Buy or Renew
Buy or Renew
Cisco Virtual Engineer generative AI bot now active in Wireless Discussion Forum. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
333
Views
0
Helpful
7
Replies

AIR-AP2802I-E-K9 fail to join

zillams
Level 1
Level 1

‎03-19-2024 03:13 AM

Hello ,

We are having problem with one AP to join the WLC , all others successfully the controlle. 

the console output is :

[*03/19/2024 09:08:50.0003] CAPWAP State: DTLS Setup
[*03/19/2024 09:08:50.0035] dtls_process_packet: DTLS Error: 1040
[*03/19/2024 09:08:50.0035] dtls_process_packet: The controller shut down the DTLS connection.
[*03/19/2024 09:08:50.0035] dtls_process_packet: Please verify that the AP certificate is valid and has not expired

WLC model 3504 and software version is 8.10.185.0

Any advice ?

Labels:
0 Helpful
7 Replies 7

Leo Laohoo
Hall of Fame
Hall of Fame

‎03-19-2024 03:20 AM

@zillams wrote:
[*03/19/2024 09:08:50.0035] dtls_process_packet: Please verify that the AP certificate is valid and has not expired

FN63942 - Wireless Lightweight Access Points and WLAN Controllers Fail to Create CAPWAP Connections Due to Certificate Expiration

0 Helpful

zillams
Level 1
Level 1
In response to Leo Laohoo

‎03-19-2024 03:33 AM

Thankyou for your reply, but if this is the cause wouldn't all the other AP fail to join ?

0 Helpful

Leo Laohoo
Hall of Fame
Hall of Fame
In response to zillams

‎03-19-2024 03:38 AM

Depends on the serial number of each individual AP.

0 Helpful

marce1000
VIP
VIP

‎03-19-2024 03:21 AM

 

 - On the WLC enter the  config ap cert-expiry-ignore {mic|ssc} enable command (use both options in a separate command)

 M.



-- ' 'Good body every evening' ' this sentence was once spotted on a logo at the entrance of a Weight Watchers Club !
0 Helpful

zillams
Level 1
Level 1
In response to marce1000

‎03-28-2024 07:36 AM

Thank you for your answer, i finally managed to try it ..but it didn't work.

I found another solution consisting of updating the AP image

https://blog.it-playground.eu/lightweight-ap-manual-firmware-upgrade/

0 Helpful

Hans Juergen Guenter
Level 1
Level 1

‎04-23-2024 01:02 AM

Hi @zillams ,

does it work?

I had a similar problem yesterday. The following helped:
I reset the date on the WLC to a date before the certificate expired,
then the AP was able to connect and then I set it back to the current
date. The AP was then able to connect to the WLC and then worked
without any error messages.
I'll check again later today to see if everything works after everything
was out of power.

0 Helpful

zillams
Level 1
Level 1
In response to Hans Juergen Guenter

‎04-24-2024 06:44 AM

Hi @Hans Juergen Guenter  ,

Well not really, I ended up converting the AP to Mobility Express and then re-convert it to lightweight and then the AP joined the WLC.

see this:

https://wrmem.net/index.php/2018/04/03/converting-a-mobility-express-ap-into-a-capwap-ap/

 

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card