Wireless controller to access point loss connection when faliover to back up MPLS

r.cruzate · ‎08-08-2019

Hi Master,

We need your help, for this issue. Were trying to troubleshoot this since last year and it's not resolved until now.

Here's the full details:

We have WLC from site A and the access points are in site B. When the link is using the ISP 1 all connectivity are good but if we do the failover using ISP 2. All the access points from site B is not visible to WLC. The trouble shooting we did is to shut down the wlc then connect a laptop then use it's IP. All ping and trace route are good, we can also ping the access points from WLC side. I will attached the diagram for your reference. We also did a packet capture, the difference we see in pcap is the [Reassembly error, protocol DTLS: New fragment overlaps old data retransmission when using ISP 2.

Daniel Ordóñez Flores · ‎08-08-2019

Hi @r.cruzate

are you with different ISP or is two links with same ISP?

Espero que la información haya sido útil y si no tienes más preguntas recuerda cerrar el topic, seleccionando la respuesta como "Respuesta correcta"
**Please rate the answer if this information was useful***
**Por favor si la información fue util marca esta respuesta como correcta**

valientejohnerick · ‎08-08-2019

@Daniel Ordóñez Flores

Thanks for your response, I'm the colleague of Redentor. Yes were using different ISP for access point to WLC connection. When were using ISP 1 the connection from WLC to AP are good but if we did the fail over to ISP 2 all AP are not visible from site B but we can ping it using WLC. Thank you

patoberli · ‎08-14-2019

Wasn't there a second thread with the same question? I think you are hitting a bug/limitation on the WLC.

It's also possible that you are hitting an MTU issue on the line B.

r.cruzate · ‎08-13-2019

@Daniel Ordóñez Flores

Hi Daniel,

Kindly response please. Is this a WLC issue or ISP issue? The version of WLC is 2504. THanks

Daniel Ordóñez Flores · ‎08-14-2019

I was thinking that may be not all the networks are advertise in the second ISP.

When you test your ISP HA, in the remote site from the AP segement, are you able to reach the WLC?

Espero que la información haya sido útil y si no tienes más preguntas recuerda cerrar el topic, seleccionando la respuesta como "Respuesta correcta"
**Please rate the answer if this information was useful***
**Por favor si la información fue util marca esta respuesta como correcta**

luigi-pietronave · ‎05-29-2024

Hi All, how did You solved the issue ? We've almost the same issue on a vpn site ( all other vpn sites are working fine ). I suppose it's an issue form the provider but:

- the vpn is up and working fine

- the speed is very good

- there's a good reachability from APs ( tryied c1800 / CC9115 / c9164 ) to WLC ( c9800 17.9.4 )

What we get is a "Reassembly error, protocol DTLS:New fragment overlaps old data ).

From debug we get handshake failure and, from packet capure, we see a DTLC packet Reassembly error

many thanks for any help