06-09-2018 01:12 PM - edited 07-05-2021 08:43 AM
Hi there
I have a Office connected to a Main office via a site2site running a Asa in both ends.
There are a Access point 2802, that are losing the connection to the WLC every 1 minute.
[*06/06/2018 02:36:44.1579] Warning, unencrypted data keepalive failed
[*06/06/2018 02:36:44.1579] Failed to receive data keepalive
[*06/06/2018 02:36:44.1580]
[*06/06/2018 02:36:44.1580] Lost connection to the controller, going to restart CAPWAP...
[*06/06/2018 02:36:44.1580]
[*06/06/2018 02:36:44.1580] Restarting CAPWAP State Machine.
Can it be a bug or a config issue ?
Mvh Mickey
Solved! Go to Solution.
09-03-2018 02:00 PM - edited 09-03-2018 02:00 PM
06-09-2018 04:13 PM
06-10-2018 11:51 AM
Its a WLC 3504 running version 8.5.120.0 and the accesspoint is a 2802.
Mvh Mickey
06-10-2018 04:57 PM
09-03-2018 02:00 PM - edited 09-03-2018 02:00 PM
The solution was:
No _ in the AP group name.
04-30-2020 09:31 AM
I have the same problem, did you use the command "no ap group name"?
What was the solution?
08-19-2020 09:24 AM
Did you mean that we should not use "_" in the AP Group Name?
08-19-2020 09:31 AM - edited 08-19-2020 09:47 AM
From this old thread, yes it states the fix was not to use an underscore “_”.
08-19-2020 09:55 AM - edited 08-19-2020 03:23 PM
Hi Scott,
thanks for answering, we are currently migrating our WIFI network to SD-WAN (which basically means IPSEC Tunneling), I have some AP's continuously sending me this:
*Aug 19 16:27:36.000: %CAPWAP-3-DATA_KEEPALIVE_ERR: Failed to receive data keep-alive *Aug 19 16:27:36.000: %DTLS-5-SEND_ALERT: Send FATAL : Close notify Alert to 10.0.0.1:5246
I check this post but the AP Group name configuration is not the case so I read the following article about CAPWAP Path MTU Discovery, so I am wondering if the additional encapsulation caused by SD-WAN devices in addition to CAPWAP could be the cause because from the AP showing those disconnections negotiated a MTU of 576 with the WLC instead of the maximum required one.
(Cisco Controller) >show ap config general APTESTING
Cisco AP Identifier.............................. 520
Cisco AP Name.................................... APTESTING
CAPWAP Path MTU.................................. 576
Cisco AP Group Name.............................. TESTINGACCESSPOINT
Primary Cisco Switch Name........................ WLC
08-19-2020 10:26 AM
06-12-2018 01:42 AM
04-20-2021 04:46 AM
Hi,
This happens in my environment as well but I don't have a solution yet. It only happens on a group of WAPs and not all of them. The AP group name i have is "default-group" any suggestions?
Thanks
03-22-2023 01:47 AM
Hi,
I had the same problem too but weirdly enough, the issue somehow resolved after I changed the cable from the AP to the switch. Hopefully this will help.
Thanks.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: