Office extend 1142 and dtls keepalive failure

Hi
I am setting up office extend with 1142 APs on a 5508 controller.  All seems ok and I see my SSIDs on the remote AP.   However when I try to connect I don't get a dhcp address and the connection fails.  When I look at logs and some debugs I see dtls keepalive failures and the AP is actually disconnecting and re-associating with the controller.
As a troubleshooting step I decided to disable Data encryption through the AP advanced tab and after the AP resets all is now working.
Would anyone have an idea why data encryption would cause the issue ?  I have opened the standard 5246 and 5247 UDP ports on my firewall.  Have I missed out some other port that may need opened ?
Many thanks, St.

Scott
The AP is changed from Local mode to H-REAP mode.
In the H-REAP tab we have Enable Office Extend ticked.
In the Advanced tab to get this to work the Data Encryption box is unticked and the text below says Current Dta Encryption Status is plain text.  I can't think of any other settings related to office extend other than the NAT stuff on the management interface and allowing 5246 and 5247 through the firewall.
So if these settings are being correctly reported the question is why do I then see Data and ctrl being encrypted when I do "Show dtls connections"  If I have unticked Data encryption I expect to see only ctrl connections being encrypted.
I can't see any other config issue that would allow dhcp and a connection to work with Data encryption disabled and cause it to fail with Data encryption enabled. 
The AP always joins the controller no matter what the Data encryption setting is.  However with it unticked the AP retains its connection to the controller and I can get an IP and pass data normally.  With the data encryption box ticked the AP joins the controller then soon afterwards drops off reporting a DTLS keepalive issue.  No IP address and no data passed.  In fact with data encryption ticked I see a message of the form "DTLS plumbed in" or something similar.  Then soon after I get the keepalive error and the AP drops off.
Thanks, St.

Similar Messages

  • Office 2013 VL and app-v 5 SP2 on RDS server - package add fails with script error

    We have used the MS Office Depolyment Tool for click-to-run to download the latest Office 365 version, and flatten it into an app-v 5 package - not a problem.
    When we try to add the package to our client machine (Server 2008R2 running the app-v 5 SP2 client software), it fails with an message that a script has failed and not returned a 0 code.  We have not added any scripting to this automatically created
    package, so it seems that the app-v client does not like the "official" package.  Any hints and tips gratefully accepted, thanks
    App-v client has scripting enabled.
    The powershell command line we are using is:
    PS C:\windows\system32> Set-ExecutionPolicy Unrestricted
    PS C:\windows\system32> Add-AppvClientPackage -path file://hostname/app-v/o365-noaccess/ProPlusVolume_en-us_zh-cn_x86.appv -DynamicDeploymentConfiguration \
    \hostname\app-v\O365-NoAccess\ProPlusVolume_en-us_zh-cn_x86_DeploymentConfig.xml
    with a result of:
    Add-AppvClientPackage : Embedded Script process exited with an error code indicating failure (return code other than 0). Please ensure that Embedded
    Script process can complete successfully and exits with 0.
    Operation attempted: Configure AppV Package.
    AppV Error Code: 100000000C.
    Please consult AppV Client Event Log for more details.
    At line:1 char:1
    + Add-AppvClientPackage -path
    file://hostname/app-v/o365-noaccess/ProPlusVolum ...
    + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    ~~~
        + CategoryInfo          : InvalidResult: (:) [Add-AppvClientPackage], ClientException
        + FullyQualifiedErrorId : ConfigurePackageError,Microsoft.AppV.AppvClientPowerShell.AddAppvPackage
    and these are the error messages we see in the debug app-v client logs:
    Script Launcher successfully waited for script with command line: '"C:\ProgramData\App-V\D24C3BDD-8FAD-44D3-998C-933F8F053682\CD9725CE-4503-4932-863B-4FCDA3F9551D\Root\..\Scripts\Integrator.exe" /I /Msi /License /AppV PackageGUID=D24C3BDD-8FAD-44d3-998C-933F8F053682
    PackageRoot="C:\ProgramData\App-V\D24C3BDD-8FAD-44D3-998C-933F8F053682\CD9725CE-4503-4932-863B-4FCDA3F9551D\Root" MsiName=SPPRedist.msi,SPPRedist64.msi PidKey=xxxxx-xxxxx-xxxxx-xxxxx-xxxxx,xxxxx-xxxxx-xxxxx-xxxxx-xxxxx,xxxxx-xxxxx-xxxxx-xxxxx-xxxxx
    PRIDName=ProPlusVolume'.
    and...
    Package {d24c3bdd-8fad-44d3-998c-933f8f053682} version {cd9725ce-4503-4932-863b-4fcda3f9551d} failed configuration in folder 'C:\ProgramData\App-V\D24C3BDD-8FAD-44D3-998C-933F8F053682\CD9725CE-4503-4932-863B-4FCDA3F9551D' with error 0x79100E10-0xC.
    and...
    machine script for event AddPackage with command line: '"C:\ProgramData\App-V\D24C3BDD-8FAD-44D3-998C-933F8F053682\CD9725CE-4503-4932-863B-4FCDA3F9551D\Root\..\Scripts\Integrator.exe"'
    exited with failure error code: The extended attributes are inconsistent.. Because Rollback is set to true in the script definition, the current AppV Client operation was rolled back.
    We believe this last error message is the kicker, but can't debug any further.

    Just to validate the problem, I started again.
    I have just downloaded the latest ODT from MS, and then downloaded the latest Office 2013 packaged - volume license.  Then created the app-v package - all went perfectly, no error messages.  Uploaded the package to the app-v 5 server and published
    it.  I have made NO changes to any of the files.
    I have just built a brand new Windows Server 2008R2 Datacentre VM, patched it to the hilt, and installed the RDS role, powershell 3 and appv 5.0 SP2 client for RDS.
    I then use powershell as above:
              scripting unrestricted
              app v client scripting enabled
             app v server added
              global and user update enabled
             add-appvclient package  "url of office package.appv"
                 and received exactly the same error message.  
    It is not complaining that scripting is not allowed, it is complaining that the script is invalid.
    Help!!!!

  • Office extend option not seen under flexconnect

    I have a 2602i , registered on a virtual controller with 7.6.130.0, running in flexconnect mode, but I dont see office extend option under flexconnect, any comments ???

    well I could not find an evaluation dtls lic for virtual controller, so I installed a 7500 controller dtls lic and it shows in use and data encryption is enable on AP, still i don't see office extend option.
    I am not sure its because I am using a 7500 dtls licence.
     >show license summary
    License Store: Primary License Storage
    StoreIndex:  0  Feature: data_encryption                   Version: 1.0
            License Type: Permanent
            License State: Active, In Use
            License Count: Non-Counted
            License Priority: Medium

  • I am having a problem where pdf files on the web (i.e., links in a Word doc) open after an extended time and only as gobbldygook ( a file containing a series of characters and letters that make no sense).  This also happens for another Mac user coworker

    Hi There:  I am having a problem where pdf files on the web (i.e., links in a Word doc) open after an extended time and only as gobbldygook ( a file containing a series of characters and letters that make no sense).  This also happens for another Mac user coworker in my office, while the PCs don't have this problem...  Any help/suggestions for a fix would be most appreciated! 

    Just adding more info - MacBookPro running 10.5.8 and using Safari as the browser.  The problem comes and goes - sometimes the linked Word files will open OK, n others its just a strring of crazy characters... 

  • Redundant guest anchor/office extend 5508 controllers

    Hello,
    We are looking to deploy 2 guest anchor/office extend 250 AP 5508 Controllers.
    The first 5508 would be primary for both public wireless and office extend AP's.  The second 5508 would not be used unless the first controller fails.
    What is best practice when it comes to the certificate for public wireless.  Should I create single certificate for both controllers or have two different certificates?
    Thanks

    This makes sense.  What would I need to do so that the networks don't overlap on both controllers for guest?  Would I need to make new networks on the secondary controller:
    Primary Controller

  • Office Extend Mode

    I have got a 3502 setup anf functioing in Office Extend mode. I have found one issue though. I have to set the checkbox on the my Management Interface to Enable NAT Address and put the external address in the box. Once this occurs no internal APs can join the controller.
    Does anyone have any ideas on setting this up with a single controller behind a router and not having to set the NAT Address for the Management interface? Should I setup a second interface on the controller to be for external management?

    Ok, well no worries. As Steve pointed out there is/was a NAT issue on earlier code. I think it was fixed in M1. but again, if you give the WLC an outside address and protect it with ACLs from the outside and allow your internal folks to hit it from the inside you should be ok. But again, I dont know how your network is designed or your specific design requirements. Please take these as suggestions as they may apply.
    Perhaps Steve can add to this as well...

  • Office Extend

    I have a question about Office Extend solution.
    Is there a limit on how many users can use office extend?
    I know that the Aironet 600 AP only supports 15 connections.
    However, office extend is supported on other APs. (3600 series for example).
    If I use Office Extend with 3600 AP am I able to have 50 connections?

    Here is the config guide:
    http://www.cisco.com/en/US/products/ps11579/products_tech_note09186a0080b7f10e.shtml
    The "yellow" port is for LAN side connectivity. The traffic sent across this specific port will be encapsulated in CAPWAP and be sent back to the controller. You will need to configure LAN configuration on the WLC for this port to work. This is also a very important topic. Your WLANs will be secured with PSK or EAP. However, this port is not, so you might want to use WEB AUTH with 802.1X or something to secure that port. Just in case the AP ever gets stolen someone cant just plug into port 4 and gain access.
    If you find any of this helpful please support the rateing system! Thanks again!
    "Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin

  • Office Extend Question(s)

    I have a couple of questions surrounding the Office Extend 600 series access points.
    Currently we have 2- WLC5508s.
    1) In the Deployment guide it mentions turning off Aironet IE and Coverage Hole Detection. Is this required, or just highly recommended? What types of issues are we expected to encounter if we have Aironet IE and Coverage Hold Detection enabled with Office Extend AP's?
    2) In a Primary, Secondary configuration of WLC controllers, I would need to setup another NAT configuration for the second controller int he event of a failover correct? Any alternatives?

    Ok so I understand your oe will connect to inside controllers not a DMZ controller. Thats fine .. Here is another way to skin this cat ..
    You can create the same ssid as production but name it differently under the profile name. So you can have the same WLAN ssid name.
    Under the new WLAN number it above 16, same 100. Configure this one as spec'd in the oe manual.
    Then create an ap group for your oe aps and include WLAN 100 in the group.
    This way you can have the same ssid, different configs. Since the WLAN is above 16 they don't get broadcasted out unless you put the aps in the group.
    Make sense ?
    Sent from Cisco Technical Support iPhone App

  • CIFS accelerator keepalive failure

    Software Release 4.4.5
    WAVE-294-K9
    Alert:
    cceAlarmHistModuleId= 1000  cceAlarmHistCategory= 3  cceAlarmHistInfo= Raise-Alarm: CIFS accelerator keepalive failure.   cceAlarmHistTimeStamp= 3539553200
    I got the following alert.
    Does anyone know where I can find the log files or the CIFs accelerator keepalive failure counter?
    I wanted to know the best way to clear the counter statistics and make sure that if this hits up again I can at least get a better
    idea of how frequent it is happening.
    I ran the following command and was curious if the "sessions timeout" is related to this keepalive failure?
    show statistics accelerator cifs detail
    CIFS:
    Global Statistics
    Time Accelerator was started: Wed Sep 25 08:51:51 2013
    Time Statistics were Last Reset/Cleared: Wed Sep 25 08:51:51 2013
    Total Handled Connections: 15293
    Total Optimized Connections: 166
    Total Connections Handed-off with Compression Policies Unchanged: 13638
    Total Dropped Connections: 0
    Current Active Connections: 0
    Current Pending Connections: 0
    Maximum Active Connections: 9
    Number of local reply generating requests: 166596
    Number of remote reply generating requests: 217438
    The Average time to generate a local reply (msec): 4
    Average time to receive remote reply (ms): 92
    Policy Engine Statistics
    Session timeouts: 13, Total timeouts: 121
    Last keepalive received 00.0 Secs ago
    Last registration occurred 19:03:18:36.6 Days:Hours:Mins:Secs ago
    Hits: 1218122, Update Released: 142074
    Active Connections: 18, Completed Connections: 821832
    Drops: 0, Pre-Resource Counter: 0
    Rejected Connection Counts Due To: (Total: 254198)
    Not Registered : 3, Keepalive Timeout : 65
    No License : 0, Load Level : 0
    Connection Limit : 0, Rate Limit : 0
    Minimum TFO : 254130, Resource Manager : 0
    Global Config : 0, TFO Limit : 0
    Server-Side : 0, DM Deny : 0
    No DM Accept : 0
    Auto-Discovery Statistics
    Total Connections queued for accept: 487511
    Connections queuing failures: 0
    Socket pairs queued for accept: 487511
    Socket pairs queuing failures: 0
    AO discovery successful: 741192
    AO discovery failure: 6

    Hi,
    The accelerator is failing to perform a wellness update within the allotted time. That is
    why we see keepalive failures. The implications are that some connections may not be
    getting optimized properly by the AO, and thus optimization performance may be reduced.
    I don't think there is any counter for number of keep alive failure messages you get but you can
    see if Keepalive Timeout counter is increasing.
    You can find this counter under "policy engine statistics".
    Keepalive Timeout : 65--->You can check if this value is increasing during the time you get this message.
    Regards,
    Kanwal

  • Will the 4404 Controller support Office Extend

    According to the The Software release bulletin
    http://www.cisco.com/en/US/prod/collateral/wireless/ps6302/ps8322/ps10315/product_bulletin_c25-530367_ps10315_Products_Bulletin.html
    We just purchased a 4404 controller. The document above states 4404 controllers have the capability to be upgraded to the new 6.0 software which supports Office extend. Does anyone have any idea whether it will be possible to purchase a wplus (wireless plus) license to enable office extend on a 4404 controller?
    Thanks

    Regarding Office Extend is a new "feature" with the new 5508 controller running the new IOS, 6.X and Office Extend license. No one as yet knows if the Office Extend feature will be extended to the WLC200/2100, 4400 or the WiSM. I am suspecting that because Office Extend is a license feature, I have no doubt that this will be exclusive to the 5508.
    Because the 5508 can AP support license can support 25, 50, 100 and 250, anticipate the End-Of-Sale announcement of the WLC 2100 and the WLC 4400.

  • Office Extend printers have issues with pullprint.

    Office Extend printers have issues with pullprint. 
    This only happens when using Office Extend. Some office locations have been connected using Office Extend and then moved over to subscriber line which fixes the issues. printer is connected to port 4 of  OEAP 600. Please suggest 
    Manish

    when the error occurs, the office temp files are owned by someone with the same uid, so office says the documents are in use even though they're not.
    do your users login with network or portable homes? if so, they should all have unique uids/gids.
    if they're logging in locally, then mounting afp shares with unique ids, that won't cut it.
    the most efficient way to avoid this is to have your users login with network or portable homes. this may not make sense for your environment, however.
    the other option is to change users' local uids, as outlined in the mvps article linked above. use dscl instead of nicl to do this.

  • Lync and Office 2013 Home and Business 'Present PowerPoint' not working

    Hello All,
    We have an Exchange online E1 plan that includes Lync, that we have been using without problems for the last year or so. 
    The 'Present PowerPoint' functionality of Lync is very useful, and again it has been working without fault until now.  However, for one user who we have upgraded to Office 2013 Home and Business (from Office 2010), it no longer works when she clicks on
    present, select PowerPoint and select a .pptx file. She gets the following error message...
     'the presentatio.ppx couldn't be converted for presentation because Visual Basic for Applications (VBA) is not installed on this computer. Please install VBA and try again.'
    The thing is it seems that Visual Basic for Applications is installed as a part of the Lync Basic Install. I re-installed Lync just in case, and when I clicked customize I ensured that Visual Basic for Applications was checked to install as run from the
    computer.
    In searching online I can see plenty of other people suggesting with Office 2010 to repair the Office install, and select customize and make sure the Visual Basic for Applications is checked to install too.  However, with Office 2013 Home and Business
    you don't get this option - it seems all or nothing.  I have tried repairing both installs, re-installing etc with no luck
    So is it that Office 2013 Home and Business incompatible with Lync or can anyone help or throw some ideas at me?
    Thanks,
    Andrew.
     

    Here a few who also experienced the same issue 
    https://social.technet.microsoft.com/Forums/lync/en-US/3cf4f93e-3e98-4a72-aa6a-83e92408837c/message-error-visual-basic-for-applications-vba-is-not-installed-office-home-business-2013-?forum=ocsclients
    https://social.technet.microsoft.com/Forums/en-US/f336fc74-c821-4473-b9d9-df62267a3180/lync-2013-and-office-web-apps-powerpoint-presentation-sharing-missing-vba?forum=lyncconferencing
    http://community.office365.com/en-us/f/166/t/123920.aspx
    http://answers.microsoft.com/en-us/office/forum/office_365hp-powerpoint/lync-2013-and-office-web-apps-powerpoint/71abcef9-0b6b-4fe1-944e-789b53da3f1e
    The suggestion since there is not direct solution as of today  would be either roll back the office 2010 since we know this work 
    On upgrade to Office 2013 Pro use the full Lync Client 
    PLEASE REMEMBER, if you see a post that helped you please click "Vote As Helpful" and if it answered your question please click "Mark As Answered"

  • Office 2013 Home and Business - Click to Run wipes out the Office files from the Programs folder

    We are having an issue with a number of clients running Office 2013 H&B in a domain environment, after a click to run update.
    It appears the update is ran in the background and after a reboot, the program files short of a few .DLL's are completely missing. Office still shows as installed through the control panel.
    We have to use the office removal tool and reinstall program completely.  System restore does not fix the issue.
    These are Dell Latitude and the version of Office shipped with the machines as an OEM version. There was nothing pushed from the Dell update utility for Office.
    They are running Avast AV and it is not affecting all users presently.
    I've been on hold and getting transferred around Microsoft's support lines all day as Microsoft support can't seem to figure out which department should troubleshoot the issue.
    Any assistance would be greatly appreciated.

    I am doing some research. And I  might involve someone who is more familiar with this kind of issue to deal with this problem.
    Cheers,
    Tony Chen
    Forum Support
    Come back and mark the replies as answers if they help and unmark them if they provide no help.
    If you have any feedback on our support, please contact
    [email protected]

  • Office 2013 Home and Business

    I have installed multiple copies of Microsoft office 2013 home and business over the last 3 months with no issues but now when I go to office.com/setup to install another copy on a different computer it comes up and ask for the product key which I enter. 
    then it takes me to the Microsoft account login screen, and after I log in I get buttons to install but the buttons represent previous copies I have already installed.  if I download one of these copies it install but wont activate the normal way.
    Is there a limit on the amount of copies that can setup under 1 account? or any help would be appreciated

    Hi Andrew,
    As far as I know, Office Home & Business 2013 is an One-time purchase version of Office for a single PC. (More reference:
    http://products.office.com/en-us/buy/compare-microsoft-office-products)
    So with one license of Office Home & Business 2013, you can only install Office on one PC. How many licenses of Office Home & Business 2013 are associated with your Microsoft account?
    Regards,
    Ethan Hua
    TechNet Community Support
    It's recommended to download and install
    Configuration Analyzer Tool (OffCAT), which is developed by Microsoft Support teams. Once the tool is installed, you can run it at any time to scan for hundreds of known issues in Office
    programs.

  • I bought and downloaded iWork when i bought my macbook pro and i used to save my documents on words. then a few weeks ago, i downloaded a free trial of microsoft office but unregistered and deleted it a week after. now i can't save my documents on word.

    i bought and downloaded iWork when i bought my macbook pro and i used to save my documents on words. then a few weeks ago, i downloaded a free trial of microsoft office but unregistered and deleted it a week after. now i can't save my documents on word. It used to ask me if I want to save my documents on word, now it doesn't. And the W icon keeps on appearing on my dock. Can I return my computer to an earlier date? Please help me. Thanks

    No, I don't have a back-up of TIme Machine... to tell you the truth, I have this computer for a few years now and I still don't know how to work all of the apps that are here. Anything else I can do?

Maybe you are looking for