BraBraBra: [Troubleshoot] AP無法Join controller debug方式 debug pm pki enable

#int vlan ap網段

#ip helper-address controllerip

#ip forward-protocol udp 5246

#ip forward-protocol udp 5247

在Controller輸入SHA1 Key Hash
debug pm pki enable/disable

找到MAC和 SSC Key Hash後(00:11:93:00:04:2c /c27c7c2e7da64383108f19e83777121efe3619db )

在controller 介面 Security> AP Profile > 按下Add按鈕後
在Add AP to Authorization List裡面Certificate Type選 SSC
填入 MAC 和 SHA1 Key Hash後,<<<就是上面那串紅字>>>
即可完成

以下log會推算這MAC是這Hash key,是因為時間都相同,同一秒所以猜測是同1個AP的資訊

(Cisco Controller) >Wed Oct 29 03:18:46 2014: sshpmGetIssuerHandles: locking ca cert table
Wed Oct 29 03:18:46 2014: sshpmGetIssuerHandles: calling x509_alloc() for user cert
Wed Oct 29 03:18:46 2014: sshpmGetIssuerHandles: calling x509_decode()
Wed Oct 29 03:18:46 2014: sshpmGetIssuerHandles: <subject> L=San Jose, ST=California, C=US, O=Cisco Systems, MAILTO=support@cisco.com, CN=C1100-00119300042c
Wed Oct 29 03:18:46 2014: sshpmGetIssuerHandles: <issuer> L=San Jose, ST=California, C=US, O=Cisco Systems, MAILTO=support@cisco.com, CN=C1100-00119300042c
Wed Oct 29 03:18:46 2014: sshpmGetIssuerHandles: Mac Address in subject is 00:11:93:00:04:2c
Wed Oct 29 03:18:46 2014: sshpmGetIssuerHandles: Cert is issued by Cisco Systems.
Wed Oct 29 03:18:46 2014: ssphmSsUserCertVerify: self-signed user cert verfied.
Wed Oct 29 03:18:46 2014: sshpmGetIssuerHandles: ValidityString (current): 2014/10/29/03:18:46
Wed Oct 29 03:18:46 2014: sshpmGetIssuerHandles: ValidityString (NotBefore): 2011/04/19/06:07:30
Wed Oct 29 03:18:46 2014: sshpmGetIssuerHandles: ValidityString (NotAfter): 2020/01/01/00:00:00
Wed Oct 29 03:18:46 2014: sshpmGetIssuerHandles: getting cisco ID cert handle...
Wed Oct 29 03:18:46 2014: sshpmGetCID: called to evaluate <cscoDefaultIdCert>
Wed Oct 29 03:18:46 2014: sshpmGetCID: comparing to row 0, CA cert >bsnOldDefaultCaCert<
Wed Oct 29 03:18:46 2014: sshpmGetCID: comparing to row 1, CA cert >bsnDefaultRootCaCert<
Wed Oct 29 03:18:46 2014: sshpmGetCID: comparing to row 2, CA cert >bsnDefaultCaCert<
Wed Oct 29 03:18:46 2014: sshpmGetCID: comparing to row 3, CA cert >bsnDefaultBuildCert<
Wed Oct 29 03:18:46 2014: sshpmGetCID: comparing to row 4, CA cert >cscoDefaultNewRootCaCert<
Wed Oct 29 03:18:46 2014: sshpmGetCID: comparing to row 5, CA cert >cscoDefaultMfgCaCert<
Wed Oct 29 03:18:46 2014: sshpmGetCID: comparing to row 0, ID cert >bsnOldDefaultIdCert<
Wed Oct 29 03:18:46 2014: sshpmGetCID: comparing to row 1, ID cert >bsnDefaultIdCert<
Wed Oct 29 03:18:46 2014: sshpmGetCID: comparing to row 2, ID cert >cscoDefaultIdCert<
Wed Oct 29 03:18:46 2014: sshpmGetIssuerHandles: Calculate SHA1 hash on Public Key Data
Wed Oct 29 03:18:46 2014: sshpmGetIssuerHandles: Key Data 30820122 300d0609 2a864886 f70d0101
Wed Oct 29 03:18:46 2014: sshpmGetIssuerHandles: Key Data 01050003 82010f00 3082010a 02820101
Wed Oct 29 03:18:46 2014: sshpmGetIssuerHandles: Key Data 00e6bfcd 007d970b 5d463933 68080b5c
Wed Oct 29 03:18:46 2014: sshpmGetIssuerHandles: Key Data e794736b 754139bf 9bfe8aaa 0eb234cb
Wed Oct 29 03:18:46 2014: sshpmGetIssuerHandles: Key Data d6bf98cc e420d854 ec25e1b8 8d1a3228
Wed Oct 29 03:18:46 2014: sshpmGetIssuerHandles: Key Data 3b480b2e a45fbbce aaa4cd4e dea2f7dc
Wed Oct 29 03:18:46 2014: sshpmGetIssuerHandles: Key Data 7ad33d55 108b6ea9 55407d1d ba2d5a7e
Wed Oct 29 03:18:46 2014: sshpmGetIssuerHandles: Key Data 0c171a35 f195931a ec6ee725 d67a3339
Wed Oct 29 03:18:46 2014: sshpmGetIssuerHandles: Key Data e61a38e2 6ce68bcb ec55a58c 9aee34f9
Wed Oct 29 03:18:46 2014: sshpmGetIssuerHandles: Key Data 26d161a7 cbb23b44 f560a008 e0deab82
Wed Oct 29 03:18:46 2014: sshpmGetIssuerHandles: Key Data 3b64c01e 8955c326 0f368ac9 122c1a95
Wed Oct 29 03:18:46 2014: sshpmGetIssuerHandles: Key Data eb8e81cc fa3ecbea a9806d5e b147dcf5
Wed Oct 29 03:18:46 2014: sshpmGetIssuerHandles: Key Data f4459ef2 2a53f767 fd5ef31b 739c82cd
Wed Oct 29 03:18:46 2014: sshpmGetIssuerHandles: Key Data fa04ad8f d809c9f2 c2ec268b 24a7983b
Wed Oct 29 03:18:46 2014: sshpmGetIssuerHandles: Key Data 92b2f554 16d75bff 5dc53e43 9ac4c3c8
Wed Oct 29 03:18:46 2014: sshpmGetIssuerHandles: Key Data 5f0f64f4 b4f71b9f eaa0a5be d0ff7388
Wed Oct 29 03:18:46 2014: sshpmGetIssuerHandles: Key Data f0f59223 b01aed74 a167d102 44274178
Wed Oct 29 03:18:46 2014: sshpmGetIssuerHandles: Key Data 429aaad6 c6cb87e8 c9dad1db 5fd71043
Wed Oct 29 03:18:46 2014: sshpmGetIssuerHandles: Key Data 2f020301 0001
Wed Oct 29 03:18:46 2014: sshpmGetIssuerHandles: SSC Key Hash is c27c7c2e7da64383108f19e83777121efe3619dbWed Oct 29 03:18:46 2014: sshpmGetCertFromHandle: calling sshpmGetCertFromCID() with CID 0x1f7e88a7
Wed Oct 29 03:18:46 2014: sshpmGetCertFromCID: called to get cert for CID 1f7e88a7
Wed Oct 29 03:18:46 2014: sshpmGetCertFromCID: comparing to row 0, certname >bsnOldDefaultCaCert<
Wed Oct 29 03:18:46 2014: sshpmGetCertFromCID: comparing to row 1, certname >bsnDefaultRootCaCert<
Wed Oct 29 03:18:46 2014: sshpmGetCertFromCID: comparing to row 2, certname >bsnDefaultCaCert<
Wed Oct 29 03:18:46 2014: sshpmGetCertFromCID: comparing to row 3, certname >bsnDefaultBuildCert<
Wed Oct 29 03:18:46 2014: sshpmGetCertFromCID: comparing to row 4, certname >cscoDefaultNewRootCaCert<
Wed Oct 29 03:18:46 2014: sshpmGetCertFromCID: comparing to row 5, certname >cscoDefaultMfgCaCert<
Wed Oct 29 03:18:46 2014: sshpmGetCertFromCID: comparing to row 0, certname >bsnOldDefaultIdCert<
Wed Oct 29 03:18:46 2014: sshpmGetCertFromCID: comparing to row 1, certname >bsnDefaultIdCert<
Wed Oct 29 03:18:46 2014: sshpmGetCertFromCID: comparing to row 2, certname >cscoDefaultIdCert<
Wed Oct 29 03:18:48 2014: sshpmFreePublicKeyHandle: called with 0x159501ec
Wed Oct 29 03:18:48 2014: sshpmFreePublicKeyHandle: freeing public key
debug pm pki disable

BraBraBra

2014年10月28日星期二

[Troubleshoot] AP無法Join controller debug方式 debug pm pki enable

沒有留言:

2014年10月28日 星期二

[Troubleshoot] AP無法Join controller debug方式 debug pm pki enable

沒有留言:

2014年10月28日星期二