15 licenses left
01-14-2021 03:05 AM
- What's the software version used on the 5508 ?
M.
01-14-2021 04:46 AM
on controller 8.3.150.6
01-14-2021 10:53 AM
Depends what other APs you have but consider moving to 8.5 or later code.
And have you reviewed field notice https://www.cisco.com/c/en/us/support/docs/field-notices/639/fn63942.html and the associated bugs and workarounds?
And also try to factory default the AP then try again - sometimes that helps.
01-14-2021 11:19 AM
This looks like a problem with LSC Root Certificate which disallow the AP to build the CAPWAP tunnel with the WLC.
Please check if this option- Accept Local Significant Certificate (LSC)
enabled under AP policies, if yes, please disable it and test.
Check out this guidelines to understand better how this cert works:
Locally Significant Certificates on Wireless LAN Controllers Configuration Example
https://www.cisco.com/c/en/us/support/docs/wireless/4400-series-wireless-lan-controllers/110141-loc-sig-cert.html#tshoot
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: