Wireless Access

Reply
Occasional Contributor II
Posts: 12
Registered: ‎08-19-2013

Problematic AP-104

[ Edited ]

I have an AP-104 out at a remote site that will not connect back to the Controller. I've moved it to various other remote sites and it connects just fine. All of these sites have the exact same MPLS WAN. I've lowered the MTU, confirmed DNS entry for discovery, options 43/60 in DHCP, full connectivity to the Controller from the SVI on the switch the AP is connect to, yet still no luck.

 

Is there any way to gather data from the AP without a console connection? I'm running out of ideas.

MVP
Posts: 4,238
Registered: ‎07-20-2011

Re: Problematic AP-104

Do you see anything on the controller side ?
You can run the "show log system | include <AP MAC>"

Thank you

Victor Fabian
Lead Mobility Engineer @ Integration Partners
AMFX | ACMX | ACDX | ACCX | CWAP | CWDP | CWNA
Occasional Contributor II
Posts: 12
Registered: ‎08-19-2013

Re: Problematic AP-104

[ Edited ]

Thanks for the insight. I was able to find this so will continue troubleshooting. Looks like an IPSec issue.

 

AP AP-Name@10.X.X.X sapd|  An internal system error has occurred at file sapd_redun.c function redun_tunnel_down line 5668 error Unknown tunnel 1 going down

Occasional Contributor II
Posts: 12
Registered: ‎08-19-2013

Re: Problematic AP-104

Is there a way to increase this timeout?

 

Reboot Reason: AP rebooted Sat Jan 1 05:52:14 PST 2000; Unable to set up IPSec tunnel, Error:HELLO-TIMEOUT. Bringing tunnel down

MVP
Posts: 4,238
Registered: ‎07-20-2011

Re: Problematic AP-104

Yes you can .

 

Please read the document  attached and its going to guide you on how configure your controller to support AP over slow links

Thank you

Victor Fabian
Lead Mobility Engineer @ Integration Partners
AMFX | ACMX | ACDX | ACCX | CWAP | CWDP | CWNA
Occasional Contributor II
Posts: 12
Registered: ‎08-19-2013

Re: Problematic AP-104

Thanks, I don't really believe that is the root cause of the issue. The link speed and latency quite good to this site. I have other Arubas working fine over less.

Moderator
Posts: 321
Registered: ‎08-28-2009

Re: Problematic AP-104

[ Edited ]

 

aarond

 

do you have access to the console of the AP ? if so, use ctrl+esc+k and go into /tmp, and look at the output in rapper.txt, rapper_brief.txt, rapper_counter.txt (these last two are only on recent code), and also sapd_debug_log.

 

Is this cpsec cap or rap ?  either way, the ipsec logs are in rapper.txt , it has debug per packet, you can check for the lines that start like this:

 

#SEND nnn bytes to <lms ip>

#RECV nnn bytes from <lms ip>

 

which might give you some clue about the point at which it's getting stuck and/or the sizes of packets which are making it through.

 

you can also enable corresponding 'logging level debugging security' on the controller to see what point it gets up to there too.

 

regards

-jeff

 

Search Airheads
Showing results for 
Search instead for 
Did you mean: