Wireless Access

Reply
Waz
Occasional Contributor I
Posts: 6
Registered: ‎05-15-2017

AP ssl write failure to Airwave

We have an airwave management platform and one of the VAP is failing to make a connection to this system.The show log debugg shows:

May 15 15:39:08  awc[1006]: _awc_init: 1103: connecting to 10.xxx.xxx.xxx:443
May 15 15:39:08  awc[1006]: connected
May 15 15:39:10  awc[1006]: _awc_write: 1256: ssl_write fail ret=-7FD8 tries=2
May 15 15:39:10  awc[1006]: disconnected from airwave 10.xxx.xxxx.xxxx

 

We have about 30 other devices connected ok. I did have issues with this device so factory reset and also removed all trace in airwave to start again. Have changed the host names and SSID to see if airewave had saved something but still the same issue.

 

Anyone know what ssl-write fail ret=-7FD8 means?

 

Many thanks.

Aruba Employee
Posts: 450
Registered: ‎02-19-2015

Re: AP ssl write failure to Airwave

Hi,

 

Is this a new devices or old? Does Airwave server using default SSL certificate or any exteranl singed CA certificate?

 

Could you reset the virtual key in IAP and check the status once?

 

1) # show running | include virtual

2) copy the virtual-controller key

3) # conf t

4) type in virtual-controller-key and paste the copied key

5) change th last 2 digit of the key

6) # commit apply.

 

Regards,

Pavan

Waz
Occasional Contributor I
Posts: 6
Registered: ‎05-15-2017

Re: AP ssl write failure to Airwave

Hi Pavan,

 

This is an old device, which used to report in. Network Firewall's etc remain unchanged since it worked. Have checked network and all firewall's allong the way, all looks ok.

 

Have changed the virtual-controller-key andconfirmed it's change with the show run | include virt comand.

 

Still the same SSL error, we have recently upgraded to Airwave 8.2.3.1 but all the other devices are still ok. Is there any further cleaning on the management server required I have deleted all references to the device viathe gui.

 

Thanks for your help.

Aruba Employee
Posts: 450
Registered: ‎02-19-2015

Re: AP ssl write failure to Airwave

Hi,

 

Does server have default SSL certificate or external CA singed certificate ?

 

Could you send me the pound log from /var/log directory from Airwave. May I know VAP model/firmware version?

 

Regards,

Pavan

Waz
Occasional Contributor I
Posts: 6
Registered: ‎05-15-2017

Re: AP ssl write failure to Airwave

Hi

 

We use default SSL cert's.

 

VAP Version is W-AP105 6.2.1.0-3.3.0.3

 

The Pound logs are from 26th April wih no-recent log's, I have flushed them out and restarte Airwave and still no entries. The 26th April was when we upgraded to 8.2.3.1.

 

Thanks

 

 

Aruba Employee
Posts: 450
Registered: ‎02-19-2015

Re: AP ssl write failure to Airwave

Its looks pretty old code? Does AP105s which are added to Airwave are in same code? If it is differnet try upgrade the code.

 

Are you seeing this issue after upgrading the Airwave code? If yes, try recompile the code.

 

#root;make

 

Regard,

Pavan

Waz
Occasional Contributor I
Posts: 6
Registered: ‎05-15-2017

Re: AP ssl write failure to Airwave

Ok, thanks. Have upgraded the VAP to 6.3.1.8 now still get SSL Failure but with more info:

 

Jan  1 00:03:20  awc[1504]: awc_init_connection: 1898: Connected
Jan  1 00:03:20  awc[1504]: Sent header(len=329) 'POST /swarm HTTP/1.1^M Host: 10.xxx.xxx.211^M Content-Length: 0^M X-Type: login^M X-Guid: 1087aae101c6b46605d480ae5cfe8d0952c7f9e32365457650^M X-Name: WFN00^M X-Organization: WA00^M X-Shared-Secret: Test:^M X-OEM-Tag: Dell^M X-Accept-Authentication: PSK,CERT^M X-Ap-Info: BT0938111, 9c:1c:12:ca:c4:64, AP-W-AP105^M ^M '
Jan  1 00:03:20  awc[1504]: Message over SSL from 10.xxx.xxx.211, SSL_read() returned 67, errstr=Success, Message is "HTTP/1.1 401 Unauthorized^M Connection: close^M Content-Length: 0^M ^M ", AWC response: (null)

Thanks

Aruba Employee
Posts: 450
Registered: ‎02-19-2015

Re: AP ssl write failure to Airwave

Hi,

 

In AMP Setup > General>Aruba Instant Options>Security method for adding new Virtual Controllers - is set to psk + certificate ? If yes try set to psk only, if you are not using any ceritifcate , if you are using we need to make sure that certificate uploaded to Airwave.

 

Regards,

Pavan

Waz
Occasional Contributor I
Posts: 6
Registered: ‎05-15-2017

Re: AP ssl write failure to Airwave

Hi,

 

This is allready set to PSK only,

 

Just going to try configuring a new unit from scratch to check to see it is remembering MAC from when it was deployed before.

 

Will keep the results posted.

 

Thanks

Waz
Occasional Contributor I
Posts: 6
Registered: ‎05-15-2017

Re: AP ssl write failure to Airwave

OK, looked this morning and the device had reported into airewave although it wasn't the right name as I changed this yestaerday. But I added it in and then changed the preshared key on both management server and AP. Then ran show log debug and found loads of http messages going back and forth then new names appeared in the newly created groups the AP and the VAP.

 

Then went through and deleted the now disconnected and unknown device.

 

All working ok now.

 

Many thanks for you help. Ta

Search Airheads
Showing results for 
Search instead for 
Did you mean: