01-05-2019 12:37 PM - edited 07-05-2021 09:39 AM
We have a WLC 2504 with several 27021-E-K9 AP's that are working fine. We now have 2 2702i-UX-K9 AP's and I was able to Prime the AP's with the mobile app. I pressed configure (only option) and than the AP's auto reset and the AP's are not connection to the WLC anymore,
The error on the AP is:
*Jan 3 16:43:10.483: Using SHA-2 signed certificate for image signing validation.
*Jan 3 16:43:18.003: AP image integrity check PASSED
*Jan 3 16:43:18.011: Non-recovery image. PNP Not required.
*Jan 3 16:43:18.039: Cert ISSUER (39): cn=Cisco Manufacturing CA SHA2,o=Cisco
*Jan 3 16:43:18.075: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to reset
*Jan 3 16:43:19.179: %LINK-6-UPDOWN: Interface Dot11Radio0, changed state to up
*Jan 3 16:43:19.187: %LINK-5-CHANGED: Interface Dot11Radio1, changed state to reset
*Jan 3 16:43:20.179: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to up
*Jan 3 16:43:20.411: %LINK-6-UPDOWN: Interface Dot11Radio1, changed state to up
*Jan 3 16:43:21.411: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio1, changed state to up%Default route without gateway, if not a point-to-point interface, may impact performance
*Jan 3 16:43:30.675: %DHCP-6-ADDRESS_ASSIGN: Interface BVI1 assigned DHCP address 10.100.199.157, mask 255.255.255.0, hostname AP0462.732e.a1b8
*Jan 3 16:43:36.687: %SYS-6-LOGGINGHOST_STARTSTOP: Logging to host 255.255.255.255 port 0 CLI Request Triggered
*Jan 3 16:43:37.687: %SYS-6-LOGGINGHOST_STARTSTOP: Logging to host 255.255.255.255 port 514 started - CLI initiated
Translating "CISCO-CAPWAP-CONTROLLER.TheHumanNetwork.local"...domain server (10.100.100.2) [OK]
*Jan 3 16:43:58.699: AP has SHA2 MIC certificate - Using SHA2 MIC certificate for DTLS.
*Jan 3 16:45:21.000: %CAPWAP-5-DTLSREQSEND: DTLS connection request sent peer_ip: 10.100.199.150 peer_port: 5246
*Jan 3 16:45:21.391: %CAPWAP-5-DTLSREQSUCC: DTLS connection created sucessfully peer_ip: 10.100.199.150 peer_port: 5246
*Jan 3 16:45:21.395: %CAPWAP-5-SENDJOIN: sending Join Request to 10.100.199.150
*Jan 3 16:45:21.471: DTLS_CLIENT_ERROR: ../capwap/base_capwap/dtls/base_capwap_dtls_record.c:169 Pkt too old last_seq_num : 1,Received sequence num: 1 distance: 0
*Jan 3 16:45:39.471: %DTLS-5-SEND_ALERT: Send FATAL : Close notify Alert to 10.100.199.150:5246
Searched internet but didn't find a solution
WLC:Software Version 8.5.135.0
Wireless AP image 8.5.135.0
Any idea how to solve this?
Regards.
Solved! Go to Solution.
01-07-2019 10:59 AM
cleared private-config
reload AP
WLC was able to see the AP again.
Set the AP to local
Created a SSID unprime with WPA key
Connect my mobiel started the app and I was able to configure
After reload of the AP the WLC was silll seeing the AP and then I changed it to Flexconnect
Added the vlans
Working fine now.
Dont know what went wrong the first time.
01-05-2019 02:08 PM
01-06-2019 04:37 AM
01-06-2019 04:53 AM
I found in de WLC log the problem and after search the net I found the following:
Seems that I am in the same boat as Sergej with bug id CSCvi34340
There seems no workaround for this problem.
01-06-2019 05:18 AM
For now I cleared the private-config.
Ik can see the AP again in the WLC but now it is unprimed.
Configured the AP now as I want it to work. Tomorrow I go on site and will prime the AP again. Ik hope this is the solution.
01-07-2019 10:59 AM
cleared private-config
reload AP
WLC was able to see the AP again.
Set the AP to local
Created a SSID unprime with WPA key
Connect my mobiel started the app and I was able to configure
After reload of the AP the WLC was silll seeing the AP and then I changed it to Flexconnect
Added the vlans
Working fine now.
Dont know what went wrong the first time.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: