01-18-2012 10:23 PM
I have a controller running 220.127.116.11, and a few RAP5s connected to it.
For some reason, some of the RAP5s refuse to connect, and the security debug logs show that ISAKMP is failing with this message:
I'll be opening a TAC ticket for this, but has anyone else seen this before?
Solved! Go to Solution.
01-19-2012 12:33 AM
Not seen it, but my first theory would be some sort problem with a custom or signed certificate that you might have installed on the server? Are you using the default or one that you installed? If you installed one, what dates are embedded in it?
If you didn't install one, I'd be checking the clock on my controller first, setting it if it was not accurate and trying again.
If that failed too, log a TAC case probably. What version is it? Never seen that on any main train I've used.
01-19-2012 12:37 AM
Figured this one out... the clock on the controller was off, and so the certificate the RAP5 was using was dated in the future as far as the controller was concerned.
After adjusting the clock to use the correct time, the RAP5s all immediately started connecting to the controller and everything was happy.