Buy or Renew
Buy or Renew
Cisco Virtual Engineer generative AI bot now active in Wireless Discussion Forum. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
730
Views
0
Helpful
7
Replies

Apple Devices on 2504 WLC with 5 APs

Go to solution
g.ghir
Level 1
Level 1

‎07-14-2013 09:39 AM - edited ‎07-04-2021 12:25 AM

Hi All,

I have just setup 5 APs (1042) with a 2504 WLC, I have connected these devices in my home lab and will be deploying this later in a live environment. The WLC/APs will reside on the 192.168.210.x/24 subnet with the controller being on x.x.210.5 and the gateway (including the DHCP Server) being on x.x.210.1/24.

Here is my issue, I have configured my WLAN to use WPA+WPA2 with AES & TKIP using a Preshared Key but I am finding associating to the wireless network very slow on my Windows PC and, even worse, now connection from my iPad (I should mention the Windows PC is stable once connected). 

I can see both devices seen by the APs when I look at the client list:

MAC Address       AP Name           Status        WLAN/RLAN      Auth Protocol         Port Wired PMIPV6 Role

----------------- ----------------- ------------- -------------- ---- ---------------- ---- ----- ------ ----------------

08:ed:b9:48:19:cd SD-2f.55          Associated    1              Yes  802.11n(5 GHz)   1    N/A   No     Local

98:fe:94:7f:7c:1a GSD-39:49         Associated    1              Yes  802.11n(5 GHz)   1    N/A   No     Local

The iPad (98:fe...) doesn't get an IP address

(Cisco Controller) >*DHCP Socket Task: Jul 14 17:35:20.006: 98:fe:94:7f:7c:1a DHCP Forwarding DHCP packet (332 octets)                  -- packet received on direct-co

ect port requires forwarding to external DHCP server. Next-hop is 192.168.210.1

*DHCP Socket Task: Jul 14 17:36:04.184: 98:fe:94:7f:7c:1a DHCP received op BOOTREQUEST (1) (len 308,vlan 0, port 1, encap 0xec03)

*DHCP Socket Task: Jul 14 17:36:04.184: 98:fe:94:7f:7c:1a DHCP selecting relay 1 - control block settings:

                        dhcpServer: 0.0.0.0, dhcpNetmask: 0.0.0.0,

                        dhcpGateway: 0.0.0.0, dhcpRelay: 192.168.210.5  VLAN: 0

*DHCP Socket Task: Jul 14 17:36:04.184: 98:fe:94:7f:7c:1a DHCP selected relay 1 - 192.168.210.1 (local address 192.168.210.5, gateway 192.168.210.1, VLAN 0, port 1)

*DHCP Socket Task: Jul 14 17:36:04.184: 98:fe:94:7f:7c:1a DHCP selecting relay 2 - control block settings:

                        dhcpServer: 0.0.0.0, dhcpNetmask: 0.0.0.0,

                        dhcpGateway: 0.0.0.0, dhcpRelay: 192.168.210.5  VLAN: 0

*DHCP Socket Task: Jul 14 17:36:04.184: 98:fe:94:7f:7c:1a DHCP selected relay 2 - NONE

*DHCP Socket Task: Jul 14 17:36:04.184: 98:fe:94:7f:7c:1a DHCP selecting relay 1 - control block settings:

                        dhcpServer: 0.0.0.0, dhcpNetmask: 0.0.0.0,

                        dhcpGateway: 0.0.0.0, dhcpRelay: 192.168.210.5  VLAN: 0

*DHCP Socket Task: Jul 14 17:36:04.184: 98:fe:94:7f:7c:1a DHCP selected relay 1 - 192.168.210.1 (local address 192.168.210.5, gateway 192.168.210.1, VLAN 0, port 1)

*DHCP Socket Task: Jul 14 17:36:04.184: 98:fe:94:7f:7c:1a DHCP transmitting DHCP DISCOVER (1)

*DHCP Socket Task: Jul 14 17:36:04.184: 98:fe:94:7f:7c:1a DHCP   op: BOOTREQUEST, htype: Ethernet, hlen: 6, hops: 1

*DHCP Socket Task: Jul 14 17:36:04.184: 98:fe:94:7f:7c:1a DHCP   xid: 0x359ad7fb (899340283), secs: 25, flags: 0

*DHCP Socket Task: Jul 14 17:36:04.184: 98:fe:94:7f:7c:1a DHCP   chaddr: 98:fe:94:7f:7c:1a

*DHCP Socket Task: Jul 14 17:36:04.184: 98:fe:94:7f:7c:1a DHCP   ciaddr: 0.0.0.0,  yiaddr: 0.0.0.0

*DHCP Socket Task: Jul 14 17:36:04.184: 98:fe:94:7f:7c:1a DHCP   siaddr: 0.0.0.0,  giaddr: 192.168.210.5

*DHCP Socket Task: Jul 14 17:36:04.185: 98:fe:94:7f:7c:1a DHCP sending REQUEST to 192.168.210.1 (len 346, port 1, vlan 0)

*DHCP Socket Task: Jul 14 17:36:04.185: 98:fe:94:7f:7c:1a DHCP selecting relay 2 - control block settings:

                        dhcpServer: 0.0.0.0, dhcpNetmask: 0.0.0.0,

                        dhcpGateway: 0.0.0.0, dhcpRelay: 192.168.210.5  VLAN: 0

(Cisco Controller) >*DHCP Socket Task: Jul 14 17:36:04.185: 98:fe:94:7f:7c:1a DHCP selected relay 2 - NONE

*DHCP Socket Task: Jul 14 17:36:28.457: 08:ed:b9:48:19:cd DHCP received op BOOTREQUEST (1) (len 308,vlan 0, port 1, encap 0xec03)

I hope someone can guide me in the right direction as I wonder if my configuration is incorrect.  Thanks in advance.

Additional Info:

---------------Show Interface ---------------

Interface Configuration

Interface Name................................... management

MAC Address...................................... f0:29:29:89:1d:80

IP Address....................................... 192.168.210.5

IP Netmask....................................... 255.255.255.0

IP Gateway....................................... 192.168.210.1

External NAT IP State............................ Disabled

External NAT IP Address.......................... 0.0.0.0

VLAN............................................. untagged

Quarantine-vlan.................................. 0

Active Physical Port............................. 1

Primary Physical Port............................ 1

Backup Physical Port............................. Unconfigured

DHCP Proxy Mode.................................. Global

Primary DHCP Server.............................. 192.168.210.1

Secondary DHCP Server............................ Unconfigured

DHCP Option 82................................... Disabled

ACL.............................................. Unconfigured

mDNS Profile Name................................ Unconfigured

AP Manager....................................... Yes

Guest Interface.................................. No

L2 Multicast..................................... Disabled

Interface Name................................... virtual

MAC Address...................................... f0:29:29:89:1d:80

IP Address....................................... 1.1.1.1

Virtual DNS Host Name............................ Disabled

AP Manager....................................... No

Guest Interface.................................. No

---------------Show port summary---------------

Port Summary

           STP   Admin   Physical   Physical   Link   Link

Pr  Type   Stat   Mode     Mode      Status   Status  Trap     POE

-- ------- ---- ------- ---------- ---------- ------ ------- -------

1  Normal  Forw Enable  Auto       100 Full   Up     Enable  N/A

2  Normal  Disa Enable  Auto       Auto       Down   Enable  N/A

3  Normal  Disa Enable  Auto       Auto       Down   Enable  Enable  (Power Off)

4  Normal  Disa Enable  Auto       Auto       Down   Enable  Disable

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Scott Fella
Hall of Fame
Hall of Fame

‎07-14-2013 09:45 AM

The standard for WPA v1 is to use TKIP and the standard for WPA v2 is AES. So either use one or the other and don't mix, like WPA v2 with TKIP and AES. This mix and the use of both will cause issues especially with iOS devices as you are seeing. Windows will tend to work okay once it connects, but its best to choose one type of encryption.

Sent from Cisco Technical Support iPhone App

-Scott
*** Please rate helpful posts ***

View solution in original post

0 Helpful
7 Replies 7

Go to solution
Scott Fella
Hall of Fame
Hall of Fame

‎07-14-2013 09:42 AM

You should not have both WPA and WPA 2 with TKIP and AES. I would just use WPA 2 with AES and give that a try.

Sent from Cisco Technical Support iPhone App

-Scott
*** Please rate helpful posts ***
0 Helpful

Go to solution
Scott Fella
Hall of Fame
Hall of Fame

‎07-14-2013 09:45 AM

The standard for WPA v1 is to use TKIP and the standard for WPA v2 is AES. So either use one or the other and don't mix, like WPA v2 with TKIP and AES. This mix and the use of both will cause issues especially with iOS devices as you are seeing. Windows will tend to work okay once it connects, but its best to choose one type of encryption.

Sent from Cisco Technical Support iPhone App

-Scott
*** Please rate helpful posts ***
0 Helpful

Go to solution
g.ghir
Level 1
Level 1
In response to Scott Fella

‎07-14-2013 10:35 AM

Thanks Scott,

I have now implemented only WPA2 with only AES.  Just tried the original iPad and now an iPad and again the same problem.  Windows 7, again no problem.

Any ideas please?

0 Helpful

Go to solution
Scott Fella
Hall of Fame
Hall of Fame
In response to g.ghir

‎07-14-2013 10:56 AM

Make sure you forget the profile and add it manually on the iPad and iPhones.

Sent from Cisco Technical Support iPhone App

-Scott
*** Please rate helpful posts ***
0 Helpful

Go to solution
g.ghir
Level 1
Level 1
In response to Scott Fella

‎07-14-2013 11:02 AM

Thanks,

I am making sure that I do that , but still to no avail.  I am going to mess about with the 'Global', 'Enabled', 'Disabled' parameters (in the Controller - Interface -DHCP Information section) to see if that makes any difference. 

0 Helpful

Go to solution
g.ghir
Level 1
Level 1
In response to g.ghir

‎07-14-2013 11:15 AM

Hi Scott,

My apologies, it seems that that it did work!  I am just rebooting the Apple devices to make sure it was not a fluke to test. 

0 Helpful

Go to solution
Scott Fella
Hall of Fame
Hall of Fame
In response to g.ghir

‎07-14-2013 11:26 AM

Yeah... I have apple devices so that's usually the trick. Hopefully that fixes everything.

Sent from Cisco Technical Support iPhone App

-Scott
*** Please rate helpful posts ***
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card