07-26-2012 11:36 AM - edited 07-03-2021 10:27 PM
Here is the full rundown of the bootup and (attempted image load from the lap):
IOS Bootloader - Starting system.
flash is writable
FLASH CHIP: Numonyx Mirrorbit (0089)
Xmodem file system is available.
flashfs[0]: 4 files, 3 directories
flashfs[0]: 0 orphaned files, 0 orphaned directories
flashfs[0]: Total bytes: 31997952
flashfs[0]: Bytes used: 3364864
flashfs[0]: Bytes available: 28633088
flashfs[0]: flashfs fsck took 12 seconds.
Reading cookie from SEEPROM
Base Ethernet MAC address: a4:93:4c:c1:1d:5c
Ethernet speed is 1000 Mb - FULL Duplex
Loading "flash:/ap3g2-rcvk9w8-mx.124-23c.JY/ap3g2-rcvk9w8-mx.124-23c.JY"...###################################################################################################################################################################
File "flash:/ap3g2-rcvk9w8-mx.124-23c.JY/ap3g2-rcvk9w8-mx.124-23c.JY" uncompressed and installed, entry point: 0x2003000
executing...
Restricted Rights Legend
Use, duplication, or disclosure by the Government is
subject to restrictions as set forth in subparagraph
(c) of the Commercial Computer Software - Restricted
Rights clause at FAR sec. 52.227-19 and subparagraph
(c) (1) (ii) of the Rights in Technical Data and Computer
Software clause at DFARS sec. 252.227-7013.
cisco Systems, Inc.
170 West Tasman Drive
San Jose, California 95134-1706
Cisco IOS Software, C3600 Software (AP3G2-RCVK9W8-M), Version 12.4(23c)JY, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2011 by Cisco Systems, Inc.
Compiled Wed 26-Oct-11 19:21 by prod_rel_team
Proceeding with system init
Proceeding to unmask interrupts
Initializing flashfs...
FLASH CHIP: Numonyx Mirrorbit (0089)
flashfs[1]: 4 files, 3 directories
flashfs[1]: 0 orphaned files, 0 orphaned directories
flashfs[1]: Total bytes: 31739904
flashfs[1]: Bytes used: 3364864
flashfs[1]: Bytes available: 28375040
flashfs[1]: flashfs fsck took 7 seconds.
flashfs[1]: Initialization complete.
flashfs[2]: 0 files, 1 directories
flashfs[2]: 0 orphaned files, 0 orphaned directories
flashfs[2]: Total bytes: 11999232
flashfs[2]: Bytes used: 1024
flashfs[2]: Bytes available: 11998208
flashfs[2]: flashfs fsck took 0 seconds.
flashfs[2]: Initialization complete....done Initializing flashfs.
This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.
A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html
If you require further assistance please contact us by sending email to
%Error opening flash:/ap3g2-rcvk9w8-mx/info (No such file or directory)cisco AIR-CAP3602I-A-K9 (PowerPC) processor (revision B0) with 167926K/81920K bytes of memory.
Processor board ID FTX1625GNE8
PowerPC CPU at 800Mhz, revision number 0x2151
Last reset from power-on
LWAPP image version 7.0.114.214
1 Gigabit Ethernet interface
32K bytes of flash-simulated non-volatile configuration memory.
Base ethernet MAC Address: A4:93:4C:C1:1D:5C
Part Number : 73-14521-01
PCA Assembly Number : 800-37501-01
PCA Revision Number : A0
PCB Serial Number : FOC16223RVZ
Top Assembly Part Number : 800-35852-02
Top Assembly Serial Number : FTX1625GNE8
Top Revision Number : A0
Product/Model Number : AIR-CAP3602I-A-K9
% Please define a domain-name first.
logging facility kern
^
% Invalid input detected at '^' marker.
Press RETURN to get started!
*Mar 1 00:00:09.311: %LWAPP-3-CLIENTEVENTLOG: Unable to open event log file flash:/event.log
*Mar 1 00:00:09.311: %LWAPP-3-CLIENTEVENTLOG: Read and initialized AP event log (contains, 0 messages)
*Mar 1 00:00:11.235: %LINK-3-UPDOWN: Interface GigabitEthernet0, changed state to up
*Mar 1 00:00:11.251: %SYS-5-RESTART: System restarted --
Cisco IOS Software, C3600 Software (AP3G2-RCVK9W8-M), Version 12.4(23c)JY, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyrig
APa493.4cc1.1d5c>ht (c) 1986-2011 by Cisco Systems, Inc.
Compiled Wed 26-Oct-11 19:21 by prod_rel_team
*Jun 11 00:27:35.027: %CAPWAP-5-CHANGED: CAPWAP changed state to DISCOVERY
*Jun 11 00:27:35.979: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0, changed state to downDPAA Initialization Complete
*Jun 11 00:27:37.627: %SYS-3-HARIKARI: Process DPAA INIT top-level routine exited
*Jun 11 00:27:38.627: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0, changed state to up
*Jun 11 00:27:48.251: %DHCP-6-ADDRESS_ASSIGN: Interface GigabitEthernet0 assigned DHCP address 192.168.0.233, mask 255.255.255.0, hostname APa493.4cc1.1d5c
*Jun 11 00:27:57.451: %CDP_PD-2-POWER_LOW: All radios disabled - INJECTOR_DETECTED_PD AIR-CAP3602E-A-K9 (0000.0000.0000)
Translating "CISCO-CAPWAP-CONTROLLER"...domain server (192.168.0.1)
Translating "CISCO-LWAPP-CONTROLLER"...domain server (192.168.0.1)
*Jul 26 18:12:02.000: %CAPWAP-5-DTLSREQSEND: DTLS connection request sent peer_ip: 192.168.0.2 peer_port: 5246
*Jul 26 18:12:02.999: %CAPWAP-5-CHANGED: CAPWAP changed state to
*Jul 26 18:12:03.499: %CAPWAP-5-DTLSREQSUCC: DTLS connection created sucessfully peer_ip: 192.168.0.2 peer_port: 5246
*Jul 26 18:12:03.499: %CAPWAP-5-SENDJOIN: sending Join Request to 192.168.0.2
*Jul 26 18:12:03.499: %CAPWAP-5-CHANGED: CAPWAP changed state to JOIN
examining image...
*Jul 26 18:12:08.499: %CAPWAP-5-SENDJOIN: sending Join Request to 192.168.0.2perform archive download capwap:/ap3g2 tar file
*Jul 26 18:12:08.511: %CAPWAP-6-AP_IMG_DWNLD: Required image not found on AP. Downloading image from Controller.
*Jul 26 18:12:08.515: %CAPWAP-5-CHANGED: CAPWAP changed state to IMAGE
*Jul 26 18:12:08.515: Loading file /ap3g2...
logging facility kern
^
% Invalid input detected at '^' marker.
%Error opening flash:/update/info (No such file or directory)
ERROR: Image is not a valid IOS image archive.
archive download: takes 48 seconds
*Jul 26 18:12:56.567: %DTLS-5-SEND_ALERT: Send FATAL : Close notify Alert to 192.168.0.2:5246
*Jul 26 18:12:56.567: %CAPWAP-5-CHANGED: CAPWAP changed state to DISCOVERY
*Jul 26 18:12:56.567: %CAPWAP-5-CHANGED: CAPWAP changed state to DISCOVERY
*Jul 26 18:12:56.627: %CAPWAP-3-ERRORLOG: capwap ifs: read error or timeout
*Jul 26 18:12:56.635: capwap_image_proc: problem extracting tar file
*Jul 26 18:13:06.000: %CAPWAP-5-DTLSREQSEND: DTLS connection request sent peer_ip: 192.168.0.2 peer_port: 5246
*Jul 26 18:13:06.000: %CAPWAP-5-CHANGED: CAPWAP changed state to
*Jul 26 18:13:06.495: %CAPWAP-5-DTLSREQSUCC: DTLS connection created sucessfully peer_ip: 192.168.0.2 peer_port: 5246
*Jul 26 18:13:06.499: %CAPWAP-5-SENDJOIN: sending Join Request to 192.168.0.2
*Jul 26 18:13:06.499: %CAPWAP-5-CHANGED: CAPWAP changed state to JOIN
This is from the logs on the wlc:
*spamApTask7: Jul 26 14:32:11.044: %CAPWAP-3-TX_ERR: capwap_ac_sm.c:4172 The system has failed to transmit image data request to AP 2c:54:2d:9c:a1:f9
*spamApTask7: Jul 26 14:32:11.044: %CAPWAP-3-ENCODE_ERR: capwap_ac_sm.c:2425 The system has failed to encode Image data request to AP 2c:54:2d:9c:a1:f9
*spamApTask7: Jul 26 14:32:11.044: %CAPWAP-3-IMAGE_DOWNLOAD_ERR3: capwap_ac_platform.c:782 Refusing image download request from AP - unable to open image file /bsn/ap//ap3g2
Any ideas?
I have so far:
Tried mac filtering for this particular ap, as well as two others.
verified auth vs mic was enabled with appropriate mac entered, and removed it as well.
The wlc is set as the master.
Solved! Go to Solution.
07-26-2012 12:11 PM
It looks like the WLC isn't able to open the file for the AP. Can you upgrade to 7.2.110.0? that will reload the AP images to the WLC.
HTH,
Steve
-----------------------------------------
Please remember to rate useful posts, and mark questions as answered
07-26-2012 11:39 AM
Additionally:
The error under stats is:
Last Error Occurred Reason Timed out while waiting for ECHO repsonse from the AP
07-26-2012 11:42 AM
What version of code are you running on the WLC?
Can you capture the output of the following debugs while the AP is trying to join?
debug mac-address a4:93:4c:c1:1d:5c
debug capwap events enable
debug capwap errors enable
HTH,
Steve
-----------------------------------------
Please remember to rate useful posts, and mark questions as answered
07-26-2012 11:55 AM
Running version
7.2.103.0
Debug logs:
(Cisco Controller) >debug
(Cisco Controller) debug>capwap events enable
spamApTask0: Jul 26 14:51:37.420: a4:93:4c:c1:1d:5c Failed to parse CAPWAP packet from 192.168.0.233:4567
*spamApTask7: Jul 26 14:52:14.494: 2c:54:2d:9c:a1:f9 DTLS connection not found, creating new connection for 192:168:0:222 (51745) 192:168:0:2 (5246)
*spamApTask7: Jul 26 14:52:14.494: sshpmGetCID: called to evaluate
*spamApTask7: Jul 26 14:52:14.494: sshpmGetCID: comparing to row 0, CA cert >bsnOldDefaultCaCert<
*spamApTask7: Jul 26 14:52:14.494: sshpmGetCID: comparing to row 1, CA cert >bsnDefaultRootCaCert<
*spamApTask7: Jul 26 14:52:14.494: sshpmGetCID: comparing to row 2, CA cert >bsnDefaultCaCert<
*spamApTask7: Jul 26 14:52:14.494: sshpmGetCID: comparing to row 3, CA cert >bsnDefaultBuildCert<
*spamApTask7: Jul 26 14:52:14.494: sshpmGetCID: comparing to row 4, CA cert >cscoDefaultNewRootCaCert<
*spamApTask7: Jul 26 14:52:14.494: sshpmGetCID: comparing to row 5, CA cert >cscoDefaultMfgCaCert<
*spamApTask7: Jul 26 14:52:14.494: sshpmGetCID: comparing to row 0, ID cert >bsnOldDefaultIdCert<
*spamApTask7: Jul 26 14:52:14.494: sshpmGetCID: comparing to row 1, ID cert >bsnDefaultIdCert<
*spamApTask7: Jul 26 14:52:14.494: sshpmGetCID: comparing to row 2, ID cert >cscoDefaultIdCert<
*spamApTask7: Jul 26 14:52:14.494: sshpmGetCertFromCID: called to get cert for CID 13244df5
*spamApTask7: Jul 26 14:52:14.494: sshpmGetCertFromCID: comparing to row 0, certname >bsnOldDefaultCaCert<
*spamApTask7: Jul 26 14:52:14.494: sshpmGetCertFromCID: comparing to row 1, certname >bsnDefaultRootCaCert<
*spamApTask7: Jul 26 14:52:14.494: sshpmGetCertFromCID: comparing to row 2, certname >bsnDefaultCaCert<
*spamApTask7: Jul 26 14:52:14.494: sshpmGetCertFromCID: comparing to row 3, certname >bsnDefaultBuildCert<
*spamApTask7: Jul 26 14:52:14.494: sshpmGetCertFromCID: comparing to row 4, certname >cscoDefaultNewRootCaCert<
*spamApTask7: Jul 26 14:52:14.494: sshpmGetCertFromCID: comparing to row 5, certname >cscoDefaultMfgCaCert<
*spamApTask7: Jul 26 14:52:14.494: sshpmGetCertFromCID: comparing to row 0, certname >bsnOldDefaultIdCert<
*spamApTask7: Jul 26 14:52:14.494: sshpmGetCertFromCID: comparing to row 1, certname >bsnDefaultIdCert<
*spamApTask7: Jul 26 14:52:14.494: sshpmGetCertFromCID: comparing to row 2, certname >cscoDefaultIdCert<
*spamApTask7: Jul 26 14:52:14.494: sshpmGetCID: called to evaluate
*spamApTask7: Jul 26 14:52:14.494: sshpmGetCID: comparing to row 0, CA cert >bsnOldDefaultCaCert<
*spamApTask7: Jul 26 14:52:14.494: sshpmGetCID: comparing to row 1, CA cert >bsnDefaultRootCaCert<
*spamApTask7: Jul 26 14:52:14.494: sshpmGetCID: comparing to row 2, CA cert >bsnDefaultCaCert<
*spamApTask7: Jul 26 14:52:14.494: sshpmGetCID: comparing to row 3, CA cert >bsnDefaultBuildCert<
*spamApTask7: Jul 26 14:52:14.494: sshpmGetCID: comparing to row 4, CA cert >cscoDefaultNewRootCaCert<
*spamApTask7: Jul 26 14:52:14.494: sshpmGetCID: comparing to row 5, CA cert >cscoDefaultMfgCaCert<
*spamApTask7: Jul 26 14:52:14.494: sshpmGetCID: comparing to row 0, ID cert >bsnOldDefaultIdCert<
*spamApTask7: Jul 26 14:52:14.494: sshpmGetCID: comparing to row 1, ID cert >bsnDefaultIdCert<
*spamApTask7: Jul 26 14:52:14.494: sshpmGetCID: comparing to row 2, ID cert >cscoDefaultIdCert<
*spamApTask7: Jul 26 14:52:14.494: sshpmGetSshPrivateKeyFromCID: called to get key for CID 13244df5
*spamApTask7: Jul 26 14:52:14.494: sshpmGetSshPrivateKeyFromCID: comparing to row 0, certname >bsnOldDefaultIdCert<
*spamApTask7: Jul 26 14:52:14.494: sshpmGetSshPrivateKeyFromCID: comparing to row 1, certname >bsnDefaultIdCert<
*spamApTask7: Jul 26 14:52:14.494: sshpmGetSshPrivateKeyFromCID: comparing to row 2, certname >cscoDefaultIdCert<
ro*spamApTask7: Jul 26 14:52:14.494: sshpmGetSshPrivateKeyFromCID: match in row 2
*spamApTask7: Jul 26 14:52:14.628: sshpmGetIssuerHandles: locking ca cert table
*spamApTask7: Jul 26 14:52:14.628: sshpmGetIssuerHandles: calling x509_alloc() for user cert
*spamApTask7: Jul 26 14:52:14.628: sshpmGetIssuerHandles: calling x509_decode()
*spamApTask7: Jul 26 14:52:14.632: sshpmGetIssuerHandles:
*spamApTask7: Jul 26 14:52:14.632: sshpmGetIssuerHandles:
*spamApTask7: Jul 26 14:52:14.632: sshpmGetIssuerHandles: Mac Address in subject is 2c:54:2d:9c:a1:f9
*spamApTask7: Jul 26 14:52:14.632: sshpmGetIssuerHandles: Cert Name in subject is AP3G2-2c542d9ca1f9
*spamApTask7: Jul 26 14:52:14.632: sshpmGetIssuerHandles: Cert is issued by Cisco Systems.
*spamApTask7: Jul 26 14:52:14.632: sshpmGetCID: called to evaluate
*spamApTask7: Jul 26 14:52:14.632: sshpmGetCID: comparing to row 0, CA cert >bsnOldDefaultCaCert<
*spamApTask7: Jul 26 14:52:14.632: sshpmGetCID: comparing to row 1, CA cert >bsnDefaultRootCaCert<
*spamApTask7: Jul 26 14:52:14.632: sshpmGetCID: comparing to row 2, CA cert >bsnDefaultCaCert<
*spamApTask7: Jul 26 14:52:14.632: sshpmGetCID: comparing to row 3, CA cert >bsnDefaultBuildCert<
*spamApTask7: Jul 26 14:52:14.632: sshpmGetCID: comparing to row 4, CA cert >cscoDefaultNewRootCaCert<
*spamApTask7: Jul 26 14:52:14.632: sshpmGetCID: comparing to row 5, CA cert >cscoDefaultMfgCaCert<
*spamApTask7: Jul 26 14:52:14.632: sshpmGetCertFromCID: called to get cert for CID 21e67429
*spamApTask7: Jul 26 14:52:14.633: sshpmGetCertFromCID: comparing to row 0, certname >bsnOldDefaultCaCert<
*spamApTask7: Jul 26 14:52:14.633: sshpmGetCertFromCID: comparing to row 1, certname >bsnDefaultRootCaCert<
*spamApTask7: Jul 26 14:52:14.633: sshpmGetCertFromCID: comparing to row 2, certname >bsnDefaultCaCert<
*spamApTask7: Jul 26 14:52:14.633: sshpmGetCertFromCID: comparing to row 3, certname >bsnDefaultBuildCert<
*spamApTask7: Jul 26 14:52:14.633: sshpmGetCertFromCID: comparing to row 4, certname >cscoDefaultNewRootCaCert<
*spamApTask7: Jul 26 14:52:14.633: sshpmGetCertFromCID: comparing to row 5, certname >cscoDefaultMfgCaCert<
*spamApTask7: Jul 26 14:52:14.633: ssphmUserCertVerify: calling x509_decode()
*spamApTask7: Jul 26 14:52:14.643: ssphmUserCertVerify: user cert verfied using >cscoDefaultMfgCaCert<
*spamApTask7: Jul 26 14:52:14.643: sshpmGetIssuerHandles: ValidityString (current): 2012/07/26/18:52:14
*spamApTask7: Jul 26 14:52:14.643: sshpmGetIssuerHandles: ValidityString (NotBefore): 2012/05/02/04:40:16
*spamApTask7: Jul 26 14:52:14.643: sshpmGetIssuerHandles: ValidityString (NotAfter): 2022/05/02/04:50:16
*spamApTask7: Jul 26 14:52:14.643: sshpmGetIssuerHandles: getting cisco ID cert handle...
*spamApTask7: Jul 26 14:52:14.643: sshpmGetCID: called to evaluate
*spamApTask7: Jul 26 14:52:14.643: sshpmGetCID: comparing to row 0, CA cert >bsnOldDefaultCaCert<
*spamApTask7: Jul 26 14:52:14.643: sshpmGetCID: comparing to row 1, CA cert >bsnDefaultRootCaCert<
*spamApTask7: Jul 26 14:52:14.643: sshpmGetCID: comparing to row 2, CA cert >bsnDefaultCaCert<
*spamApTask7: Jul 26 14:52:14.643: sshpmGetCID: comparing to row 3, CA cert >bsnDefaultBuildCert<
*spamApTask7: Jul 26 14:52:14.643: sshpmGetCID: comparing to row 4, CA cert >cscoDefaultNewRootCaCert<
*spamApTask7: Jul 26 14:52:14.643: sshpmGetCID: comparing to row 5, CA cert >cscoDefaultMfgCaCert<
*spamApTask7: Jul 26 14:52:14.643: sshpmGetCID: comparing to row 0, ID cert >bsnOldDefaultIdCert<
*spamApTask7: Jul 26 14:52:14.643: sshpmGetCID: comparing to row 1, ID cert >bsnDefaultIdCert<
*spamApTask7: Jul 26 14:52:14.643: sshpmGetCID: comparing to row 2, ID cert >cscoDefaultIdCert<
*spamApTask7: Jul 26 14:52:14.644: sshpmFreePublicKeyHandle: called with 0x2ca400b0
r*spamApTask7: Jul 26 14:52:14.645: sshpmFreePublicKeyHandle: freeing public key
*spamApTask7: Jul 26 14:52:15.001: 2c:54:2d:9c:a1:f9 Allocated index from main list, Index: 1
*spamApTask7: Jul 26 14:52:15.001: 2c:54:2d:9c:a1:f9 DTLS keys for Control Plane are plumbed successfully for AP 192.168.0.222. Index 2
*spamApTask7: Jul 26 14:52:15.001: 2c:54:2d:9c:a1:f9 DTLS Session established server (192.168.0.2:5246), client (192.168.0.222:51745)
s enable
(Cisco Controller) debug>capwap e*spamApTask7: Jul 26 14:52:15.001: 2c:54:2d:9c:a1:f9 Starting wait join timer for AP: 192.168.0.222:51745
*spamApTask7: Jul 26 14:52:20.002: 2c:54:2d:9c:a1:f9 Join Request from 192.168.0.222:51745
*spamApTask7: Jul 26 14:52:20.009: 2c:54:2d:9c:a1:f9 Deleting AP entry 192.168.0.222:51745 from temporary database.
*spamApTask7: Jul 26 14:52:20.009: 2c:54:2d:9c:a1:f9 AP with same name AP2c54.2d9c.a1f9 exist. Using default name AP2c54.2d9c.a1f9 for this AP.
*spamApTask7: Jul 26 14:52:20.010: 2c:54:2d:9c:a1:f9 Join Version: = 117469910
*spamApTask7: Jul 26 14:52:20.010: 2c:54:2d:9c:a1:f9 Join resp: CAPWAP Maximum Msg element len = 91
*spamApTask7: Jul 26 14:52:20.010: 2c:54:2d:9c:a1:f9 Join Response sent to 192.168.0.222:51745
*spamApTask7: Jul 26 14:52:20.010: 2c:54:2d:9c:a1:f9 CAPWAP State: Join
*spamApTask7: Jul 26 14:52:20.010: 2c:54:2d:9c:a1:f9 capwap_ac_platform.c:1224 - Operation State 0 ===> 4
*spamApTask7: Jul 26 14:52:20.019: 2c:54:2d:9c:a1:f9 Image data Request from 192.168.0.222:51745
*spamApTask7: Jul 26 14:52:20.019: 2c:54:2d:9c:a1:f9 CAPWAP State: Image Data
*spamApTask7: Jul 26 14:52:20.019: 2c:54:2d:9c:a1:f9 capwap_ac_sm.c:4160 - Operation State 4 ===> 5
*spamApTask7: Jul 26 14:52:20.019: 2c:54:2d:9c:a1:f9 Failed to open file for image data transfer /bsn/ap//ap3g2
*spamApTask7: Jul 26 14:52:20.019: 2c:54:2d:9c:a1:f9 Failed to process file for image download to 192.168.0.222:51745
*spamApTask7: Jul 26 14:52:20.019: 2c:54:2d:9c:a1:f9 Image data: Unable to encode Image Data message element
*spamApTask7: Jul 26 14:52:20.019: 2c:54:2d:9c:a1:f9 Failed to encode Image data request to 192.168.0.222:51745
*spamApTask7: Jul 26 14:52:20.019: 2c:54:2d:9c:a1:f9 Failed to send image data request to 192:168:0:222:51745
*spamApTask7: Jul 26 14:52:20.019: 2c:54:2d:9c:a1:f9 CAPWAP State: Join
*spamApTask7: Jul 26 14:52:20.019: 2c:54:2d:9c:a1:f9 State machine handler: Failed to process msg type = 15 state = 5 from 192.168.0.222:51745
*spamApTask7: Jul 26 14:52:20.020: 2c:54:2d:9c:a1:f9 Failed to parse CAPWAP packet from 192.168.0.222:51745
rrors
(Cisco Controller) debug>capwap errors enable
(Cisco Controller) debug>*spamApTask0: Jul 26 14:52:26.056: a4:93:4c:c1:1d:5c Invalid event 13 & state 5 combination
*spamApTask0: Jul 26 14:52:26.056: a4:93:4c:c1:1d:5c State machine handler: Failed to process msg type = 13 state = 5 from 192.168.0.233:4567
*spamApTask0: Jul 26 14:52:26.056: a4:93:4c:c1:1d:5c Failed to parse CAPWAP packet from 192.168.0.233:4567
*spamApTask0: Jul 26 14:52:29.056: a4:93:4c:c1:1d:5c Invalid event 13 & state 5 combination
*spamApTask0: Jul 26 14:52:29.056: a4:93:4c:c1:1d:5c State machine handler: Failed to process msg type = 13 state = 5 from 192.168.0.233:4567
*spamApTask0: Jul 26 14:52:29.056: a4:93:4c:c1:1d:5c Failed to parse CAPWAP packet from 192.168.0.233:4567
*sshpmLscTask: Jul 26 14:52:31.731: sshpmLscTask: LSC Task received a message 4
*spamApTask0: Jul 26 14:52:32.056: a4:93:4c:c1:1d:5c Invalid event 13 & state 5 combination
*spamApTask0: Jul 26 14:52:32.056: a4:93:4c:c1:1d:5c State machine handler: Failed to process msg type = 13 state = 5 from 192.168.0.233:4567
*spamApTask0: Jul 26 14:52:32.056: a4:93:4c:c1:1d:5c Failed to parse CAPWAP packet from 192.168.0.233:4567
*spamApTask0: Jul 26 14:52:35.056: a4:93:4c:c1:1d:5c Invalid event 13 & state 5 combination
*spamApTask0: Jul 26 14:52:35.056: a4:93:4c:c1:1d:5c State machine handler: Failed to process msg type = 13 state = 5 from 192.168.0.233:4567
*spamApTask0: Jul 26 14:52:35.056: a4:93:4c:c1:1d:5c Failed to parse CAPWAP packet from 192.168.0.233:4567
*spamApTask0: Jul 26 14:52:38.056: a4:93:4c:c1:1d:5c Invalid event 13 & state 5 combination
*spamApTask0: Jul 26 14:52:38.056: a4:93:4c:c1:1d:5c State machine handler: Failed to process msg type = 13 state = 5 from 192.168.0.233:4567
*spamApTask0: Jul 26 14:52:38.056: a4:93:4c:c1:1d:5c Failed to parse CAPWAP packet from 192.168.0.233:4567
*spamApTask0: Jul 26 14:52:41.056: a4:93:4c:c1:1d:5c Invalid event 13 & state 5 combination
*spamApTask0: Jul 26 14:52:41.056: a4:93:4c:c1:1d:5c State machine handler: Failed to process msg type = 13 state = 5 from 192.168.0.233:4567
*spamApTask0: Jul 26 14:52:41.056: a4:93:4c:c1:1d:5c Failed to parse CAPWAP packet from 192.168.0.233:4567
*spamApTask0: Jul 26 14:52:44.111: a4:93:4c:c1:1d:5c DTLS keys for Control Plane deleted successfully for AP 192.168.0.233
*spamApTask0: Jul 26 14:52:44.112: a4:93:4c:c1:1d:5c DTLS connection was closed
*spamApTask0: Jul 26 14:52:44.112: a4:93:4c:c1:1d:5c DTLS connection closed event receivedserver (192:168:0:2/5246) client (192:168:0:233/4567)
*spamApTask0: Jul 26 14:52:44.112: a4:93:4c:c1:1d:5c Entry exists for AP (192:168:0:233/4567)
*spamApTask0: Jul 26 14:52:44.117: a4:93:4c:c1:1d:5c No AP entry exist in temporary database for 192.168.0.233:4567
*spamApTask0: Jul 26 14:52:44.170: a4:93:4c:c1:1d:5c Discovery Request from 192.168.0.233:4567
*spamApTask0: Jul 26 14:52:44.170: a4:93:4c:c1:1d:5c Join Priority Processing status = 0, Incoming Ap's Priority 1, MaxLrads = 25, joined Aps =1
*spamApTask0: Jul 26 14:52:44.170: a4:93:4c:c1:1d:5c Discovery Response sent to 192.168.0.233:4567
*spamApTask0: Jul 26 14:52:44.170: a4:93:4c:c1:1d:5c Discovery Response sent to 192.168.0.233:4567
*spamApTask7: Jul 26 14:52:50.018: 2c:54:2d:9c:a1:f9 Invalid event 13 & state 5 combination
*spamApTask7: Jul 26 14:52:50.018: 2c:54:2d:9c:a1:f9 State machine handler: Failed to process msg type = 13 state = 5 from 192.168.0.222:51745
*spamApTask7: Jul 26 14:52:50.018: 2c:54:2d:9c:a1:f9 Failed to parse CAPWAP packet from 192.168.0.222:51745
*spamApTask7: Jul 26 14:52:53.018: 2c:54:2d:9c:a1:f9 Invalid event 13 & state 5 combination
*spamApTask7: Jul 26 14:52:53.018: 2c:54:2d:9c:a1:f9 State machine handler: Failed to process msg type = 13 state = 5 from 192.168.0.222:51745
*spamApTask7: Jul 26 14:52:53.018: 2c:54:2d:9c:a1:f9 Failed to parse CAPWAP packet from 192.168.0.222:51745
*spamApTask0: Jul 26 14:52:54.168: a4:93:4c:c1:1d:5c DTLS connection not found, creating new connection for 192:168:0:233 (4567) 192:168:0:2 (5246)
*spamApTask0: Jul 26 14:52:54.168: sshpmGetCID: called to evaluate
*spamApTask0: Jul 26 14:52:54.168: sshpmGetCID: comparing to row 0, CA cert >bsnOldDefaultCaCert<
*spamApTask0: Jul 26 14:52:54.168: sshpmGetCID: comparing to row 1, CA cert >bsnDefaultRootCaCert<
*spamApTask0: Jul 26 14:52:54.168: sshpmGetCID: comparing to row 2, CA cert >bsnDefaultCaCert<
*spamApTask0: Jul 26 14:52:54.168: sshpmGetCID: comparing to row 3, CA cert >bsnDefaultBuildCert<
*spamApTask0: Jul 26 14:52:54.169: sshpmGetCID: comparing to row 4, CA cert >cscoDefaultNewRootCaCert<
*spamApTask0: Jul 26 14:52:54.169: sshpmGetCID: comparing to row 5, CA cert >cscoDefaultMfgCaCert<
*spamApTask0: Jul 26 14:52:54.169: sshpmGetCID: comparing to row 0, ID cert >bsnOldDefaultIdCert<
*spamApTask0: Jul 26 14:52:54.169: sshpmGetCID: comparing to row 1, ID cert >bsnDefaultIdCert<
*spamApTask0: Jul 26 14:52:54.169: sshpmGetCID: comparing to row 2, ID cert >cscoDefaultIdCert<
*spamApTask0: Jul 26 14:52:54.169: sshpmGetCertFromCID: called to get cert for CID 13244df5
*spamApTask0: Jul 26 14:52:54.169: sshpmGetCertFromCID: comparing to row 0, certname >bsnOldDefaultCaCert<
*spamApTask0: Jul 26 14:52:54.169: sshpmGetCertFromCID: comparing to row 1, certname >bsnDefaultRootCaCert<
*spamApTask0: Jul 26 14:52:54.169: sshpmGetCertFromCID: comparing to row 2, certname >bsnDefaultCaCert<
*spamApTask0: Jul 26 14:52:54.169: sshpmGetCertFromCID: comparing to row 3, certname >bsnDefaultBuildCert<
*spamApTask0: Jul 26 14:52:54.169: sshpmGetCertFromCID: comparing to row 4, certname >cscoDefaultNewRootCaCert<
*spamApTask0: Jul 26 14:52:54.169: sshpmGetCertFromCID: comparing to row 5, certname >cscoDefaultMfgCaCert<
*spamApTask0: Jul 26 14:52:54.169: sshpmGetCertFromCID: comparing to row 0, certname >bsnOldDefaultIdCert<
*spamApTask0: Jul 26 14:52:54.169: sshpmGetCertFromCID: comparing to row 1, certname >bsnDefaultIdCert<
*spamApTask0: Jul 26 14:52:54.169: sshpmGetCertFromCID: comparing to row 2, certname >cscoDefaultIdCert<
*spamApTask0: Jul 26 14:52:54.169: sshpmGetCID: called to evaluate
*spamApTask0: Jul 26 14:52:54.169: sshpmGetCID: comparing to row 0, CA cert >bsnOldDefaultCaCert<
*spamApTask0: Jul 26 14:52:54.169: sshpmGetCID: comparing to row 1, CA cert >bsnDefaultRootCaCert<
*spamApTask0: Jul 26 14:52:54.169: sshpmGetCID: comparing to row 2, CA cert >bsnDefaultCaCert<
*spamApTask0: Jul 26 14:52:54.169: sshpmGetCID: comparing to row 3, CA cert >bsnDefaultBuildCert<
*spamApTask0: Jul 26 14:52:54.169: sshpmGetCID: comparing to row 4, CA cert >cscoDefaultNewRootCaCert<
*spamApTask0: Jul 26 14:52:54.169: sshpmGetCID: comparing to row 5, CA cert >cscoDefaultMfgCaCert<
*spamApTask0: Jul 26 14:52:54.169: sshpmGetCID: comparing to row 0, ID cert >bsnOldDefaultIdCert<
*spamApTask0: Jul 26 14:52:54.169: sshpmGetCID: comparing to row 1, ID cert >bsnDefaultIdCert<
*spamApTask0: Jul 26 14:52:54.169: sshpmGetCID: comparing to row 2, ID cert >cscoDefaultIdCert<
*spamApTask0: Jul 26 14:52:54.169: sshpmGetSshPrivateKeyFromCID: called to get key for CID 13244df5
*spamApTask0: Jul 26 14:52:54.169: sshpmGetSshPrivateKeyFromCID: comparing to row 0, certname >bsnOldDefaultIdCert<
*spamApTask0: Jul 26 14:52:54.169: sshpmGetSshPrivateKeyFromCID: comparing to row 1, certname >bsnDefaultIdCert<
*spamApTask0: Jul 26 14:52:54.169: sshpmGetSshPrivateKeyFromCID: comparing to row 2, certname >cscoDefaultIdCert<
*spamApTask0: Jul 26 14:52:54.169: sshpmGetSshPrivateKeyFromCID: match in row 2
*spamApTask0: Jul 26 14:52:54.301: sshpmGetIssuerHandles: locking ca cert table
*spamApTask0: Jul 26 14:52:54.302: sshpmGetIssuerHandles: calling x509_alloc() for user cert
*spamApTask0: Jul 26 14:52:54.302: sshpmGetIssuerHandles: calling x509_decode()
*spamApTask0: Jul 26 14:52:54.306: sshpmGetIssuerHandles:
*spamApTask0: Jul 26 14:52:54.306: sshpmGetIssuerHandles:
*spamApTask0: Jul 26 14:52:54.306: sshpmGetIssuerHandles: Mac Address in subject is a4:93:4c:c1:1d:5c
*spamApTask0: Jul 26 14:52:54.306: sshpmGetIssuerHandles: Cert Name in subject is AP3G2-a4934cc11d5c
*spamApTask0: Jul 26 14:52:54.306: sshpmGetIssuerHandles: Cert is issued by Cisco Systems.
*spamApTask0: Jul 26 14:52:54.306: sshpmGetCID: called to evaluate
*spamApTask0: Jul 26 14:52:54.306: sshpmGetCID: comparing to row 0, CA cert >bsnOldDefaultCaCert<
*spamApTask0: Jul 26 14:52:54.306: sshpmGetCID: comparing to row 1, CA cert >bsnDefaultRootCaCert<
*spamApTask0: Jul 26 14:52:54.306: sshpmGetCID: comparing to row 2, CA cert >bsnDefaultCaCert<
*spamApTask0: Jul 26 14:52:54.306: sshpmGetCID: comparing to row 3, CA cert >bsnDefaultBuildCert<
*spamApTask0: Jul 26 14:52:54.306: sshpmGetCID: comparing to row 4, CA cert >cscoDefaultNewRootCaCert<
*spamApTask0: Jul 26 14:52:54.306: sshpmGetCID: comparing to row 5, CA cert >cscoDefaultMfgCaCert<
*spamApTask0: Jul 26 14:52:54.306: sshpmGetCertFromCID: called to get cert for CID 21e67429
*spamApTask0: Jul 26 14:52:54.306: sshpmGetCertFromCID: comparing to row 0, certname >bsnOldDefaultCaCert<
*spamApTask0: Jul 26 14:52:54.306: sshpmGetCertFromCID: comparing to row 1, certname >bsnDefaultRootCaCert<
*spamApTask0: Jul 26 14:52:54.306: sshpmGetCertFromCID: comparing to row 2, certname >bsnDefaultCaCert<
*spamApTask0: Jul 26 14:52:54.306: sshpmGetCertFromCID: comparing to row 3, certname >bsnDefaultBuildCert<
*spamApTask0: Jul 26 14:52:54.306: sshpmGetCertFromCID: comparing to row 4, certname >cscoDefaultNewRootCaCert<
*spamApTask0: Jul 26 14:52:54.306: sshpmGetCertFromCID: comparing to row 5, certname >cscoDefaultMfgCaCert<
*spamApTask0: Jul 26 14:52:54.306: ssphmUserCertVerify: calling x509_decode()
*spamApTask0: Jul 26 14:52:54.317: ssphmUserCertVerify: user cert verfied using >cscoDefaultMfgCaCert<
*spamApTask0: Jul 26 14:52:54.317: sshpmGetIssuerHandles: ValidityString (current): 2012/07/26/18:52:54
*spamApTask0: Jul 26 14:52:54.317: sshpmGetIssuerHandles: ValidityString (NotBefore): 2012/06/11/07:05:25
*spamApTask0: Jul 26 14:52:54.317: sshpmGetIssuerHandles: ValidityString (NotAfter): 2022/06/11/07:15:25
*spamApTask0: Jul 26 14:52:54.317: sshpmGetIssuerHandles: getting cisco ID cert handle...
*spamApTask0: Jul 26 14:52:54.317: sshpmGetCID: called to evaluate
*spamApTask0: Jul 26 14:52:54.317: sshpmGetCID: comparing to row 0, CA cert >bsnOldDefaultCaCert<
*spamApTask0: Jul 26 14:52:54.317: sshpmGetCID: comparing to row 1, CA cert >bsnDefaultRootCaCert<
*spamApTask0: Jul 26 14:52:54.317: sshpmGetCID: comparing to row 2, CA cert >bsnDefaultCaCert<
*spamApTask0: Jul 26 14:52:54.317: sshpmGetCID: comparing to row 3, CA cert >bsnDefaultBuildCert<
*spamApTask0: Jul 26 14:52:54.317: sshpmGetCID: comparing to row 4, CA cert >cscoDefaultNewRootCaCert<
*spamApTask0: Jul 26 14:52:54.317: sshpmGetCID: comparing to row 5, CA cert >cscoDefaultMfgCaCert<
*spamApTask0: Jul 26 14:52:54.317: sshpmGetCID: comparing to row 0, ID cert >bsnOldDefaultIdCert<
*spamApTask0: Jul 26 14:52:54.317: sshpmGetCID: comparing to row 1, ID cert >bsnDefaultIdCert<
*spamApTask0: Jul 26 14:52:54.317: sshpmGetCID: comparing to row 2, ID cert >cscoDefaultIdCert<
*spamApTask0: Jul 26 14:52:54.318: sshpmFreePublicKeyHandle: called with 0x2cc556d8
*spamApTask0: Jul 26 14:52:54.318: sshpmFreePublicKeyHandle: freeing public key
*spamApTask0: Jul 26 14:52:54.673: a4:93:4c:c1:1d:5c Allocated index from main list, Index: 3
*spamApTask0: Jul 26 14:52:54.673: a4:93:4c:c1:1d:5c DTLS keys for Control Plane are plumbed successfully for AP 192.168.0.233. Index 4
*spamApTask0: Jul 26 14:52:54.673: a4:93:4c:c1:1d:5c DTLS Session established server (192.168.0.2:5246), client (192.168.0.233:4567)
*spamApTask0: Jul 26 14:52:54.673: a4:93:4c:c1:1d:5c Starting wait join timer for AP: 192.168.0.233:4567
ALSO: this is for two different aps currently trying to join...
Message was edited by: Matthew Coffin
07-26-2012 12:11 PM
It looks like the WLC isn't able to open the file for the AP. Can you upgrade to 7.2.110.0? that will reload the AP images to the WLC.
HTH,
Steve
-----------------------------------------
Please remember to rate useful posts, and mark questions as answered
07-26-2012 12:33 PM
For some reason the serial is not allowing me to download the upgrade...I will take care of that shortly if need be. Waiting to hear back from someone on that currently but I am not sure how long that may take.
For the short term, is there another recommendation?
07-26-2012 01:42 PM
Is it just one ap having this issue? If so, hold the mode button down and power cycle the ap. hold the button down for I think 10 seconds and release. The ap should boot into rommon mode. Issue a dir flash: and look to see if you see the recovery image directory. Then issue a dir flash:
Then issue the SET command and verify the BOOTFLASH is correct. Then you can issue a reload. The ap will boot into the recovery image and then join the wlc and download the code again.
Sent from Cisco Technical Support iPhone App
07-26-2012 01:52 PM
It is happening on all aps.
I did get the new sw version, but I am getting this when trying to load:
Failure while validating the signature!
TFTP Failure while storing in flash!
I tried booting to the backup image and it is giving me the same issue.
07-26-2012 02:23 PM
The APs local to the site where the WLC's are located?
Sent from Cisco Technical Support iPhone App
07-26-2012 02:30 PM
Yes. They are all plugged into the same switch. However...
For some reason, after failing to do the software upgrade, I reverted the boot config back to the primary. On the next boot, the aps, all of them, starting downloading the correct image and are now associated and joined. I am still on version
7.2.103.0, and technically the only actual changes made since this thread started was changing the boot config back and forth and now it is working.
So i am currently at a loss as to why this happened or what was going on....but it is working now so Thanks everyone.
should i mark this as answered, and if so, who should get the credit for the answer?
09-11-2012 06:28 AM
We are experiencing the same thing...we installed the AIR-WISM2-K9-1-7-0-0-FUS.aes software this morning and since then we have been unable to get AIR-CAP3602E-E-K9 to connect:
*spamApTask7: Sep 11 13:21:50.378: %CAPWAP-3-TX_ERR: capwap_ac_sm.c:4172 The system has failed to transmit image data request to AP a4:4c:11:ca:e4:7e
*spamApTask7: Sep 11 13:21:50.378: %CAPWAP-3-ENCODE_ERR: capwap_ac_sm.c:2425 The system has failed to encode Image data request to AP a4:4c:11:ca:e4:7e
*spamApTask7: Sep 11 13:21:50.377: %CAPWAP-3-IMAGE_DOWNLOAD_ERR3: capwap_ac_platform.c:782 Refusing image download request from AP - unable to open image file /mnt/images/ap.bak//ap3g2
*spamApTask7: Sep 11 13:21:50.368: %CAPWAP-3-DUP_AP_NAME: capwap_ac_decode.c:1088 AP with same name APa44c.11ca.e47e exist. Using default name APa44c.11ca.e47e for this AP.
09-11-2012 09:47 AM
Bryn,
What code is your WLC on ? the FUS is different from the actual WLC code. You need to be on 7.2 to support the 3600. Also what is the part number of your WLC, your AP is "E" country code. Is your WLC supporting "E"
__________________________________________________________________________________________
"Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin
09-12-2012 03:58 AM
George is right. Looks like your WiSM is not on the 7.2 code. After you upgrade to the 7.2.x you will need to reboot an ten uploa the FUS image again and reboot.
Sent from Cisco Technical Support iPhone App
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide