cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
3852
Views
0
Helpful
14
Replies

Wireless clients not able to obtain IP address.

lostsurfer
Level 1
Level 1

Recently I setup an 1130 AP, it's group broadcasts two SSID's. One for users and one for guests. It's been working solid now for several months. Now users are reports that on the public SSID they are getting dropped and can't reconnect, they time out. Usually they can connect to the SSID without security, and login with a username and password provided by the secretary. I've tried troubleshooting this to the best of my ability but am stuck. Any ideas?                  

14 Replies 14

Scott Fella
Hall of Fame
Hall of Fame

Post your show WLAN

Sent from Cisco Technical Support iPhone App

-Scott
*** Please rate helpful posts ***

WLAN ID 2, that's for the public and WLAN ID 3 for the secure. I can't seem to telnet of ssh to the ap itself.

So you have an autonomous AP?  Well you need to be able to telnet/ssh or console and provide the show run-config.

Thanks,

Scott

*****Help out other by using the rating system and marking answered questions as "Answered"*****

-Scott
*** Please rate helpful posts ***

No scott, it's a lightweight, I'm going to enable ssh and see what I can find.

If it's lightweight, you need to access the cli on the WLC and issue the show wlan   Not from the AP.

Thanks,

Scott

*****Help out other by using the rating system and marking answered questions as "Answered"*****

-Scott
*** Please rate helpful posts ***

WLAN Identifier.................................. 2
Profile Name..................................... Public Access
Network Name (SSID).............................. public
Status........................................... Enabled
MAC Filtering.................................... Disabled
Broadcast SSID................................... Enabled
AAA Policy Override.............................. Disabled
Network Admission Control

Radius-NAC State............................... Disabled
SNMP-NAC State................................. Disabled
Quarantine VLAN................................ 0
Maximum number of Associated Clients............. 0
Number of Active Clients......................... 3
Exclusionlist Timeout............................ 60 seconds
Session Timeout.................................. 7200 seconds
CHD per WLAN..................................... Enabled
Webauth DHCP exclusion........................... Disabled
Interface........................................ vlan 8
Multicast Interface.............................. Not Configured

--More-- or (q)uit
WLAN ACL......................................... unconfigured
DHCP Server...................................... Default
DHCP Address Assignment Required................. Disabled
Static IP client tunneling....................... Disabled
Quality of Service............................... Silver (best effort)
Scan Defer Priority.............................. 4,5,6
Scan Defer Time.................................. 100 milliseconds
WMM.............................................. Allowed
WMM UAPSD Compliant Client Support............... Disabled
Media Stream Multicast-direct.................... Disabled
CCX - AironetIe Support.......................... Enabled
CCX - Gratuitous ProbeResponse (GPR)............. Disabled
CCX - Diagnostics Channel Capability............. Disabled
Dot11-Phone Mode (7920).......................... Disabled
Wired Protocol................................... None
IPv6 Support..................................... Disabled
Peer-to-Peer Blocking Action..................... Disabled
Radio Policy..................................... All
DTIM period for 802.11a radio.................... 1
DTIM period for 802.11b radio.................... 1
Radius Servers
Authentication................................ Global Servers
Accounting.................................... Global Servers

--More-- or (q)uit
Dynamic Interface............................. Disabled
Local EAP Authentication......................... Disabled
Security

802.11 Authentication:........................ Open System
Static WEP Keys............................... Disabled
802.1X........................................ Disabled
Wi-Fi Protected Access (WPA/WPA2)............. Disabled
CKIP ......................................... Disabled
IP Security................................... Disabled
IP Security Passthru.......................... Disabled
Web Based Authentication...................... Enabled
ACL............................................. Unconfigured
Web Authentication server precedence:
1............................................... local
2............................................... radius
3............................................... ldap
Web-Passthrough............................... Disabled
Conditional Web Redirect...................... Disabled
Splash-Page Web Redirect...................... Disabled
Auto Anchor................................... Disabled
H-REAP Local Switching........................ Disabled
H-REAP Local Authentication................... Disabled

--More-- or (q)uit
H-REAP Learn IP Address....................... Enabled
Client MFP.................................... Optional but inactive (WPA2 not configured)
Tkip MIC Countermeasure Hold-down Timer....... 60
Call Snooping.................................... Disabled
Roamed Call Re-Anchor Policy..................... Disabled
SIP CAC Fail Send-486-Busy Policy................ Enabled
SIP CAC Fail Send Dis-Association Policy......... Disabled
Band Select...................................... Disabled
Load Balancing................................... Disabled

Mobility Anchor List
WLAN ID IP Address Status
------- --------------- ------

Thanks scott

Interface........................................ vlan 8

I would connect a wired laptop to a port on the same switch as the WLC on vlan 8 and see if you can get an ip address.  What is handing out dhcp?  You might want to disable dhcp proxy on the WLC.

Thanks,

Scott

*****Help out other by using the rating system and marking answered questions as "Answered"*****

-Scott
*** Please rate helpful posts ***

I can't seem to telnet of ssh to the ap itself.

By default, Telnet and SSH to the AP is disabled.

On the WLC, post the output to the command "sh interface detail vlan 8".

manassin
Level 1
Level 1

Hi,

With the show run config please send the switchport cong as well. In this case we have two WLANs so we need to make sure that the switchport is configured as trunk mode and the vlans mapped to both the WLAN ID 2 and 3 are allowed on it.

We also need to make sure that the wired portion is working fine as Wireless is an extension to the Wired configuration.

Thanks and regards,

Manas Pratap Singh.

Where would the switchport config be running at? Here's the thing we're running the ap connected to a netgear smart switch as opposed to a cisco at this location. I'm not familiar with netgear smart switches in the least. I checked the run config on the router at the location, shouldn't there be a trunk mode set on one of the ports back to hq?

The WLC is trunked to the switch correct?

Thanks,

Scott

*****Help out other by using the rating system and marking answered questions as "Answered"*****

-Scott
*** Please rate helpful posts ***

Scott, this is at a satellite campus, and it looks to be trunked. The ap show fine with out errors and all the configurations look right. Contacts on site say that the problem seems to be intermittent. Mostly apple users seem to be effected by this. Where they can connect and after a period of time get dropped then when they try to connect back to the public ssid it times out trying to obtain an IP address. After cycling power on the access point, some user's that were connected seem to be connecting back to the ap automatically, as I can see the clients connected. Weird thing is yesterday when I left my android phone nor laptop were able to connect, contacted site this morning and they said that they were doing fine!?!

bauera
Level 1
Level 1

Check the size and utilization of DHCP pool and lease time.  Lease time should be small, 300 sec.

Looking on the controller that the AP is associated with on the dhcp scope I see that the public wireless is only from 192.168.1.50 - 192.168.1.100. So that needs to be changed, and the lease time is set to 86400. I can change the size of both, you mind me asking what the lease time effects exactly? I'm trying to get a better understanding, also I'm assuming this only effects ap's that broadcast this ssid from this controller? Would I need to do this as well on my other controllers that broadcast this public ssid, or can it be set from the wcs to effect all controllers? Thanks for everyones time, with your help I've been able to understand how this all comes together!

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: