04-21-2005 04:47 AM - edited 07-04-2021 10:41 AM
I've just upgraded a couple of our WDS master access points to 12.3(4)JA and find that they are no longer able to authenticate with wlse.
Has anyone else seen this?
Other access points are authenticating against the WDS master with no problem, but there doesn't seem to be any attempt by wlse to authenticate against the WDS master.
I have noticed that whilst I can happily ping wlse from the WDS master something else on the access point is trying to arp for the WLSE address on the local subnet - (WLSE is on a different subnet).
me-wap-wds1#sh ip arp
Protocol Address Age (min) Hardware Addr Type Interface
Internet 172.16.66.222 - 000d.28d3.38af ARPA BVI1
Internet 172.16.66.210 60 0011.20eb.0c86 ARPA BVI1
Internet 172.16.66.211 60 000f.f715.b044 ARPA BVI1
Internet 172.18.4.11 0 Incomplete ARPA
Internet 172.16.66.1 0 0001.30bd.5d00 ARPA BVI1
Bug in the wlccp code?
Solved! Go to Solution.
04-29-2005 09:53 AM
This is a known bug, ID: CSCsa90418.
WDS AP running 12.3(4)JA unable to authenticate with WLSE
Workaround(s):
1) Turn on proxy arp (ip proxy-arp) on the router that is the first hop from
the AP-WDS to the WLSE OR
2) If proxy arp cannot be enabled for some reason, then create a static arp
entry on the AP.
I have downgraded to 12.3(2)JA and will wait for 12.3(4)JA to be fixed.
04-21-2005 10:32 AM
Is WLSE at the latest 2.11 version?
04-22-2005 12:01 AM
Yes it is.
04-22-2005 04:53 PM
Try if you can use the 12.3(2)JA/JA2 to see if it works.
04-25-2005 01:20 AM
The bulk of our access points are on 12.3(2)JA2 - and this is working fine.
I'm still rather suspicious that the AP seems to be ARPing for the WLSE address despite it being on another subnet - hence my suspicion that something has broken in the 12.3(4) wlccp code.
I've also tried configuring a 12.3(4) AP from scratch and see the same problem.
04-25-2005 03:00 PM
Strange,
I have WLSE 2.11 and 1232AG AP's working well with 12.3(4)!
Do you have differente AP HW in your solution?
04-27-2005 12:13 AM
I've seen this on 1100s and 1131s.
Do you have WLSE on a different subnet to the APs + proxy-arp off on your routers?
04-26-2005 12:33 PM
I am seeing the exact same problem you are. I upgraded our WLSE to 2.11 and our APs to 12.3(4)and now all attempts at authenticating WLSE to WDS fail.
I have both 1100 and 1210 series APs and the problem is happening on both models. Other APs authenticate to the WDS with no problems, however.
It MUST be a bug in the code. I am going to open a TAC Case tomorrow.
04-27-2005 12:09 AM
Excellent, at least I know I'm not going totally mad :-)
Do you also see the odd ARP entry?
04-27-2005 06:31 AM
Yes, the 'show ip arp' output I'm seeing matches the output you posted earlier.
Very odd indeed. I'm glad I'm not the only one experiencing this. Racked my brain for 2 days before I checked the forums.
04-27-2005 08:38 AM
Ok, this is actually the same person that posted as wbrowning, I just got my own account.
Here's an update. I have opened a TAC Case w/ Cisco regarding this error. In the meantime, I have downgraded my access points to 12.3(2)JA and the problem has been resolved.
I did a 'show ip arp' on the access points now running 12.3(2)JA and the WLSE no longer shows up in the table.
I would say all this points to a bug in 12.3(4)JA. I'll let you know when I get a resolution on the TAC Case.
04-29-2005 09:53 AM
This is a known bug, ID: CSCsa90418.
WDS AP running 12.3(4)JA unable to authenticate with WLSE
Workaround(s):
1) Turn on proxy arp (ip proxy-arp) on the router that is the first hop from
the AP-WDS to the WLSE OR
2) If proxy arp cannot be enabled for some reason, then create a static arp
entry on the AP.
I have downgraded to 12.3(2)JA and will wait for 12.3(4)JA to be fixed.
05-03-2005 01:01 AM
Many thanks for that.
Neither workaround is acceptable to us so I'll also be waiting for a fixed 12.3(4).
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide