As a Systems Administrator, I support a few global locations for the organization that I work for. One of my locations has a Cisco 2500 Series Wireless Controller.
Last night while investigating some power related issues, I had reports from users indicating that wireless network wasn’t working.
The end users reported a red light on the Access Point. I connected to the Wireless Controller and started to look around for any abnormalities and see what the log will show.
I noticed that when I connected to the controller, that I didn’t have any access points being detected.
I decided to see what the logs were showing. I clicked on the Management option at the top, expanded Logs, and clicked on Message Logs.
I noticed that my logs showed a bunch of Handshake Failures. I have removed my IPs and replaced them with x.x.x.x. I had many of these entries.
*spamApTask4: Jan 01 12:47:56.843: %DTLS-3-HANDSHAKE_FAILURE: openssl_dtls.c:860 Failed to complete DTLS handshake with peer x.x.x.x
*spamApTask5: Jan 01 12:47:55.919: %DTLS-3-HANDSHAKE_FAILURE: openssl_dtls.c:860 Failed to complete DTLS handshake with peer x.x.x.x
*spamApTask7: Jan 01 12:47:55.915: %DTLS-3-HANDSHAKE_FAILURE: openssl_dtls.c:860 Failed to complete DTLS handshake with peer x.x.x.x
*spamApTask0: Jan 01 12:47:54.995: %DTLS-3-HANDSHAKE_FAILURE: openssl_dtls.c:860 Failed to complete DTLS handshake with peer x.x.x.x
*spamApTask3: Jan 01 12:47:54.750: %DTLS-3-HANDSHAKE_FAILURE: openssl_dtls.c:860 Failed to complete DTLS handshake with peer x.x.x.x
*spamApTask1: Jan 01 12:47:53.758: %DTLS-3-HANDSHAKE_FAILURE: openssl_dtls.c:860 Failed to complete DTLS handshake with peer x.x.x.xThe first thing that stood out is the date, Jan 01. It was Sept 15th 2023 when I received reports of this issue.
I then decided to go into the Commands option and look at what Set Time has entered.
The time was completely off and this was the cause for the APs to not be able to complete their handshake with the controller.
After setting the local time and timezone, I saved the settings and the configuration so that the next reset, it will boot with the latest changes.
Reviewing the logs again, I now see connectivity entries between the Cisco wireless controller and the Cisco Access Points.
Reviewing the list of Radios being detected, I now see all of my access points listed and functional.
As this wasn’t a complex issue and just required the time to be reconfigured, I wanted to share this solution incase anybody comes across the same problem I have.
Leave a comment