Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1822
Views
0
Helpful
4
Replies

Wireless clients having issues with WLC

Bali Khan
Level 1
Level 1

‎12-22-2016 01:22 AM - edited ‎07-05-2021 06:15 AM

Hi - I am working on an issue and need urgent help as it has been going on since couple of weeks.

We have Anchor (Main) WLC which is working as DHCP server with a lease of(192.168.128.11-> 192.168.129.255) range for guests / visitor wifi.

There are 3 Foreign WLCs connected with WLC which have several APs connected.

Users when connect to wifi are asked for sign-in page where they put username/password (goes to authentication servers) and can then log in and do browsing.

Some users complain when they log in, but they cannot browse. For some users its fine.

What I have done so far:

1. On Anchor controller DHCP leased is set for 1 hour and it has /22 pool but normally during peak hours maximum 150 - 200 appear in leased table. so I ruled out DHCP leased problem or expiry timing issues.

2. I ruled out APs as well as it happens randomly.

3. But on foreign controllers some times, I see below messages :

apf_radius.c:2066 'AcctStop' clt MAC: c8:v6:f5:8a:e6:ab  AP MAC: 00:c8:7d:9c:b8:d0 Role 'Handoff' PemState 'DHCP_REQD' SSID 'Visitor' Connected for '4' secs

apf_radius.c:2066 'AcctStop' clt MAC: 60:a5:7u:f5:bf:bd  AP MAC: 00:c8:8c:9c:b6:f0 Role 'Export Foreign' PemState 'DHCP_REQD' SSID 'Visitor' Connected for '133' secs

*apfReceiveTask: Dec 22 08:43:56.850: #APF-3-NO_FRAMED_IP_ADDRESS: apf_radius.c:2066 'AcctStop' clt MAC: 00:ae:fa:ee:cc:cc  AP MAC: 00:c8:7:1a:c5:00 Role 'Export Foreign' PemState 'START' SSID 'Visitor' Connected for '22' secs

4. On Anchor WLC I see this in logs:

Bad DHCP packet from 192.168.128.4, dropping
*DHCP Server: Dec 21 23:04:33.202: #DHCP-3-BAD_DHCP_PKT: dhcpd.c:529 Bad DHCP packet from 192.168.128.4, dropping
*DHCP Server: Dec 21 23:00:26.496: #DHCP-3-BAD_DHCP_PKT: dhcpd.c:529 Bad DHCP packet from 192.168.128.4, dropping
*DHCP Server: Dec 21 23:00:24.798: #DHCP-3-BAD_DHCP_PKT: dhcpd.c:529 Bad DHCP packet from 192.168.128.4, dropping
*DHCP Server: Dec 21 23:00:20.491: #DHCP-3-BAD_DHCP_PKT: dhcpd.c:529 Bad DHCP packet from 192.168.128.4, dropping
*DHCP Server: Dec 21 23:00:16.061: #DHCP-3-BAD_DHCP_PKT: dhcpd.c:529 Bad DHCP packet from 192.168.128.4, dropping
*DHCP Server: Dec 21 22:57:54.626: #DHCP-3-BAD_DHCP_PKT: dhcpd.c:529 Bad DHCP packet from 192.168.128.4, dropping
*DHCP Server: Dec 21 22:57:49.976: #DHCP-3-BAD_DHCP_PKT: dhcpd.c:529 Bad DHCP packet from 192.168.128.4, dropping
*DHCP Server: Dec 21 22:57:47.794: #DHCP-3-BAD_DHCP_PKT: dhcpd.c:529 Bad DHCP packet from 192.168.128.4, dropping
*DHCP Server: Dec 21 22:56:54.782: #DHCP-3-BAD_DHCP_PKT: dhcpd.c:529 Bad DHCP packet from 192.168.128.4, dropping


Dec 21 17:51:36.196: [ERROR] ews.c 871: ewsRun: Bad State - should be suspended: 0x0


*emWeb: Dec 21 17:22:03.366: #SYSTEM-3-PASSWD_STORE_INTEGRITY_FAILED: passwd_store.c:475 Cannot retrieve secret from store -- integrity check failed.
*emWeb: Dec 21 16:22:08.900: #SYSTEM-3-PASSWD_STORE_INTEGRITY_FAILED: passwd_store.c:475 Cannot retrieve secret from store -- integrity check failed.

Dec 21 16:00:49.355: [ERROR] ews.c 871: ewsRun: Bad State - should be suspended: 0x0


*DHCP Server: Dec 21 15:21:12.577: #DHCP-3-ADDR_NOTIN_POOL: pools.c:172 Error: Ip Address 192.168.0.24 is not in pool (192.168.128.11-> 192.168.129.255)
Previous message occurred 27 times.


Dec 21 10:28:28.627: [ERROR] ews.c 871: ewsRun: Bad State - should be suspended: 0x0


*mmMobility: Dec 21 10:26:52.924: #MM-3-MIP_READ_ERROR: mm_mobile.c:891  Mip is corrupted, possible race condition. mmMyPending Q size = 0   mip->magicNumber = 0. Encountered memory error, Please report the error if you experience a crash.
Previous message occurred 21 times.

On non working users, I ran ipconfig / dnlookup / ping to gateway which look fine to me as IP is assigned correctly via DHCP Server / Anchor WLC.

The issue is that they cannot browse.  This is intermittent.

What the above logs mean on the Foreign WLC and Anchor WLC ?

Apart from that any other suggestion would be helpful as this is an urgent issue and going on since 2 weeks.

Thanks.

  

Labels:
0 Helpful
4 Replies 4

Rasika Nayanajith
VIP Alumni
VIP Alumni

‎12-22-2016 10:18 AM

Even thoug DHCP server feature is supported on WLC, it is not an ideal platform to run as a DHCP server.

I would think if you can use something else as DHCP server, you won't see this issue

HTH

Rasika

0 Helpful

Leo Laohoo
Hall of Fame
Hall of Fame

‎12-22-2016 03:18 PM

Some users complain when they log in, but they cannot browse. For some users its fine.

Before going any further, can you confirm the affected users are able to obtain a valid IP address or not? 

As what Rasika said, I don't recommend using the WLC as a DHCP server (for either AP and/or wireless clients).

0 Helpful

Bali Khan
Level 1
Level 1
In response to Leo Laohoo

‎12-23-2016 01:43 AM

thanks for your reply. Yes they do get valid IP from that range which we have assigned. IPconfig shows that but they cannot browse. DHCP range has 510 address - we normally have 150 - 200 users at one time. leased time is also 1 hr which is fine. this all was working fine 2 weeks ago. no change was made in the network around that time. 

0 Helpful

Leo Laohoo
Hall of Fame
Hall of Fame
In response to Bali Khan

‎12-23-2016 03:44 AM

IPconfig shows that

Bah.  Post the complete output to the command "sh client detail <MAC address of one of the affected wireless clients>".

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card