Cisco Bug: CSCum00101 - AP 2600/3600 data tunnel stuck w/ dtls encryption enable
Last Modified
Sep 02, 2016
Products (1)
- Cisco Aironet 3700 Series Access Points
Known Affected Releases
7.5(102.11)
Description (partial)
Symptom: The CAPWAP data tunnel on AP 2600/3600 in 7.5 gets stuck. Data encryption is enabled to leverage data keep-alive and re-establish the CAPWAP tunnel in case the NAT/PAT translation expires, but in some cases the keep-alives are lost and the tunnel stays down (no self-recovery); at the same time the CAPWAP control tunnel is up and the AP shows as UP; from the FlexConnect standpoint the AP also shows as connected. When clients try to connect they are deauthenticated once the (re)association timeout happens (the AP doesn't get the (re)association response from the WLC as the data tunnel is down). When this happens the AP logs show the following message every minute: %CAPWAP-3-ERRORLOG: Warning, data keep-alive failed, ignore data keep-alive timeout Conditions: - AP 2600/3600 - 7.5.102.11 code - APs in FlexConnect mode w/ data encrytpion enable - NAT/PAT between AP and WLC
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Status
- Severity
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases