WAP4410N DHCP issues

SuperDragon · ‎04-09-2013

I've had some long standing issues that I've tried various things to fix. I have two WAP4410N access points set up at a smaller sister company. Wireless clients (laptops) are not receiving DHCP assigned IP addresses. If I type in an IP manually, it works fine.

The sister company has a point to point T-1 connection to our main building. Our main building has the DHCP server. The router on the sister company end is configured as the DHCP relay.

I've upgraded the firmware three different times in the past to hopefully resolve the issue, but no luck. Just today, on one of the WAP4410N's, I upgraded to the 2.0.6.1 firmware (backing up config, reset to factory default, upgraded firmware, reset factory default again, restored config). After the first reset to factory defaults, the Access Point itself picked up a DHCP address from the server, and I verified this in the DHCP console on the server, so I know that the DHCP relay is working. However, my laptop would not get a DHCP address when connecting wirelessly through that access point. It is a Windows 7 Enterprise laptop. I also could not get a DHCP IP with my iPhone connecting to wireless, to rule out specific issues with just a laptop.

I have the DHCP lease times for the subnet that these WAP4410Ns are on set to 2 hours.

To put a cherry on top, there is one laptop that stays in a lab area at all times, connecting wirelessly, and it DOES get a DHCP IP address (I can see in the DHCP console that the lease for this laptop continually renews as needed). I do remember on initial config when I couldn't get it to work, that I did a manual set up, gained connection, then switched it to DHCP...but that doesn't work for any other laptop.

What am I missing here? Why would the access points get DHCP address, but not anything connecting to the Access Points?

jonatrod · ‎04-10-2013

Hi Steve, thank you for using our forum, my name is Johnnatan I am part of the Small business Support community. I apologize for your inconvenience you are having, just one question, did you created a Vlan and associate it to the SSID?

If not I advise you to set a Vlan in order to fix the DHCP relay issues.

“Please rate useful posts so other users can benefit from it”

Greetings,
Johnnatan Rodriguez Miranda.
Cisco Network Support Engineer.

“Please rate useful posts so other users can benefit from it” Greetings, Johnnatan Rodriguez Miranda. Cisco Network Support Engineer.

SuperDragon · ‎04-30-2013

There was not a VLAN created. I created one, associated it with the SSID, and DHCP relay still does not work. I cannot get DHCP address for laptops or my iPhone.

SuperDragon · ‎05-09-2013

Bumping this for any other ideas.

Mehdi Boukraa · ‎05-10-2013

Hi Steve ,

Can you share the configuration of the SSID security which encryption are using ? and can you please turn off the security on SSID and try again to connect ?

if doesn't help can you turn Wireshark in your wireless client and captures the trafic when the PC trying to get an IP address ?

Please rate useful posts to help others users

Thanks

Mehdi

SuperDragon · ‎05-10-2013

It is WPA2-Personal, AES, with a Preshared Key. I am not at that site currently to test turning off the security. However, in my local main site, we have the same AP's, with the same security setup, and DHCP works fine.

emcardelli · ‎12-08-2013

Hi, you can solve this problem? I have some issue

danielwright1 · ‎12-16-2013

I'm also having this issue. 3 WAP4410N clients in our office, using channels 1 6 11 so there is no overlap. Windows computers not receiving DHCP address using wireless but will using LAN and will work using static IP address.

Eric Moyers · ‎12-17-2013

Hi, My name is Eric Moyers. I am a Network Support Engineer in the Cisco Small Business Support Center. Thank you for using the Cisco Community Post Forums.

For all those facing this issue. Please call in to our support center and let one of our answering engineers assist you. There is some information we need to gather on your issue that should allow us to help resolve your issue. But until we gather those logs it will be hard to see which direction we need to go.

Thanks

Eric Moyers .:|:.:|:.

Cisco Small Business US STAC Advanced Support Engineer

CCNA, CCNA-Wireless

866-606-1866

Mon - Fri 09:30 - 18:30 (UTC - 05:00)

*Please rate the Post so other will know when an answer has been found.

ernestoabarca · ‎11-27-2015

Hi,

I know this topic is rather old, but here are my two cents. I think I found the problem, seems there is a bug in the way ACL works (Through seems to work fine on most situations).

But wait, first of all, and maybe the reason to appear this problem 'randomly': WHY I should set "Wireless Connection Control" to LOCAL to be allowed to see the wireless clients connected????? That option should be always available!

The apparent reason for DHCP not working is:

- When you activate "wireless connection control", I.E.: see who is connected.

- AND even if you check "PREVENT following MAC addresses from connecting to wireless network"

- AND you leave the MAC list empty

- AND after some.. hours?

It stops relaying DHCP requests

I have latest firmware version: 2.0.7.8

Easy solution: disable at all Wireless connection control if you don't need it.

If you connect by SSH you can see the configuracion is correct so maybe the concept of MAC table "TRUSTED stations list" is not working perfectly.

Is somebody able to verify it too?

matthew1471 · ‎11-27-2015

Hi,

That certainly would be a feature I would have enabled.

I eventually gave up with this product particularly due to the amount of black box type testing to work around the quirks that you are discovering, sold all 4 of these devices (at a profit :-) ) and switched to Cisco Small Business WAP371's. Shortly after the WAP4410N went end of life anyway (coincidence? I think not), so you're even less likely to get firmware updates to it now.

The WAP371 has its own little quirks:
- The remote packet capture is experimental.
- Not all devices play nicely with the new firmware turning PMF/MPF/802.11W on and there are some ERR log lines about this feature perhaps being a little buggy.
- The APs need rebooting approx. every 2 months which may or may not be caused by PMF/MPF/802.11W bugs (we _hammer_ these APs though and have no other problems).
- Some of the default options don't give the best throughput (keeps me in a job I suppose), throughput junkies need to look at the "VHT" checkbox.
- The Cisco WAP Clustering (sorry "Single Point Setup") appears to have some fundamental security vulnerabilities and is not suitable for production networks.

But all in all the WAP371 is a substantially better product (dual band 5Ghz 802.11ac that for some reason there isn't a better equivalent in the WAP 5xx series for, PoE+ that appears to deliver and is on the whole rock solid stable once your clients are connected) and a much better purchase.

My requirements changed for bridging anyway, so I now PoE power the WAP371 so I can't speak about bridging on it but it can't be as bad as the WAP4410N (and you're more likely to get some Cisco support).

As Oracle always say, you can spend time to save money or spend money to save time.. with the WAP4410N being as poor as it was, I did the latter. My advice particularly with the WAP4410N EoL is to ditch it, migrate to WAP371 and try from there. Your time is worth more than trying to make this product work (there's enough people on this forum with enough bad experience with this product mirroring yours, it's not just you it's the product) and Cisco should have known better when they made the WAP4410N than to tarnish their reputation for a fast buck.

Regards,
Matthew

ankit0003 · ‎02-11-2014

Hi, we are facing same issue with this model WAP4410N. Initially we had disabled security assigned static IP to laptop and it is working fine but when we try to connect tablet or smart phone it shows "obtaining IP address.." and then didn't connected. We were of opinion that may be because of old firmware it is not working but evenafter upgrading to 2.0.7.4 problem persist.

emcardelli · ‎12-17-2013

I can solve the problem changing the channel to 5, befor trying all others but with WPA2 security setting because without security config other channels works fine but enabling WPA2 the problem persist.

Now I have conected wap4410-n and linksys wrt54g with dd-wrt on wrvs4400n in channel 5 and WEP security workinf fine! with Cisco GIST app for Iphone I have 5,819 kbps on 6Mb internet cable.

matthew1471 · ‎12-30-2013

I was battling this too. As I am not in America I cannot ring the 866 number.

From playing around it looks like when running in WDS Repeating mode the AP has to behave like a switch and with certain DHCP servers (there are 2 ways DHCP can work which is what Vista taught me : http://support.microsoft.com/kb/928233) that send out broadcasts the WAP4410N does not forward this on...

Despite the halving of the available bandwidth I found the best solution to be to use the AP as a wireless client but allow wireless association so it proxies back to the original AP.

Am I correct in my understanding of this or have I missed something?

From my experience at least, the WAP4410N is (with recent firmware) a rock solid AP.. but the other features are a bit experimental and involve rebooting the host AP as well as the repeating AP to get them to connect. I had the best experience when I rebooted both APs after every change and learnt to give them a good minute to settle down after being rebooted.