02-07-2012 11:30 AM - edited 07-03-2021 09:31 PM
Hi,
I've got two Cisco Aironet 1140 Access Points in my office. They're both setup as AP at opposite ends of the office with the same SSID, so employees can walk throughout the office without losing connectivity.
We recently re-started one of the AP's, but ever since the re-start, users cannot roam from one AP to another without dropping their internet connection to the outside world. In other words, if I originally connect on Side A and walk over to Side B, I lose my internet connection. Users can still access the internal network, and I can launch the web interface for both AP's. But, it seems like the DNS doesn't recover until I go back to Side A.
Any idea on what we could do to remedy this issue? Thanks for your help!
02-07-2012 04:02 PM
Need some more information in order to try and help you:
What mode are these AP's in? Autonomous or Lightweight?
If it's lightweight - what type of controller do you use?
It may be that the AP has failed to associate with a controller, or to get a valid IP address, logging into the console of the AP that appears not to be working would offer some more light with some debugging enabled?
02-15-2012 11:50 AM
Sorry for the delay.
The APs are running autonomously. They both have WPAv2 enabled with open authentication. It is supposedly using the AES CCMP cipher, although the web interface seems to default to WEP 128 bit each time I check it. We tried disabling the Aironet Extensions, but still continue to have issues.
Now the issues do seem to be isolated to Macbooks. PCs seem to be able to transition between the two APs, although there does appear to be spots where you can tell when the transition between the two APs is occurring.
Basically, the wireless connection holds, no problem. I can access the APs throughout the office. But, the internet drops when I walk from one end of the office to the other. If I walk back, then it is able to re-connect to the internet once it reauthenticates with the original AP.
02-15-2012 01:09 PM
Sounds like there's an issue with wireless signal strength and/or channel interferrence.
02-15-2012 01:57 PM
Have you looked into setting up WDS on the two APs to assist in roaming handoff?
02-15-2012 02:10 PM
I would not even suggest moving down the road of WDS for a 2 AP PSK configuration for sake of overcomplicating what seems to be a basic problem. The clients should be able to roam fast enough with the PSK to where the end-user would not even notice. There is a larger problem here.
Can you post the run-config from each of your APs? Are these APs on the same subnet?
You say you can reach your "internal" network resources when you have roamed, but not the "internet". If you can still reach your default g/w and internal resources; your wireless is working just fine. Access to the "internet" is in no way an indication that this roam is not working. If you roam and your client can no longer reach it's default gateway, "then" you might actually be having an issue. Are you "sure" DNS is the problem you are facing? Can you move to AP B, which doens't seem to have internet, and ping a public IP address like 4.2.2.2?
There are other debugs we can run to see what is happening, but I would start by posting both run-configs. Specify "which" AP appears to be causing the problem.
02-15-2012 06:52 PM
Lets be clear WDS is more over for 802.1X Auth fast romaing.
If you use PSK, then you only do a 4 way handshake between the AP and client.
If you do 802.1X you have the PEAP Auth and 4 way handshake.
I agree with David .. Lets see the config...
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide