ASA 5510 / Aironet 1140 / Apple iDevices

ec-admin · ‎05-20-2013

Good Morning

On Wednesday of last week, I upgraded to IOS version on my ASA 5510 to the latest version. Since this upgrade, I have been having issues with certain wifi clients (Apple iDevices) obtaining IP's via DHCP from the ASA. Nothing changed on the config of the WAP's and no software updates have been done on the Apple devices.

My setup is as follows:

4 Cisco Aironet 1142 WAP's connected to an HP Procurve switch (2626PWR) connected to interface ethernet0/2 on the ASA. DHCP on the wifi network is provided by the ASA.

I have tried:

1. Powercycling all connected equipment (AP's, ASA and switch)

2. Updating AP's to latest IOS

3. Deleting all network profiles and settings on Apple devices and restarted

4. Checking for errors on WAP's and ASA

I have opened a TAC case with Cisco but they have been unable to find the issue so far. This issue is only affecting the Apple devices. Windows laptops and Blackberry's receive an IP via DHCP from the ASA without error or issue.

Anyone got any thoughts or ideas? The devices associate with the AP but they do not receive an IP address from the ASA (when I check the console of the WAP, i see the MAC address of the device but it shows 0.0.0.0 for the IP). I may be wrong here but I would think that this has to be linked to the ASA upgrade since the issue started around the same time and nothing changed on the config of the WAP's.

Thanks

Simon

briandegus · ‎06-05-2013

I have run into the same issue a few times. The only solution that I have found is to clear the DHCP binding for the effected IPs through CLI.

clear ip dhcp binding {address | *}

FreudenbergITmns · ‎07-11-2013

Did you find any solution to this? We are having the same issue only with iOS devices and asa 5510 with 9.1(2)

sascha.grunenberg · ‎07-11-2013

I had the same issue (only iOS devices getting no IP address via the ASA as DHCP) after upgrading two ASA 5512-X from 9.1(1) to 9.1(2).

A downgrade back to 9.1(1) resolved this issue!

FreudenbergITmns · ‎07-11-2013

Wow this really helped. Thanks a lot.

Three Rivers Information Technology · ‎07-22-2013

Cisco TAC provided the following information that corrected our issue.

On our ASA 5510 we have a seperate interface Ethernet 0/3 for our guest-wifi network. The DHCP Timeout settings were set at 90.

Simply changing that to DHCP Timeout 60 for the affected interface fixed our issue.

conft

--> Interface Ethernet 0/3

---> dhcprelay timeout 60

save the config and our iPads connected immediatly.

dcountryman68 · ‎08-21-2013

Kevin,

This change worked perfectly for me as well. Excellent find and thank you for posting. May I ask how you found/figured this out?

Thank you

David

Three Rivers Information Technology · ‎08-21-2013

We looked for this answer all over the internet, Apple as well as Cisco boards. When we got the engineer on the phone from Cisco TAC, he said there was information regarding this issue in their internal knowledge base that said Applie IOS devices do not have a 90sec timeout setting in their DHCPRelay request. So it was just caught in a loop attempting to retrieve an IP. By switching the timeout setting to 60 it allowed the IOS device to properly retrieve an address. I wish I had more detail as to which portion of the IOS code was stuck but this fixed our issue immediatly.

BlueMCisco · ‎02-03-2014

This bug is fixed in 9.1(3)

https://tools.cisco.com/bugsearch/bug/CSCuh79288