10-02-2014 02:53 AM - edited 07-05-2021 01:38 AM
Dear All Support
Lately I have been dealing with infrastructure that use WLC 7.6.xxx 5508 and Unified AP 1131G on Flexconnect Local switching mode on branches . To those AP's, WGB AP 1121G are connected, and to those Passive Client (printers) are connected.
Wired_Passive_Client<->WGB1121<->RADIO<->Flex_LWAP1131<->L2switch(unmanage)<->L3Router<->IPSEC<->L3RouterISR<->L3_6500_core<->WLC5508
So following recommendation for passive clients, on WGB1121 following sets were put
Forwarding ARP, increasing aging-time, dot11 activity timers
On L3Router Passive Client Mac address were add as static arp entry
on WLC side Passive Client options on WLAN was not set as from documentation here and there, FlexConnect Local does not support Multicast<->Multicast traffic
Issues is that we were losing connections to Wired Passive Clients (quick fix was/is to restart WGB or remove arp entry from L3Router and add it again) at the same time we did not loss WGB AP, but interesting point is that WGB1121 is still seeing Passive Client, as connected and communication between them is working, even if we cannot ping it from L3Router not to mention Central Office devices.
So by those symptoms I imagine that there is problem on passing ARP to WLC and to L3 devices, so we did create mac filtering on WLC and assign it to WLAN after couple of days Wired_Passive_Cleint do not disappeared and are still visible.
To be fair this is a lot of entries to pass on to WLC and L3 routers not to mention that on this same WLAN we are connecting Tablets. So Mac address to filter of Printers and Tablets need to be put on this WLAN when using MAC filtering. I could not find any way to Provide Mac Filtering on WLAN and still be able to connect devices that were not put on Filtering List. (apart from creating another WLAN)
The other documentation for passive client mention that Multicasting is required, ok as I have wrote above this wont work to FlexConnect Local switching but I found this entry on documentation:
"For FlexConnect APs with locally switched WLANs, passive client feature enables the broadcast of ARP requests and the APs respond on behalf of the client."
Will this work with AP Multicas: Unicast Mode and than tweak Passive Client on WLAN for ARPs to be broadcasted ? Does this mean that I have to Enable Multicast Globally? Those enabling AP Multicasting -> Unicast on WLC will required enabling Multicasting on L3Router on branch side and respectively L3RouterISR and L3_6500_core on Central Office? Or is it enough to enable Broadcast Forwarding.
Also maybe we could avoid macfiltering on WLAN if we add static mac address of wired_passive_clients on L3_6500_core device?
I still did not end up with ideas to try but some help will be appreciated.
11-25-2014 03:31 AM
Hi Blazej,
i have similar issue. I have passive client behind WGB. WGB is connected to flexconnect AP with local switched WLAN. Do you have any assumption how to solve it?
Thanks for answer
Jozef
11-25-2014 04:08 AM
11-25-2014 01:43 PM
Hi Blazej,
thanks for update. I have tried your workaround with MAC filtering on SSID + adding IP and MAC of passive client on MAC Filtering list. I was able to see Client with correct IP (not 0.0.0.0) and MAC among other WGB clients. Problem is that connection to that IP is not working from WLC or L3 device. (it is working from WGB AP). MAC address was "incomplete" in "sh arp" on L3 device. Is there something which i can use to force flexconnect AP to announce this MAC?
Thanks for answer
Jozef
11-26-2014 02:39 AM
Static ARP on L3 devices next to WLC, WLC is proxy ARP so this should work. But i would update software because of this
"By debug analysis seams like XID: send via Flex AP to WLC do not pass information on passive clients from WGB AP.
11-26-2014 05:21 AM
answer is UPPER
11-26-2014 05:45 AM
Hi Blazej,
command "sh capwap reap association" performed on flexconnect AP showed that client still had IP 0.0.0.0, even on WLC i saw that client with correct IP. ( when i have used Mac filtering or create static ARP entry on WGB). I have added static ARP entry on switch BEHIND WGB and it is working now (without Mac filtering).
ON WGB itself i have configured : bridge 1 address aaaa.bbbb.cccc forward FastEthernet0.xxx (aaaa.bbbb.cccc - is MAC address of passive device)
My WLAN is switched locally so creating static ARP on L3 switch connecting to WLC i think will not help. (Flexconnect AP should maintaind ARP entries when you have local switching)
Anyway thanks for help Blazej and quick responds
Jozef
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide