cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2859
Views
19
Helpful
12
Replies

New WLC: Can only connect to first SSID created

c.s
Level 1
Level 1

I've set up a 2504 wlc and 3x 3602i access points.

The problem is that I'm only able to connect to the first SSID created (SSID1), not the second (SSID2) or third (SSID3)

If I delete all SSIDs and create SSID2 first, then it will work, but not SSID1 or SSID3.

SSID1 -> interface: wlaninternal (vlan5)

SSID2 -> interface: guest (vlan10)

SSID3 -> interface: mobile (vlan20)

I am able to see all SSIDs, but after entering password the clients says it's unable to connect.

All necessary settings has been added to the switches and firewall.

I'm currently using wlc software v7.3.101.0(ED) and have tried downgrading to 7.2.110.0(ED) and 7.1.91.0(ED), but still the problem remains.

Could I have accidentally changed a setting? What am I missing here? Appreciate all suggestions!

12 Replies 12

Scott Fella
Hall of Fame
Hall of Fame

7.3 should work fine. Are you using ap groups at all, if so, check to make sure the wlan's are configured correctly in te ap groups. If you are not using ap groups, then can you attach your show run-config so we can take a look.

Sent from Cisco Technical Support iPhone App

-Scott
*** Please rate helpful posts ***

I'm just using the default settings -> 'default-group'

Leo Laohoo
Hall of Fame
Hall of Fame

Have you tried OPEN authentication of all the SSID?

Did you put the WLC in a LAG and assign all the SSID to the LAG or did you assign each SSID to each port?

What error message do you get when you try to join the other SSID?

I think I've tried SSID1 -> wpa2 and SSID2->Open auth, that didn't work. I'll try with Open auth on all SSIDs later, as I'm not onsite at the moment.

Lag is not supported on 2504 wlc. I'm just using a single port to the switch.

I think I've tried SSID1 -> wpa2 and SSID2->Open auth, that didn't work.

If OPEN authentication doesn't work then the problem rests squarely with the client.

Have you tried other clients?

aaroncoffman
Level 1
Level 1

What do you see when you run 'debug client (MAC address)' from the cli while trying to connect?

I agree with trying open auth.

Regards.

Aaron

I've been testing with one laptop, one windows phone and an iPad.

It seems there's something wrong with the laptop because when I used different one, it worked

Mobile clients however, still doesn't work.

I've attached the debug-client log. I used an iPad to log on. There definitely something happening at logon.

Amjad Abdullah
VIP Alumni
VIP Alumni

Chris:

I think (just guessing...) this issue is related to how you map your interfaces to the physical ports. You have 3 SSIDs each is on different VLAN and hence mapped to different interfaces. What is the mapping for the interfaces to the physical ports?

Also, how many physical ports are connected from the WLC to the neighbor switch?

You want to say "Thank you"?
Don't. Just rate the useful answers,
that is more useful than "Thank you".

Rating useful replies is more useful than saying "Thank you"

Everything goes through port 1. It's a small network, so I'm keeping the design simple. Only port 1 on wlc is connected to the switch, just like the scenario.

described here: http://www.cisco.com/en/US/products/ps11630/products_tech_note09186a0080b8450c.shtml#scenario1

The only difference is that I'm using three vlans.

wlc port1:

        -INT: mgmt/ap mgmt (vlan 249)

        -INT: employees (vlan 248)

        -INT: guest (vlan 247)

        -INT: employees-mobile (vlan 246

ssid:

     ssid1-> INT: employees

     ssid2-> INT: guest

     ssid3-> INT: employees-mobile

All trunk settings on relevant switches and firewall is correct. I've specified allowed vlans on trunk ports.

Are you testing with 1 client or multiple clients? If testing with just 1 client and Fast SSID change is disabled I could see that blocking your connection to the other SSIDs.

Again like Aaron mentioned above we need to see the debugs of the client attempting to connect.

c.s
Level 1
Level 1

I've tried with serveral PCs and mobile clients, and the problem seems to be resolved. Seems part of the problem was bad test clients (pc and mobile).

I've also enabled Fast SSID change the WLC, which seems to have resolved the problem regarding some mobile clients not being able to connect.

Thank you to everyone for your help!

Good to know you found the issue. It's always good to have multiple devices for testing as you have experienced. I always bring multiple devices that I know works when I perform my testing on installs I have done.

Fast SSID change helps if you switch from one SSID to another, but in most cases you don't want to have a client be able to connect to more than one SSID. Having multiple WLAN profiles in a device might cause you headaches if the device connects to a different SSID that breaks an application they are running because the vlan they are put in has acl's that block certain traffic.

Sent from Cisco Technical Support iPhone App

-Scott
*** Please rate helpful posts ***
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: