Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
469
Views
5
Helpful
6
Replies

SSID connected but there is no traffic.

Antony.xavier
Level 1
Level 1

‎09-30-2021 07:11 AM

Hi There,

 

I have two SSID (Guest and Phone) created in Cisco WLC9800, Cisco AP's are associated with WLC as expected. When users connected to Guest SSID it works fine but connected to Phone it shows connected but we cannot access Internet. Could you please guide me the troubleshooting steps or What are the basic checks we need to perform in this case.

 

Checked on AP broadcasting both the SSID's Guest (VLAN 98) and Phone (VLAN 99)

 

AP01#show dot11 VLAN-name
Configured VLAN name ID
002 99
003 98

 

Switch interface configuration:

========================

 

SW01#show run inter Gig 1/0/13
Building configuration...

Current configuration : 240 bytes
!
interface GigabitEthernet1/0/13
description CONNECTED TO LWAP AP01
switchport trunk native VLAN 2
switchport trunk allowed VLAN 98,99
switchport mode trunk
spanning-tree PORTFAST trunk
spanning-tree BPDUGUARD enable
end

 

Cisco ASA firewall:

===============

 

Static default route pointing towards ISP IP.

S* 0.0.0.0 0.0.0.0 [1/0] via 1.1.1.1, outside

 

Please let me know if more details required.

 

Regards,

Antony Xavier

Labels:
0 Helpful
6 Replies 6

Georg Pauwen
VIP
VIP

‎09-30-2021 11:09 AM

Hello,

 

this is difficult to troubleshoot, as anything from the WLC9800 settings to the AP configuration to the ASA could be the problem. What is the difference between Vlan 98 and Vlan 99 when it comes to the settings ? Does the ASA function as the layer 3 device for routing and NATing these Vlans ?

 

To start out with, post the running config of the ASA...

0 Helpful

Antony.xavier
Level 1
Level 1
In response to Georg Pauwen

‎09-30-2021 11:42 PM

Yes, Firewall function as Layer 3 devices. Could you please share me the CLI or GUI how to check list of SSID does AP broadcast. I am using CAWAP AIR-CAP3502I-A-K9.

Georg Pauwen
VIP
VIP
In response to Antony.xavier

‎10-01-2021 04:04 AM

Hello,

 

I think the 3502i has a GUI, check what SSIDs are being broadcast in there. Also, post the running configuration of the ASA.

 

0 Helpful

paul driver
VIP
VIP

‎10-01-2021 04:59 AM - edited ‎10-01-2021 05:01 AM

Hello

Can the PHONE ssid clients ping the internet?, if so check dns server allocation =  ipconfig /all
IF they cannot reach the internet check your FW policys , NAT, Access-list perttaing to the PHONE ssid vlan

From a windows pc there is usefull netsh script for the wifi client you can run.

start/run cmd
netsh wlan show wirelesscapabilities
netsh wlan show wlanreport


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul
0 Helpful

Antony.xavier
Level 1
Level 1
In response to paul driver

‎10-04-2021 02:58 AM

Issue got resolved after updating NAT rule in Firewall. 

 

Thanks for everyone for your valuable inputs.

 

Regards,

Antony Xavier

0 Helpful

Georg Pauwen
VIP
VIP
In response to Antony.xavier

‎10-04-2021 03:36 AM

Hello,

 

a NAT rule on the ASA ? Glad you got it resolved...!

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card