07-30-2010 04:59 AM - edited 07-03-2021 07:02 PM
Hello,
We have a H-REAP setup with 2 SSIDs "WLAN_Secure" and "WLAN_Guest".
The controllers are running version 5.2
The WLAN_Secure works fine for all users, but in a remote site the guest users can't associate to the "Guest" network.
The guest network uses web-authentication, so it means that the users can associate to the Guest network, then they receive an IP address from the Anchor WLC and after that they end up on the web-auth page.
Problem is, that for only a remote site, the guest that try to connect to the "Guest" network can't even associate.
I ran a debug client on the WLC and i receive the following messages:
*Jul 26 14:54:55.428: 00:24:d6:8d:5b:1a Adding mobile on LWAPP AP 00:26:98:fe:7c:40(0)
*Jul 26 14:54:55.428: 00:24:d6:8d:5b:1a Scheduling deletion of Mobile Station: (callerId: 23) in 5 seconds
*Jul 26 14:54:55.428: 00:24:d6:8d:5b:1a apfProcessProbeReq (apf_80211.c:4598) Changing state for mobile 00:24:d6:8d:5b:1a on AP 00:26:98:fe:7c:40 from Idle to Probe
*Jul 26 14:54:55.433: 00:24:d6:8d:5b:1a Scheduling deletion of Mobile Station: (callerId: 24) in 5 seconds
*Jul 26 14:54:55.890: 00:24:d6:8d:5b:1a Scheduling deletion of Mobile Station: (callerId: 24) in 5 seconds
*Jul 26 14:54:58.447: 00:24:d6:8d:5b:1a Scheduling deletion of Mobile Station: (callerId: 24) in 5 seconds
*Jul 26 14:54:58.457: 00:24:d6:8d:5b:1a Scheduling deletion of Mobile Station: (callerId: 24) in 5 seconds
*Jul 26 14:54:58.457: 00:24:d6:8d:5b:1a Scheduling deletion of Mobile Station: (callerId: 24) in 5 seconds
*Jul 26 14:54:58.646: 00:24:d6:8d:5b:1a Scheduling deletion of Mobile Station: (callerId: 24) in 5 seconds
*Jul 26 14:54:59.147: 00:24:d6:8d:5b:1a Scheduling deletion of Mobile Station: (callerId: 24) in 5 seconds
*Jul 26 14:54:59.147: 00:24:d6:8d:5b:1a Scheduling deletion of Mobile Station: (callerId: 24) in 5 seconds
*Jul 26 14:55:03.814: 00:24:d6:8d:5b:1a apfMsExpireCallback (apf_ms.c:417) Expiring Mobile!
*Jul 26 14:55:03.814: 00:24:d6:8d:5b:1a 0.0.0.0 START (0) Deleted mobile LWAPP rule on AP [00:26:98:fe:7c:40]
*Jul 26 14:55:03.814: 00:24:d6:8d:5b:1a Deleting mobile on AP 00:26:98:fe:7c:40(0)
Searching the Cisco site, i found in the "Troubleshooting client problems" that this message is received when there's a "wrong client cipher configuration", and they explain that this happens when the client only has WPA support but the AP requires WPA2.
But in my deployment, the "Guest" network doesn't use WPA or WPA2 auth, it only uses web-auth and the users aren't even capable of associating to the network.
Thanks,
Adrian
11-10-2010 08:40 AM
Did you ever find a solution to your problem? I'm running into the exact same issue you were having.
04-16-2012 08:47 AM
Maybe you have a problem with your DHCP server, please try to repush process of the lease into your DHCP.
04-17-2012 01:11 AM
Adrian:
What is the security used for your SSIDs in remote offices?
are you using local or central switching on remote APs?
where is the DHCP server located? remote or central site?
can you do another debug client and attach it here? from the time the client starts until it fails to connect?
Thanks.
Amjad
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide