11-27-2010 05:24 AM
Hi, we have 9 WAP4410N with PoE in our network. They were purchased on August. We found that very often in a week, they stop responding to any clients so they cannot get IP addresses, but we can ping the devices and enter the administration page. The only solution is to reboot the AP. I found some references to the same problem in the Cisco Forums and even some bad recommendations in Amazon.com about these APs, but now is too late and we need to found a solution.
We upgraded to firmware 2.0.3.3 but problem remains. We are completly sure that IP and DNS configurations are fine and that our switches and DHCP servers work fine, too. We have in the same LAN, APs 3COm from the 9150 series with no problems. These 3Com APs use the same network services that the 4410.
Currently we are testing the Force LAN to 100 Mbps option and using mixed encryption algorithms (AES and TKIP) because at the begining, we were only using AES. But, I feel that it is not a smart procedure because it is not based on any real fact; it is, may be a desperate choice.
In order to administer those APs, we normally connect at the night so we don´t affect anyone on the network. However, when I check the administration page, I can see that the utilization rate in all the APs is always more that 40%, and I am sure, nobody is using the AP at the night. Wierd. In a normal day, no more than 20 clients are connected to each AP.
Logs have no valuable information to use in order to find a solution.
So, any ideas or help would be much appreciated.
Xavier Villafuerte
01-06-2011 01:53 PM
I hate to say it everyone, but this product will most likely never get fixed properly. I was involved in a thread regarding this exact topic that was started YEARS ago. That thread was hundreds of posts long (with absolute minimal input from Cisco), then split, and then finally closed. Smaller threads like this pop up all the time. This product has been buggy from the beginning, with almost no support from Cisco. I had 3 of these units replaced with Rev. 2 models but still continue to have troubles no matter what version of firmware is loaded.
When you're reduced to daily power cycling (as Min is doing), you know there is a major problem.
Do yourself a favor. Cut your losses, purchase new APs (pref. non-Cisco), and save yourself the headache.
02-13-2011 09:59 AM
I have same issues as ALL here...only reboot helps
firmware 2.0.3.3
5 WAP4410N
Dietmar K
02-14-2011 04:36 AM
After playing with some settings, may be you can find interesting the
following. I increased the Key Renewal setting to 36000 seconds (ten
hours) and it seems that the AP is more stable that way. I am not
sure, but I believe that under heavy load of clients, trying to renew
that Key every hour (as default) could use a lot of processing and the
AP stops responding (not sure really). I don´t know if changing this
setting is a security risk, but at least it is more than a week
without rebooting the AP.
Hope it helps
Xavier Villafuerte
On Sun, Feb 13, 2011 at 12:59 PM, didikoeb603
02-14-2011 07:06 PM
Oh! Not bad, as long as it can stand for a week instead of daily rebooting. In theory, longer key renewal time gives hackers more time to penetrate the system. Unless you don't care hakers, it wouldn't be problem, i think.
Can i know what kind of security you are using, WPA, WPA2 or else? and how many SSID configure on same AP? I have two SSIDs with different VLAN, i.e., (i)WPA2-PSK and (ii)WAP2-Enterprise. The strange thing is while one SSID can't access with limited connection, another SSID has no issue. In my case, if a cleint is able to connect one of APs, it will never loose connections until it moves another location or shutdown PC.
02-15-2011 07:14 AM
Hi, we are using WPA2 with AES encryption. We have only 1 SSID in each AP and it is the same in all of them.
I really hope hackers found more interesting and valuable to hack another network
Xavier Villafuerte
El 14/02/2011, a las 22:07, mintheinoo
Xavier Villafuerte,
A new message was posted in the Discussion thread "WAP4410N stops responding very often":
https://supportforums.cisco.com/message/3293195#3293195
Author : Min Thein Oo
Profile : https://supportforums.cisco.com/people/mintheinoo
Message:
02-14-2011 12:34 AM
... i have three AP WAP4410N. same problems here.
i try all possible config.. but nothing resolve.
Other BIG problem of firmware 2.0.3.3 is make the AP as WDS repeater. i need that one of these expand the range of the network, but NOT WORK!!!
the repeater linked to AP but no clients can connect to .. if i link to the AP i can reach and config the repeater !?!
the problem is better explain here:
https://supportforums.cisco.com/message/3285679#3285679
03-01-2011 11:13 PM
Hi all,
I have just established a wireless bridge between 2 x WAP4410N devices, both running firmware 2.0.3.3 and the link freezes very frequently. I have tried the following:
- Wireless WDS Repeater mode.
- Wireless Client/Repeater mode
- Changing between N only or B/G/N mixed mode
In all cases the link will completely hang after a variable amount of time. The access point that is operating as the repeater needs to be booted to reestablish the link.
It seems to be a common and frustrating problem shared by many. Is anyone from Cisco listening and resolving these issues? Or, has anyone managed to get a configuration like this stable and reliable?
Thanks in advance.
Regards,
Andrew
03-02-2011 02:45 AM
Group Key Interval in 36000 worked for me in a normal AP configuration (security issues were discussed some posts ago). Not sure if it works for you. At least the APs are far more stables (weeks instead of days).
Xavier Villafuerte
El 02/03/2011, a las 2:13, xuridisaltd
Xavier Villafuerte,
A new message was posted in the Discussion thread "WAP4410N stops responding very often":
https://supportforums.cisco.com/message/3305567#3305567
Author : Andrew Jensen
Profile : https://supportforums.cisco.com/people/xuridisaltd
Message:
03-15-2011 08:58 PM
Workaround: All AP are enabled SSH and write a batch job to reboot these AP by Windows Scheduled Tasks. And reboots before office hours and lunch time too. Anyway I don't need to attend GUI manually. Please tell me if you like to see simple batch job.
Hope Cisco will release new stable firmware version soon.
04-03-2011 11:32 AM
Min:
I would really to like to see the batch script you made; it would help me solve my issues as well. Thank you.
Mark
04-03-2011 10:47 PM
AP Reboot Batch Job by SSH
Step1: Enable SSH logon on all APs. Administration -> Remote Console -> Secure Shell (SSH) -> Enabled
Step2: Download “putty.exe” and “plink.exe” from internet. Their licences are Open Source certified. Plink is a command-line interface to the PuTTY back ends. If you need to some delay between one AP to another, download “Windows Resource Kit” and extract “sleep.exe”.
(In my case, if all APs are rebooted altogether, clients will lose wireless connection. As being layer 2 roaming in use, APs are being rebooted one by one, so that clients are still remained connecting to wireless network by roaming to neighboring APs while a particular AP is rebooting. That’s why it is required some delay between one AP to another.)
Step3: Create one directory at PC where it will launch schedule job. In this example, C:\putty folder and C:\putty\log folder are created. And copy “putty.exe”, “plink.exe” and “sleep.exe” to C:\putty folder.
Step4: Create C:\putty\APIPAddress.txt file. Add AP IP Address line by line to this file.
Step5: Put all the following batch commands into one file and name it with .bat extension. In my case, Autoreboot.bat and save it in C:\putty folder.
Change login name at “USERID” and login password at “PASSWD” in batch variables accordingly. Set delay in seconds at “DELAY” variable.
REM ---------------------------- Starting of Batch File ----------------------------
@echo off
set LOG=C:\putty\log\temp.log
set DELAY=90
set PASSWD=password
set USERID=admin
set /a COUNTER=0
set /a REBOOTCOUNTER=0
C:
cd C:\putty
echo ---------------------------------------- >> %LOG%
echo Job started at %time% on %date% >> %LOG%
echo. >> %LOG%
for /F "eol=;" %%i in (APIPAddress.txt) do (
call :rebooter %%i
set /a COUNTER+=1)
echo. >> %LOG%
echo Total AP rebooted: %REBOOTCOUNTER% out of %COUNTER% >> %LOG%
echo Job ended at %time% on %date% >> %LOG%
echo ---------------------------------------- >> %LOG%
echo. >> %LOG%
for /f "tokens=1-5 delims=/:. " %%d in ("%date% %time%") do rename %LOG% APreboot_%%f%%e%%d_%%g%%h.log
goto :eof
:rebooter
ping -n 1 -w 300 %1
if NOT %ERRORLEVEL%==0 (
echo Error: Ping failed %1 at %time% >> %LOG%) else (
start c:\putty\plink.exe %1 -l %USERID% -pw %PASSWD% reboot
set /a REBOOTCOUNTER+=1
echo Rebooted: %1 at %time% >> %LOG%
c:\putty\sleep.exe %DELAY%)
goto :eof
REM ---------------------------- Ending of Batch File ----------------------------
Step6: Login with SSH to all APs from putty.exe in order to save each individual certificate of all APs. It wouldn’t prompt you to accept certificate when schedule job is run.
Step7: Add the batch file into windows schedule job.
Step8: Now you have completed to create schedule task and batch file.
Limitation: Login name and password for all APs must be the same and keep them in plain text in batch file.
Batch file explanation: Before sending reboot command to AP, it detects AP by ping. If ping is not reachable, it generates error message in log file.
04-04-2011 04:30 AM
We are hopefully looking and anticipating a new firmware out very soon that will clear up a lot of issues that the WAP4410N's are
experiencing. Keep checking back and we will report as soon as we have it available.
THANKS
Rick Roe
Cisco Small Business Support Center
04-04-2011 07:43 AM
@Rick:
Thank you for the follow up; that is encouraging to hear and I really hope it happens soon. I have stopped installing these access points for clients and chose another vendor's AP. I have mostly positive experiences recommending Cisco Small Business products but this particular instance has been disappointing.
@Min:
Thank you very much for sharing this. You may have just saved me about 2-3 hours of work per week. Very much appreciated!
Mark
04-29-2011 07:17 AM
Min's solution helped to some degree but I was forced to purchase access points from a different vendor to satisfy my clients SLA and stop eating into my service margins. I still prefer the WAP4410N over any other WAP but this bug is a killer.
I anxiously await the updated firmware and fix so that I can go back to installing these access points for clients.
04-29-2011 07:24 AM
>
this bug is a killer.
>
I also have been forced to utilize alternative solutions that are not as
full featured, but fully stable. While I can't say I like the 4410N better
than other WAPs, the feature set / price point would continue to be
compelling, if only the dang things actually worked. We've been hearing
"soon", "check back often", etc. for over six months, and yet another
quarter is going into the books.
>
I anxiously await the updated firmware and fix so that I can go back to
installing these access points for clients.
>
amen.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide