Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
Bookmark
|
Subscribe
|
1038
Views
1
Helpful
4
Replies

Managing Multiple WLANs / Subnets via EWC on Catalyst Access Points

Go to solution
derrick.moeller
Level 1
Level 1

‎04-26-2023 10:46 AM

We have an existing C9120-AXE installation, this installation supports a single WLAN on a single subnet that is the same subnet as the EWC. All APs and clients are statically addressed. This WLAN is operating as expected.

At the same site, I am attempting to add a second WLAN on a different subnet from the EWC. We have purchased C9130-AXI APs for this installation. I have added the APs to the EWC and assigned relevant Tags without issue. Again all APs and clients are statically addressed.

Both WLANs use [WPA2][PSK][AES] security, the issue I am having is that clients cannot connect to the second WLAN. Clients report various error messages depending on OS. e.g. "Incorrect Password", "Authentication Failed"

If I make a copy of the AP Join Profile and select it in the Site Tag, a client will connect and stay connected until it's session expires. It will not be able to reconnect unless I revert to the original AP Join Profile. This can be replicated repeatedly, by switching between the copy and the original.

This behavior is seen in 17.3.4, 17.6.5, and 17.9.3. Is this some sort of bug, or is there some nuance to this configuration that I have overlooked?

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
derrick.moeller
Level 1
Level 1

‎04-27-2023 08:06 AM

I'm not sure what was causing the behavior, but it doesn't appear to have been related to the configuration. I restarted the POE switch that was powering the APs (and the EWC), when the EWC came back up both WLANs were working.

View solution in original post

4 Replies 4

Go to solution
derrick.moeller
Level 1
Level 1

‎04-26-2023 12:12 PM - edited ‎04-26-2023 12:32 PM

An additional observation. I'm not sure what it means, but if I disable security on the second WLAN or change it to [WPA3][SAE][AES] the clients believe they are connected but do not appear on the dashboard, cannot be pinged, and cannot access network services. Would have to test if it's a permanent condition, or just until the session times out.

0 Helpful

Go to solution
marce1000
Hall of Fame
Hall of Fame

‎04-26-2023 11:07 PM

 

  - Have a checkup-review of your  EWC    controller  configuration with the CLI command : show tech wireless  , have the output analyzed with : https://cway.cisco.com/wireless-config-analyzer
                                         Checkout all advisories!

  >...Both WLANs use [WPA2][PSK][AES] security, the issue I am having is that clients cannot connect to the second WLAN. Clients report various error messages depending on OS. e.g. "Incorrect Password", "Authentication Failed"
           Use the mentioned commands in https://logadvisor.cisco.com/logadvisor/wireless/9800/9800ClientConnectivity , for troubleshooting , you can have client debugs processed with : https://cway.cisco.com/wireless-debug-analyzer/

  M.

 



-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
    When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '
0 Helpful

Go to solution
derrick.moeller
Level 1
Level 1

‎04-27-2023 08:06 AM

I'm not sure what was causing the behavior, but it doesn't appear to have been related to the configuration. I restarted the POE switch that was powering the APs (and the EWC), when the EWC came back up both WLANs were working.

Go to solution
Scott Fella
Hall of Fame
Hall of Fame
In response to derrick.moeller

‎04-27-2023 08:18 AM

Keep that fix handy in case that switch causes issues in the future.

-Scott
*** Please rate helpful posts ***
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card
Top