Symptom

When the Auto-QoS is enabled on a IE3300 interface, AP's off the port will fail to register to the WLC. These are example log from AP and the WLC perspective during the issue. AP: *Jun 30 12:42:42.000: %CAPWAP-5-DTLSREQSEND: DTLS connection request sent peer_ip: 10.10.113.1 peer_port: 5246 *Jun 30 12:42:48.011: DTLS_CLIENT_ERROR: ../capwap/base_capwap/dtls/base_capwap_dtls_record.c:397 BD is not of DTLS Change Cipher Spec type *Jun 30 12:42:48.011: %DTLS-5-SEND_ALERT: Send FATAL : Internal error Alert to 10.10.113.1:5246 *Jun 30 12:42:48.011: %DTLS-5-SEND_ALERT: Send FATAL : Close notify Alert to 10.10.113.1:5246 WLC: *spamApTask5: Jun 30 12:32:07.339: cc:16:7e:25:84:10 No entry exists for AP (10.10.113.5/55361) *spamApTask5: Jun 30 12:32:07.339: cc:16:7e:25:84:10 No AP entry exist in temporary database for 10.10.113.5:55361 *spamApTask5: Jun 30 12:32:10.954: cc:16:7e:25:84:10 DTLS connection not found, creating new connection for 10.10.113.5 (55361) 10.10.113.1 (5246) (Cisco Controller) >show ap sum Number of APs.................................... 0 Global AP User Name.............................. Not Configured Global AP Dot1x User Name........................ Not Configured Global AP Dot1x EAP Method....................... EAP-FAST

Conditions

The defect may be experienced on IE3300 with Aotu-QoS enabled on 16.10.1, 16.11.1, and 16.12.1. Within Auto-Qos policy there is a class-map named "Class-map: AutoQos-4.0-Default-Class" when this is part of the policy there will be a problem with the registration. #show policy-map int gi 1/6 GigabitEthernet1/6 Service-policy input: AutoQos-4.0-CiscoPhone-Input-Policy Class-map: AutoQos-4.0-Voip-Data-CiscoPhone-Class (match-any) 0 packets, 0 bytes 5 minute offered rate 0000 bps, drop rate 0000 bps Match: ip dscp ef (46) Class-map: AutoQos-4.0-Voip-Signal-CiscoPhone-Class (match-any) 0 packets, 0 bytes 5 minute offered rate 0000 bps, drop rate 0000 bps Match: ip dscp cs3 (24) Class-map: AutoQos-4.0-Default-Class (match-any) <---------- Class map in question 157 packets, 0 bytes 5 minute offered rate 0000 bps, drop rate 0000 bps Match: access-group name AutoQos-4.0-Acl-Default Class-map: class-default (match-any) 0 packets, 0 bytes 5 minute offered rate 0000 bps, drop rate 0000 bps Match: any

Workaround

Tested by removing the class-map "class AutoQos-4.0-Default-Class" from the policy-map "policy-map AutoQos-4.0-CiscoPhone-Input-Policy" (config)#policy-map AutoQos-4.0-CiscoPhone-Input-Policy (config-pmap)#no class AutoQos-4.0-Default-Class Once this is removed the AP will register with the WLC.

Further Problem Description