I am totally baffled by our latest issue which seems to keep reoccurring out of the blue and at random times.
We have two independent WLC's, a 2504 at our HQ (10.11.0.230) serving 15 AP's and a 5508 (10.11.202.230) at a remote datacenter serving 25 AP's at our remote locations.
The 5508 at our DC seems to be working fine, and its configuration is almost identical to the 2504 at HQ that we have issues with.
All of our wireless clients at HQ and the wireless hardware (WLC and AP's) all use the 10.11.0.0/24 subnet and all traffic should be tagged 999.
At totally random times, only some wireless clients at HQ start to see network speed issues and connectivity issues. When it starts, the user even has difficulty pinging the domain controller at our DC (10.11.202.1).
The weird thing is that if I ping the wireless client, AP or WLC at this same time from my PC, response times are excellent.
If we start to delve deeper into the issue, the user then reports that everything is okay again.
I do not think its general network congestion because if I place a device on the 10.11.0.0/24 network, using a Ethernet cable, there is no issue at all. so I highly suspect that the issue lies with how the AP is dealing with the traffic.
All of the AP's at HQ that are physically in the same location as the WLC are in local mode. The other AP's that are at HQ but in other buildings (they have to go through more switches) are in FlexConnect mode.
This is the running config from one of the troubled AP's.
AP Name : wap-h000424
Admin State : Enabled
AP Mode : FlexConnect
AP Submode : None
Location : Upstairs
Reboot Reason : Controller Reload command
Primary controller name : wlc-h003214
Primary controller IP : 10.11.0.230
Secondary controller name :
Secondary controller IP :
Tertiary controller name :
Tertiary controller IP :
Controller from DNS server : 10.11.0.230, 10.11.202.230
AP join priority : 1
IP Prefer-mode : IPv4
CAPWAP UDP-Lite : Unconfigured
Last Joined Controller name: wlc-h003214
DTLS Encryption State : Disabled
Discovery Timer : 10
Heartbeat Timer : 30
CDP State : Enabled
Watchdog monitoring : Enabled
IOX : Disabled
RRM State : Enabled
LSC State : Disabled
SSH State : Enabled
AP Username : administrator
Session Timeout : 300
Extlog Host : 0.0.0.0
Extlog Flags : 0
Extlog Status Interval : 0
Syslog Host : 255.255.255.255
Syslog Facility : 0
Syslog Level : errors
Core Dump TFTP IP Addr :
Core Dump File Compression : Disabled
Core Dump Filename :
Client Trace Status : Enabled(All)
Client Trace All Clients : Enabled
Client Trace Filter : 0x0000000E
Client Trace Out ConsoleLog: Disabled
WLC Link LAG status : Disabled
AP Link LAG status : Disabled
AP WSA Mode : Disabled
I notice that its lists both WLC's in its DNS record. This didn't really cause me too much concern until this morning when I noticed that a wireless client from one of our remote sites was visiting HQ.
His device must have talked to the AP > WLC > DHCP and because it saw it had a lease from one of our remote sites (10.11.36.103) it let him use that IP again, when he should have picked up a new IP address in the 10.11.0.0./24 range.
I do have two entries in my DNS for the local domain:
I this my problems causing all of the inconsistency? How do I list two DNS entries so both of my WLC's are discoverable but only by certain locations?
QuestionI have the following Air AP:Air-AP1562I-B-K9, 802.11ac outdoor access point There are three antenna cables that go from the inside cover to some soldered connections on a PCB. When removing the cover, two of the soldered antenna connections c...
QuestionHiWe have a guest access set up and was wondering what exactly are the sequence of events from connecting to SSID to being granted internet access, see below steps I'm unsure of are left blank1. connect o SSID through AP2. traffic hits Foreign WLC...