Wireless Access

Reply
Occasional Contributor II

ERR_CERT_START_TIME_VALID_IN_FUTURE Isakmp Error with RAP5s

I have a controller running 6.1.2.6, and a few RAP5s connected to it.

 

For some reason, some of the RAP5s refuse to connect, and the security debug logs show that ISAKMP is failing with this message:

ERR_CERT_START_TIME_VALID_IN_FUTURE

 

I'll be opening a TAC ticket for this, but has anyone else seen this before?

Re: ERR_CERT_START_TIME_VALID_IN_FUTURE Isakmp Error with RAP5s

Not seen it, but my first theory would be some sort problem with a custom or signed certificate that you might have installed on the server? Are you using the default or one that you installed? If you installed one, what dates are embedded in it?

 

If you didn't install one, I'd be checking the clock on my controller first, setting it if it was not accurate and trying again.

 

If that failed too, log a TAC case probably. What version is it? Never seen that on any main train I've used.

 

Kudos appreciated, but I'm not hunting! (ACMX 104)

Re: ERR_CERT_START_TIME_VALID_IN_FUTURE Isakmp Error with RAP5s

Sorry about the typo, I mean "certificate you installed on the controller", not server.

 

 

 

Kudos appreciated, but I'm not hunting! (ACMX 104)
Occasional Contributor II

Re: ERR_CERT_START_TIME_VALID_IN_FUTURE Isakmp Error with RAP5s

Figured this one out... the clock on the controller was off, and so the certificate the RAP5 was using was dated in the future as far as the controller was concerned.

 

After adjusting the clock to use the correct time, the RAP5s all immediately started connecting to the controller and everything was happy.

 

 

Re: ERR_CERT_START_TIME_VALID_IN_FUTURE Isakmp Error with RAP5s

Ahhh, my second guess was right! Glad you got it going. Have fun.

 

Kudos appreciated, but I'm not hunting! (ACMX 104)
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: