Hi gurus,
I have had my cluster of IAPs in Aruba Central for some time, today when I checked in Aruba Central I have seen all of them offline. I don't know when they got offline because I changed some policies in the firewall. After doing some troubleshooting I realized NTP protocol wasn't allowed in the firewall, so IAPs didn't get the correct clock and there was a certificate error with activate. After allowing the NTP protocol, the IAPs got the correct time and the certificate issue with activate was solved. Now I can see the IAPs with correct time, they have connected to activate, but they are still offline in Aruba Central, and they give this error:
Jun 22 14:44:47 cli[3528]: <341004> <WARN> |AP P2-W05@172.16.100.43 cli| app1.central.arubanetworks.com
Jun 22 14:44:47 cli[3528]: <341004> <WARN> |AP P2-W05@172.16.100.43 cli| Aruba Central Mgmt
Jun 22 14:45:45 cli[3528]: <341004> <WARN> |AP P2-W05@172.16.100.43 cli| Error during Aruba Central login
Jun 22 14:46:46 cli[3528]: <341004> <WARN> |AP P2-W05@172.16.100.43 cli| Error during Aruba Central login
Jun 22 14:48:46 cli[3528]: <341004> <WARN> |AP P2-W05@172.16.100.43 cli| Aruba Central failure times is 3
Jun 22 14:48:46 cli[3528]: <341004> <WARN> |AP P2-W05@172.16.100.43 cli| IAP mgmt mode is changed from athena-mgmt to local-mgmt
These are other logs:
P2-W05# show ap debug cloud-server
IAP mgmt mode :athena-mgmt
cloud config recved :TRUE
autojoin mode :disable
Device Cert status :SUCCESS
Aruba Central server :app1.central.arubanetworks.com
Aruba Central redirect from:app1.central.arubanetworks.com
Aruba Central Protocol :HTTPS
Aruba Central status :connecting
P2-W05# show log ap-debug
Jun 22 14:46:49 syslog: check_sid_type: sid check type, result-'0 admin'
Jun 22 14:46:50 syslog: main, 2530: opcode is show
Jun 22 14:46:50 syslog: check_sid_type: sid check type, result-'0 admin'
Jun 22 14:47:20 syslog: main, 2530: opcode is show
Jun 22 14:47:20 syslog: check_sid_type: sid check type, result-'0 admin'
Jun 22 14:47:21 syslog: main, 2530: opcode is show
Jun 22 14:47:21 syslog: check_sid_type: sid check type, result-'0 admin'
Jun 22 14:47:46 awc[3527]: awc_init_connection: 2129: connecting to app1.central.arubanetworks.com:443
Jun 22 14:47:46 awc[3527]: tcp_connect: 167: recv timeout set to 5
Jun 22 14:47:46 awc[3527]: tcp_connect: 174: send timeout set to 5
Jun 22 14:47:46 awc[3527]: awc_init_connection: 2170: connected to app1.central.arubanetworks.com:443
Jun 22 14:47:46 awc[3527]: awc_init_connection: 2212: Loading local CA certificates
Jun 22 14:47:46 awc[3527]: Failed to establish SSL connection: Error code is -1:unknown error number
Jun 22 14:47:46 awc[3527]: athena_init failed
P2-W05# show activate status
Activate Server :device.arubanetworks.com
Activate Status :success
Aruba Central Server :app1.central.arubanetworks.com
IAP MAC Address :20:a6:cd:cb:5e:6e
IAP Serial Number :CNDQHN72DB
Cloud Activation Key :PNMFQGSC
Any clues?
Regards,
Julián