Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

DTLS handshake timeout

I have a 5760 with software 3.6 and twelve 2702 accesspoints connected to that controller. One Accesspoint failed to connect to the controller with the following syslog message:

*%DTLS-3-HANDSHAKE_FAILURE: 1 wcm:  Failed to complete DTLS handshake with peer 10.100.100.66  for AP 0000.0000.0000Reason: DTLS handshake timeout-disconnecting...   10.100.32.1 10/09 08:53:08.880

Any ideas how to solve this? Must be a problem with the AP i think because 12 other accesspoints are working fine.

Kind regards,

Andreas

Everyone's tags (1)
6 REPLIES
Cisco Employee

Hi,Thanks for the information

Hi,

Thanks for the information provided, I have gone through the logs and i understand that most of the times if it's specific to just one AP it can an hardware issue.

I have gone through some of the Bugs which says it to be an hardware issue.

However, I would like you to try these 2 methods for the AP join the WLC.

1. Perform Priming on the AP, i.e. assign an IP to the AP statically and also define the controller IP on the AP so that AP directly sends the request to the controller with which it needs to join without doing a probe.

The commands to do AP priming are:

debug capwap console cli

capwap ap ip address x.x.x.x(IP) x.x.x.x(mask)

capwap ap controller ip address x.x.x.x(ip address of the controller)

2. Please increase the AP heartbeat timeout value to 30.

The command to increase the timer is: 

(Cisco Controller) >config advanced timers ap-heartBeat-timeout 30

Kindly also check the logs and see if you see any traceback in the AP logs, it there is any traceback in the logs, this can be a software or hardware issue.

Hope this helps,

Regards

Salma Sulthana

 

Bronze

1. %DTLS-3-HANDSHAKE_TIMEOUT:

1. %DTLS-3-HANDSHAKE_TIMEOUT: Failed to complete DTLS handshake with peer [int].[int].[int].[int]\n

An error occurred during a DTLS handshake timeout.

Recommended Action: Reestablish the DTLS session.

Related documents- No specific documents apply to this error message.

2. %DTLS-3-HANDSHAKE_TIMEOUT: Failed to complete DTLS handshake with peer [int].[int].[int].[int]\n An error occurred during a DTLS handshake timeout.

Recommended Action: Reestablish the DTLS session.

Related documents- No specific documents apply to this error message.

Bug: CSCud61816, NO Fixes yet

Bug: CSCud61816, NO Fixes yet

New Member

did you ever get this

did you ever get this resolved? I recently updated to (5760) 03.06.02E RELEASE SOFTWARE and now im getting this to 2 APs, the other 98 are fine. Logged a TAC case.

 

David

New Member

No. I just disabled DTLS

No. I just disabled DTLS encryption on the AP as a workaround.

New Member

Hi David,

Hi David,

i'm having same error situation after changing wireless management interface on CT-5760. All AP are able to join, except for 2602 AP on remote site. Routing and ACL is all in order and working. 

All 2602 AP are configured statically with primary wlc IP address. AP are constantly looping & DL but not able to join WLC. 

How did your TAC case resolved? 

Many thanks for replying.

BR, Ales

2892
Views
0
Helpful
6
Replies
CreatePlease to create content