Buy or Renew
Buy or Renew
Cisco Virtual Engineer generative AI bot now active in Wireless Discussion Forum. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
945
Views
0
Helpful
5
Replies

AP 2600 doesn´t work properly with ISE

sola.fernando
Level 1
Level 1

‎10-30-2018 07:30 AM - edited ‎07-05-2021 09:23 AM

Hi everybody!

 

I have this issue: When I can connect an endpoint to an AP 3800 via 802.1X through ISE without any problem. That works fine.

Then when the user moves to another location, and his notebook connects to another AP (2600 for example) the endpoint keeps his IP configuration but lose his connection with the rest of the LAN. It remains connected, but it can’t reach even his gateway.

 

This happen everytime that this happen. We think that it could be the 2600 family but we are not really sure about it.... Any suggest? 

 

Thanks!!

Labels:
0 Helpful
5 Replies 5

Jason Kunst
Cisco Employee
Cisco Employee

‎10-30-2018 07:40 AM

Would recommend working with the wireless team as ise doesn’t communicate to the AP directly. The AP communicates to the wireless controller. Might be something to do with fast user roaming caching of the session. I am going to move this
0 Helpful

sola.fernando
Level 1
Level 1
In response to Jason Kunst

‎10-30-2018 10:06 AM

Ok perfect thanks!. Do you move the case? Or I have to do it?

0 Helpful

Sathiyanarayanan Ravindran
Spotlight
Spotlight
In response to sola.fernando

‎03-23-2019 07:09 AM

Hi Fernando,

 

Can you check whether the below recommended configuration is present on ur devices? 

 

https://community.cisco.com/t5/security-documents/top-six-important-cisco-wlc-settings-for-ise-integration/ta-p/3643795

Regards,
Sathiyanarayanan Ravindran

Please rate the post and accept as solution, if my response satisfied your question:)
0 Helpful

sola.fernando
Level 1
Level 1

‎10-30-2018 10:12 AM

Additional Information:

The WLC has the entry for the PC/Notebook associate to the AP but if you enter to the AP CLI, it doesn't have the Endpoint MAC Address

0 Helpful

patoberli
VIP Alumni
VIP Alumni
In response to sola.fernando

‎03-25-2019 03:03 AM

Sounds like your DHCP Lease Timeout is to long. Reduce that to a time, that is lower as the time required for the client to move between the two buildings.
Alternatively you would have to use L3 roaming on the WLC or use different SSIDs between the buildings (if they don't use the same IP networks/vlans).
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card