Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

AP not joining our vWLC

Hello,

We're currently using a new Virtual WLC and we have over 45 AP's connected to it without any issues.  Recently, one of our AP's started having issues joining the controller and I'm not sure why not.  On the controller it says...


Reason for last unsuccessful attempt: Layer 3 discovery request not received on management VLAN

 

On the AP itself, I get he following error messages.  (Replaced the controller IP with X.X.X.X)

 

*Jun 16 20:44:43.113: %CAPWAP-5-CHANGED: CAPWAP changed state to DISCOVERY

*Jun 16 20:44:43.113: %CAPWAP-5-CHANGED: CAPWAP changed state to DISCOVERY
*Jun 16 20:44:43.114: bsnInitRcbSlot: slot 1 has NO radio
*Jun 16 20:44:43.194: %PARSER-4-BADCFG: Unexpected end of configuration file.

*Jun 16 20:44:43.239:  status of voice_diag_test from WLC is false
*Jun 16 20:44:53.000: %CAPWAP-5-DTLSREQSEND: DTLS connection request sent peer_ip: X.X.X.X peer_port: 5246
*Jun 16 20:44:53.001: %CAPWAP-5-CHANGED: CAPWAP changed state to
*Jun 16 20:44:53.023: %LWAPP-3-CLIENTERRORLOG: Peer certificate verification failed
*Jun 16 20:44:53.023: %CAPWAP-3-ERRORLOG: Certificate verification failed!
*Jun 16 20:44:53.024: DTLS_CLIENT_ERROR: ../capwap/capwap_wtp_dtls.c:352 Certificate verified failed!
*Jun 16 20:44:53.024: %DTLS-4-BAD_CERT: Certificate verification failed. Peer IP: X.X.X.X
*Jun 16 20:44:53.024: %DTLS-5-SEND_ALERT: Send FATAL : Bad certificate Alert to X.X.X.X:5246
*Jun 16 20:44:53.024: %DTLS-3-BAD_RECORD: Erroneous record received from X.X.X.X: Malformed Certificate
*Jun 16 20:44:53.025: %DTLS-5-SEND_ALERT: Send FATAL : Close notify Alert to X.X.X.X:5246
*Jun 16 20:44:53.025: %CAPWAP-3-ERRORLOG: Invalid event 38 & state 3 combination.

 

I tried changing the AP time to match the WLC but that didn't work although I'll admit that I'm a little confused about UTC vs EST.

I also tried to reload but that didn't help.

I tried modifying the WLC "AP Policies" to "Accept Self Signed Certificate (SSC)" but that didn't work either

 

Any ideas?  I won't be able to easily reset the AP since I will require a SkyJack to reach it so I'm looking for alternate options.  I'm able to Telnet or SSH to the device so I can run whatever required commands.

 

Thanks.

1 REPLY
Gold

I assume you have tried to

I assume you have tried to factory reset the AP already, if not, try it. Also, try the following commands 'test capwap erase' 'test capwap restart'

727
Views
0
Helpful
1
Replies