DHCP and WLC 4402 clients

Hi
Our scenario is that we are building a test rig-up prior to WLC deployment. We have a 4402 WLC with LAP1242s, Windows clients. The WLC is running v4.2.99 firmware.
Our problem is that the wireless clients are not collecting DHCP addresses.
The configuration is:
Base network address is 172.31.4.0 / 255.255.252.0.
WLC on 172.31.7.220 / .221.
DHCP server on 172.31.4.12
G/W on 172.31.4.1.
We are simulating the gateway with an ADSL router (not connected so no external traffic but at the moment that is the least of our troubles), and the DHCP server with a Cisco 805 router with only the Ethernet interface in use (the 805 permits us to configure a different D/G to the DHCP server).
We have a catalyst 2950 switch in the circuit which has no VLANs nor access-lists configured.
The wireless clients can associate to the LWAPs but do not collect an IP address.
Wired clients can collect DHCP addresses and ping the DHCP, GW and controller.
Can anyone help me understand what is going on here please and how to get the DHCP working?
We did use this configuration - exactly these boxes in fact - to configure a different WLC last week (different subnets though) and we were successful - but not now.
Thanks in advance

I see.
We are not using option 43 at all. The DHCP server is unchanged - the APs are using network broadcast to find the controller. As I posted above, the APs are contacting the controller without a problem, the clients are associating with the APs without a problem, only the clients weren't getting an IP adress.
The problem appeared to go away totally after I re-configured it with v4.1.185. It's in and working now so I won't be spending any more time on it.
While it would be interesting to try things out, these controllers are too expensive to have one lying around for long ;-)

Similar Messages

  • Wireless controller ha between wlc5508 and wlc 4402

    We have 2 wlc:  a wlc 5508 ( license 100 AP ) and  wlc 4402 ( license 12AP).
    We try to setup when 5508 down, 12 identify AP (important AP -Group A) will join 4402 and all other AP (not improtan AP -Group B)
    wont joint  wlc 4402.
    First, all AP join wlc 5508, 2 WLC have same mobility group.
    After that, we  config 12 APs belongto group A have primary and secondary wlc, group B only has primary wlc.
    When wlc 5508 down, some of APs of GroupA and   some of APs of GroupB join wlc 4402. We test many times and we have differnet result each times.
    is theare any way to resolve our problem?
    Thanks.

    Just to add, make sure that the WLC is running the same code, if not, then make sure the ap is supported on the code that is running on the 5508. The issue with mixed code is the ap will upgrade and downgrade very time they switch to a different WLC.
    http://www.cisco.com/en/US/docs/wireless/controller/5500/tech_notes/Wireless_Software_Compatibility_Matrix.html
    Sent from Cisco Technical Support iPhone App

  • WLC 4402 - clients connection to AP problem

    Hi, have a problem with clients connection to AP. On WLC can see status Probing, sometimes associated but no IP received. It was working for a month but stopped for some reason. Am slightly not sure on the steps how it all works ? First authentication takes the place and then IP assignment by DHCP, correct ? Could you please help in pinpointing the problem ? Radius reachable from WLC, AP's have IP's assigned by DHCP server from another subnet

    Hi,
    You can turn off the client exclusion and aironetIE under the wireless lan setting.
    You can also set to allow longer time out:
    config advanced eap eapol-key-timeout 5
    config advanced eap eapol-key-retries 4
    Below is the Reason code Meaning
    0 Reserved
    1 Unspecified reason
    2 Previous authentication no longer valid
    3 Deauthenticated because sending STA is leaving (or has left) IBSS or ESS
    4 Disassociated due to inactivity
    5 Disassociated because AP is unable to handle all currently associated STAs
    6 Class 2 frame received from nonauthenticated STA
    7 Class 3 frame received from nonassociated STA
    8 Disassociated because sending STA is leaving (or has left) BSS
    9 STA requesting (re)association is not authenticated with responding STA
    10 Disassociated because the information in the Power Capability element is unacceptable
    11 Disassociated because the information in the Supported Channels element is unacceptable
    12 Reserved
    13 Invalid information element, i.e., an information element defined in this standard for
    which the content does not meet the specifications in Clause 7
    14 Message integrity code (MIC) failure
    15 4-Way Handshake timeout
    16 Group Key Handshake timeout
    17 Information element in 4-Way Handshake different from (Re)Association Request/Probe
    Response/Beacon frame
    18 Invalid group cipher
    19 Invalid pairwise cipher
    20 Invalid AKMP
    21 Unsupported RSN information element version
    22 Invalid RSN information element capabilities
    23 IEEE 802.1X authentication failed
    24 Cipher suite rejected because of the security policy
    25-31 Reserved
    32 Disassociated for unspecified, QoS-related reason
    33 Disassociated because QoS AP lacks sufficient bandwidth for this QoS STA
    34 Disassociated because excessive number of frames need to be acknowledged, but are not
    acknowledged due to AP transmissions and/or poor channel conditions
    35 Disassociated because STA is transmitting outside the limits of its TXOPs
    36 Requested from peer STA as the STA is leaving the BSS (or resetting)
    37 Requested from peer STA as it does not want to use the mechanism
    38 Requested from peer STA as the STA received frames using the mechanism for which a
    setup is required
    39 Requested from peer STA due to timeout
    45 Peer STA does not support the requested cipher suite
    46-65535 Reserved

  • WLCS 4402 Client Session Timeout

    I am having an issue with my 4402. In the WLAN I have created there is a setting called Session Timeout. This by default is set to 1800 secs. This forces the clients to reauthenticate on the wireless every 30 minutes. I want to change this to 28000 secs. I have tried through both the Web and CLI. It seems to accept the change with no errors however will not take the change. I have even done this at CLI, saved the config and reset the system. Still at 1800. How do we get this changed?

    Hi Jim,
    Have a look at this thread, just a guess here but I don't think that this setting is the one causing the 30 minute timeout. My understanding was that this setting is actually in minutes (could be wrong),
    http://forum.cisco.com/eforum/servlet/NetProf?page=netprof&forum=Wireless%20-%20Mobility&topic=Security%20and%20Network%20Management&CommCmd=MB%3Fcmd%3Dpass_through%26location%3Doutline%40%5E1%40%40.1ddbab5d/0#selected_message
    Hope this helps!
    Rob

  • Inter-Controller and Inter-Subnet Roaming between WLC 4402 and 5508?

    Hi!
    Will it support roaming between WLC 5508 ver. 7.0 and WLC 4402 ver. 4.2?

    Here is the matrix for support of IRCM, but the answer is yes.
    http://www.cisco.com/en/US/docs/wireless/controller/5500/tech_notes/Wireless_Software_Compatibility_Matrix.html#wp116668
    Sent from Cisco Technical Support iPhone App

  • Catalyst 3750G and WLC 440x - Port Channel - Configuration - Best Pactice

    What is the best practice to use when configuring port channel between Catalystr 3750G switch stack and WLC 4402 / 4404 Wireless Lan Controllers:
    a) Negotiate to LACP
    b) Negotiate to PAgP
    or
    c) Hard-code to Port Channel without any negotiation.
    Any pointers to any useful links - much appreciated and configuration example as well.

    Answer is 'C'... channel-mode on
    Configuring Neighbor Devices to Support LAG
    The controller's neighbor devices must also be properly configured to support LAG.
    •Each neighbor port to which the controller is connected should be configured as follows:
    interface GigabitEthernet
    switchport
    channel-group mode on
    no shutdown
    •The port channel on the neighbor switch should be configured as follows:
    interface port-channel
    switchport
    switchport trunk encapsulation dot1q
    switchport trunk native vlan
    switchport trunk allowed vlan
    switchport mode trunk
    no shutdown
    Here is a link that explains it. Hope this answers your question:
    http://www.cisco.com/en/US/docs/wireless/controller/4.2/configuration/guide/c42mint.html#wp1116136
    Here is a Best Practice doc:
    http://www.cisco.com/en/US/tech/tk722/tk809/technologies_tech_note09186a0080810880.shtml

  • Can I use ASA to be a DHCP Server use in WLC wireless Client

    I want to use ASA to be a DHCP Server for Wireless Client not it can't.
    I check the debug log in WLC, I confirm the WLC have send the request to ASA.
    In the ASA, it don't have any hits in the rule when the WLC send the DHCP relay request.
    I have try don't use dhcp relay in WLC but don't success. Anybody have the same case with me? And Is the ASA can't support DHCP relay agent to request to get the IP Addr.
    P.S. In the Network Design limitation so I can't use WLC to be DHCP Server.
    Equipment:
    ASA5510
    WLC4402
    How can I fix it.
    Thank you very much

    The issue is that the ASA doesn't accept DHCP requests from a relay agent, only broadcast DHCP requests. In the 4.2 version for the controllers there is now an option so you can change the way the controller forwards DHCP requests so that it is sent as a broadcast and not from a relay agent.

  • Rolling upgrade of WLC 4402 controllers and APs

    In need to upgrade the software on two WLC 4402 controller in a hospital.   Both WLCs have the same config and one is primary (has all APs connected) and the other backup (no APs connected.)  The APs are placed so there is still coverage if one goes down in an area.    My question - is it possible to do a rolling upgrade to have no downtime for the wireless clients?  My plan would be to upgrade the backup WLC then selectively move APs to it.  If I swap the primary and secondary controllers in the high availability tab on each AP, do I need to do a reset (General - Hardware Reset) or will it automatically reboot and connect to the upgraded backup controller?   When I'm done, I'd upgrade the primary controller and now call that backup.   Does this make sense? 

    I've done this same sort of thing on a slightly larger scale about 5 times now at the hospital I work at.  Quick answer is "Yes, it is possible to do a rolling upgrade and have no downtime for wireless clients."
    I've got 5 WLC's, and I use the high availability tab to move all the AP's off one, upgrade it, and move all the AP's from the next WLC over to it, upgrade that one, etc.
    The thing you need to be careful of is your timing and your choice of APs to move.
    It generally takes about a minute to move an AP between WLCs running the same version.  But if there's a version change that makes the AP upgrade, you're looking at about 6 minutes.
    I do them one at a time, and when they show up in the WLC as being up, running and happy for 1 minute, I do the next one.  And so on.  Takes me about 3 days to go through all 5 WLCs and 375 APs.  Not once have I had a user notice the move.
    Also, in order to test, after I do the first upgrade, I move just one area's APs into that WLC for a day and then test the various flavors of gear we have (phones, infusion pumps, laptops, etc.) to confirm that the new version doesn't have any trouble.  Sometimes it does and I work with TAC to get things resolved before I do the whole hospital.
    jh

  • Netbios over tcp/ip and over wlc-4402

    dear gentlemen,
    i have one wlc-4402 controller and some clients. how to configure the netbios over tcp/ip in the controller, so that the clients can assiciate the network.
    thank?s in advance
    michael

    Nothing, you dont have to configure anything regarding Netbios. Regards

  • WLC 4402 username and password expires automatically

    Hi,
    We are facing issue with Cisco WLC 4402 (Cisco AireOS Version 4.2.205.0) and username and password expired automatically. It happens very often. We are not able to retreive the password, so everytime we need to reset(factory default) the Cisco WLC4402 and doing fresh installation.
    Whether it is the hardware issue or software bug.
    Also is there any possibility of recover the username and [password with resetting the cisco wlc4402.
    Kindly suggest on this issue.
    Regards
    S.Manikandan

    Hmmm.. Strange!! are we using any TACACS to manage?? or just the management username and password??
    I guess after 5.2 WLC code or so we have the option of resetting the password without losing the config!!
    Regards
    Surendra

  • Backplane and throghput in wlc 4402

    hi,
    what is the back plane and through put of wlc 4402 ,is there any backplane and throughput 1131 series wireless device,
    2. what is difference between data rate and bandwidth, i mean 54mbps signifies in wireless datarate or its bandwidth per ap 1131

    Hi,
    The throughput of the 4402 is up to 2Gbps if its ports are bundled in a etherchannel.
    For access points, data rate is the speed at which the data frame is transmitted. to evaluate throughput you must add the fact that the medium is half-duplex, that there is signaling overhead and that there are moments of silence.
    Overall, the throughput for a 11g access points (1130,1240) is 19Mbps. This is what you test in real life with iperf.
    Regards,
    Nicolas

  • WLC 4402 Web Authentication, Mac Filtering and Layer 2 Seciruty

    Hi All,
    I have configured web authentication and Mac filtering on WLC 4402 for my wireless network and its working fine. I wants to configure layer 2 security for the same Wireless network without pre shared key. Could you please advice how to configure layer 2 security with web authentication withour preshare key.
    Is there any security issue with web authentication and Mac FIltering only? My concern in my wireless network shows open.
    Thanks,
    Kashif

    Hi,
    if you have a ACS, then you can do Web auth Splash page!!! Please refer to the below doc!!
    http://www.cisco.com/en/US/products/ps6366/products_configuration_example09186a0080956185.shtml
    Lemme know if this answered ur question!!
    Regards
    Surendra

  • Wlc 4402 and 1010 Aps

    Hi,
    I have 2 vlans (wired-side) in my corporation: the first one for Data (vlan 1, native) and the second one for voice (vlan 2). We've just get a wlc 4402 with 1010 Aps and I would like to know one thing:
    Could I create 2 Ssids(one for voice and another for Data) and map each one to its wired Vlan?.
    Does the 1010 Ap support 802.1q?
    Thanks in advance for your help

    The 1010 aps connect to the switches as hosts
    (switchport mode access; switchport access vlan ...)
    The controller has 2 ports that connect to the network as trunks. You can connect them as port 1 and 2, or put them in a lag group [aka etherchannel)
    All the vlan trunking is done at the controller port to switch port. The AP sends the info down to the controller over the vlan specified for the aps
    In your case, you should create another vlan for the APS.
    The 4402 controller mgmt interface would sit in the same vlan as the APs. You would then create dynamic interfaces on the controller that have a vlan id and ip address for the desired network per your needs. You would then create a wlan on the controller and then bind it to the dynamic interface you just created.
    I am oversimplfying this process quite a bit, but it should get you started. There is now a good bit of info on cisco.com for the wireless products

  • WLC 4402, LAP1242AG APs and Layer 2 Switch Network Design

    Hi Every One,
    I am new designer in the Wireless technology. During design i came accros through a confusing/complex existing topology which i have to integrate with WLC 4402 as below;
    Existing:
    1: I have 12 Switches; all vtp mode server. all in single vlan 1 with single subnet 192.168.0.0/24. All users ports in this single vlan 1.
    2: All of these are old switches including 2950G, 350GXL, 4912.
    3: All the switches gateway is Pix Firewall (192.168.0.1).
    To Do:
    1: I have to implement 1 * WLC 4402, 22 *LAP1242AG Access Points.
    2: WLC will be connected to 350GXL or 4912 through Fiber.
    3: Access Points will be connected to all other 20 switches randomely.
    Confusion:
    1: In my design i created separate vlan 450 for WLC and APs management. But this is not doable in this current setup because all the switches are vtp mode server. Also the gateway is Firewall. Which will require configuration on all existing switches + Pix.(I DONT WANT TO GO FOR THIS OPTION).
    2: To make my work easy, is this possible to Put the WLC, APs in the same vlan 1 (192.168.0.0/24) that is currently used by the existing switches? The gateway for these WLC and APs will be Pix (192.168.0.1).
    3: I tried to search Cisco examples, but in every example Cisco has made a separate vlan for WLC, APs management. So will Point 2 worK?
    4: Do i require any specific changes for this?
    5: ANY OTHER DESIGN SUGGESTION?????????
    Please find the attached Diagram for more information.

    Thanks for the reply.
    1: U mean dat the switch port config will be as below;
    int g0/10
    description connected to WLAN Controller
    switch mode access
    switch access vlan 1
    int g0/23
    description connected to AP
    switchport mode access
    switchport access vlan 1
    so below wil b the sumary of config:
    All switches, WLC, APs, Wireless users and Wired users will be in the same subnet (192.168.0.0/24). Is it ok??
    2: Wat do u mean by vtp config; Please clarify???
    As i mentioned all switches are in vtp mode server. vtp domain name is configred on 12 out of 15 switch. Do i need to config same vtp domain name on all switches? I also have to check vtp pass??

  • WLC 4402 and 802.1x How to...

    We have an WLC 4402 with the latest code on it. We also have LAP1131AG as our AP's. We have an MS IAS as our RADIUS server. Is there a document on how to implement 802.1x for the internal Laptop users to use wireless networking in the office?
    Thanks.

    Hi Kendo,
    See f this link helps you
    http://www.cisco.com/univercd/cc/td/doc/product/wireless/control/c44/ccfig41/c41sol.htm#wp1086421
    http://www.cisco.com/univercd/cc/td/doc/product/wireless/control/c44/ccfig41/c41sol.htm#wp1086421
    HTH
    Ankur
    *Pls rate all helpfull post

Maybe you are looking for

  • Po Migo Miro tables

    Dear Gurus Pls tell me what are the tables that are effected ( data flow to which tables) during the creation of purchase order, goods recpt and invoice verification thanks in advance Regards John

  • The duplicate command?

    Obviously i'm missing something, i'm trying to manipulate some code to place a sequence of pdf pages and include the option to duplicate the placed page on the spread for a "2 up imposition". (with an offset of 148.5mm) the code does the duplication

  • Photo Downloader freezes while Devicelist is loading

    Hi there, on my iMac (OSX 10.5.8) the Photo Downloader works well when the system is "freshly started". At any uncertain point in time, when I launch Bridge and the Photo Downloader, the window "Device list is loading" (actually "Geräteliste wird gel

  • Fireworks does not export layers to files

    I'm trying to do a very simple task in Fireworks and for some reason it will not work. I have a document with one Page and one State and 30 Layers. All I need to to do is export each Layer to a File. According to Adobe's own documentation all I shoul

  • Always re-caching email/re-synchronizing w/ server when launching Mail

    I had to change my email address on my personal domain I have. for privacy concerns i will just label it 'example.com'. Iam using IMAP for my domains on a shared hosting account. My long-term email account is [email protected], however I've had to ch