Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
381
Views
1
Helpful
3
Replies

Intra-vlan blocked communications

Josh Norrick
Level 1
Level 1

‎10-03-2023 08:23 AM

We are running a 9800-40 with version 17.9.3 with APs in local mode with central switching.   We have an issue with devices on the same VLAN that cannot communicate together.  They can ping other VLANs on either wireless or wired but intra-vlan communication is non-existent.  I've had a TAC case open for almost 2 months, we had to re-queue a couple of weeks ago due to our agent going down a rabbit hole that wasn't solving anything and had to reach out to our support team in order to get any contact from him.

This started out with a WLAN that is exclusively used for an iPad and a couple of Sonos speakers for an on-demand music request service we have in our dining area.  This worked on the AireOS controllers we replaced over the summer.  It has escalated, as we started testing, to now we are trying to connect to a wireless Solstice adapter for a projector and devices cannot communicate on the same VLAN.

EX: Cell Phone is on 10.108.4.33 and Solstice is 10.108.4.34.  I can ping in and out from anything that is not 10.108.4.0/24.

First thing we tried was making sure P2P Blocking was set to disabled.  There are no ACLs on the vlan either on the the controller or on any of the routers.

0 Helpful
3 Replies 3

Scott Fella
Hall of Fame
Hall of Fame

‎10-03-2023 08:45 AM

That is interesting and also not easy to figure out.  I have ran into some issues during my testing with various code version and one of the things I do is first to build a new vlan or use an existing with a new SSID to see if I have the same experience or not.  The other thing I have done was to setup an AP in FlexConnect, configure the switchport to trunk, setup a FlexConnect SSID, etc. and again see what happens.  I have noticed that when I don't send traffic to the controller, I can get devices to see each other or mDNS/bonjour to work as an example.  These types of testing can help isolate what and where the issue is.  It takes some work, but gathering data is the way you can figure out what is wrong.

-Scott
*** Please rate helpful posts ***

marce1000
VIP
VIP

‎10-03-2023 09:39 AM

 

 - Have a checkup of the 9800-40  controller configuration with the CLI command show tech wireless ; feed the output into :
                                                                                                            https://cway.cisco.com/wireless-config-analyzer/

  It may not lead to a direct breakthrough but remains very useful to do as also reported here (e.g.) : This is so good

 M.



-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
    When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '
0 Helpful

Rich R
VIP
VIP

‎10-05-2023 05:22 PM

Upgrade to 17.9.4 for a start - it's now the TAC recommended release (see link below).
Do you have arp proxy enabled? (try both on and off)
https://www.cisco.com/c/en/us/products/collateral/wireless/catalyst-9800-series-wireless-controllers/guide-c07-743627.html#AddressResolutionProtocolARPproxy

------------------------------
Please click Helpful if this post helped you and Select as Solution (drop down menu at top right of this reply) if this answered your query.
------------------------------
TAC recommended codes for AireOS WLC's   and   TAC recommended codes for 9800 WLC's
Best Practices for AireOS WLC's,   Best Practices for 9800 WLC's   and   Cisco Wireless compatibility matrix
Check your 9800 WLC config with Wireless Config Analyzer using "show tech wireless" output or "config paging disable" then "show run-config" output on AireOS and use Wireless Debug Analyzer to analyze your WLC client debugs
Field Notice: FN63942 APs and WLCs Fail to Create CAPWAP Connections Due to Certificate Expiration
Field Notice: FN72424 Later Versions of WiFi 6 APs Fail to Join WLC - Software Upgrade Required
Field Notice: FN72524 IOS APs stuck in downloading state after 4 Dec 2022 due to Certificate Expired
- Fixed in 8.10.196.0, latest 9800 releases, 8.5.182.12 (8.5.182.13 for 3504) and 8.5.182.109 (IRCM, 8.5.182.111 for 3504)
Field Notice: FN70479 AP Fails to Join or Joins with 1 Radio due to Country Mismatch, RMA needed
How to avoid boot loop due to corrupted image on Wave 2 and Catalyst 11ax Access Points (CSCvx32806)
Field Notice: FN74035 - Wave2 APs DFS May Not Detect Radar After Channel Availability Check Time
Leo's list of bugs affecting 2800/3800/4800/1560 APs
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card