Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
432
Views
0
Helpful
2
Replies

Remote APs having difficulty creating DTLS connection

johnmay
Level 1
Level 1

‎02-03-2016 02:22 PM - edited ‎07-05-2021 04:34 AM

Hello,

I have a client with a 2504 WLC with both local and remote access points.  The remote access points are 1040s across a 10Mb MPLS.  When rebooting the remote APs, it can take anywhere from 15 minutes to an hour or more to complete registration.  When looking at the logs on the AP, I see this:

*Feb 3 21:05:24.999: %DTLS-5-SEND_ALERT: Send FATAL : Close notify Alert to <WLC AP>:5246
*Feb 3 21:05:25.051: %LWAPP-3-CLIENTERRORLOG: LWAPP LED Init: incorrect led state 255
*Feb 3 21:05:25.052: bsnInitRcbSlot: slot 1 has NO radio
*Feb 3 21:05:25.074: %LWAPP-3-CLIENTERRORLOG: Config not right for slot 1, not initialising slot config for this slot
*Feb 3 21:05:25.104: Starting Ethernet promiscuous mode
*Feb 3 21:05:35.117: %CAPWAP-3-ERRORLOG: Go join a capwap controller
*Feb 3 21:06:38.000: %CAPWAP-5-DTLSREQSEND: DTLS connection request sent peer_ip: <WLC AP> peer_port: 5246
*Feb 3 21:07:37.999: %DTLS-5-SEND_ALERT: Send FATAL : Close notify Alert to <WLC AP>:5246
*Feb 3 21:07:38.000: %CAPWAP-3-ERRORLOG: Go join a capwap controller
*Feb 3 21:06:38.000: %CAPWAP-5-DTLSREQSEND: DTLS connection request sent peer_ip: <WLC AP> peer_port: 5246
*Feb 3 21:07:08.000: DTLS_CLIENT_ERROR: ../capwap/base_capwap/dtls/base_capwap_dtls_connection_db.c:2208 Max retransmission count reached for Connection 0x1F9E7CC!

This repeats several times, until it finally connects, and the Send FATAL line is replaced with this:

*Feb  3 21:08:52.928: %CAPWAP-5-DTLSREQSUCC: DTLS connection created sucessfully peer_ip: <WLC IP> peer_port: 5246

The interesting thing is the time period between the connection request and the failure is exactly .999 seconds, every time.  


Could this be a latency issue, or is there a problem with the controller and AP firmware?  They are currently running 7.6.130.0, which I know is deferred, but the deferral notice didn't mention anything about this issue.

Thanks in advance for any help!

Labels:
0 Helpful
2 Replies 2

George Stefanick
VIP Alumni
VIP Alumni

‎02-03-2016 07:27 PM

Hi John,

Do you have the APs sam model working ? Is it just this MPLS link not working ? Are there other aps across this MPLS working ?

"Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin
___________________________________________________________
0 Helpful

johnmay
Level 1
Level 1
In response to George Stefanick

‎02-09-2016 02:48 PM

Sorry for the late reply on this!

MPLS seems to be working fine - I can ping across the link the entire time during registration, though the latency does sometimes jump into the 150-200ms range.  All of the remote APs exhibit the same behavior, and they are all the same model.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card