04-26-2023 10:46 AM
We have an existing C9120-AXE installation, this installation supports a single WLAN on a single subnet that is the same subnet as the EWC. All APs and clients are statically addressed. This WLAN is operating as expected.
At the same site, I am attempting to add a second WLAN on a different subnet from the EWC. We have purchased C9130-AXI APs for this installation. I have added the APs to the EWC and assigned relevant Tags without issue. Again all APs and clients are statically addressed.
Both WLANs use [WPA2][PSK][AES] security, the issue I am having is that clients cannot connect to the second WLAN. Clients report various error messages depending on OS. e.g. "Incorrect Password", "Authentication Failed"
If I make a copy of the AP Join Profile and select it in the Site Tag, a client will connect and stay connected until it's session expires. It will not be able to reconnect unless I revert to the original AP Join Profile. This can be replicated repeatedly, by switching between the copy and the original.
This behavior is seen in 17.3.4, 17.6.5, and 17.9.3. Is this some sort of bug, or is there some nuance to this configuration that I have overlooked?
Solved! Go to Solution.
04-27-2023 08:06 AM
I'm not sure what was causing the behavior, but it doesn't appear to have been related to the configuration. I restarted the POE switch that was powering the APs (and the EWC), when the EWC came back up both WLANs were working.
04-26-2023 12:12 PM - edited 04-26-2023 12:32 PM
An additional observation. I'm not sure what it means, but if I disable security on the second WLAN or change it to [WPA3][SAE][AES] the clients believe they are connected but do not appear on the dashboard, cannot be pinged, and cannot access network services. Would have to test if it's a permanent condition, or just until the session times out.
04-26-2023 11:07 PM
- Have a checkup-review of your EWC controller configuration with the CLI command : show tech wireless , have the output analyzed with : https://cway.cisco.com/wireless-config-analyzer
Checkout all advisories!
>...Both WLANs use [WPA2][PSK][AES] security, the issue I am having is that clients cannot connect to the second WLAN. Clients report various error messages depending on OS. e.g. "Incorrect Password", "Authentication Failed"
Use the mentioned commands in https://logadvisor.cisco.com/logadvisor/wireless/9800/9800ClientConnectivity , for troubleshooting , you can have client debugs processed with : https://cway.cisco.com/wireless-debug-analyzer/
M.
04-27-2023 08:06 AM
I'm not sure what was causing the behavior, but it doesn't appear to have been related to the configuration. I restarted the POE switch that was powering the APs (and the EWC), when the EWC came back up both WLANs were working.
04-27-2023 08:18 AM
Keep that fix handy in case that switch causes issues in the future.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide