Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
Bookmark
|
Subscribe
|
19821
Views
10
Helpful
9
Replies

Failed DTLS handshake and rejoining

frederick.mercado
Spotlight

‎04-15-2022 10:13 AM - edited ‎10-19-2023 12:54 PM

 

 

Log info attached from one AP and the WLC

 

 

1 person had this problem
9 Replies 9

Rich R
VIP
VIP

‎04-16-2022 06:31 AM

I noticed this in the 17.8.1 release notes - try 17.3.5a and don't forget the CSCwb13784 SMU for the MTU issue?

CSCwa35350

AP flaps when WNCd to which it maps report high CPU utilization.
------------------------------
Please click Helpful if this post helped you and Select as Solution (drop down menu at top right of this reply) if this answered your query.
------------------------------
TAC recommended codes for AireOS WLC's   and   TAC recommended codes for 9800 WLC's
Best Practices for AireOS WLC's,   Best Practices for 9800 WLC's   and   Cisco Wireless compatibility matrix
Check your 9800 WLC config with Wireless Config Analyzer using "show tech wireless" output or "config paging disable" then "show run-config" output on AireOS and use Wireless Debug Analyzer to analyze your WLC client debugs
Field Notice: FN63942 APs and WLCs Fail to Create CAPWAP Connections Due to Certificate Expiration
Field Notice: FN72424 Later Versions of WiFi 6 APs Fail to Join WLC - Software Upgrade Required
Field Notice: FN72524 IOS APs stuck in downloading state after 4 Dec 2022 due to Certificate Expired
- Fixed in 8.10.196.0, latest 9800 releases, 8.5.182.12 (8.5.182.13 for 3504) and 8.5.182.109 (IRCM, 8.5.182.111 for 3504)
Field Notice: FN70479 AP Fails to Join or Joins with 1 Radio due to Country Mismatch, RMA needed
How to avoid boot loop due to corrupted image on Wave 2 and Catalyst 11ax Access Points (CSCvx32806)
Field Notice: FN74035 - Wave2 APs DFS May Not Detect Radar After Channel Availability Check Time
Leo's list of bugs affecting 2800/3800/4800/1560 APs
Default AP console baud rate from 17.12.x is 115200 - introduced by CSCwe88390
0 Helpful

ammahend
VIP Alumni
VIP Alumni

‎04-16-2022 12:28 PM - edited ‎04-16-2022 12:29 PM

In the bootflash, do you see any crash file ? if you do you can run more, it might give you insight into why the AP crashed and you will have a better direction to work on the fix.

here is an example, while led to a bug :

 

9800#dir bootflash-2:
Directory of bootflash-2:/

24505 -rw- 158219 Feb 9 2022 18:05:12 -06:00 AP_D103.crash
24504 -rw- 74914 Jan 21 2022 00:43:53 -06:00 AP_E107.crash

 

9880#more bootflash-2:AP_D103.crash
AP_D103.crash crashed at Wed Jun 30 22:20:17 2021 UTC(BOOT_CNT 36) due to:
FIQ/NMI reset

 

hope this helps.

-hope this helps-
0 Helpful

ChristiesNetwork_Team7857
Level 1
Level 1

‎06-07-2022 12:36 AM

Hello All,

 

I am also facing the same issues in our 9800 WLC,some 3800 WAPs are disconnecting and rejoining for every 2 mins.

 

*Jun 7 02:20:46.207: %CAPWAPAC_SMGR_TRACE_MESSAGE-5-AP_JOIN_DISJOIN: Chassis 1 R0/0: wncd: AP Event: Session-IP: 10.200.38.55[5256] Mac: 6c31.0e8a.c900 CAPWAP
DTLS session closed for AP, cause: DTLS server session shutdown.

 

Pls could someone help here

0 Helpful

Rich R
VIP
VIP
In response to ChristiesNetwork_Team7857

‎06-07-2022 01:45 AM

What version of IOS-XE?

What do you see on the AP logs?

 

------------------------------
Please click Helpful if this post helped you and Select as Solution (drop down menu at top right of this reply) if this answered your query.
------------------------------
TAC recommended codes for AireOS WLC's   and   TAC recommended codes for 9800 WLC's
Best Practices for AireOS WLC's,   Best Practices for 9800 WLC's   and   Cisco Wireless compatibility matrix
Check your 9800 WLC config with Wireless Config Analyzer using "show tech wireless" output or "config paging disable" then "show run-config" output on AireOS and use Wireless Debug Analyzer to analyze your WLC client debugs
Field Notice: FN63942 APs and WLCs Fail to Create CAPWAP Connections Due to Certificate Expiration
Field Notice: FN72424 Later Versions of WiFi 6 APs Fail to Join WLC - Software Upgrade Required
Field Notice: FN72524 IOS APs stuck in downloading state after 4 Dec 2022 due to Certificate Expired
- Fixed in 8.10.196.0, latest 9800 releases, 8.5.182.12 (8.5.182.13 for 3504) and 8.5.182.109 (IRCM, 8.5.182.111 for 3504)
Field Notice: FN70479 AP Fails to Join or Joins with 1 Radio due to Country Mismatch, RMA needed
How to avoid boot loop due to corrupted image on Wave 2 and Catalyst 11ax Access Points (CSCvx32806)
Field Notice: FN74035 - Wave2 APs DFS May Not Detect Radar After Channel Availability Check Time
Leo's list of bugs affecting 2800/3800/4800/1560 APs
Default AP console baud rate from 17.12.x is 115200 - introduced by CSCwe88390
0 Helpful

ChristiesNetwork_Team7857
Level 1
Level 1
In response to Rich R

‎06-07-2022 04:14 AM

 

IOS-17.3.4c

*Jun 7 02:20:46.207: %CAPWAPAC_SMGR_TRACE_MESSAGE-5-AP_JOIN_DISJOIN: Chassis 1 R0/0: wncd: AP Event: Session-IP: 10.200.38.55[5256] Mac: 6c31.0e8a.c900 CAPWAP
DTLS session closed for AP, cause: DTLS server session shutdown.

0 Helpful

marce1000
Hall of Fame
Hall of Fame
In response to ChristiesNetwork_Team7857

‎06-07-2022 02:03 AM

 

                           >...could someone help here ?

 - Did you already check the (previous) replies in the thread.

   For the rest you may  have the current controller configuration reviewed with (CLI) show tech wireless : have the output analyzed by https://cway.cisco.com/tools/WirelessAnalyzer/

  Look for hints and advisories , not use command as mentioned in green , do not use traditional show tech-support , for Wireless Analyzer.

 M.



-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
    When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '

frederick.mercado
Spotlight
In response to ChristiesNetwork_Team7857

‎06-07-2022 06:39 AM

I believe we resolved our issue by increasing the WLAN timeout session in the policy to 86400 and idle timeout to 3600 sec

0 Helpful

hara12386
Level 1
Level 1

‎01-17-2024 07:12 AM

Hello,

Can you please confirm how you changed the timeout?

Many thanks,

0 Helpful

Rich R
VIP
VIP
In response to hara12386

‎01-18-2024 05:35 AM

https://www.cisco.com/c/en/us/td/docs/wireless/controller/9800/17-9/config-guide/b_wl_17_9_cg/m_config_model.html#task_lv2_g5n_kz

------------------------------
Please click Helpful if this post helped you and Select as Solution (drop down menu at top right of this reply) if this answered your query.
------------------------------
TAC recommended codes for AireOS WLC's   and   TAC recommended codes for 9800 WLC's
Best Practices for AireOS WLC's,   Best Practices for 9800 WLC's   and   Cisco Wireless compatibility matrix
Check your 9800 WLC config with Wireless Config Analyzer using "show tech wireless" output or "config paging disable" then "show run-config" output on AireOS and use Wireless Debug Analyzer to analyze your WLC client debugs
Field Notice: FN63942 APs and WLCs Fail to Create CAPWAP Connections Due to Certificate Expiration
Field Notice: FN72424 Later Versions of WiFi 6 APs Fail to Join WLC - Software Upgrade Required
Field Notice: FN72524 IOS APs stuck in downloading state after 4 Dec 2022 due to Certificate Expired
- Fixed in 8.10.196.0, latest 9800 releases, 8.5.182.12 (8.5.182.13 for 3504) and 8.5.182.109 (IRCM, 8.5.182.111 for 3504)
Field Notice: FN70479 AP Fails to Join or Joins with 1 Radio due to Country Mismatch, RMA needed
How to avoid boot loop due to corrupted image on Wave 2 and Catalyst 11ax Access Points (CSCvx32806)
Field Notice: FN74035 - Wave2 APs DFS May Not Detect Radar After Channel Availability Check Time
Leo's list of bugs affecting 2800/3800/4800/1560 APs
Default AP console baud rate from 17.12.x is 115200 - introduced by CSCwe88390
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card
Top