cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1026
Views
1
Helpful
4
Replies

Managing Multiple WLANs / Subnets via EWC on Catalyst Access Points

derrick.moeller
Level 1
Level 1

We have an existing C9120-AXE installation, this installation supports a single WLAN on a single subnet that is the same subnet as the EWC. All APs and clients are statically addressed. This WLAN is operating as expected.

At the same site, I am attempting to add a second WLAN on a different subnet from the EWC. We have purchased C9130-AXI APs for this installation. I have added the APs to the EWC and assigned relevant Tags without issue. Again all APs and clients are statically addressed.

Both WLANs use [WPA2][PSK][AES] security, the issue I am having is that clients cannot connect to the second WLAN. Clients report various error messages depending on OS. e.g. "Incorrect Password", "Authentication Failed"

If I make a copy of the AP Join Profile and select it in the Site Tag, a client will connect and stay connected until it's session expires. It will not be able to reconnect unless I revert to the original AP Join Profile. This can be replicated repeatedly, by switching between the copy and the original.

This behavior is seen in 17.3.4, 17.6.5, and 17.9.3. Is this some sort of bug, or is there some nuance to this configuration that I have overlooked?

1 Accepted Solution

Accepted Solutions

derrick.moeller
Level 1
Level 1

I'm not sure what was causing the behavior, but it doesn't appear to have been related to the configuration. I restarted the POE switch that was powering the APs (and the EWC), when the EWC came back up both WLANs were working.

View solution in original post

4 Replies 4

derrick.moeller
Level 1
Level 1

An additional observation. I'm not sure what it means, but if I disable security on the second WLAN or change it to [WPA3][SAE][AES] the clients believe they are connected but do not appear on the dashboard, cannot be pinged, and cannot access network services. Would have to test if it's a permanent condition, or just until the session times out.

marce1000
Hall of Fame
Hall of Fame

 

  - Have a checkup-review of your  EWC    controller  configuration with the CLI command : show tech wireless  , have the output analyzed with : https://cway.cisco.com/wireless-config-analyzer
                                         Checkout all advisories!

  >...Both WLANs use [WPA2][PSK][AES] security, the issue I am having is that clients cannot connect to the second WLAN. Clients report various error messages depending on OS. e.g. "Incorrect Password", "Authentication Failed"
         
 Use the mentioned commands in https://logadvisor.cisco.com/logadvisor/wireless/9800/9800ClientConnectivity , for troubleshooting , you can have client debugs processed with : https://cway.cisco.com/wireless-debug-analyzer/

  M.

 



-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
    When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '

derrick.moeller
Level 1
Level 1

I'm not sure what was causing the behavior, but it doesn't appear to have been related to the configuration. I restarted the POE switch that was powering the APs (and the EWC), when the EWC came back up both WLANs were working.

Keep that fix handy in case that switch causes issues in the future.

-Scott
*** Please rate helpful posts ***
Review Cisco Networking for a $25 gift card