11-30-2012 03:43 PM - edited 07-03-2021 11:08 PM
I have one WLC 2504 with 7.3.101.0 code and 4 APs 1142 in Flexconnect mode all of them are in one group with 2 SSIDs in two differents VLAN:
Admin VLAN 151
Corporate VLAN 158
Guest VLAN 159
The auth is 802.1x using an ACS ver 4.2
The normal behavior is:
I connect my Laptop to the corporate SSID and start to have access to web services, intranet services, etc but arround 15 25 min after i connect i lost connectivity to my GW and all the services but i still have my IP info. I do some tests on MAC books, Laptop with Windows XP, 7 and 8 and its the same for all. I config one switch port in the corporate VLAN and i never loose connectivity.
If i reset the WLAN connection all start to works.
The ports in the SW are in trunk mode and almost always the APs are in connect mode.
Any one have a clue on what is whappening???
Cheers!!!!
11-30-2012 06:14 PM
It almost sounds like the mapping isn't working. I would check the FlexConnect vlan mapping on the AP. Also check the vlans on the trunk port and make sure that if there is more than one switch that all vlans are being trunked.
Sent from Cisco Technical Support iPhone App
11-30-2012 06:30 PM
Thanks for answer! About 4 hours ago i check the status of this in the LAN with años access port in the corp VLAN and works fine.
The trunk ports are a full trunk port... The L2 vlans are in the access sw and L3 in the core... If i connect my laptop with GE port all works fine but vía wireless i have this issue
Sent from Cisco Technical Support iPhone App
11-30-2012 06:48 PM
Are you using AP Groups by chance? The reason I ask is that if you do and you make changes to the WLAN interface for local AP's, that could default you vlan mappings. If all that is configured correctly, then look at your switch logs or WLC logs and make sure your not seeing any duplicate IP address. I ran into that issue not too long ago and the WLC was the only device that was reporting duplicate IP address. I had my client double check their DHCP scope and they had overlapping address which cause 30+ users to have issues. Users complained they work and then they didn't. Ping times were low then high and we would see timeouts. The other problem was with the Intel 6200's and having 40mhz configured. These adapters were running v14 and had issues. Once we set the channel width to 20mhz, the problem went away. The other fix was to upgrade the drivers to v15. Since most of the users were consultants, that was not an option. 20mhz was our fix! What we saw was good connection then everything went bad and then it worked again. That was because they were on the 2.4ghz in which the had no problems. When the client devices hopped on the 5ghz, well you know what happened.
Sent from Cisco Technical Support iPhone App
12-03-2012 11:04 AM
Hi scott no im not using an ap group but i check the dhcp logs and all its fine, tlaking about the drivers and wireless cards i do my tests with 3 diferent devices 1 MAC book pro, 1 Ipad and 1 Laptop Dell and in this 3 devices its the same behavior , about the channels i using 20 mhz for both freq cause we have some devices who dosent support 40 mhz.
12-01-2012 04:44 AM
the corp ssid is central/locally switched.
which gw is not working, the wlan mapped local interface or AP vlan.
does the issue follow other wlan mapped to local vlans.
expand - "If i reset the WLAN connection all start to works"
12-03-2012 11:07 AM
Hi Saravanan, both SSIDs are locally switched and the GW that ping in my test are the GW of the VLAN so when i lost the ping to my GW i lost all the connection to other VLANs .
All the Vlans corp, guest and admin are local.
12-03-2012 11:09 AM
on one of your switches do a show spanning-tree detail....and take a look at the last time that spanning tree converged.
HTH,
Steve
------------------------------------------------------------------------------------------------
Please remember to rate useful posts, and mark questions as answered
12-03-2012 11:11 AM
Ok thats a good idea let me check that.
08-03-2019 12:54 PM
When you enable FlexConnect local switching, the controller is enabled to learn the client’s IP address by default. However, if the client is configured with Fortress Layer 2 encryption, the controller cannot learn the client’s IP address, and the controller periodically drops the client. Disable the client IP address learning feature so that the controller maintains the client connection without waiting to learn the client’s IP address. The ability to disable this option is supported only with FlexConnect local switching; it is not supported with FlexConnect central switching.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide