Wireless Access

I have an AP-104 out at a remote site that will not connect back to the Controller. I've moved it to various other remote sites and it connects just fine. All of these sites have the exact same MPLS WAN. I've lowered the MTU, confirmed DNS entry for discovery, options 43/60 in DHCP, full connectivity to the Controller from the SVI on the switch the AP is connect to, yet still no luck.

Is there any way to gather data from the AP without a console connection? I'm running out of ideas.

Thanks for the insight. I was able to find this so will continue troubleshooting. Looks like an IPSec issue.

AP AP-Name@10.X.X.X sapd|  An internal system error has occurred at file sapd_redun.c function redun_tunnel_down line 5668 error Unknown tunnel 1 going down

Is there a way to increase this timeout?

Reboot Reason: AP rebooted Sat Jan 1 05:52:14 PST 2000; Unable to set up IPSec tunnel, Error:HELLO-TIMEOUT. Bringing tunnel down

Yes you can .

Please read the document  attached and its going to guide you on how configure your controller to support AP over slow links

Attachment(s)

Deploy_APs_over_slow_links.pdf   38 KB 1 version

Thanks, I don't really believe that is the root cause of the issue. The link speed and latency quite good to this site. I have other Arubas working fine over less.

aarond

do you have access to the console of the AP ? if so, use ctrl+esc+k and go into /tmp, and look at the output in rapper.txt, rapper_brief.txt, rapper_counter.txt (these last two are only on recent code), and also sapd_debug_log.

Is this cpsec cap or rap ?  either way, the ipsec logs are in rapper.txt , it has debug per packet, you can check for the lines that start like this:

#SEND nnn bytes to <lms ip>

#RECV nnn bytes from <lms ip>

which might give you some clue about the point at which it's getting stuck and/or the sizes of packets which are making it through.

you can also enable corresponding 'logging level debugging security' on the controller to see what point it gets up to there too.

regards

-jeff