01-05-2019 12:37 PM - edited 07-05-2021 09:39 AM
We have a WLC 2504 with several 27021-E-K9 AP's that are working fine. We now have 2 2702i-UX-K9 AP's and I was able to Prime the AP's with the mobile app. I pressed configure (only option) and than the AP's auto reset and the AP's are not connection to the WLC anymore,
The error on the AP is:
*Jan 3 16:43:10.483: Using SHA-2 signed certificate for image signing validation.
*Jan 3 16:43:18.003: AP image integrity check PASSED
*Jan 3 16:43:18.011: Non-recovery image. PNP Not required.
*Jan 3 16:43:18.039: Cert ISSUER (39): cn=Cisco Manufacturing CA SHA2,o=Cisco
*Jan 3 16:43:18.075: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to reset
*Jan 3 16:43:19.179: %LINK-6-UPDOWN: Interface Dot11Radio0, changed state to up
*Jan 3 16:43:19.187: %LINK-5-CHANGED: Interface Dot11Radio1, changed state to reset
*Jan 3 16:43:20.179: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to up
*Jan 3 16:43:20.411: %LINK-6-UPDOWN: Interface Dot11Radio1, changed state to up
*Jan 3 16:43:21.411: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio1, changed state to up%Default route without gateway, if not a point-to-point interface, may impact performance
*Jan 3 16:43:30.675: %DHCP-6-ADDRESS_ASSIGN: Interface BVI1 assigned DHCP address 10.100.199.157, mask 255.255.255.0, hostname AP0462.732e.a1b8
*Jan 3 16:43:36.687: %SYS-6-LOGGINGHOST_STARTSTOP: Logging to host 255.255.255.255 port 0 CLI Request Triggered
*Jan 3 16:43:37.687: %SYS-6-LOGGINGHOST_STARTSTOP: Logging to host 255.255.255.255 port 514 started - CLI initiated
Translating "CISCO-CAPWAP-CONTROLLER.TheHumanNetwork.local"...domain server (10.100.100.2) [OK]
*Jan 3 16:43:58.699: AP has SHA2 MIC certificate - Using SHA2 MIC certificate for DTLS.
*Jan 3 16:45:21.000: %CAPWAP-5-DTLSREQSEND: DTLS connection request sent peer_ip: 10.100.199.150 peer_port: 5246
*Jan 3 16:45:21.391: %CAPWAP-5-DTLSREQSUCC: DTLS connection created sucessfully peer_ip: 10.100.199.150 peer_port: 5246
*Jan 3 16:45:21.395: %CAPWAP-5-SENDJOIN: sending Join Request to 10.100.199.150
*Jan 3 16:45:21.471: DTLS_CLIENT_ERROR: ../capwap/base_capwap/dtls/base_capwap_dtls_record.c:169 Pkt too old last_seq_num : 1,Received sequence num: 1 distance: 0
*Jan 3 16:45:39.471: %DTLS-5-SEND_ALERT: Send FATAL : Close notify Alert to 10.100.199.150:5246
Searched internet but didn't find a solution
WLC:Software Version 8.5.135.0
Wireless AP image 8.5.135.0
Any idea how to solve this?
Regards.
Solved! Go to Solution.
01-07-2019 10:59 AM
cleared private-config
reload AP
WLC was able to see the AP again.
Set the AP to local
Created a SSID unprime with WPA key
Connect my mobiel started the app and I was able to configure
After reload of the AP the WLC was silll seeing the AP and then I changed it to Flexconnect
Added the vlans
Working fine now.
Dont know what went wrong the first time.
01-05-2019 02:08 PM
01-06-2019 04:37 AM
01-06-2019 04:53 AM
I found in de WLC log the problem and after search the net I found the following:
Seems that I am in the same boat as Sergej with bug id CSCvi34340
There seems no workaround for this problem.
01-06-2019 05:18 AM
For now I cleared the private-config.
Ik can see the AP again in the WLC but now it is unprimed.
Configured the AP now as I want it to work. Tomorrow I go on site and will prime the AP again. Ik hope this is the solution.
01-07-2019 10:59 AM
cleared private-config
reload AP
WLC was able to see the AP again.
Set the AP to local
Created a SSID unprime with WPA key
Connect my mobiel started the app and I was able to configure
After reload of the AP the WLC was silll seeing the AP and then I changed it to Flexconnect
Added the vlans
Working fine now.
Dont know what went wrong the first time.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide