Solved: 2100 Wireless controller - issue with mac addresses due to possible switch loop

BILL PETERSEN · ‎03-18-2011

Hi Guys

We have a strange thing happening with our WLAN controller 2100. We have two 48 port 2960 swithes connectected together with a trunk connection. We have the controller plugged into a trunk port on the first switch and a firewall plugged into the data VLAN on the second switch.

What was happening is devices connected to the first switch would be able to connect to the firewall ok for a min or so but then would lose connection to the firewall. If I did a mac address flush on the firewall I could ping again from a device on the first switch to the firewall on the second switch for about a min or so and then would go away again until I flushed the mac address table in the ASA firewall.

When I disconnect the WLAN controller it would work ok. Somehow having the WLAN controller hooked up was feeding bad mac info back to the firewall.

Not sure what to change on the WLAN controller config to make that not happen

thanks

Bill

Nicolas Darchis · ‎03-19-2011

How many ports on the WLC are plugged ?

Did you make the switchport towards the WLC as "spanning-tree portfast trunk" ?

Nicolas

View solution in original post

Nicolas Darchis · ‎03-19-2011

How many ports on the WLC are plugged ?

Did you make the switchport towards the WLC as "spanning-tree portfast trunk" ?

Nicolas

BILL PETERSEN · ‎03-19-2011

Hi Nicolas

I just have port 1 plugged in. All interfaces are configured to use port 1. I went in just to be sure and disabled all the other ports.

I have the controller plugged into a trunk port with spanning tree on.

Things appear to be working now.

What could of been the issue is I had a WAP plugged into a trunk port also on the switch. I don't know if that could of be causing a problem by maybe bridging in some way so I moved it to a data vlan port.

Would it be go to uncheck the "Mesh Ethernet Bridging - VLAN Transparent" check box. We have a simple setup where 4 WAPS connect back to a controller in a single building.

thanks

Bill

Nicolas Darchis · ‎03-19-2011

Unless special configuration (Hreap, mesh ethernet bridging) an AP port has to be access mode, not trunk.

Are you doing Mesh ?? Otherwise what are you doing with ethernet bridging enabled ? And especially if the AP is connected on the same switch as the WLC.

BILL PETERSEN · ‎03-19-2011

Thanks Nicolas

We arent doing a mesh though. I was just asking about the default setting under Wireless/Mesh below to see if we should change or leave along

Ethernet Bridging

VLAN Transparent	Enabled

Nicolas Darchis · ‎03-20-2011

If you don't have any AP in "bridge" mode, then the mesh settings have no impact whatsoever.

Nicolas

dmantill · ‎03-20-2011

please upload configuration from switches arp tables and CDP neig list..

From firewall, config and arp too..

From WLC please reply with show run-config and show arp switch

capture these when issue is happening.

Make sure that there are no wireless clients being connected wired too, and doublecheck who is being the DHCP for both wired and wireless clients.

Regards

BILL PETERSEN · ‎03-21-2011

Hello

The issue is resolved so I will go ahead and close the discussion. I mentioned the fix earlier in the discussion. thanks again everyone for all your help.

Bill