Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1198
Views
5
Helpful
2
Replies

Cisco Business Wireless 240AC AP - New Clients are Excluded

subbz2k
Level 1
Level 1

‎01-18-2022 02:21 AM

Dear Cisco Community,

 

we've deployed a brand new Cisco Business Wireless 240AC Access Point in our Office to provide our internal WLAN. Currently, this is the only AP we use. It is configured as the Primary AP. It uses the Default RLAN and forwards DHCP Requests so that Clients get an IP from our internal DHCP-Server.

 

Everything works fine. However: Almost every new Device that connects to this WLAN is blocked for the first (round about) 60 Seconds until Access is finally granted and the Device can connect. When i have a look at "Monitoring -> Network Summary -> Clients" i can see the new Client in this list, but it's Status is "Excluded". It doesnt happen with every Device (for example i could instantly connect with my iPhone 12). But literally every Laptop we want to connect (and some older Android Devices as well) is always excluded first. We have to wait for a while (usually around 60 Seconds), try again and then the Device can connect. This is very annoying.

 

802.1x is not activated. We dont use that feature. From my first research on the Net i found out, that there are Exclusion Policies available on Aironet-APs and WLCs and that they block new clients for the first 60 Seconds; which is their default behavior unless one changes this configuration. This sounds familiar to how our Access Point behaves. But i have no way to change that because i dont find Exclusion Policies in the Web UI for that 240AC Access Point or any other setting that would allow me to change that behavior. The corresponding Admin Guide also doesnt show up any Result in this regard.

 

Can you tell me what we can do to prevent these "insta"-Exclusions from happening in the future? Is there anything that still needs to be configured on these 240AC Access Points? And there can i find it?

 

Many thanks in advance for your help guys!

Steffen

1 person had this problem
Labels:
0 Helpful
2 Replies 2

marce1000
VIP
VIP

‎01-18-2022 05:13 AM

 

  - Configure logging and use debugging level , have a look at the logs then generated when a new client tries to join, post outputs here , besides looking for an exclusion message also look at surrounding logs pointing to possible other problem indicators : https://www.cisco.com/c/en/us/support/docs/smb/wireless/CB-Wireless-Mesh/2064-Setting-Up-System-Message-Logs-CBW.html

 M.



-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
    When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '

Rich R
VIP
VIP

‎01-18-2022 07:48 AM

And it goes without saying that you should make sure you're running the latest available firmware.

You might have misunderstood the WLC documentation - there is no default exclude of every client.

------------------------------
Please click Helpful if this post helped you and Select as Solution (drop down menu at top right of this reply) if this answered your query.
------------------------------
TAC recommended codes for AireOS WLC's   and   TAC recommended codes for 9800 WLC's
Best Practices for AireOS WLC's,   Best Practices for 9800 WLC's   and   Cisco Wireless compatibility matrix
Check your 9800 WLC config with Wireless Config Analyzer using "show tech wireless" output or "config paging disable" then "show run-config" output on AireOS and use Wireless Debug Analyzer to analyze your WLC client debugs
Field Notice: FN63942 APs and WLCs Fail to Create CAPWAP Connections Due to Certificate Expiration
Field Notice: FN72424 Later Versions of WiFi 6 APs Fail to Join WLC - Software Upgrade Required
Field Notice: FN72524 IOS APs stuck in downloading state after 4 Dec 2022 due to Certificate Expired
- Fixed in 8.10.196.0, latest 9800 releases, 8.5.182.12 (8.5.182.13 for 3504) and 8.5.182.109 (IRCM, 8.5.182.111 for 3504)
Field Notice: FN70479 AP Fails to Join or Joins with 1 Radio due to Country Mismatch, RMA needed
How to avoid boot loop due to corrupted image on Wave 2 and Catalyst 11ax Access Points (CSCvx32806)
Field Notice: FN74035 - Wave2 APs DFS May Not Detect Radar After Channel Availability Check Time
Leo's list of bugs affecting 2800/3800/4800/1560 APs
Default AP console baud rate from 17.12.x is 115200 - introduced by CSCwe88390
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card