cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1098
Views
0
Helpful
15
Replies

AP INdoor my 1602 and 1552 outdoor broadcast the SSID but end users are unable to obtain a dynamic IP.

cameroun
Level 1
Level 1

Hello,

Could you help me please?

AP INdoor my 1602 and 1552 outdoor broadcast the SSID but end users are unable to obtain a dynamic IP.

And at my WLC 5508 what security level 2 and 3 choose?

Attached is a shema of my infrastructure.

I only use one port on my WLC 5508, port 1. and my switch are switch level 2 of 2960. do I configure multiple SSIDs?

thank you in advance for your help

2 Accepted Solutions

Accepted Solutions

Ok, so right now your WLAN is linked to your management interface.

What subnet do you want the users to get an address on? 

You'll want to add an interface for the subnet(s) you want users to get addresses on.  Then change the interface on the WLAN.

HTH,
Steve

------------------------------------------------------------------------------------------------
Please remember to rate useful posts, and mark questions as answered

HTH,
Steve

------------------------------------------------------------------------------------------------
Please remember to rate useful posts, and mark questions as answered

View solution in original post

i wouldn't use WEP, it is very easily broken.

You really should use WPA2/AES.  If changing to WEP worked, and WPA2 didn't then I might look at the drivers of the NIC

HTH,
Steve

------------------------------------------------------------------------------------------------
Please remember to rate useful posts, and mark questions as answered

HTH,
Steve

------------------------------------------------------------------------------------------------
Please remember to rate useful posts, and mark questions as answered

View solution in original post

15 Replies 15

Scott Fella
Hall of Fame
Hall of Fame

Did the AP's join the WLC?

Can the client associate to the SSID?

If you use a static address on the client, can you ping the gateway?

Thanks,

Scott

Help out other by using the rating system and marking answered questions as "Answered"

-Scott
*** Please rate helpful posts ***

my ap correctemt join the WLC.

I do not understand the second question, but on my PC, the SSID I configured is displayed, but when I clik on the SSID,fails connection, I do not GET TIRED IP address while must have an automatic ip given by my DHCP server (WLC).

I think my client to an ADSL router series 800, which is in production, so for the moment I do not take it into account in my sets, I'll include below. Right now I just want my PC to obtain an automatic IP via my controller.

Putting a static is a way to test if connectivity is there or not. If you can access the network when you have a static address, then your interface or your network is the issue. If you have network connectivity using a static then the network is fine and we need to look at the IP helpers, proxy and other things.

Your dynamic interface doesn't have an IP address, so if your mapping the WLAN to that interface, it will not work.

Sent from Cisco Technical Support iPhone App

-Scott
*** Please rate helpful posts ***

with a static ip, there is a connectivity.

What Steve is looking at so you know, is the interface in your show wlan command.

CHD per WLAN..................................... Enabled

Webauth DHCP exclusion........................... Disabled

Interface........................................ management

Multicast Interface.............................. Not Configured

WLAN IPv4 ACL.................................... unconfigured

You see where it says management. This is where your users who connect to this wlan will go for an ip address. Seeing that you want the users to have the same subnet as your management interface you have that mapped properly.

If you do the following command:

(WiSM-slot1-1) >show interface detailed management

Interface Name................................... management

MAC Address...................................... 00:1b:54:d4:1e:2b

IP Address....................................... 10.245.114.11

IP Netmask....................................... 255.255.255.0

IP Gateway....................................... 10.245.114.1

External NAT IP State............................ Disabled

External NAT IP Address.......................... 0.0.0.0

VLAN............................................. untagged 

Quarantine-vlan.................................. 0

Active Physical Port............................. LAG (29)

Primary Physical Port............................ LAG (29)

Backup Physical Port............................. Unconfigured

Primary DHCP Server.............................. 10.245.115.1

Secondary DHCP Server............................ Unconfigured

DHCP Option 82................................... Disabled

ACL.............................................. Unconfigured

AP Manager....................................... No

Guest Interface.................................. No

L2 Multicast..................................... Enabled

You can see where these clients will get DHCP from in my case you will see im pointing to 10.245.115.1

What is yours pointing to ?

__________________________________________________________________________________________
"Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin
__________________________________________________________________________________________
‎"I'm in a serious relationship with my Wi-Fi. You could say we have a connection."

"Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin
___________________________________________________________

Stephen Rodriguez
Cisco Employee
Cisco Employee

can you share the WLAN config and interface information?

show wlan < wlan ID >

show interface summary

HTH,
Steve

------------------------------------------------------------------------------------------------
Please remember to rate useful posts, and mark questions as answered

HTH,
Steve

------------------------------------------------------------------------------------------------
Please remember to rate useful posts, and mark questions as answered

Hello Stephen,

Here are the out put that you asked:

(Cisco Controller) >SHow wlan 1

WLAN Identifier.................................. 1

Profile Name..................................... WIFI-EEM-CAMPUS

Network Name (SSID).............................. EEM-LBV

Status........................................... Enabled

MAC Filtering.................................... Enabled

Broadcast SSID................................... Enabled

AAA Policy Override.............................. Disabled

Network Admission Control

Client Profiling Status

    Radius Profiling ............................ Disabled

     DHCP ....................................... Disabled

     HTTP ....................................... Disabled

    Local Profiling ............................. Disabled

     DHCP ....................................... Disabled

     HTTP ....................................... Disabled

  Radius-NAC State............................... Disabled

  SNMP-NAC State................................. Disabled

  Quarantine VLAN................................ 0

Maximum number of Associated Clients............. 0

Maximum number of Clients per AP Radio........... 200

Number of Active Clients......................... 0

Exclusionlist Timeout............................ 60 seconds

Session Timeout.................................. 1800 seconds

User Idle Timeout................................ Disabled

Sleep Client..................................... disable

Sleep Client Timeout............................. 12 hours

User Idle Threshold.............................. 0 Bytes

NAS-identifier................................... WLC-EEML-MANAGMT

CHD per WLAN..................................... Enabled

Webauth DHCP exclusion........................... Disabled

Interface........................................ management

Multicast Interface.............................. Not Configured

WLAN IPv4 ACL.................................... unconfigured

WLAN IPv6 ACL.................................... unconfigured

WLAN Layer2 ACL.................................. unconfigured

mDNS Status...................................... Enabled

mDNS Profile Name................................ default-mdns-profile

DHCP Server...................................... Default

DHCP Address Assignment Required................. Disabled

Static IP client tunneling....................... Disabled

PMIPv6 Mobility Type............................. none

    PMIPv6 MAG Profile........................... Unconfigured

    PMIPv6 Default Realm......................... Unconfigured

    PMIPv6 NAI Type.............................. Hexadecimal

Quality of Service............................... Silver

Per-SSID Rate Limits............................. Upstream      Downstream

Average Data Rate................................   0             0

Average Realtime Data Rate.......................   0             0

Burst Data Rate..................................   0             0

Burst Realtime Data Rate.........................   0             0

Per-Client Rate Limits........................... Upstream      Downstream

Average Data Rate................................   0             0

Average Realtime Data Rate.......................   0             0

Burst Data Rate..................................   0             0

Burst Realtime Data Rate.........................   0             0

Scan Defer Priority.............................. 4,5,6

Scan Defer Time.................................. 100 milliseconds

WMM.............................................. Allowed

WMM UAPSD Compliant Client Support............... Disabled

Media Stream Multicast-direct.................... Disabled

CCX - AironetIe Support.......................... Enabled

CCX - Gratuitous ProbeResponse (GPR)............. Disabled

CCX - Diagnostics Channel Capability............. Disabled

Dot11-Phone Mode (7920).......................... Disabled

Wired Protocol................................... None

Passive Client Feature........................... Disabled

Peer-to-Peer Blocking Action..................... Disabled

Radio Policy..................................... All

DTIM period for 802.11a radio.................... 1

DTIM period for 802.11b radio.................... 1

Radius Servers

   Authentication................................ Global Servers

   Accounting.................................... Global Servers

      Interim Update............................. Disabled

      Framed IPv6 Acct AVP ...................... Prefix

   Dynamic Interface............................. Disabled

   Dynamic Interface Priority.................... wlan

Local EAP Authentication......................... Disabled

Security

   802.11 Authentication:........................ Open System

   FT Support.................................... Disabled

   Static WEP Keys............................... Disabled

   802.1X........................................ Disabled

   Wi-Fi Protected Access (WPA/WPA2)............. Enabled

      WPA (SSN IE)............................... Disabled

      WPA2 (RSN IE).............................. Enabled

         TKIP Cipher............................. Disabled

         AES Cipher.............................. Enabled

      Auth Key Management

         802.1x.................................. Disabled

         PSK..................................... Enabled

         CCKM.................................... Disabled

         FT-1X(802.11r).......................... Disabled

         FT-PSK(802.11r)......................... Disabled

         PMF-1X(802.11w)......................... Disabled

         PMF-PSK(802.11w)........................ Disabled

      FT Reassociation Timeout................... 20

      FT Over-The-DS mode........................ Disabled

      GTK Randomization.......................... Disabled

      SKC Cache Support.......................... Disabled

      CCKM TSF Tolerance......................... 1000

   WAPI.......................................... Disabled

   Wi-Fi Direct policy configured................ Disabled

   EAP-Passthrough............................... Disabled

   CKIP ......................................... Disabled

   Web Based Authentication...................... Disabled

   Web-Passthrough............................... Disabled

   Conditional Web Redirect...................... Disabled

   Splash-Page Web Redirect...................... Disabled

   Auto Anchor................................... Disabled

   FlexConnect Local Switching................... Disabled

   flexconnect Central Dhcp Flag................. Disabled

   flexconnect nat-pat Flag...................... Disabled

   flexconnect Dns Override Flag................. Disabled

   flexconnect PPPoE pass-through................ Disabled

   flexconnect local-switching IP-source-guar.... Disabled

   FlexConnect Vlan based Central Switching ..... Disabled

   FlexConnect Local Authentication.............. Disabled

   FlexConnect Learn IP Address.................. Enabled

   Client MFP.................................... Optional

   PMF........................................... Disabled

   PMF Association Comeback Time................. 1

   PMF SA Query RetryTimeout..................... 200

   Tkip MIC Countermeasure Hold-down Timer....... 60

   Eap-params.................................... Disabled

AVC Visibilty.................................... Disabled

AVC Profile Name................................. None

Flow Monitor Name................................ None

Split Tunnel (Printers).......................... Disabled

Call Snooping.................................... Disabled

Roamed Call Re-Anchor Policy..................... Disabled

SIP CAC Fail Send-486-Busy Policy................ Enabled

SIP CAC Fail Send Dis-Association Policy......... Disabled

KTS based CAC Policy............................. Disabled

Assisted Roaming Prediction Optimization......... Disabled

802.11k Neighbor List............................ Disabled

802.11k Neighbor List Dual Band.................. Disabled

Band Select...................................... Disabled

Load Balancing................................... Disabled

Multicast Buffer................................. Disabled

Mobility Anchor List

WLAN ID     IP Address            Status

-------     ---------------       ------

802.11u........................................ Disabled

MSAP Services.................................. Disabled

Local Policy

----------------

Priority  Policy Name

--------  ---------------

(Cisco Controller) >show interface summary

Number of Interfaces.......................... 6

Interface Name                   Port Vlan Id  IP Address      Type    Ap Mgr Guest

-------------------------------- ---- -------- --------------- ------- ------ -----

management                       1    untagged 10.10.10.1      Static  Yes    No

redundancy-management            1    untagged 0.0.0.0         Static  No     No

redundancy-port                  -    untagged 0.0.0.0         Static  No     No

service-port                     N/A  N/A      192.168.1.1     Static  No     No

users                            1    2        0.0.0.0         Dynamic No     No

virtual                          N/A  N/A      1.1.1.1         Static  No     No

Ok, so right now your WLAN is linked to your management interface.

What subnet do you want the users to get an address on? 

You'll want to add an interface for the subnet(s) you want users to get addresses on.  Then change the interface on the WLAN.

HTH,
Steve

------------------------------------------------------------------------------------------------
Please remember to rate useful posts, and mark questions as answered

HTH,
Steve

------------------------------------------------------------------------------------------------
Please remember to rate useful posts, and mark questions as answered

I would like my user get the IP subnets 10.10.10.0/24

when I click on the SSID, and I write the security key, my PC does not obtain IP address automatically.

Is there DHCP configured on that subnet already?  If there is what are you using as the DHCP server?

HTH,
Steve

------------------------------------------------------------------------------------------------
Please remember to rate useful posts, and mark questions as answered

HTH,
Steve

------------------------------------------------------------------------------------------------
Please remember to rate useful posts, and mark questions as answered

Thank you very much, I managed to get a dynamic IP on my PC by changing the security key WPA + WPA2 to WEP static;

i wouldn't use WEP, it is very easily broken.

You really should use WPA2/AES.  If changing to WEP worked, and WPA2 didn't then I might look at the drivers of the NIC

HTH,
Steve

------------------------------------------------------------------------------------------------
Please remember to rate useful posts, and mark questions as answered

HTH,
Steve

------------------------------------------------------------------------------------------------
Please remember to rate useful posts, and mark questions as answered

ok, I'll change WPA / AES is more secure. thank you

When i use WPA2/AES, it's impossible to have an IP adresse on my pc.

My SSID is displayed but there is a small red cross that makes me know that my PC can not access the network parameter because my PC does not match.

Review Cisco Networking for a $25 gift card