I noticed since I added a Cisco AP 1832i to my network, we are having some issues connecting to various external sites. For example, I go to google, and about every 4th site I try to go to will time out. I refresh the page, I can go just fine. It's not just with google though.
I have a Cisco C1111-8PW as the main router, with a built-in WLC and a built-in WAP. The only other AP on the network right now, besides that is the 1832i. It's hard to tell if the problem exists with the built-in AP, the C1111, or the built-in WLC, because where the built-in AP is currently located, there is a very very weak signal from there to the client machine (hence the reason I have an 1832i installed).
I did notice this a few times in the built-in APs logs but I am not certain what to make out of it.
Jan 26 03:50:08 kernel: [*01/26/2019 08:50:08.9525] chatter: client_ip_table :: ClientIPTable no client entry found, dropping packet 1C:4B:D6:F8:90:FD Jan 26 05:50:56 kernel: [*01/26/2019 10:50:56.2025] chatter: client_ip_table :: ClientIPTable no client entry found, dropping packet 1C:4B:D6:F8:90:FD Jan 26 08:29:37 kernel: [*01/26/2019 13:29:37.8824] chatter: client_ip_table :: ClientIPTable no client entry found, dropping packet 1C:4B:D6:F8:90:FD Jan 26 08:32:13 kernel: [*01/26/2019 13:32:13.2724] chatter: client_ip_table :: ClientIPTable no client entry found, dropping packet AC:5F:3E:25:EE:A5 Jan 26 11:19:32 kernel: [*01/26/2019 16:19:32.4824] chatter: client_ip_table :: ClientIPTable no client entry found, dropping packet 1C:4B:D6:F8:90:FD Jan 26 11:24:45 kernel: [*01/26/2019 16:24:45.9324] chatter: client_ip_table :: ClientIPTable no client entry found, dropping packet 1C:4B:D6:F8:90:FD Jan 26 15:46:03 kernel: [*01/26/2019 20:46:03.4924] chatter: client_ip_table :: ClientIPTable no client entry found, dropping packet AC:5F:3E:25:EE:A5 Jan 26 17:05:28 kernel: [*01/26/2019 22:05:28.2424] chatter: client_ip_table :: ClientIPTable no client entry found, dropping packet 1C:4B:D6:F8:90:FD Jan 26 17:44:00 FIPS: *** shell: FIPS Mode = disabled ***
Those MAC addresses do exist. The 1C:4B:D6:F8:90:FD is the wireless MAC address for the laptop that I am using (and the one that just displayed the problem before I displayed the log). My wife's cell phone is the AC:5F:3E:25:EE:A5 MAC address, and she also had some issues. She didn't remember the error message exactly, but said it had something to do about DHCP server and some IP address not existing anymore. She said she also has been having a hard time searching the internet on her cellphone, because of the same issues the laptop is displaying.
I would think that perhaps those messages in the built-in WAPs syslog are related, however, these devices show that they're connected to the WAP1, not the built-in WAP0. That makes me wonder if the log error messages are related at all. Any suggestions on how to troubleshoot this or what those messages mean? Even stranger though, show arp on WAP0 does show the laptop's MAC address in it's ARP table, but it does not show my wife's.
Another example of the problem, I'm trying to bring the final AP up, WAP3, and I'm updating the backup image to 22.214.171.124. It's connecting to a TFTP server running on a Windows 10 Enterprise laptop, which is connected wirelessly to WAP2. So far, the progress has reached 78% and there's been 38 timeouts. Not exactly sure what I did wrong or how to fix this. The signal strength in Windows shows full bars.
My wife's cell phone has now repeatedly received the following message:
Failed to obtain IP address
She's pulling an IP address from the DHCP server running on the actual router, not the WLC or APs. If there's any configuration files or logs that I can share, I will be more than happy to.
Here's what show interfaces dot11Radio 0 wlan 1looks like:
WAP2#show interfaces dot11Radio 0 wlan 1 statistics VAP Level Stats: apr0v0 (under radio wifi0) Tx Data Packets = 975611 Tx Data Bytes = 488685744 Tx Data Payload Bytes = 451612526 Rx Data Packets = 751367 Rx Data Bytes = 405724949 Rx Data Payload Bytes = 395205811 Tx Unicast Data Packets = 955019 Rx Unicast Data Packets = 751367 Tx Multi/Broadcast Data Packets = 20592 Rx Multi/Broadcast Data Packets = 0 Average Tx Rate (kbps) = 65000 Average Rx Rate (kbps) = 65000 Tx multicast Data Packets = 18765 Tx Broadcast Data Packets = 1827 Rx multicast Data Packets = 18446744073709550565 Rx Broadcast Data Packets = 1051 Packets Dropped = 57 Packets Errored = 23934 Rx errors = 23725 Rx Dropped = 0 Tx failures = 209 Tx Dropped = 57 Host Discard = 0 Rx MIC Errors = 0 Last Tx rate for unicast Packets = 65000 Last Tx rate for unicast Packets(mcs) = 6 Last Tx rate for multicast Packets = 24000 Last Tx rate for multicast Packets(mcs) = 48 Total beacons sent to fw in SWBA intr = 693579
Those RX Errors and TX Dropped's have me concerned. It's not just that AP. Any of them I connect to see to exhibit similar issues. All the APs (three 1832i's, one built-in the C1111-8PW, which is like the 1815i) are hardwired via CAT6+ F/UTP Belden 2412F, so I do not think that's the issue. For neighboring SSIDs, I see 12, but most have little strength, I believe because they're too far away. There's maybe 8 that have decent strength, plus my two. Could this be an interference issue? The old cheap Spectrum wireless router that was built into the cable modem didn't have any issues like this.
Here's the output of the Wlan-GigabitEthernet 0/1/8 interface, which is the trunk line on the router that the built-in WLC0 an AP0 uses.
Wlan-GigabitEthernet0/1/8 is up, line protocol is up (connected) Hardware is WLAN Gigabit Ethernet, address is a093.5188.4f10 (bia a093.5188.4f10) Description: Internal switch interface connecting to the embedded AP MTU 1500 bytes, BW 1000000 Kbit/sec, DLY 10 usec, reliability 255/255, txload 1/255, rxload 1/255 Encapsulation ARPA, loopback not set Keepalive not supported Full-duplex, 1000Mb/s, link type is auto, media type is 10/100/1000BaseTX input flow-control is off, output flow-control is unsupported ARP type: ARPA, ARP Timeout 04:00:00 Last input never, output 00:00:07, output hang never Last clearing of "show interface" counters never Input queue: 0/375/0/0 (size/max/drops/flushes); Total output drops: 0 Queueing strategy: fifo Output queue: 0/40 (size/max) 5 minute input rate 0 bits/sec, 0 packets/sec 5 minute output rate 4000 bits/sec, 2 packets/sec 3142642 packets input, 600785906 bytes, 0 no buffer Received 83667 broadcasts (169380 multicasts) 0 runts, 0 giants, 0 throttles 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored 0 watchdog, 169380 multicast, 0 pause input 0 input packets with dribble condition detected 5098414 packets output, 5452088722 bytes, 0 underruns 0 output errors, 0 collisions, 1 interface resets 7195 unknown protocol drops 0 babbles, 0 late collision, 0 deferred 0 lost carrier, 0 no carrier, 0 pause output 0 output buffer failures, 0 output buffers swapped out
To me, that looks good, minus the 7195 unknown protocol drops....I'm going to research that and see what it is. Maybe I should install the NBAR protocol pack now.