10-29-2012 12:15 PM - edited 07-03-2021 10:56 PM
In my building, I have 15 1142n access points. They all seem to work fine (with this problem as the exception) and are autonomous. The problem isn't consistent, as it has only happened to a few of our APs so far. They work fine, then I’ll notice that a particular AP has 0 associations. I go check on it and see that it’s not an AP I can connect to (looking at the MAC I see the other APs around, but this particular AP is not offered as an option, even standing right under it). I can manage it just fine, ping it, etc, it seems “up”, just not offering out a connection. I reboot it and it works fine again, all of the sudden it’s now able to be connected to. This has happened on a few different APs across the floors, no rhyme or reason that I can find. They do all have the same IOS, but no luck so far finding others online having the same problem. Hoping that some of the more experienced people out here can give me a suggestion as what the problem may be.
Thanks in advance for your time.
10-29-2012 01:55 PM
does the issue happens on both radios.
display - show log from affected and good APs.
use inssider and confirm SSID broadcast.
10-29-2012 02:12 PM
What IOS versions are the WAPs running on?
10-29-2012 02:16 PM
when this happens again, cna you telnet/ssh in and pull
show controllers dot11radio 0
and
show controllers dot11radio 1
HTH,
Steve
------------------------------------------------------------------------------------------------
Please remember to rate useful posts, and mark questions as answered
10-30-2012 06:49 AM
Thanks for the response, everyone.
Saravanan - To clarify, Radio 0 (2.4Ghz) is down when it does this, the AP is up, and Radio 1 (5Ghz) looks to be up, but we use 2.4. I have used innsider with my test laptop and that's where I've seen (or better yet, not) the AP not offering out the SSID. After reboot, it's back up. But what causes it to go down...I have no idea.
Issuing the sh log command I see a device that has roamed to another area, as well as the point where Dot11 0 went down;
Oct 17 00:00:55.708: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to reset
Oct 17 00:00:56.708: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to down
Leolaohoo - We are running Version 12.4(21a)JA1
Stephen - I actually haven't reset the AP yet just so I can use it for troubleshooting. Here's a sh controllers dott11 0 from the downed radio:
interface Dot11Radio0
Radio AIR-AP1140G, Base Address d4a0.2a99.8bc0, BBlock version 0.00, Software version 2.10.19
Serial number:
Number of supported simultaneous BSSID on Dot11Radio0: 16
Carrier Set: Americas (US) (-A)
Uniform Spreading Required: No
Configured Frequency: 2412 MHz Channel 1
Allowed Frequencies: 2412(1) 2417(2) 2422(3) 2427(4) 2432(5) 2437(6) 2442(7) 2447(8) 2452(9) 2457(10) 2462(11)
Listen Frequencies: 2412(1) 2417(2) 2422(3) 2427(4) 2432(5) 2437(6) 2442(7) 2447(8) 2452(9) 2457(10) 2462(11) 2467(12) 2472(13) 2484(14)
Beacon Flags: 1, Interface Flags 82010D; Beacons are enabled; Probes are enabled
Configured Power: 20 dBm
Active power levels by rate
1.0 to 11.0 , 19 dBm, changed due to regulatory maximum
6.0 to 18.0 , 16 dBm, changed due to regulatory maximum
24.0 to 24.0 , 14 dBm, changed due to regulatory maximum
36.0 to 48.0 , 13 dBm, changed due to regulatory maximum
54.0 to 54.0 , 11 dBm, changed due to regulatory maximum
6.0-bf to 18.0-b, 16 dBm, changed due to regulatory maximum
24.0-b to 24.0-b, 14 dBm, changed due to regulatory maximum
36.0-b to 48.0-b, 13 dBm, changed due to regulatory maximum
54.0-b to 54.0-b, 11 dBm, changed due to regulatory maximum
m0. to m3. , 14 dBm, changed due to regulatory maximum
m4. to m5. , 13 dBm, changed due to regulatory maximum
m6. to m6. , 11 dBm, changed due to regulatory maximum
m7. to m7. , 10 dBm, changed due to regulatory maximum
m8. to m11. , 14 dBm, changed due to regulatory maximum
m12. to m13. , 13 dBm, changed due to regulatory maximum
m14. to m14. , 11 dBm, changed due to regulatory maximum
m15. to m15. , 10 dBm, changed due to regulatory maximum
m0.-4 to m6.-4 , 11 dBm, changed due to regulatory maximum
m7.-4 to m7.-4 , 10 dBm, changed due to regulatory maximum
m8.-4 to m14.-4, 11 dBm, changed due to regulatory maximum
m15.-4 to m15.-4, 10 dBm, changed due to regulatory maximum
OffChnl Power: 20, Rate 1.0
Allowed Power Levels: -1 2 5 8 11 14 17 20
Allowed Client Power Levels: 2 5 8 11 14 17 20
Receive Antennas : right-a left-b middle-c
Transmit Antennas : right-a left-b, cck single, ofdm single
Antenna: internal, Gain: Allowed 8, Reported 0, Configured 0, In Use 8
Active Rates: basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0 m0. m1. m2. m3. m4. m5.m6. m7. m8. m9. m10. m11. m12. m13. m14. m15.
Current Rates: basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0 m0. m1. m2. m3. m4. m5.m6. m7. m8. m9. m10. m11. m12. m13. m14. m15.
Allowed Rates: 1.0 2.0 5.5 6.0 9.0 11.0 12.0 18.0 24.0 36.0 48.0 54.0
All Rates: 1.0 2.0 5.5 11.0 6.0 9.0 12.0 18.0 24.0 36.0 48.0 54.0 m0. m1. m2. m3. m4. m5. m6. m7. m8. m9. m10. m11. m12. m13. m14. m15.
Default Rates: basic-1.0 basic-2.0 basic-5.5 basic-11.0 6.0 9.0 12.0 18.0 24.0 36.0 48.0 54.0 m0. m1. m2. m3. m4. m5. m6. m7. m8. m9. m10. m11. m12. m13. m14.m15.
Best Range Rates: basic-1.0 2.0 5.5 11.0 6.0 9.0 12.0 18.0 24.0 36.0 48.0 54.0 m0. m1. m2. m3. m4. m5. m6. m7. m8. m9. m10. m11. m12. m13. m14. m15.
Best Throughput Rates: basic-1.0 basic-2.0 basic-5.5 basic-11.0 basic-6.0 basic-9.0 basic-12.0 basic-18.0 basic-24.0 basic-36.0 basic-48.0 basic-54.0 m0. m1. m2. m3. m4. m5. m6. m7. m8. m9. m10. m11. m12. m13. m14. m15.
Current Voice Rates: basic-5.5 basic-11.0 6.0 12.0 24.0 [disabled until voice packet-discard enabled]
Default Voice Rates: basic-5.5 basic-11.0 6.0 12.0 24.0
Managment Rates: basic-11.0
Multicast Rates: basic-11.0
Data Rate Sensitivity (rate, SNR dB, Contention dBm)
( 1.0, 10, -93) ( 2.0, 10, -92) ( 5.5, 11, -90) (11.0, 14, -90)
( 6.0, 15, -89) ( 9.0, 16, -88) (12.0, 18, -88) (18.0, 19, -86)
(24.0, 20, -85) (36.0, 24, -81) (48.0, 27, -78) (54.0, 31, -77)
ERP settings: short slot time.
Neighbors in non-erp mode:
Thanks for the input, everyone!
10-30-2012 09:58 AM
#just curious, are you using wpa-tkip and seeing countermeasure attack.
#does show tech shows anything odd.
#If you do shut, no shut on radio does it come back up.
#update the AP ios to latest - c1140-k9w7-tar.152-2.JA.tar, if that didn't fix it then better open tac case or RMA.
10-30-2012 11:23 AM
Saravanan -
1.) We use AES CCMP / EAP. I'm not sure what you mean by countermeasure attacks. Care to expand on it a bit?
2.) Sh tech shows a lot of data, I haven't went through every line but here is the data on the radio that is down:
Dot11Radio0 is reset, line protocol is down
Hardware is 802.11N 2.4GHz Radio, address is d4a0.2a99.8bc0 (bia d4a0.2a99.8bc0)
MTU 1500 bytes, BW 54000 Kbit, DLY 1000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation 802.1Q Virtual LAN, Vlan ID 1., loopback not set
ARP type: ARPA, ARP Timeout 04:00:00
Last input 1w6d, output 00:00:00, output hang never
Last clearing of "show interface" counters never
Input queue: 0/1677/5/0 (size/max/drops/flushes); Total output drops: 785756
Queueing strategy: fifo
Output queue: 0/30 (size/max)
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
187284938 packets input, 986187019 bytes, 0 no buffer
Received 611980 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
0 input packets with dribble condition detected
27417750 packets output, 4258279884 bytes, 0 underruns
2762 output errors, 0 collisions, 12 interface resets
0 unknown protocol drops
0 babbles, 0 late collision, 0 deferred
0 lost carrier, 0 no carrier
0 output buffer failures, 0 output buffers swapped out
3.) I do a shut/no shut and it shows the Software as Enabled, but Hardware is still down.
4.) I will go ahead and update the IOS and get back if/when it breaks. It doesn't happen all of the time but I'll keep an eye on it. If anyone has any other suggestions in the meantime, please let me know. Thanks.
10-30-2012 12:02 PM
Can you post the show run ?
__________________________________________________________________________________________
"Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin
__________________________________________________________________________________________
"I'm in a serious relationship with my Wi-Fi. You could say we have a connection."
10-30-2012 12:32 PM
George-
Here you go, thanks for taking a look at it;
version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname AP53
!
enable secret
!
aaa new-model
!
!
aaa group server radius rad_eap
server 10.10.4.126 auth-port 1645 acct-port 1646
!
aaa group server radius rad_mac
!
aaa group server radius rad_acct
!
aaa group server radius rad_admin
!
aaa group server tacacs+ tac_admin
!
aaa group server radius rad_pmip
!
aaa group server radius dummy
!
aaa group server radius Server1
server 10.10.4.126 auth-port 1645 acct-port 1646
!
aaa authentication login default group Server1 local
aaa authentication login eap_methods group rad_eap
aaa authentication login mac_methods local
aaa authorization exec default group Server1 local
aaa accounting network acct_methods start-stop group rad_acct
!
aaa session-id common
clock timezone CST -6
clock summer-time CST recurring
ip domain name Work
ip name-server 10.10.4.10
!
!
dot11 syslog
!
dot11 ssid Private
vlan 80
authentication open eap eap_methods
authentication key-management wpa version 2
mbssid guest-mode
!
dot11 ssid Public
vlan 70
authentication open
mbssid guest-mode
!
!
!
username admin password
!
!
ip ssh time-out 60
ip ssh version 2
bridge irb
!
!
interface Dot11Radio0
no ip address
no ip route-cache
!
encryption vlan 80 mode ciphers aes-ccm
!
ssid Private
!
ssid Public
!
antenna gain 0
mbssid
speed basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0 m0. m1. m2. m3. m4. m5. m6. m7. m8. m9. m10. m11. m12. m13. m14. m15.
channel 2412
station-role root
!
interface Dot11Radio0.70
encapsulation dot1Q 70
no ip route-cache
bridge-group 70
bridge-group 70 subscriber-loop-control
bridge-group 70 port-protected
bridge-group 70 block-unknown-source
no bridge-group 70 source-learning
no bridge-group 70 unicast-flooding
bridge-group 70 spanning-disabled
!
interface Dot11Radio0.80
encapsulation dot1Q 80 native
no ip route-cache
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
bridge-group 1 spanning-disabled
!
interface Dot11Radio0.90
encapsulation dot1Q 90
no ip route-cache
bridge-group 90
bridge-group 90 subscriber-loop-control
bridge-group 90 block-unknown-source
no bridge-group 90 source-learning
no bridge-group 90 unicast-flooding
bridge-group 90 spanning-disabled
!
interface Dot11Radio1
no ip address
no ip route-cache
!
encryption vlan 80 mode ciphers aes-ccm
!
ssid Private
!
ssid Public
!
antenna gain 0
dfs band 3 block
mbssid
speed basic-9.0 12.0 18.0 24.0 36.0 48.0 54.0 m0. m1. m2. m3. m4. m5. m6. m7. m8. m9. m10. m11. m12. m13. m14. m15.
channel dfs
station-role root
!
interface Dot11Radio1.70
encapsulation dot1Q 70
no ip route-cache
bridge-group 70
bridge-group 70 subscriber-loop-control
bridge-group 70 port-protected
bridge-group 70 block-unknown-source
no bridge-group 70 source-learning
no bridge-group 70 unicast-flooding
bridge-group 70 spanning-disabled
!
interface Dot11Radio1.80
encapsulation dot1Q 80 native
no ip route-cache
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
bridge-group 1 spanning-disabled
!
interface Dot11Radio1.90
encapsulation dot1Q 90
no ip route-cache
bridge-group 90
bridge-group 90 subscriber-loop-control
bridge-group 90 block-unknown-source
no bridge-group 90 source-learning
no bridge-group 90 unicast-flooding
bridge-group 90 spanning-disabled
!
interface GigabitEthernet0
no ip address
no ip route-cache
duplex auto
speed auto
no keepalive
!
interface GigabitEthernet0.70
encapsulation dot1Q 70
no ip route-cache
bridge-group 70
no bridge-group 70 source-learning
bridge-group 70 spanning-disabled
!
interface GigabitEthernet0.80
encapsulation dot1Q 80 native
no ip route-cache
bridge-group 1
no bridge-group 1 source-learning
bridge-group 1 spanning-disabled
!
interface GigabitEthernet0.90
encapsulation dot1Q 90
no ip route-cache
bridge-group 90
no bridge-group 90 source-learning
bridge-group 90 spanning-disabled
!
interface BVI1
ip address 10.70.8.27 255.255.255.0
no ip route-cache
!
ip default-gateway 10.70.8.1
ip http server
no ip http secure-server
ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag
ip radius source-interface BVI1
radius-server attribute 32 include-in-access-req format %h
radius-server host 10.10.4.126 auth-port 1645 acct-port 1646
radius-server key
radius-server vsa send accounting
bridge 1 route ip
!
!
banner exec ^Do not attempt to log onto this network unless you are authorized to do so. If you need assistance, please contact the helpdesk.^
!
line con 0
line vty 0 4
transport input ssh
line vty 5 15
transport input ssh
!
sntp server 10.201.25.12
end
AP53#
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide