07-14-2013 09:39 AM - edited 07-04-2021 12:25 AM
Hi All,
I have just setup 5 APs (1042) with a 2504 WLC, I have connected these devices in my home lab and will be deploying this later in a live environment. The WLC/APs will reside on the 192.168.210.x/24 subnet with the controller being on x.x.210.5 and the gateway (including the DHCP Server) being on x.x.210.1/24.
Here is my issue, I have configured my WLAN to use WPA+WPA2 with AES & TKIP using a Preshared Key but I am finding associating to the wireless network very slow on my Windows PC and, even worse, now connection from my iPad (I should mention the Windows PC is stable once connected).
I can see both devices seen by the APs when I look at the client list:
MAC Address AP Name Status WLAN/RLAN Auth Protocol Port Wired PMIPV6 Role
----------------- ----------------- ------------- -------------- ---- ---------------- ---- ----- ------ ----------------
08:ed:b9:48:19:cd SD-2f.55 Associated 1 Yes 802.11n(5 GHz) 1 N/A No Local
98:fe:94:7f:7c:1a GSD-39:49 Associated 1 Yes 802.11n(5 GHz) 1 N/A No Local
The iPad (98:fe...) doesn't get an IP address
(Cisco Controller) >*DHCP Socket Task: Jul 14 17:35:20.006: 98:fe:94:7f:7c:1a DHCP Forwarding DHCP packet (332 octets) -- packet received on direct-co
ect port requires forwarding to external DHCP server. Next-hop is 192.168.210.1
*DHCP Socket Task: Jul 14 17:36:04.184: 98:fe:94:7f:7c:1a DHCP received op BOOTREQUEST (1) (len 308,vlan 0, port 1, encap 0xec03)
*DHCP Socket Task: Jul 14 17:36:04.184: 98:fe:94:7f:7c:1a DHCP selecting relay 1 - control block settings:
dhcpServer: 0.0.0.0, dhcpNetmask: 0.0.0.0,
dhcpGateway: 0.0.0.0, dhcpRelay: 192.168.210.5 VLAN: 0
*DHCP Socket Task: Jul 14 17:36:04.184: 98:fe:94:7f:7c:1a DHCP selected relay 1 - 192.168.210.1 (local address 192.168.210.5, gateway 192.168.210.1, VLAN 0, port 1)
*DHCP Socket Task: Jul 14 17:36:04.184: 98:fe:94:7f:7c:1a DHCP selecting relay 2 - control block settings:
dhcpServer: 0.0.0.0, dhcpNetmask: 0.0.0.0,
dhcpGateway: 0.0.0.0, dhcpRelay: 192.168.210.5 VLAN: 0
*DHCP Socket Task: Jul 14 17:36:04.184: 98:fe:94:7f:7c:1a DHCP selected relay 2 - NONE
*DHCP Socket Task: Jul 14 17:36:04.184: 98:fe:94:7f:7c:1a DHCP selecting relay 1 - control block settings:
dhcpServer: 0.0.0.0, dhcpNetmask: 0.0.0.0,
dhcpGateway: 0.0.0.0, dhcpRelay: 192.168.210.5 VLAN: 0
*DHCP Socket Task: Jul 14 17:36:04.184: 98:fe:94:7f:7c:1a DHCP selected relay 1 - 192.168.210.1 (local address 192.168.210.5, gateway 192.168.210.1, VLAN 0, port 1)
*DHCP Socket Task: Jul 14 17:36:04.184: 98:fe:94:7f:7c:1a DHCP transmitting DHCP DISCOVER (1)
*DHCP Socket Task: Jul 14 17:36:04.184: 98:fe:94:7f:7c:1a DHCP op: BOOTREQUEST, htype: Ethernet, hlen: 6, hops: 1
*DHCP Socket Task: Jul 14 17:36:04.184: 98:fe:94:7f:7c:1a DHCP xid: 0x359ad7fb (899340283), secs: 25, flags: 0
*DHCP Socket Task: Jul 14 17:36:04.184: 98:fe:94:7f:7c:1a DHCP chaddr: 98:fe:94:7f:7c:1a
*DHCP Socket Task: Jul 14 17:36:04.184: 98:fe:94:7f:7c:1a DHCP ciaddr: 0.0.0.0, yiaddr: 0.0.0.0
*DHCP Socket Task: Jul 14 17:36:04.184: 98:fe:94:7f:7c:1a DHCP siaddr: 0.0.0.0, giaddr: 192.168.210.5
*DHCP Socket Task: Jul 14 17:36:04.185: 98:fe:94:7f:7c:1a DHCP sending REQUEST to 192.168.210.1 (len 346, port 1, vlan 0)
*DHCP Socket Task: Jul 14 17:36:04.185: 98:fe:94:7f:7c:1a DHCP selecting relay 2 - control block settings:
dhcpServer: 0.0.0.0, dhcpNetmask: 0.0.0.0,
dhcpGateway: 0.0.0.0, dhcpRelay: 192.168.210.5 VLAN: 0
(Cisco Controller) >*DHCP Socket Task: Jul 14 17:36:04.185: 98:fe:94:7f:7c:1a DHCP selected relay 2 - NONE
*DHCP Socket Task: Jul 14 17:36:28.457: 08:ed:b9:48:19:cd DHCP received op BOOTREQUEST (1) (len 308,vlan 0, port 1, encap 0xec03)
I hope someone can guide me in the right direction as I wonder if my configuration is incorrect. Thanks in advance.
Additional Info:
---------------Show Interface ---------------
Interface Configuration
Interface Name................................... management
MAC Address...................................... f0:29:29:89:1d:80
IP Address....................................... 192.168.210.5
IP Netmask....................................... 255.255.255.0
IP Gateway....................................... 192.168.210.1
External NAT IP State............................ Disabled
External NAT IP Address.......................... 0.0.0.0
VLAN............................................. untagged
Quarantine-vlan.................................. 0
Active Physical Port............................. 1
Primary Physical Port............................ 1
Backup Physical Port............................. Unconfigured
DHCP Proxy Mode.................................. Global
Primary DHCP Server.............................. 192.168.210.1
Secondary DHCP Server............................ Unconfigured
DHCP Option 82................................... Disabled
ACL.............................................. Unconfigured
mDNS Profile Name................................ Unconfigured
AP Manager....................................... Yes
Guest Interface.................................. No
L2 Multicast..................................... Disabled
Interface Name................................... virtual
MAC Address...................................... f0:29:29:89:1d:80
IP Address....................................... 1.1.1.1
Virtual DNS Host Name............................ Disabled
AP Manager....................................... No
Guest Interface.................................. No
---------------Show port summary---------------
Port Summary
STP Admin Physical Physical Link Link
Pr Type Stat Mode Mode Status Status Trap POE
-- ------- ---- ------- ---------- ---------- ------ ------- -------
1 Normal Forw Enable Auto 100 Full Up Enable N/A
2 Normal Disa Enable Auto Auto Down Enable N/A
3 Normal Disa Enable Auto Auto Down Enable Enable (Power Off)
4 Normal Disa Enable Auto Auto Down Enable Disable
Solved! Go to Solution.
07-14-2013 09:45 AM
The standard for WPA v1 is to use TKIP and the standard for WPA v2 is AES. So either use one or the other and don't mix, like WPA v2 with TKIP and AES. This mix and the use of both will cause issues especially with iOS devices as you are seeing. Windows will tend to work okay once it connects, but its best to choose one type of encryption.
Sent from Cisco Technical Support iPhone App
07-14-2013 09:42 AM
You should not have both WPA and WPA 2 with TKIP and AES. I would just use WPA 2 with AES and give that a try.
Sent from Cisco Technical Support iPhone App
07-14-2013 09:45 AM
The standard for WPA v1 is to use TKIP and the standard for WPA v2 is AES. So either use one or the other and don't mix, like WPA v2 with TKIP and AES. This mix and the use of both will cause issues especially with iOS devices as you are seeing. Windows will tend to work okay once it connects, but its best to choose one type of encryption.
Sent from Cisco Technical Support iPhone App
07-14-2013 10:35 AM
Thanks Scott,
I have now implemented only WPA2 with only AES. Just tried the original iPad and now an iPad and again the same problem. Windows 7, again no problem.
Any ideas please?
07-14-2013 10:56 AM
Make sure you forget the profile and add it manually on the iPad and iPhones.
Sent from Cisco Technical Support iPhone App
07-14-2013 11:02 AM
Thanks,
I am making sure that I do that , but still to no avail. I am going to mess about with the 'Global', 'Enabled', 'Disabled' parameters (in the Controller - Interface -DHCP Information section) to see if that makes any difference.
07-14-2013 11:15 AM
Hi Scott,
My apologies, it seems that that it did work! I am just rebooting the Apple devices to make sure it was not a fluke to test.
07-14-2013 11:26 AM
Yeah... I have apple devices so that's usually the trick. Hopefully that fixes everything.
Sent from Cisco Technical Support iPhone App
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide