cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
992
Views
5
Helpful
8
Replies

Wireless scanners on Lightweight AP's

eoinwhite
Level 1
Level 1

Hi,

I am installing a WLC and LWAPPs to replace heavyweight Cisco 1121 AP's. I have deployed the WLC and LWAPP's in the same subnet as the Original 1121's. I have replicated the 1121 settings on the controller.

The scanners associate with the SSID and pass authentication on the ACS server. However the linktest fails from the WLC the scanners can't ping theit servers either. However the WLC can ping the scanner's server.

It works fine when I bring the scanners back to a location with the heavyweight 1121's.

1 Accepted Solution

Accepted Solutions

Just out of curiousity, are you using Symbol / Motorola scanners? There was an EAP setting on the WLC that needed to be set in order to get my handhelds to play nice with 802.1X. Check to see if this setting is in place on the WLC...

key index = 3, not 0

To check, run this...

show advanced eap

Check the key index value. If it is zero, please try setting it to three.

config advanced eap key-index 3

Also, if this is indeed Motorola equipment, I recommend that you have the latest OS update (wireless Fusion drivers) installed...

View solution in original post

8 Replies 8

gamccall
Level 4
Level 4

The first step I usually take when trying to troubleshoot connectivity for nontraditional clients is to associate my laptop to the same SSID and see if I can replicate the problem- if I can, then figuring it is usually a lot easier from my laptop.

The first obvious questions to ask in this scenario are, do your clients get DHCP addresses, and can they ping their gateway?

Hi,

So the scanners are statically addressed and cant even ping their default gateway. (Remeber they can if I bring them to an area where the old 1121's are) The Layer 3 interface-default gateway is on a PIX.

The scanners use a "wavelink" application to and communicate with an "avalanche" server The current setup uses 802.1x with WEP encryption.

The scanner has a configuration simular to this ... http://ja.pastebin.ca/raw/34326.

How could I test it on my laptop ?

So I tested this on my laptop and it works fine.

What I did was I created a second SSID (on the same VLAN as the Scanners) but this time used just a WPA key to authenticate.

The only difference between the 2 SSID's is the SSID for the scanners uses 802.1x with WEP encryption and the SSID for the laptop uses a WPA key.

When I check the Controller I can see the scanner associated and authenticated and when i check the ACS I can see the scanner has passed authentication. Yet the scanner cant ping anything.

On the heavyweight AP's on the same VLAN the scanner works fine ???

I am confused.

Just out of curiousity, are you using Symbol / Motorola scanners? There was an EAP setting on the WLC that needed to be set in order to get my handhelds to play nice with 802.1X. Check to see if this setting is in place on the WLC...

key index = 3, not 0

To check, run this...

show advanced eap

Check the key index value. If it is zero, please try setting it to three.

config advanced eap key-index 3

Also, if this is indeed Motorola equipment, I recommend that you have the latest OS update (wireless Fusion drivers) installed...

Good tip. Will standard Windows still connect using the modified key index value?

Hi I just wanted to note on the other question that was asked. Yes, with the eap index set to 3, you can still have phones, laptops, scanners, etc. connect without problems. I have multiple site locations with this config (key-index 3) and they run without any authentication issues...

Jason Aarons
Level 6
Level 6

The same thing fixed my Symbol handhelds, I could assoicate but not ping anything.

config advanced eap key-index 3

Worked like a charm.

Review Cisco Networking for a $25 gift card