Introduction
Wireless phone authentication fails in a WDS setup when an AP is configured as a WDS device.
Core Issue
The problem occurs if the Access point is configured for Layer 3 mobility in WDS setup
Resolution
An AP is a Layer 2 device. Therefore, the AP does not support Layer 3 mobility when the AP is configured to act as a WDS device. You can achieve Layer 3 mobility only when you configure the WLSM as the WDS device. Refer to the Layer 3 Mobility Architecture section of Cisco Catalyst 6500 Series Wireless LAN Services Module: White Paper for more information.
Therefore, when you configure an AP as a WDS device, do not use the mobility network-id command. This command applies to Layer 3 mobility and you need to have a WLSM as your WDS device in order to properly configure Layer 3 mobility. If you use the mobility network-id command incorrectly, you can see some of these symptoms:
- Wireless clients cannot associate with the AP.
- Wireless clients can associate to the AP, but do not receive an IP address from the DHCP server.
- A wireless phone is not authenticated when you have a voice over WLAN deployment.
- EAP authentication does not occur. With the mobility network-id configured, the AP tries to build a Generic Routing Encapsulation (GRE) tunnel to forward EAP packets. If no tunnel is established, the packets do not go anywhere.
- An AP configured as a WDS device does not function as expected, and the WDS configuration does not work.
Note: You cannot configure the Cisco Aironet 1300 AP/Bridge as a WDS master. The 1300 AP/Bridge does not support this functionality. The 1300 AP/Bridge can participate in a WDS network as an infrastructure device in which some other AP or WLSM is configured as a WDS master.
Problem Type
- Configure / Configuration issues
- Associated but cannot pass any traffic
Products
- Access point
- Cisco 7920 Wireless Phones
Topology
Wireless client to AP
Wireless Stages
Unauthenticated and Associated
SW Features
Wireless Domain Services (WDS)
Reference