Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1488
Views
0
Helpful
7
Replies

Join error: AIR-AP1852E-H-K9 "Ap model" have a more "9" when join WLC

Rps-Cheers
VIP
VIP

‎03-24-2019 06:38 AM - edited ‎07-05-2021 10:07 AM

 Hi All

 

These days,i have met a few similar issue.AIR-AP1852E-H-K9 cannot join WLC(eg,2504\5508).

There are some error when we issue "debug capwap event enable" and "debug capwap error enable" on WLC.

 

As below:

----error info -1

*spamApTask1: Mar 24 15:18:59.752: [PA] Unknown AP type. Using Controller Version!!!

*spamApTask4: Mar 24 15:19:01.708: [PA] 00:38:df:1b:3b:a0 ApModel: AIR-AP1852E-H-K99

*spamApTask6: Mar 24 15:19:02.447: [PA] 00:f8:2c:1b:2b:00 ApModel: AIR-AP1852E-H-K99

*spamApTask7: Mar 24 15:19:04.873: [PA] 00:f8:2c:1b:5b:20 ApModel: AIR-AP1852E-H-K99

......

 

-----error info -2

show msglog

.........

*spamApTask3: Mar 24 15:30:42.684: %DTLS-3-HANDSHAKE_FAILURE: [PA]openssl_dtls.c:833 Failed to complete DTLS handshake with peer 172.27.60.19
*spamApTask4: Mar 24 15:30:33.108: %DTLS-3-HANDSHAKE_FAILURE: [PA]openssl_dtls.c:833 Failed to complete DTLS handshake with peer 10.27.60.39
*spamApTask2: Mar 24 15:30:11.841: %DTLS-3-HANDSHAKE_FAILURE: [PA]openssl_dtls.c:833 Failed to complete DTLS handshake with peer 10.27.60.17
*spamApTask0: Mar 24 15:30:11.343: %DTLS-3-HANDSHAKE_FAILURE: [PA]openssl_dtls.c:833 Failed to complete DTLS handshake with peer 10.27.60.13
*spamApTask3: Mar 24 15:30:05.622: %DTLS-3-HANDSHAKE_FAILURE: [PA]openssl_dtls.c:833 Failed to complete DTLS handshake with peer 10.27.60.32

 

In addition,there are some APs(AIR-AP1852E-H-K9) which join wlc before can join wlc again normally.

 

WLC software:8.1.131.0 & 8.2.170.0

AP source :RMA or Newly purchased AP

 

I am very serious about this is a serious vulnerability.Do you think?

Is there anybody have occur the issue,and resloved it?

 

Thanks & BR

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Rps-Cheers | If it solves your problem, please mark as answer. Thanks !
0 Helpful
7 Replies 7

Ric Beeching
Level 7
Level 7

‎03-24-2019 07:59 AM - edited ‎03-24-2019 08:01 AM

Hi,
Do you have time/NTP configured correctly on the WLC(s)? Is it happening on multiple WLCs? Can you attach a full output from the debug commands you're running as well as a show sysinfo show inventory show licenses summary show country and show auth-list.

Cheers,
Ric

-----------------------------
Please rate helpful / correct posts
0 Helpful

Rps-Cheers
VIP
VIP
In response to Ric Beeching

‎03-26-2019 08:26 AM

I have configured the time and it's happening on multiple WLCs.The debug info is always as below:
*spamApTask1: Mar 24 15:18:59.752: [PA] Unknown AP type. Using Controller Version!!!

*spamApTask4: Mar 24 15:19:01.708: [PA] 00:38:df:1b:3b:a0 ApModel: AIR-AP1852E-H-K99

*spamApTask6: Mar 24 15:19:02.447: [PA] 00:f8:2c:1b:2b:00 ApModel: AIR-AP1852E-H-K99

*spamApTask7: Mar 24 15:19:04.873: [PA] 00:f8:2c:1b:5b:20 ApModel: AIR-AP1852E-H-K99

there is not some other useful info.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Rps-Cheers | If it solves your problem, please mark as answer. Thanks !
0 Helpful

Sathiyanarayanan Ravindran
Spotlight
Spotlight

‎03-24-2019 09:33 AM

Hi,

 

Check whether proper country code is enabled on the Controller for associating. Also check for the NTP configuration, Is it proper or Not.

 

Country code China has to be enabled to support these -H- domain access points.

 

https://www.cisco.com/c/dam/assets/prod/wireless/wireless-compliance-tool/index.html

 

 

Regards,
Sathiyanarayanan Ravindran

Please rate the post and accept as solution, if my response satisfied your question:)
0 Helpful

Rps-Cheers
VIP
VIP
In response to Sathiyanarayanan Ravindran

‎03-26-2019 08:29 AM

The country code is right,and the time of WLC is also right.

Yes,the AP model is AIR-AP1852E-H-K9,so i have set the country code is CN. And there are some other AP1852E joined before,they can work well at the same time.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Rps-Cheers | If it solves your problem, please mark as answer. Thanks !
0 Helpful

Leo Laohoo
Hall of Fame
Hall of Fame

‎03-24-2019 10:48 PM

I'd recommend migrating away from 8.1.131.0.
0 Helpful

Rps-Cheers
VIP
VIP
In response to Leo Laohoo

‎03-26-2019 08:31 AM

Yes,I think so,So i suggested upgrade wlc to 8.3.134.0 ,and waiting for end user update.
I believe there is a bug about the issue.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Rps-Cheers | If it solves your problem, please mark as answer. Thanks !
0 Helpful

patoberli
VIP Alumni
VIP Alumni
In response to Rps-Cheers

‎03-28-2019 07:58 AM

This, or an error happened in the provisioning process in the factory. I actually suggest to do an RMA.
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card