Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
547
Views
0
Helpful
6
Replies

MAC Address Confusion 9500 / 9800

TomDavid
Level 1
Level 1

‎01-26-2024 08:23 AM

Hi All, 

I have a really odd one. We have a Cisco C9500-48Y4C with embedded wifi controller running 17.3.2a

We are in the process of migrating to a 9800 for WiFi and just in the testing stages so this is how this issue has come to light. 

For some reason if we join a laptop to an AP which puts the traffic down a specific VLAN (VLAN70) and then come off the AP and patch into a port tagged up on the same VLAN the laptop doesnt get an IP and just doesnt work. If we randomise the MAC address on the laptop it instantly works again. 

Something is happening with the MAC not getting cleared. We're not running mac address filter or port security or anything like that, its a fairly basic setup but somewhere its not getting cleared. The setup is basic, 

9500 Core Switch -> Fibre to -> 9200 switches -> Ethernet -> Laptop 

OR

9500 Core Switch -> Fibre to -> 9200 switches -> Ethernet -> Cisco AP 9120 -> Laptop

Checked spanning tree and it says nothing is being blocked. 

Anyone have any ideas?!

 

Labels:
0 Helpful
6 Replies 6

balaji.bandi
Hall of Fame
Hall of Fame

‎01-26-2024 12:48 PM

how is your port configuration the Pc connected ?

what was the IP you have when you connected before ?

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

TomDavid
Level 1
Level 1
In response to balaji.bandi

‎01-29-2024 01:21 AM

Hi, Thanks for your reply. 

The normal network port is setup like so:


interface TenGigabitEthernet1/0/47
switchport access vlan 70
switchport mode access
spanning-tree portfast
spanning-tree bpduguard enable

The port the AP is plugged into is setup like so:

interface GigabitEthernet1/0/4
description APName
switchport trunk native vlan 2040
switchport trunk allowed vlan 30,40,60,70,80,2040
switchport mode trunk

0 Helpful

MHM Cisco World
VIP
VIP

‎01-26-2024 01:03 PM

what is l2 secuirty you use for wifi ?

MHM

0 Helpful

TomDavid
Level 1
Level 1
In response to MHM Cisco World

‎01-29-2024 01:23 AM

The one we are testing with is billy basic to make things as simple as possible - WPA2-PSK

0 Helpful

Giuseppe Larosa
Hall of Fame
Hall of Fame
In response to TomDavid

‎01-29-2024 05:32 AM

Hello @TomDavid ,

can you check on the PC if it is using different MAC addresses on the RJ45 port and on the WIFI adapter ?

you can use ipconfig /all      (if the PC is running Windows 10)

from shell for this

Hope to help

Giuseppe

 

0 Helpful

TomDavid
Level 1
Level 1
In response to Giuseppe Larosa

‎01-29-2024 06:53 AM

Yes they're using their own MAC address. 

Unfortunately after another morning of testing to try and find at least some sort of a pattern. We've identified that RJ45 Ethernet port is now connecting to the VLAN fine despite it not working Friday (I genuinely have no reason why).

In addition to this when we connect a laptop to the new 9800 which puts the traffic on VLAN 70 it connects fine.

If we then connect back to the old 9500 Embedded WLC SSID that puts the traffic down VLAN 70 it connects gets an IP and works fine.

If I then connect the same laptop to the 9800 it gets an IP but says No Internet Secured and you can't ping anything etc. Unless you turn on Randomise Mac and then it works perfectly. 

I can only think that something in the 9500 embedded WLC is not releasing hold of the MAC. 

 

 

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card