05-15-2017 07:48 AM
We have an airwave management platform and one of the VAP is failing to make a connection to this system.The show log debugg shows:
May 15 15:39:08 awc: _awc_init: 1103: connecting to 10.xxx.xxx.xxx:443
May 15 15:39:08 awc: connected
May 15 15:39:10 awc: _awc_write: 1256: ssl_write fail ret=-7FD8 tries=2
May 15 15:39:10 awc: disconnected from airwave 10.xxx.xxxx.xxxx
We have about 30 other devices connected ok. I did have issues with this device so factory reset and also removed all trace in airwave to start again. Have changed the host names and SSID to see if airewave had saved something but still the same issue.
Anyone know what ssl-write fail ret=-7FD8 means?
Solved! Go to Solution.
05-15-2017 09:40 AM
Is this a new devices or old? Does Airwave server using default SSL certificate or any exteranl singed CA certificate?
Could you reset the virtual key in IAP and check the status once?
1) # show running | include virtual
2) copy the virtual-controller key
3) # conf t
4) type in virtual-controller-key and paste the copied key
5) change th last 2 digit of the key
6) # commit apply.
05-16-2017 01:11 AM
This is an old device, which used to report in. Network Firewall's etc remain unchanged since it worked. Have checked network and all firewall's allong the way, all looks ok.
Have changed the virtual-controller-key andconfirmed it's change with the show run | include virt comand.
Still the same SSL error, we have recently upgraded to Airwave 184.108.40.206 but all the other devices are still ok. Is there any further cleaning on the management server required I have deleted all references to the device viathe gui.
Thanks for your help.
05-16-2017 01:33 AM
Does server have default SSL certificate or external CA singed certificate ?
Could you send me the pound log from /var/log directory from Airwave. May I know VAP model/firmware version?
05-17-2017 03:51 AM
We use default SSL cert's.
VAP Version is W-AP105 220.127.116.11-18.104.22.168
The Pound logs are from 26th April wih no-recent log's, I have flushed them out and restarte Airwave and still no entries. The 26th April was when we upgraded to 22.214.171.124.
05-17-2017 04:27 AM
Its looks pretty old code? Does AP105s which are added to Airwave are in same code? If it is differnet try upgrade the code.
Are you seeing this issue after upgrading the Airwave code? If yes, try recompile the code.
05-17-2017 04:54 AM
Ok, thanks. Have upgraded the VAP to 126.96.36.199 now still get SSL Failure but with more info:
Jan 1 00:03:20 awc: awc_init_connection: 1898: Connected
Jan 1 00:03:20 awc: Sent header(len=329) 'POST /swarm HTTP/1.1^M Host: 10.xxx.xxx.211^M Content-Length: 0^M X-Type: login^M X-Guid: 1087aae101c6b46605d480ae5cfe8d0952c7f9e32365457650^M X-Name: WFN00^M X-Organization: WA00^M X-Shared-Secret: Test:^M X-OEM-Tag: Dell^M X-Accept-Authentication: PSK,CERT^M X-Ap-Info: BT0938111, 9c:1c:12:ca:c4:64, AP-W-AP105^M ^M '
Jan 1 00:03:20 awc: Message over SSL from 10.xxx.xxx.211, SSL_read() returned 67, errstr=Success, Message is "HTTP/1.1 401 Unauthorized^M Connection: close^M Content-Length: 0^M ^M ", AWC response: (null)
05-17-2017 05:27 AM
In AMP Setup > General>Aruba Instant Options>Security method for adding new Virtual Controllers - is set to psk + certificate ? If yes try set to psk only, if you are not using any ceritifcate , if you are using we need to make sure that certificate uploaded to Airwave.
05-17-2017 05:31 AM
This is allready set to PSK only,
Just going to try configuring a new unit from scratch to check to see it is remembering MAC from when it was deployed before.
Will keep the results posted.
05-18-2017 07:54 AM
OK, looked this morning and the device had reported into airewave although it wasn't the right name as I changed this yestaerday. But I added it in and then changed the preshared key on both management server and AP. Then ran show log debug and found loads of http messages going back and forth then new names appeared in the newly created groups the AP and the VAP.
Then went through and deleted the now disconnected and unknown device.
All working ok now.
Many thanks for you help. Ta