3502 access point keeps disassociating

Similar Messages

• Access Points keep associating and disassociating from WLC

  I have numerous access points, both 3502 and 3602's that are connected to Cisco 2960s POE switches that will disassociate and then reassociate themselves with the WLC.  The WLC and access points are running 7.4.110.0.  The particaular Cisco 2960s POE switch in this case is running 12.2(55)SE3, RELEASE SOFTWARE (fc1).   This is becoming a widespread issue.

  When the AP recovers, what is the physical up time and WLC association time. 
  Now if your AP(s) regularly reboots then I'd consider you test the cable runs using the on-board TDR feature of your switch.

• WCS displays Access Point as disassociated but WLC shows as associated

  Hi all,
  I have a WCS ver 7.0.172, a 5508 WLAN Controller with ver 7.0.116.0. At this WLC 21 Access Points (AIR-LAP1131AG-E-K9 ) were associated. As well I have one CleanAir Access Point (AIR-CAP3502E-E-K9) is associated.
  And now ... my problem:
  every time the WCS got a critical error and reports that the AP is disassociated from Controller. But if I take a look to the WLC the AP is associated and works at local mode and have two clients associated.
  I cleared the alarm - a few minutes later the alarm will be reported again. Same result if I delete the alarm.
  Could anybody give support for that issue.
  Thanks and regards
  Holger

  Hi Holgerseiler,
  Have you got any information/solution on this issue?
  I also have same kind of issue. I have a WCS with version 7.0.172.0, and around 25 WLCs (version7.0.116.0, in which i checked) and totally around 1000 APs are assiociated in wireless network.
  Some error messages are coming on my WCS device like
  "AP disassociated from Controller [ip]"
  Here AP name and WLC ip address will change randomly, but there is no impact on my network.
  Thanks in advance
  Sangeeth BS

• Cisco aironet access-point keep asking username/password

  Hi all,
  Some of my access-points (Light Weight) just keep asking username/passwords when accessed through web and clicked on any option available there. Any idea why that happens?
  Thanks in advance!
  Gaurav

  Some of my access-points (Light Weight) just keep asking username/passwords when accessed through web and clicked on any option available there.You sure it's LWAP?  The reason why I'm asking because you would NOT be able to access an LWAP over HTML because it's LWAP.

• 3502 access point will not connect to 4400 Series WLAN controller

  I recently upgraded our controllers to the latest version 7 software, as I read this was one of the requirements to get them to connect.  But I am not having any luck getting into a controller.  Normally I plug them in to the network, they pop into the controller listed as something like AP5057.a844.xxxx and then I can finish configuring them, but a static IP on them, etc...
  This is the first of this model AP I have tried to deploy, so I am wondering what is different with these. or what I might be missing in the default config in the WLAN controllers.
  Niether of which are set to "Master" either.
  Thanks in advance, Tandrist

  Hi,
  The 3500 as you mention are supported on code 7.0
  To get the access point to join the WLC we have different options.
  If the access points will be on the same subnet as the WLC then you just need to get the APs to get a valid IP address from the DHCP server and once they have an IP address they will join the WLC because they are on the same subnet as the WLC.
  If the access points are on a different subnet then the WLC you will need to have a DHCP server configured to give the unit an IP address and use option 43 or DNS so that the APs can send the join request to the correct WLC on a different subnet.
  Or if not configure the AP via the console port with the static IP address and WLC IP address.
  Also make sure that you have the correct country code enable on the WLC, and that the APs you purchased are the ones to work in this country, because if not the AP will not join the WLC.
  http://www.cisco.com/en/US/prod/collateral/wireless/ps5678/ps10981/data_sheet_c78-594630.html

• Trying to get home shaing working on apple tv using Cisco Access points and a Cisco WLC 5508 with 7.2.110 code.  I can get devices working individually but they never see each other.  I can ping the apple tv from my laptop and ipad.

  Trying to get home sharing working on a corporate wireless network.  Cisco wireless.
  WLC5508 controller
  Cisco 3502 access points
  All apple devices on same WLAN - security WPA2-PSK
  ITunes account up to date
  All devices laterst software.
  Can ping apll tv from laptop
  can ping apple tv from ipad
  Can ping ipad from laptop
  can ping laptop from ipad.
  Apple tv never sees any other device.
  Any ideas?

  Fascinating just reading about your setup. I have a WRT350N and have noticed that it will drop its speed, sometimes down to 1Mbps. It seems to do so at about the same time every day, but usually comes back to speed in about 5 minutes. In my experience, the Apple TV will disconnect if the speed falls this low. Try monitoring the Linksys with Netstumbler, Vistumbler, or just in the Windows Network utility.
  Check the "lease obtained" and "lease expired" times for your router to see if that is when the network fails. I've just finished reading an angry thread over at the Linksys forum about the WRT330N where someone mentioned that the router wasn't renewing its lease.
  "I cannot set it run off automatic DHCP from the WRT330N, the router will not assign it an IP every time the lease expires, causing me to have to manually set an IP on the Print server. That's annoying. Having the router drop IP's to individual machines after 12-48 hours...very annoying."
  http://forums.linksys.com/linksys/board/message?board.id=Wireless_Routers&thread .id=67412
  If that is the problem, then I would consider setting up a Static IP address for your Apple TV. You can do that through the user interface -> Settings -> Network -> Configure ... (Quite intuitive as you only have change IP address and the subsequent details remain the same.)
  My router assigns IP Addresses in the ranges of 192.168.1.100 ->149. The idea here is to choose an address outside of that range but is not greater than 192.168.1.253 (and should not end in the number 1). You shouldn't have to change the linksys router as long as 50 clients are assigned in that range. You'll have to figure that out by accessing your router webpage at browser address 192.168.1.1 -> the default password is "admin" (without the quotes).
  Good luck.

• N86, PAYG - keeps asking for Access Point

  Hi, I have a N86 with O2 on pay-as-you-go. For some reason, it's keeps asking me for a "Access point user name" and password. It asks this even when I not trying to use the phone.
  The phone works for calls. and I can connect to the internet to browse the web. I can't connect to the internet to use data to use AGPS though.
  Anyway, it sounds as if the phone is regularly trying to connect to an access point to obtain some data. Any ideas why would be appreciated...I really can't think that anything is set up that should cause this. 

  go to connectivity settings and set to automatic instead of always ask . Or as aspergerguy suggested turn geo tagging on and off as required , but if you check your settings in connectivity it should work without asking good luck
  If I have helped at all, a click on the White Star is always appreciated :
  you can also help others by marking 'accept as solution' 

• Mac mini not keeping connection with Cisco wireless access point

  I am trying to get my wife's Mac Mini to keep it's connection with the wireless network at her school. They are using a Cisco access point (not sure of the model) which works fine with my G4 Powerbook and the numerous Macbooks being used there, but for some reason her Mac Mini drops the connection after 4 or 5 minutes, at which point she needs to log right off for it to reconnect (as opposed to just turning the card off and on again). I have already gone through the deletion of the Networkinterfaces.plist file, and recreation of the Airport card profile process, but this only kept the interface active for about 36 hours, then it was back to the same old problem. At this point I am thinking "flakey card"...before I ship it off to Apple, can anyone offer any other possible solutions?

  After spending time on the phone with a Apple support technician, he indicated that the Iphone has a compatibility problem with the wep key encryption that the Cisco appliance uses. I find this disturbing being that Cisco is the biggest in network gear. What's UP Apple? We need SP1 for the IPHONE!!!

• N8 camera keeps asking for access point setting

  Most times when I start the camera I get the popup saying "Network connection required. Define access point to connect?". I realise that it'll need a connection because I've enabled geo tagging, but shouldn't I only have to set this once? I've looked in the menus & can't find anything in there to set it permanently. It;'s most annoying & I reckon I'll be missing photo opportunities because of it.
  Nokia N8 on Belle

  go to connectivity settings and set to automatic instead of always ask . Or as aspergerguy suggested turn geo tagging on and off as required , but if you check your settings in connectivity it should work without asking good luck
  If I have helped at all, a click on the White Star is always appreciated :
  you can also help others by marking 'accept as solution' 

• Can interference cause an access point to reboot?

  I recently configured our WCS to send email notifications.  Monitor > Alarms > Email Notification
  I now receive emails from WCS stating that some access points dissassociate from the controller, and then another email stating they are back again.  Not the same APs, not all at the same time, etc.  We have 1200+ access points.  A very small percentage... maybe one or two per day decide to leave the controller and then come back.
  Looking at the controller, I see this is a true statement.  I see that the access point's uptime is equivalent to the time is left the controller and came back again.
  My question is... does anyone else have this configured, and if so, what was causing the access points to disassociate?  I cannot tell if the access point is actually rebooting or simply wandering away from home.
  Is there a way to see what caused the AP to leave and come back again?  With nobody in the building at 7pm, I don't think it was human intervention.  Other access points on the same switch, and they don't wander.  I do wonder if interference or something else can cause an access point to reload.
  The APs are AIR-LAP1210 on a 5508 running 7.0.98.0 
  Are there any known bugs that you are aware of?
  Thanks in advance!
  WCS has detected a change in one or more alarms of category AP and severity Critical in Virtual Domain root.
  The new severity of the following items is Clear:
  '802.11a' interface of AP 'ap02' associated to controller 'WLC-1 (10.10.10.1)' is up. Reason: Radio interface reset.
  '802.11b/g' interface of AP 'ap02' associated to controller 'WLC-1 (10.10.10.1)' is up. Reason: Radio interface reset.
  AP 'ap02' associated with Controller '10.10.10.1' on Port number '13'.
  E-mail will be suppressed up to 30 minutes for these changes.
  WCS has detected one or more alarms of category AP and severity Critical in Virtual Domain root for the following items:
  802.11a interface of AP ap02 is down: Controller 10.10.10.1
  802.11b/g interface of AP ap02 is down: Controller 10.10.10.1
  AP 'ap02' disassociated from Controller '10.10.10.1'.
  E-mail will be suppressed up to 30 minutes for these alarms.

  You are in luck. Like you we have 4500 radios and we turned on alerts and we got slammed on this as well. I will share with you some of the things that contriubuted to our problem. It just wasnt one issue...
  1) We had 200 APs configured as a primary to 1 WLC. Well that WLC could only take 150. So when one AP jumped off there were 50 other aps interested in getting on. And when this happened we got an alert. We only fill 125 per wism today. This cut down on a good portion of our alerts
  2) We disbaled ap fall back. Once the aps were where we wanted them we killde ap fall back. (no more bouceing around).
  3) We had a few aps with link problems. Not many but a few. These aps would lose data connection but still keep power and not reboot. We either had to replace the patch cable or do a new run.
  Take a few and investigate them. You will start to develop your own pattern.
  If you find this helpful please kindly rate all helpful post!

• Setting up a netgear n300 as wireless bridge/access point with airport extremee

  I just replaced my netgear wireless router with the airport to allow our many devices on the network without knocking each other off and also increase the speed.  But would like to use the netgear as a wireless bridge or access point so that I can still connect my NTFS formatted hard drive to be shared on the network.  Any suggestions would be appreciated.  I can not seem to find my netgear router with 192.168.1.1 as that comes up with another device.  I have tried doing this with a windows laptop in another room but can not seem to make it work.  I am now hooked up directly to the airport thinking i need to do it that way and still no luck. Please help.

  As long as you intend to do this over ethernet it will work.. you cannot easily wireless repeat or bridge to an apple router.. you would need specific hardware to do it.
  What is the exact model of netgear you have?
  The setup method depends on the functionality of the router.. but lets assume it does not have a bridge or WAP mode.
  You use WAN bypass.
  1. Setup the Netgear with IP address in the correct IP range for the rest of the network.. it is hard to talk generalities so lets say the apple is main router and your network is now 10.0.1.x .. then set the Netgear to 10.0.1.250 (apple uses IP 2-200 by default) you can use any value you like outside the DHCP range. Up to the limit which is 254 as long as you keep track of all static IP devices. Apply this setting and power cycle the router.. and you might need to power cycle the computer as well to pick up the new IP.
  2. Turn off the DHCP server in the Netgear. You may lose connection to the netgear now.. do not worry about it.. (this can be combined with one.. if you firstly turn off dhcp before you change the IP.. but whatever is possible.. at some point you will need to change around and if you forget what IP .. you will be in a mess.. so write it on a label and stick on the base of the router.. also without dhcp you will either need to reset router to factory using reset button or use static ip on the computer. )
  3. Plug ethernet from LAN of the main router to LAN of the Netgear. Reboot the whole network is often necessary.
  4. In your computer plugged somewhere in the network.. open browser and go to the address you set.. 10.0.1.250 in my example.
  5. You can then setup the Netgear to do whatever you like.. DIsk access is fine.. wireless is fine.. it just cannot be a router.
  Many many reboots if you get lost. Hit reset and start over.

• Prompt never appears in a 2602i access point

  Hello:
  Today I converted an AIR-CAP2602I-A-K9 access point to autonomous using the mode button/tftp method, but no matter what IOS I install (I tried 2 different IOS and also tried entering to Rommon - I am able to change IOS because the procedure I used does not need any command), i never get to see the prompt so that I can introduce commands to configure the AP. It's like it hangs after "succesfully" initializing
  The only thing I can see all the time are "normal" console messages, and It shows no error message at all.  It happened even before the downgrade.
  This is where the AP stops, but it is not really hung because console messages could keep showing up. It just never gets to the promt so I can enter some commands. Would not even acept Enter.
  Cisco IOS Software, C2600 Software (AP3G2-K9W7-M), Version 15.2(4)JA1, RELEASE SOFTWARE (fc2)
  Technical Support: http://www.cisco.com/techsupport
  Copyright (c) 1986-2013 by Cisco Systems, Inc.
  Compiled Tue 30-Jul-13 23:12 by prod_rel_team
  Initializing flashfs...
  flashfs[3]: 200 files, 7 directories
  flashfs[3]: 0 orphaned files, 0 orphaned directories
  flashfs[3]: Total bytes: 31739904
  flashfs[3]: Bytes used: 14286848
  flashfs[3]: Bytes available: 17453056
  flashfs[3]: flashfs fsck took 9 seconds.
  flashfs[3]: Initialization complete.
  flashfs[4]: 0 files, 1 directories
  flashfs[4]: 0 orphaned files, 0 orphaned directories
  flashfs[4]: Total bytes: 11999232
  flashfs[4]: Bytes used: 1024
  flashfs[4]: Bytes available: 11998208
  flashfs[4]: flashfs fsck took 0 seconds.
  flashfs[4]: Initialization complete.
  Copying radio files from flash: to ram:
  Copy in progress...CCCCC
  Copy in progress...CCC
  Copy in progress...CCCC
  Copy in progress...CCCC
  Copy in progress...CC
  Uncompressing radio files...
  ...done Initializing flashfs.
  Radio0  present 8764 8000 0 A8000000 A8010000 0
  Rate table has 244 entries (64 SGI/104 BF variants)
  Radio1  present 8764 8000 0 88000000 88010000 4
  This product contains cryptographic features and is subject to United
  States and local country laws governing import, export, transfer and
  use. Delivery of Cisco cryptographic products does not imply
  third-party authority to import, export, distribute or use encryption.
  Importers, exporters, distributors and users are responsible for
  compliance with U.S. and local country laws. By using this product you
  agree to comply with applicable laws and regulations. If you are unable
  to comply with U.S. and local laws, return this product immediately.
  A summary of U.S. laws governing Cisco cryptographic products may be found at:
  http://www.cisco.com/wwl/export/crypto/tool/stqrg.html
  If you require further assistance please contact us by sending email to
  [email protected].
  cisco AIR-SAP2602I-A-K9 (PowerPC) processor (revision A0) with 180214K/81920K bytes of memory.
  Processor board ID FGL1716S0Q6
  PowerPC CPU at 800Mhz, revision number 0x2151
  Last reset from power-on
  1 Gigabit Ethernet interface
  2 802.11 Radios
  32K bytes of flash-simulated non-volatile configuration memory.
  Base ethernet MAC Address: BC:16:65:95:A7:C3
  Part Number                          : 73-14588-02
  PCA Assembly Number                  : 800-37899-01
  PCA Revision Number                  : A0
  PCB Serial Number                    : FOC17151DSW
  Top Assembly Part Number             : 800-38356-01
  Top Assembly Serial Number           : FGL1716S0Q6
  Top Revision Number                  : A0
  Product/Model Number                 : AIR-CAP2602I-A-K9   
  Press RETURN to get started!
  *Mar  1 00:00:11.819: %IFMGR-7-NO_IFINDEX_FILE: Unable to open nvram:/ifIndex-table No such file or directory
  *Mar  1 00:00:11.935: FIPS IOS test Image Checksum successful
  *Mar  1 00:00:11.935: FIPS IOS test Crypto RNG DEK Key Test successful
  *Mar  1 00:00:11.939: FIPS IOS test SHA-1 successful
  *Mar  1 00:00:11.939: FIPS IOS test HMAC-SHA1 successful
  *Mar  1 00:00:11.939: FIPS IOS test AES CBC 128-bit Encrypt successful
  *Mar  1 00:00:11.939: FIPS IOS test AES CBC 128-bit Decrypt successful
  *Mar  1 00:00:11.939: FIPS IOS test IOS AES CMAC Encrypt successful
  *Mar  1 00:00:11.939: FIPS IOS test IOS CCM Encrypt successful
  *Mar  1 00:00:11.939: FIPS IOS test IOS CCM Decrypt successful
  *Mar  1 00:00:11.939: FIPS IOS test RSA Signature Generation successful
  *Mar  1 00:00:11.939: FIPS IOS test RSA Signature Verification successful
  *Mar  1 00:00:11.939: %SOAP_FIPS-2-SELF_TEST_IOS_SUCCESS: IOS crypto FIPS self test passed
  *Mar  1 00:00:18.863: FIPS RADIO test AES 128-bit encrypt for TX on Dot11Radio 0 successful
  *Mar  1 00:00:18.863: FIPS RADIO test AES 128-bit CCM encrypt on Dot11Radio 0 successful
  *Mar  1 00:00:18.863: FIPS RADIO test AES 128-bit CCM decrypt on Dot11Radio 0 successful
  *Mar  1 00:00:18.863: FIPS RADIO test AMAC AES 128-bit CMAC encrypt on Dot11Radio 0 successful
  *Mar  1 00:00:18.863: %SOAP_FIPS-2-SELF_TEST_RAD_SUCCESS: RADIO crypto FIPS self test passed on interface Dot11Radio 0
  *Mar  1 00:00:24.991: FIPS RADIO test AES 128-bit encrypt for TX on Dot11Radio 1 successful
  *Mar  1 00:00:24.991: FIPS RADIO test AES 128-bit CCM encrypt on Dot11Radio 1 successful
  *Mar  1 00:00:24.991: FIPS RADIO test AES 128-bit CCM decrypt on Dot11Radio 1 successful
  *Mar  1 00:00:24.991: FIPS RADIO test AMAC AES 128-bit CMAC encrypt on Dot11Radio 1 successful
  *Mar  1 00:00:24.991: %SOAP_FIPS-2-SELF_TEST_RAD_SUCCESS: RADIO crypto FIPS self test passed on interface Dot11Radio 1
  *Mar  1 00:00:25.007: initializing dot11 onplus
  *Mar  1 00:00:25.259: not a autoconfig enabled device!!!
  *Mar  1 00:00:27.039: %LINK-6-UPDOWN: Interface GigabitEthernet0, changed state to up
  *Mar  1 00:00:28.039: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0, changed state to down
  *Mar  1 00:01:13.383: Starting Ethernet promiscuous mode
  *Apr 12 07:12:42.000: %LINK-5-CHANGED: Interface Dot11Radio0, changed state to administratively down
  *Apr 12 07:12:42.000: %LINK-5-CHANGED: Interface Dot11Radio1, changed state to administratively down
  *Apr 12 07:12:42.003: %CDP_PD-4-POWER_OK: Full power - AC_ADAPTOR inline power source
  *Apr 12 07:12:42.011: %SYS-5-RESTART: System restarted --
  Cisco IOS Software, C2600 Software (AP3G2-K9W7-M), Version 15.2(4)JA1, RELEASE SOFTWARE (fc2)
  Technical Support: http://www.cisco.com/techsupport
  Copyright (c) 1986-2013 by Cisco Systems, Inc.
  Compiled Tue 30-Jul-13 23:12 by prod_rel_team
  *Apr 12 07:12:42.011: %SNMP-5-COLDSTART: SNMP agent on host ap is undergoing a cold start
  *Apr 12 07:12:42.991: %LINEPROTO-5-UPDOWN: Line protocol on Interface BVI1, changed state to up
  *Apr 12 07:12:42.999: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio0, changed state to down
  *Apr 12 07:12:42.999: %LINEPROTO-5-UPDOWN: Line protocol on Interface Dot11Radio1, changed state to down
  *Apr 12 07:12:44.651: %SOAP_FIPS-2-SELF_TEST_HW_SUCCESS: HW crypto FIPS self test passed
  *Apr 12 07:12:44.651: DPAA Initialization Complete
  *Apr 12 07:12:44.651: %SYS-3-HARIKARI: Process DPAA INIT top-level routine exited
  *Apr 12 07:12:44.971: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0, changed state to up  <--- CURSOR STOPS HERE AND WON'T ACCEPT ENTER OR ANY OTHER  KEYBOARD ACTION
  Any thoughts?
  Best regards and thanks in advance

  Leo, I'm usign SecureCrt, so I disabled XON/XOFF and DTR/DSR as usual, but was not disabling RTS/CTS, so I did and now it is working. Thank you very much!
   

• Single access point with multiple ssids and single channel possible?

  Hi everybody.
  I have this silly question.
  Let say we have three vlans, vlan1,2,3  and they are mapped to wlans as follows:
  Vlan 1  ssid1
  Vlan 2 ssid2
  Vlan3 ssid 3
                    AP --------trunk------Switchted network.
  Our Ap  has mobile devices in three wlans, i.e ssid1ssid2 and ssid3
  Since AP uses half duplex mode,  mobile devices need positive ack from ap  before they can send data,  therefore once channel let say channel 3( assuming 802.11b is used) can be shared by all mobile devices in three wlans.  
  Is  my understanding correct?
  Thanks and have a great weekend.

  Hii ,
  Yes ,that is pretty much possible as suggested by other experts on board. Depending on your access point you will have 1 (2.4 GHz) or  both 2.4 & 5GHz radios.
  You can configure multiple SSIDs (up to 16 ) known as MBSSID mode in autonomous environment. In Controller based architecture you can configure up to 512 WLAN (SSID) and transmit any 16 of them per AP (using AP group feature). However , it is recommended to keep multiple SSID count below 8 as for each SSID separate beacon will be sent on air which consumes more air time.
  Hope this helps
  Thanks
  Vinay

• IOS 6.0.1 - Problems with certificate based authentication on wireless access point

  Hi all
  We are using iPad 2 as order terminals in our shops for about 5 months. Some of the iPads (the first who entered the field) started to cause problems now. These iPads are no longer able to keep long-term connection to the wireless access point in our stores. After selecting the SSID a successful authentication using the stored EAP-TLS certificate is performed (this can be seen in the log files of our wireless controller and by the IP adress that is given by DHCP). But within seconds the affected iPads opening up a captive portal page (empty, without contents) and separates the connection to the SSID after a short time again.
  Affected are currently only iPads 2 with iOS 6.0.1, which were staged about 5 months ago. The newer devices with iOS 6.1+ connect without problems and open no captive portal page. The first cases occurred on the last Wednesday. Before that everything worked without difficulty. No modifications took place on the security structure.  The numbers of affected devices increased until all iOS 6.0.1 were affected.
  Access to other SSIDs (without use of certificates, by entering a key) for the devices is still possible (the devices does not open an captive portal page). The DHCP scope is not used up, so there are enough IP addresses available.
  "Newer iPads" with an iOS of 6.1+ are are showing no problems on the same wireless access point, where the older devices are rejected. New and old devices use the same certificates and authentication mechanisms.
  In the analysis of the issue, it turned out that  the problem can be solved by an update to iOS 6.1.3. Subsequently, the iPads will be able to rebuild a connection with the access point, without a captive portal page.
  Since the bandwidth is very narrow dimensioned in our stores, the communication of the iPads was severely restricted. Thus, the iPads are for exampleare accessible for the APNS but can not find iOS updates or check for their availability.
  A comprehensive update to iOS 6.1.3 is currently excluded.
  Does anyone knows this issue? What else can be done (except from updating)?

  I will answer my own question in case it helps anyone else.
  It would "seem" the ios 6 devices try the proxy and if that is not working they resort to the def gateway.
  To Fix I did the following:
  Brocade WIFI network has IPS and Advanced Firewall rules that seemed to be tthwarting some traffic, the iphones would then try the default gateway and be blocked at the FW. 
  I disabled the IPS and the Advanced Firewall Settings on the wifi as they are redundant to our main IPS and firewall that all traffic flows through anyway.  I will tune it later, but when the CEO is demanding a fix "**** the security, full speed ahead"
  Created some rues on the firewall to allow...
  - IMAP-SSL (port993) outbound
  - SMTPS (port 465) to yahoo servers outbound
  - tcp port 587 to yahoo servers outbound
  - https to akamai servers
  Most http and https goes through the proxy as it should, BUT...
  It seems that the akamai traffic allways ignores the wifi proxy settings and just heads straight for the default gateway.  I suspect there is a bug in the icloud app? 
  Hope this helps someone else.
  -Bo

• WRT310N as a "Wireless Access Point"

  Hello,
  I am in the market for a wireless device to add to an existing subnet.  I see many tutorials regarding routers as wireless access points, but I am not sure if this device will work.
  My plan is to connect one of the switch ports to an existing switch and not use/configure the WAN port.
  I would rather purchase a router then a true WAP do to the fact that it can also act as a router (should I need it later), whereas a WAP cannot.
  Any thoughts on this is appreciated.

  Well try upgrading the firmware of the router & keep on holding tightly
  the reset button in such a way that power light is blinking on the
  router & then do a complete network power cycle i.e., unplug the power
  cables from the modem & from the router & then plug in the power cable
  to the modem first once all the lights are solid green you could plug
  in the power cable to the router & check out it will definately work!! 
  Open the setup page of router using 192.168.1.1 then put in the
  password as admin...all you need to do is do the wireless settings such
  as Radio Band Frequency to Standard 20 MHZ frequency,channel to 11.
  Also,the advanced wireless settings to Beacon Interval=50,Frag
  thres=2306 & Rts thres=2307 & then uncheck a Block Anonymous Internet
  Requests & it will definately work!!!