Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

AP join to AP-Manger IP

Hi all:

i meet a problem is that all my lightweight ap join the controller with AP-Manager IP but i pretty sure the DNS a record is point to the management ip of controller ,not the AP-Manager IP.

The log show as below :

*Aug 11 19:11:12.470: %CAPWAP-3-ERRORLOG: Go join a capwap controller

*Aug 11 19:11:12.000: %CAPWAP-5-DTLSREQSEND: DTLS connection request sent peer_ip: peer_port: 5246

*Aug 11 19:11:13.402: %CAPWAP-5-DTLSREQSUCC: DTLS connection created sucessfully peer_ip: peer_port: 5246

*Aug 11 19:11:13.403: %CAPWAP-5-SENDJOIN: sending Join Request to

*Aug 11 19:11:13.403: %CAPWAP-5-CHANGED: CAPWAP changed state to JOIN

*Aug 11 19:11:13.408: %DTLS-5-ALERT: Received WARNING : Close notify alert from

*Aug 11 19:11:13.408: %DTLS-5-PEER_DISCONNECT: Peer has closed connection.


Please help to verify and let me know what's the problem here, thanks a lot!


Re: AP join to AP-Manger IP

That is the correct behavior. The AP sends a discovery request to the management interface of the controller. The controller responds with all of the ap-manager interfaces. The AP picks the best one and sends the join request to the ap-manager to build the LWAPP tunnel. It is done this way because depending if you are running LAG or not you could have multiple ap-manager interfaces configured.

Re: AP join to AP-Manger IP

Completely normal behaviour.

New Member

Re: AP join to AP-Manger IP

Hi dancampb :

Many thx for your message , i am clearly now. But My controller still close the AP join request by the error log as below :

*Aug 11 20:01:01.289: Join resp: Unable to encode CAPWAP Control IPV4 Address

*Aug 11 20:01:01.289: 00:21:d8:44:29:b0 Failed to encode Join response to 172.16


*Aug 11 20:01:01.290: 00:21:d8:44:29:b0 Config Response Failure: Unable to send

Join response to

*Aug 11 20:01:01.292: 00:21:d8:44:29:b0 State machine handler: Failed to process

msg type = 3 state = 0 from

*Aug 11 20:01:01.292: Failed to process CAPWAP packet from

*Aug 11 20:01:01.292: Failed to process packet from

*Aug 11 20:01:01.295: Discarding non-ClientHello Handshake OR DTLS encrypted pac

ket from DTLS session is not established


Many thx for all of your help , Please help to see the error in my WLC and i attach the capwap log file from WCL.

Hall of Fame Super Silver

Re: AP join to AP-Manger IP

Console into the AP and apply this command below. It will make it join the WLC and quickly reboot. See if this works

test capwap controller ip x.x.x.x

*** Please rate helpful posts ***
New Member

Re: AP join to AP-Manger IP

hi fella5 :

As i have 100 more Lightweight AP , Any method i can make ap join wcl without console ?

i console to one AP and i can see the ap ip address , gateway , controller ip is correct and controller ip point to controller management ip address. Would you mind let me know i also need to use your command or not ?