5508 WLC not releasing DHCP addresses
Have a WLC 5508 running 7.0.230 with internal DHCP server. Timeout is 3600 seconds. The IP addresses never seem to be released.
The controller will show 70 clients but 254 addresses will be assigned. Has anyone else experienced this problem?
#Check "Lease remaining time" change in this value on the WLC for the clients that are not currently connected and already connected to it. Watch if its getting removed/refreshed once the lease time is expired.
#Cross reference with cli as well.
#If its an open wlan, client pass by will get an ip, so what admin seeing could be new client keep coming in and its an expected behavior.
#Find if time is static or client's dhcp entry doesn't remove once lease time expired.
#Per design, WLC doesn't release the internal dhcp ip when the client sends deauth to WLC, however, it should when the timer gets expired for clients that were currently not connected.
Similar Messages
-
1142 Autonomous AP not passing DHCP address to clients
Hi there,
I do hope someone can help me out here because I am having a nightmare with a single AP.
Setup is as follows:
5 existing APs already on site, all working correctly plugged into a 48 port 2960, (non poe).
customer wants to add another AP to extend capacity.
Installed AP, (config attached) mirrored switchport settings, (below) and fired it up.
Outcome: if you are on a static IP or have received DHCP through another AP then everything works as it should. But DHCP requests are never fulfilled if connected through this AP. (this goes also for a laptop with an existing DHCP address if you go through the \release \renew process) DHCP is served by a server living on the switch.
The AP lives on VLAN 2, hence native .2 on both ends, and wireless clients should recieve a VLAN 1 address. All the other APs, (1131s) are working without a problem and this is driving me NUTS! Have been through configs and every screen of the GUI but cant find any difference in set up. Apart from different AP models the new one is on a pwrinj4 while the others are on pwrinj3's.
Switchport settings:
interface GigabitEthernet0/1
description Connect to wireless AP
switchport trunk native vlan 2
switchport trunk allowed vlan 1,2,1002-1005
switchport mode trunk
AP Config
aaa authentication login default local
aaa authentication enable default enable
aaa authorization exec default local
aaa authorization network default local
aaa session-id common
dot11 vlan-name *** vlan 1
dot11 vlan-name *** vlan 2
dot11 ssid ***
vlan 1
authentication open
authentication key-management wpa optional
wpa-psk hex ***
username manager privilege 15 password ***
username user privilege 0 password ***
bridge irb
interface Dot11Radio0
no ip address
no ip route-cache
encryption key 2 size 128bit *** transmit-key
encryption mode ciphers tkip wep128
encryption vlan 1 key 2 size 128bit *** transmit-key
encryption vlan 1 mode ciphers tkip wep128
ssid ***
channel 1
station-role root
interface Dot11Radio0.1
encapsulation dot1Q 1
no ip route-cache
bridge-group 254
bridge-group 254 subscriber-loop-control
bridge-group 254 block-unknown-source
no bridge-group 254 source-learning
no bridge-group 254 unicast-flooding
bridge-group 254 spanning-disabled
interface Dot11Radio0.2
encapsulation dot1Q 2 native
no ip route-cache
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
bridge-group 1 spanning-disabled
interface Dot11Radio1
no ip address
no ip route-cache
encryption key 2 size 128bit *** transmit-key
encryption mode ciphers tkip wep128
encryption vlan 1 key 2 size 128bit *** transmit-key
encryption vlan 1 mode ciphers tkip wep128
ssid ***
no dfs band block
channel dfs
station-role root
interface Dot11Radio1.1
encapsulation dot1Q 1
no ip route-cache
bridge-group 254
bridge-group 254 subscriber-loop-control
bridge-group 254 block-unknown-source
no bridge-group 254 source-learning
no bridge-group 254 unicast-flooding
bridge-group 254 spanning-disabled
interface Dot11Radio1.2
encapsulation dot1Q 2 native
no ip route-cache
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
bridge-group 1 spanning-disabled
interface GigabitEthernet0
no ip address
no ip route-cache
duplex auto
speed auto
interface GigabitEthernet0.1
encapsulation dot1Q 1
no ip route-cache
bridge-group 254
no bridge-group 254 source-learning
bridge-group 254 spanning-disabled
interface GigabitEthernet0.2
encapsulation dot1Q 2 native
no ip route-cache
bridge-group 1
no bridge-group 1 source-learning
bridge-group 1 spanning-disabled
ip http server
no ip http secure-server
ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag
control-plane
bridge 1 route ip
line con 0
transport preferred all
transport output all
line vty 0 4
transport preferred all
transport input all
transport output all
line vty 5 15
transport preferred all
transport input all
transport output all
interface dot11Radio 0
ssid ***
no shutdown
interface dot11Radio 1
ssid ***
no shutdown
power inline negotiation injector installed
interface BVI1
ip address 10.25.97.245 255.255.255.0
no ip route-cache
ip default-gateway 10.25.97.1Hi Scott,
Yes, the only difference is as this is a 1142 I was instructed to put it onto one fo the Gb ports. I tried the Ap on a known working port to rule out switch config to no effect.
Here is the extended switch config:
interface FastEthernet0/44
description Connect to wireless AP
switchport trunk native vlan 2
switchport trunk allowed vlan 1,2,1002-1005
switchport mode trunk
spanning-tree portfast
interface FastEthernet0/45
description Connect to wireless AP
switchport trunk native vlan 2
switchport trunk allowed vlan 1,2,1002-1005
switchport mode trunk
spanning-tree portfast
interface FastEthernet0/46
description Connect to wireless AP
switchport trunk native vlan 2
switchport trunk allowed vlan 1,2,1002-1005
switchport mode trunk
spanning-tree portfast
interface FastEthernet0/47
description Connect to wireless AP
switchport trunk native vlan 2
switchport trunk allowed vlan 1,2,1002-1005
switchport mode trunk
spanning-tree portfast
interface FastEthernet0/48
description Connect to wireless AP
switchport trunk native vlan 2
switchport trunk allowed vlan 1,2,1002-1005
switchport mode trunk
spanning-tree portfast
interface GigabitEthernet0/1
description Connect to wireless AP
switchport trunk native vlan 2
switchport trunk allowed vlan 1,2,1002-1005
switchport mode trunk
interface FastEthernet0/44
description Connect to wireless AP
switchport trunk native vlan 2
switchport trunk allowed vlan 1,2,1002-1005
switchport mode trunk
spanning-tree portfast
interface FastEthernet0/45
description Connect to wireless AP
switchport trunk native vlan 2
switchport trunk allowed vlan 1,2,1002-1005
switchport mode trunk
spanning-tree portfast
interface FastEthernet0/46
description Connect to wireless AP
switchport trunk native vlan 2
switchport trunk allowed vlan 1,2,1002-1005
switchport mode trunk
spanning-tree portfast
interface FastEthernet0/47
description Connect to wireless AP
switchport trunk native vlan 2
switchport trunk allowed vlan 1,2,1002-1005
switchport mode trunk
spanning-tree portfast
interface FastEthernet0/48
description Connect to wireless AP
switchport trunk native vlan 2
switchport trunk allowed vlan 1,2,1002-1005
switchport mode trunk
spanning-tree portfast
interface GigabitEthernet0/1
description Connect to wireless AP
switchport trunk native vlan 2
switchport trunk allowed vlan 1,2,1002-1005
switchport mode trunk
Not sure about the spanning tree settings on the others: I didnt set those up and am a great believer in the "if it aint broke, dont fix it" maxim! -
Not getting DHCP address on HP 8000 Elite
I'm using the Feb 2010 CD. Windows 2003 DHCP server
Boot with the cd and no dhcp address.
If I type "dhcpcd eth0 -n" enough times I will eventually get an address, although the first time it's usually "err, eth0: Failed to lookup hostname via DNS: Name or service not known"
The same CD works OK with a HP dc7900, dc7800, etc. It looks like they all have the same Intel e1000e nic, but maybe no?I'm starting to investigate issues that may be similar to yours and I had a
thought that I thought I'd share with you ;-)
In what may be a related situation one of our admins is having issues with
the dhcp client on an openSUSE 11.1 (and 11.2) during and after the install
on some Dell servers. Sometimes the dhcp client will not get an ip address.
After some poking he found that there are in fact two dhcp clients available
: dhcpcd (dhcp client daemon) and dhclient (package is called dhcp-client).
The default client in openSUSE - and presumably the Linux environment of
ZENworks Imaging - is dhcpcd v3.x. It seems that there are a number of
reports of this client being problematic. The maintainer of this client has
recently released v5.x which may resolve the issues with v3.x.
In our testing on openSUSE dhclient works much more reliably than dhcpcd,
where "more" is equal to 100%. None of this helps us of course, but it is
background info that leads up to my idea: is it possible to use the other
client, dhclient in the ZEN Linux environment? I don't know if this client
is even included in the ZEN Imaging Linux environment or not. If it isn't
then maybe it might be possible to modify the initrd/root/linux files to
include it. This would at least let you have another means of acquiring a
dhcp ip address. I'm sorry that I do not have the Linux skills to do more
than make a suggestion...
Cheers,
Ron
PS I have submitted an enhancement request via the openFATE website to have
the dhcp client daemon upgraded to v5.x. Maybe if you think it a good idea
you could login to the openFATE portal and vote it up! -
Hyper-V - Legacy NIC not getting DHCP address at boot, but when OS loads the NIC gets a DHCP address
Hi, I have a strange issue with DHCP.
I have a lab environment on a single Hyper-v 2012 Server. AD, DNS & DHCP exist on a single virtual machine, I have a flat network 192.168.1.x, all VM's are on this network. I have authorised DHCP and Setup the scope.
A VM has a legacy adaptor, the legacy nic is configured in the boot order as the first device.
When I boot the machine I do not get a DHCP address, however when the OS boots the Legacy NIC then gets a DHCP address??
I need to use a legacy NIC as I need to PXE boot the VM, however I should get an IP address at boot time, which I don't get.
I have run Wireshark on the DHCP server, I can see the legacy NIC do a "DHCP Discover and the DHCP Server respond with a DHCP Offer" however all communication ends there. I have disable all firewalls and I see no reason for this not to work.
I have done tis before with no issues but I am unable to get this to work on this server!!!!!Hi
According to your description , it is recommended to make sure or do :
In your environment , there is no any other valid DHCP, BOOTP or proxy DHCP offers.
Make sure if the DHCP server is overload.
So suggest to test that creating a new “internal virtual switch” and change the settings of VM which provide DHCP service to connect to the new “virtual switch”.
Then create a new VM use legacy NIC also connect to the new “internal virtual switch” and try to PXE Boot.
Hope this helps.
Best Regards
Elton ji
We
are trying to better understand customer views on social support experience, so your participation in this
interview project would be greatly appreciated if you have time.
Thanks for helping make community forums a great place. -
Apple devices, not releasing IP addresses
Hi,
We have a Cisco 4400 controller and a mix of 1010 and 1131 access points.
We have been running out of IP's on our DHCP server because the apple devices are not releasing there IP's.
If you have experienced the same problem, could you let me know how you solved the issue please?
Kind regards,
JamieWe've run into a similar issue and we tried lowering the dhcp lease time to 1 hour and this has provided some relief so far.
Sent from Cisco Technical Support iPad App -
I've been having problems with my broadband connection for a few days and according to my ISP there is nothing wrong with the line or modem. They've told me that the cause of the problem is that my computers aren't releasing the IP addesses. Even when you try to force them to renew the DHCP lease nothing happens. This is happening on a PowerBook, iBook and a Win XP laptop. They are all showing the same IP address. I've tried reseting the AEBS etc and this worked once at the weekend but not since. My ISP has said that my computers all need to go for 'repair' to sort the problem which I'm not convinced is right. Is it not the airport that issues the new IP address rather than the computer releasing it?
I'm using a 6 month old extreme with a cable modem broadband setup.
I've also dug out my old slightly dodgy (signal drops a lot) graphite airport to try today but although I managed to get it giving strong signal, same IP address as other one and no internet connection when open browser, exactly the same as happens with extreme.
By the way, nothing else has changed, the network settings are correct and has been working perfectly up to now.
Any one know whats wrong or what I can do about it?
Please help!
Clare.
PowerBook, iBook, iMac Mac OS X (10.3.9) Airport ExtremeWoo Hoo!
As of this morning I'm back on broadband! Despite doing nothing at this end which completely validates the techs at Telewest being usless. The fact that two of them kept putting me on hold every 30 secs when I didn't give them answers they wanted as they went and looked up their manual was also a clue...
I connected the modem directly to PB and iBook at the weekend but it didn't work which made me more convinced it was at fault with ISP, but they thought otherwise as apparently my modem was responding to them when the tested from their end.
As my broadband has been working perfectly for the past 5 years I've never had much reason to be concerned with network settiings and how IP addesses work but over the pat few days I've had a bit of a crash course! I was begining to work it out in my head through trial and error so thanks for explaining it.
It looks like it was indeed a problem on the line. Hopefully thats the last of it. What was annoying me was that last monday broadand went down as well and when called ISP without them asking a lot of questions they told me somebody had already reported a fault and it would be fixed in a few hours which it was. However when it went again on saturday, they of course asked what OS I was on and the mention of apple resulted in ten million question and the fact that I'd repeatedly checked everything at this end before I'd called stumped them. They insisted that it wasn't right that the IP was the same therefore it must be my mac and it needed to be sent away, all 3 of them that is, and the Win laptop too for good measure!!
I now have dial up installed so never again will I have to take their word for it.
Thanks for yourr help
Clare.
iBook, PowerBook, iMac Mac OS X (10.2.x)
iBook 800MHz Mac OS X (10.2.x) -
WLC2412-Clients Not receiving DHCP addresses
I recently upgraded a clients WLC and they keep saying they are unable to get an IP address from the DHCP server. It's a simple, flat network and here is what the logs are showing. Any advice would be greatly appreciated.
*apfReceiveTask: Apr 11 13:37:25.477: %SIM-3-DHCP_SERVER_NO_REPLY: sim_interface.c:1039 Failed to get DHCP response on interface 'management'. Marking interface dirty.
*apfReceiveTask: Apr 11 13:37:17.278: %SIM-3-DHCP_SERVER_NO_REPLY: sim_interface.c:1039 Failed to get DHCP response on interface 'management'. Marking interface dirty.
*apfReceiveTask: Apr 11 13:37:05.880: %SIM-3-DHCP_SERVER_NO_REPLY: sim_interface.c:1039 Failed to get DHCP response on interface 'management'. Marking interface dirty.
*apfReceiveTask: Apr 11 13:13:47.397: %SIM-3-DHCP_SERVER_NO_REPLY: sim_interface.c:1039 Failed to get DHCP response on interface 'management'. Marking interface dirty.
*apfReceiveTask: Apr 11 13:37:25.477: %SIM-3-DHCP_SERVER_NO_REPLY: sim_interface.c:1039 Failed to get DHCP response on interface 'management'. Marking interface dirty.
*apfReceiveTask: Apr 11 13:37:17.278: %SIM-3-DHCP_SERVER_NO_REPLY: sim_interface.c:1039 Failed to get DHCP response on interface 'management'. Marking interface dirty.
*apfReceiveTask: Apr 11 13:37:05.880: %SIM-3-DHCP_SERVER_NO_REPLY: sim_interface.c:1039 Failed to get DHCP response on interface 'management'. Marking interface dirty.
*apfReceiveTask: Apr 11 13:13:47.397: %SIM-3-DHCP_SERVER_NO_REPLY: sim_interface.c:1039 Failed to get DHCP response on interface 'management'. Marking interface dirty.(Cisco Controller) show>interface detailed management
Interface Name................................... management
MAC Address...................................... 64:00:f1:91:5d:40
IP Address....................................... 192.168.8.3
IP Netmask....................................... 255.255.255.0
IP Gateway....................................... 192.168.8.1
External NAT IP State............................ Disabled
External NAT IP Address.......................... 0.0.0.0
VLAN............................................. 8
Quarantine-vlan.................................. 0
Physical Port.................................... 1
Primary DHCP Server.............................. 192.168.8.49
Secondary DHCP Server............................ Unconfigured
DHCP Option 82................................... Disabled
ACL.............................................. Unconfigured
AP Manager....................................... No
Guest Interface.................................. No
L2 Multicast..................................... Enabled -
WLC not pass DHCP past bridged units
I have a WLC 5508 with LWAP 1242 with wireless bridges connected to the APs I cannot get DHCP to pass through the bridge to the PC connected to the bridge.
Some third-party WGBs need to operate in non-DHCP relay mode. If problems occur with the DHCP assignment on devices behind the non-Cisco WGB, use the following commands:
–config dhcp proxy disable
–config dhcp proxy disable bootp-broadcast disable
The default state is DHCP proxy enabled.
the above commands introduced from 7.0.116.0. -
Router not issusing DHCP addresses to AP clients
So I have configured a DHCP pool on my router to issue DHCP leases to wireless clients in my network - the clients can see the SSID broadcasting and can connect successfully. The only problem is that they don't receive an IP address.
IPCONFIG shows the 169.254 etc address...the network status shows "Limited or no connectivity" when hovering over the icon.
We used to have the clients receive their leases from a server which worked with the IP helper command...is there something simple I'm missing here?
Thanks in advance.Please see below...
Last configuration change at 16:18:21 UTC Thu Jul 10 2014 by admin
version 15.2
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
hostname XXX
boot-start-marker
boot-end-marker
logging buffered 51200 warnings
no aaa new-model
ip cef
ip dhcp excluded-address 10.26.129.1
ip dhcp excluded-address 10.26.129.253
ip dhcp excluded-address 10.26.129.254
ip dhcp excluded-address 10.26.129.2
ip dhcp pool guest
network 10.26.129.0 255.255.255.0
dns-server 208.67.222.222 208.67.220.220
default-router 10.26.129.1
interface Tunnel5
ip address 172.17.5.4 255.255.255.0
ip mtu 1400
ip tcp adjust-mss 1360
tunnel source 12.1xx.xx.xx
tunnel destination 199.4x.xxx.xx
interface Embedded-Service-Engine0/0
no ip address
shutdown
interface GigabitEthernet0/0
description Data Networks
no ip address
duplex auto
speed auto
interface GigabitEthernet0/0.1
description Main Data VLAN
encapsulation dot1Q 1 native
ip address 10.27.129.2 255.255.255.0
ip nat inside
ip virtual-reassembly in
interface GigabitEthernet0/0.3
description DMZ VLAN
encapsulation dot1Q 3
ip address 10.28.129.2 255.255.255.0
interface GigabitEthernet0/0.20
description Guest VLAN
encapsulation dot1Q 20
ip address 10.26.129.1 255.255.255.0
ip access-group 121 in
interface Serial0/0/0
description XXX
ip address 12.1xx.xx.xx 255.255.255.252
ip nat outside
ip virtual-reassembly in
encapsulation ppp
service-module t1 cablelength short 440ft
service-module t1 timeslots 1-24
ip forward-protocol nd
ip http server
ip http access-class 23
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
ip route 0.0.0.0 0.0.0.0 12.1xx.xx.xx
ip route 10.10.0.0 255.255.255.0 172.17.5.5
ip route 10.10.200.0 255.255.255.0 172.17.5.5
ip route 10.27.130.0 255.255.255.0 172.17.5.5
ip route 10.27.131.0 255.255.255.0 172.17.5.5
ip route 10.28.129.0 255.255.255.0 10.27.129.1
ip route 129.155.20.0 255.255.252.0 10.27.129.1
ip route 129.155.84.0 255.255.252.0 10.27.129.1
ip route 129.155.168.0 255.255.248.0 10.27.129.1
ip route 172.17.0.0 255.255.255.0 172.17.5.5
ip route 172.17.2.0 255.255.255.0 172.17.5.5
ip route 172.17.3.0 255.255.255.0 172.17.5.5
ip route 192.168.2.0 255.255.255.0 172.17.5.5
access-list 2 permit 12.2xx.xx.xx
access-list 2 permit 10.27.129.0 0.0.0.255
access-list 2 permit 192.168.2.0 0.0.0.255
access-list 2 permit 10.27.131.0 0.0.0.255
access-list 2 permit 10.27.130.0 0.0.0.255
access-list 2 permit 10.10.0.0 0.0.0.255
access-list 2 permit 10.10.200.0 0.0.0.255
access-list 2 permit 12.2xx.xxx.xxx 0.0.0.7
access-list 2 permit 172.17.5.0 0.0.0.255
access-list 2 permit 199.4x.xxx.xxx 0.0.0.15
access-list 2 permit 10.26.129.0 0.0.0.255
access-list 121 permit tcp any host 10.27.129.31 eq 67
access-list 121 permit udp any host 10.27.129.31 eq bootps
access-list 121 permit ip any any
access-list 121 permit ip 10.26.129.0 0.0.0.255 host 10.14.0.6
access-list 121 deny ip 10.26.129.0 0.0.0.255 10.0.0.0 0.255.255.255
access-list 121 deny ip 10.26.129.0 0.0.0.255 172.16.0.0 0.15.255.255
access-list 121 deny ip 10.26.129.0 0.0.0.255 192.168.0.0 0.0.255.255
access-list 121 deny icmp 10.26.129.0 0.0.0.255 10.0.0.0 0.255.255.255
access-list 121 deny icmp 10.26.129.0 0.0.0.255 172.16.0.0 0.15.255.255
access-list 121 deny icmp 10.26.129.0 0.0.0.255 192.168.0.0 0.0.255.255
control-plane
line con 0
login local -
Windows server 2008r2 not releasing ip address
HI,
I m using Windows server 2008 R2, suddenly it stop issuing IP address to the Clients.
What Could be the reason
Regards,
BhupenderHello,
the DHCP scope is run out of available leases.
Best regards
Meinolf Weber
MVP, MCP, MCTS
Microsoft MVP - Directory Services
My Blog: http://msmvps.com/blogs/mweber/
Disclaimer: This posting is provided AS IS with no warranties or guarantees and confers no rights. -
ABS not distributing DHCP addresses via hub
Hi --
My home network based on an original Airport Extreme (about 3 years old) was working fine until about two weeks ago, but now I have intermittent problems.
The most serious network problem is that computers with wireless connections are working OK -- they get to the internet with no problem -- but the wired devices (Mac G4, Mac G5, Dell PC, HP printer, Sonos media streamer, all connected via a hub) have lost their local 10.0.1.x addresses and can't acquire new ones. I can't print from any system, and the wired computers can't connect to the internet. The first time this happened I was able to fix it by changing settings on the base station (turning on "interface robustness") but now messing with settings doesn't help.
A less serious problem is the base station loses its internet connection about once a day. This problem is resolved by disconnecting power from the ABS and restarting it.
A suspicious coincidence is that both problems started about the time I bought the two new handsets for our wireless phone system. The phones are 5.8 GHz Panasonic KX series. There used to be 3 handsets, now there are 5. I moved the phone base station away from the ABS but that didn't affect anything.
Has anybody else had ABS problems where wireless connections are OK but wired hub connections don't work? Or problems with interference with 5.8GHz phones? Any other ideas or suggestions?
Original Airport Extreme Base Station Mac OS X (10.4.9)Hi --
My home network based on an original Airport Extreme (about 3 years old) was working fine until about two weeks ago, but now I have intermittent problems.
The most serious network problem is that computers with wireless connections are working OK -- they get to the internet with no problem -- but the wired devices (Mac G4, Mac G5, Dell PC, HP printer, Sonos media streamer, all connected via a hub) have lost their local 10.0.1.x addresses and can't acquire new ones. I can't print from any system, and the wired computers can't connect to the internet. The first time this happened I was able to fix it by changing settings on the base station (turning on "interface robustness") but now messing with settings doesn't help.
A less serious problem is the base station loses its internet connection about once a day. This problem is resolved by disconnecting power from the ABS and restarting it.
A suspicious coincidence is that both problems started about the time I bought the two new handsets for our wireless phone system. The phones are 5.8 GHz Panasonic KX series. There used to be 3 handsets, now there are 5. I moved the phone base station away from the ABS but that didn't affect anything.
Has anybody else had ABS problems where wireless connections are OK but wired hub connections don't work? Or problems with interference with 5.8GHz phones? Any other ideas or suggestions?
Original Airport Extreme Base Station Mac OS X (10.4.9) -
VWLC clients getting DHCP address from management VLAN
Hi,
We have a strange scenario whereby some wireless employees are obtaining addresses from the management VLAN.
Some details:
DHCP managed by MS DHCP 2008 R2 (in remote data centre)
Cisco vWLC AIR-CTVM-K9 running v7.6.110.0
AP's are a mix of 2602 and 3702 (46 and 2 of each respectively)
SSID's are employee, guest, and production devices (all mapped to their own interface with relevant VLAN tag as per normal)
AP's all in FlexConnect mode as per vWLC caveats
Some employees are receiving addresses in the wireless management VLAN. This network only has six DHCP addresses available as it is solely for AP's, WLC and HSRP gateway. Obviously this gets exhausted very quickly leaving us with a scenario where clients are not obtaining DHCP addresses.
I understand that with FlexConnect mode, it will assign IP's from the native VLAN. What I don't understand is why most clients receive addresses in the correct VLAN, but a handful do not, and then cannot get an address from DHCP. Obviously the ideal scenario would be to put the AP's into local mode but unless this has changed in a SW release then I don't believe it's possible...
My question is: How do I get ALL the employees to obtain addresses from their interface and not the management VLAN?
Thanks in advance.Hi,
I think we need a closer look to your configurarion to eliminate some possibilities:
- What is the WLAN security you choose?
- What is the interface that is configured under the WLAN?
- Does your WLAN have local switching enabled?
- If your security is using RADIUS server, do you have AAA override enabled under the WLAN config?
- If your security is using RADIUS server, do you send any attributes to the users?
- You have eliminate that clients that got management vlan IPs are always on same AP or they can be on any AP.
HTH
Amjad -
IPhones not taking ipv4 addresses on Unified Wireless (WLC 5508 and AP 3602)
This is a really odd one...
Earlier this week we started having issues with our BYOD wireless network (802.1x, WPA2+AES) but only with Apple devices (iphone and ipad). Employees with Android or Windows phones are not having any problems at all.
A brief summary of what's observable for the issue:
Radius authentication succeeds (PASS observable in ACS logs)
IPhone status viewed on both controllers (foreign anchor in DMZ as well as corporate WLC) shows phone associated.
Debug client output shows an IPv4 address is actually being assigned to the phone however it appears to ignore it and restart the DHCP request process so debug output shows what looks to be a loop of DHCP request and offer stages.
Infrastructure notes
Cisco WLC 5508s are all running 7.4.121.0 (tried rolling back to 7.2.110.0 .....didn't help)
APs are all 3602I-N-K9
DHCP for the BYOD network is running on the anchor in the DMZ however this was temporarily moved to a switch (had no effect).
Any ideas?
DHCP Loop:
*mmListen: Apr 30 11:44:50.476: a4:c3:61:7a:1a:4f 0.0.0.0 RUN (20) Fast Path rule (contd...) 802.1P = 0, DSCP = 0, TokenID = 15206 Local Bridging Vlan = 93, Local Bridging intf id = 12
*mmListen: Apr 30 11:44:50.476: a4:c3:61:7a:1a:4f 0.0.0.0 RUN (20) Successfully plumbed mobile rule (IPv4 ACL ID 255, IPv6 ACL ID 255)
*pemReceiveTask: Apr 30 11:44:50.476: a4:c3:61:7a:1a:4f Set bi-dir guest tunnel for a4:c3:61:7a:1a:4f as in Export Anchor role
*pemReceiveTask: Apr 30 11:44:50.476: a4:c3:61:7a:1a:4f 0.0.0.0 Added NPU entry of type 1, dtlFlags 0x4
*pemReceiveTask: Apr 30 11:44:50.476: a4:c3:61:7a:1a:4f Pushing IPv6: fe80:0000:0000:0000: 0c00:0c94:459e:a9db , and MAC: A4:C3:61:7A:1A:4F , Binding to Data Plane. SUCCESS !!
*DHCP Socket Task: Apr 30 11:44:50.479: a4:c3:61:7a:1a:4f DHCP received op BOOTREQUEST (1) (len 308,vlan 92, port 13, encap 0xec05)
*DHCP Socket Task: Apr 30 11:44:50.479: a4:c3:61:7a:1a:4f DHCP selecting relay 1 - control block settings:
dhcpServer: 172.24.13.251, dhcpNetmask: 0.0.0.0,
dhcpGateway: 0.0.0.0, dhcpRelay: 172.24.16.251 VLAN: 93
*DHCP Socket Task: Apr 30 11:44:50.479: a4:c3:61:7a:1a:4f DHCP selected relay 1 - 172.24.13.251 (local address 172.24.16.251, gateway 172.24.16.254, VLAN 93, port 13)
*DHCP Socket Task: Apr 30 11:44:50.479: a4:c3:61:7a:1a:4f DHCP transmitting DHCP DISCOVER (1)
*DHCP Socket Task: Apr 30 11:44:50.479: a4:c3:61:7a:1a:4f DHCP op: BOOTREQUEST, htype: Ethernet, hlen: 6, hops: 1
*DHCP Socket Task: Apr 30 11:44:50.479: a4:c3:61:7a:1a:4f DHCP xid: 0x7e549f4a (2119475018), secs: 0, flags: 0
*DHCP Socket Task: Apr 30 11:44:50.479: a4:c3:61:7a:1a:4f DHCP chaddr: a4:c3:61:7a:1a:4f
*DHCP Socket Task: Apr 30 11:44:50.479: a4:c3:61:7a:1a:4f DHCP ciaddr: 0.0.0.0, yiaddr: 0.0.0.0
*DHCP Socket Task: Apr 30 11:44:50.479: a4:c3:61:7a:1a:4f DHCP siaddr: 0.0.0.0, giaddr: 172.24.16.251
*DHCP Socket Task: Apr 30 11:44:50.479: a4:c3:61:7a:1a:4f DHCP selecting relay 2 - control block settings:
dhcpServer: 172.24.13.251, dhcpNetmask: 0.0.0.0,
dhcpGateway: 0.0.0.0, dhcpRelay: 172.24.16.251 VLAN: 93
*DHCP Socket Task: Apr 30 11:44:50.479: a4:c3:61:7a:1a:4f DHCP selected relay 2 - NONE
*DHCP Proxy Task: Apr 30 11:44:50.479: a4:c3:61:7a:1a:4f DHCP received op BOOTREPLY (2) (len 572,vlan 0, port 0, encap 0x0)
*DHCP Proxy Task: Apr 30 11:44:50.479: a4:c3:61:7a:1a:4f DHCP sending packet in EoIP tunnel to foreign 10.65.31.8 (len 346)
*DHCP Proxy Task: Apr 30 11:44:50.479: a4:c3:61:7a:1a:4f DHCP transmitting DHCP OFFER (2)
*DHCP Proxy Task: Apr 30 11:44:50.479: a4:c3:61:7a:1a:4f DHCP op: BOOTREPLY, htype: Ethernet, hlen: 6, hops: 0
*DHCP Proxy Task: Apr 30 11:44:50.479: a4:c3:61:7a:1a:4f DHCP xid: 0x7e549f4a (2119475018), secs: 0, flags: 0
*DHCP Proxy Task: Apr 30 11:44:50.480: a4:c3:61:7a:1a:4f DHCP chaddr: a4:c3:61:7a:1a:4f
*DHCP Proxy Task: Apr 30 11:44:50.480: a4:c3:61:7a:1a:4f DHCP ciaddr: 0.0.0.0, yiaddr: 172.24.16.102
*DHCP Proxy Task: Apr 30 11:44:50.480: a4:c3:61:7a:1a:4f DHCP siaddr: 0.0.0.0, giaddr: 0.0.0.0
*DHCP Proxy Task: Apr 30 11:44:50.480: a4:c3:61:7a:1a:4f DHCP server id: 0.0.0.0 rcvd server id: 172.24.13.251
*DHCP Socket Task: Apr 30 11:44:51.649: a4:c3:61:7a:1a:4f DHCP received op BOOTREQUEST (1) (len 308,vlan 92, port 13, encap 0xec05)
*DHCP Socket Task: Apr 30 11:44:51.649: a4:c3:61:7a:1a:4f DHCP selecting relay 1 - control block settings:
dhcpServer: 172.24.13.251, dhcpNetmask: 0.0.0.0,
dhcpGateway: 0.0.0.0, dhcpRelay: 172.24.16.251 VLAN: 93
*DHCP Socket Task: Apr 30 11:44:51.649: a4:c3:61:7a:1a:4f DHCP selected relay 1 - 172.24.13.251 (local address 172.24.16.251, gateway 172.24.16.254, VLAN 93, port 13)
*DHCP Socket Task: Apr 30 11:44:51.649: a4:c3:61:7a:1a:4f DHCP transmitting DHCP DISCOVER (1)
*DHCP Socket Task: Apr 30 11:44:51.649: a4:c3:61:7a:1a:4f DHCP op: BOOTREQUEST, htype: Ethernet, hlen: 6, hops: 1
*DHCP Socket Task: Apr 30 11:44:51.649: a4:c3:61:7a:1a:4f DHCP xid: 0x7e549f4a (2119475018), secs: 1, flags: 0
*DHCP Socket Task: Apr 30 11:44:51.649: a4:c3:61:7a:1a:4f DHCP chaddr: a4:c3:61:7a:1a:4f
*DHCP Socket Task: Apr 30 11:44:51.649: a4:c3:61:7a:1a:4f DHCP ciaddr: 0.0.0.0, yiaddr: 0.0.0.0
*DHCP Socket Task: Apr 30 11:44:51.649: a4:c3:61:7a:1a:4f DHCP siaddr: 0.0.0.0, giaddr: 172.24.16.251
*DHCP Socket Task: Apr 30 11:44:51.649: a4:c3:61:7a:1a:4f DHCP selecting relay 2 - control block settings:
dhcpServer: 172.24.13.251, dhcpNetmask: 0.0.0.0,
dhcpGateway: 0.0.0.0, dhcpRelay: 172.24.16.251 VLAN: 93
*DHCP Socket Task: Apr 30 11:44:51.649: a4:c3:61:7a:1a:4f DHCP selected relay 2 - NONE
*DHCP Proxy Task: Apr 30 11:44:51.649: a4:c3:61:7a:1a:4f DHCP received op BOOTREPLY (2) (len 572,vlan 0, port 0, encap 0x0)
*DHCP Proxy Task: Apr 30 11:44:51.649: a4:c3:61:7a:1a:4f DHCP sending packet in EoIP tunnel to foreign 10.65.31.8 (len 346)
*DHCP Proxy Task: Apr 30 11:44:51.649: a4:c3:61:7a:1a:4f DHCP transmitting DHCP OFFER (2)
*DHCP Proxy Task: Apr 30 11:44:51.649: a4:c3:61:7a:1a:4f DHCP op: BOOTREPLY, htype: Ethernet, hlen: 6, hops: 0
*DHCP Proxy Task: Apr 30 11:44:51.650: a4:c3:61:7a:1a:4f DHCP xid: 0x7e549f4a (2119475018), secs: 0, flags: 0
*DHCP Proxy Task: Apr 30 11:44:51.650: a4:c3:61:7a:1a:4f DHCP chaddr: a4:c3:61:7a:1a:4f
*DHCP Proxy Task: Apr 30 11:44:51.650: a4:c3:61:7a:1a:4f DHCP ciaddr: 0.0.0.0, yiaddr: 172.24.16.102
*DHCP Proxy Task: Apr 30 11:44:51.650: a4:c3:61:7a:1a:4f DHCP siaddr: 0.0.0.0, giaddr: 0.0.0.0
*DHCP Proxy Task: Apr 30 11:44:51.650: a4:c3:61:7a:1a:4f DHCP server id: 0.0.0.0 rcvd server id: 172.24.13.251
*DHCP Socket Task: Apr 30 11:44:53.754: a4:c3:61:7a:1a:4f DHCP received op BOOTREQUEST (1) (len 308,vlan 92, port 13, encap 0xec05)
*DHCP Socket Task: Apr 30 11:44:53.755: a4:c3:61:7a:1a:4f DHCP selecting relay 1 - control block settings:
dhcpServer: 172.24.13.251, dhcpNetmask: 0.0.0.0,
dhcpGateway: 0.0.0.0, dhcpRelay: 172.24.16.251 VLAN: 93
*DHCP Socket Task: Apr 30 11:44:53.755: a4:c3:61:7a:1a:4f DHCP selected relay 1 - 172.24.13.251 (local address 172.24.16.251, gateway 172.24.16.254, VLAN 93, port 13)
*DHCP Socket Task: Apr 30 11:44:53.755: a4:c3:61:7a:1a:4f DHCP transmitting DHCP DISCOVER (1)
*DHCP Socket Task: Apr 30 11:44:53.755: a4:c3:61:7a:1a:4f DHCP op: BOOTREQUEST, htype: Ethernet, hlen: 6, hops: 1
*DHCP Socket Task: Apr 30 11:44:53.755: a4:c3:61:7a:1a:4f DHCP xid: 0x7e549f4a (2119475018), secs: 3, flags: 0
*DHCP Socket Task: Apr 30 11:44:53.755: a4:c3:61:7a:1a:4f DHCP chaddr: a4:c3:61:7a:1a:4f
*DHCP Socket Task: Apr 30 11:44:53.755: a4:c3:61:7a:1a:4f DHCP ciaddr: 0.0.0.0, yiaddr: 0.0.0.0
*DHCP Socket Task: Apr 30 11:44:53.755: a4:c3:61:7a:1a:4f DHCP siaddr: 0.0.0.0, giaddr: 172.24.16.251
*DHCP Socket Task: Apr 30 11:44:53.755: a4:c3:61:7a:1a:4f DHCP selecting relay 2 - control block settings:
dhcpServer: 172.24.13.251, dhcpNetmask: 0.0.0.0,
dhcpGateway: 0.0.0.0, dhcpRelay: 172.24.16.251 VLAN: 93
*DHCP Socket Task: Apr 30 11:44:53.755: a4:c3:61:7a:1a:4f DHCP selected relay 2 - NONE
*DHCP Proxy Task: Apr 30 11:44:53.755: a4:c3:61:7a:1a:4f DHCP received op BOOTREPLY (2) (len 572,vlan 0, port 0, encap 0x0)
*DHCP Proxy Task: Apr 30 11:44:53.755: a4:c3:61:7a:1a:4f DHCP sending packet in EoIP tunnel to foreign 10.65.31.8 (len 346)
*DHCP Proxy Task: Apr 30 11:44:53.755: a4:c3:61:7a:1a:4f DHCP transmitting DHCP OFFER (2)
*DHCP Proxy Task: Apr 30 11:44:53.755: a4:c3:61:7a:1a:4f DHCP op: BOOTREPLY, htype: Ethernet, hlen: 6, hops: 0
*DHCP Proxy Task: Apr 30 11:44:53.755: a4:c3:61:7a:1a:4f DHCP xid: 0x7e549f4a (2119475018), secs: 0, flags: 0
*DHCP Proxy Task: Apr 30 11:44:53.755: a4:c3:61:7a:1a:4f DHCP chaddr: a4:c3:61:7a:1a:4f
*DHCP Proxy Task: Apr 30 11:44:53.755: a4:c3:61:7a:1a:4f DHCP ciaddr: 0.0.0.0, yiaddr: 172.24.16.102
*DHCP Proxy Task: Apr 30 11:44:53.755: a4:c3:61:7a:1a:4f DHCP siaddr: 0.0.0.0, giaddr: 0.0.0.0
*DHCP Proxy Task: Apr 30 11:44:53.755: a4:c3:61:7a:1a:4f DHCP server id: 0.0.0.0 rcvd server id: 172.24.13.251
*DHCP Socket Task: Apr 30 11:44:58.594: a4:c3:61:7a:1a:4f DHCP received op BOOTREQUEST (1) (len 308,vlan 92, port 13, encap 0xec05)
*DHCP Socket Task: Apr 30 11:44:58.594: a4:c3:61:7a:1a:4f DHCP selecting relay 1 - control block settings:
dhcpServer: 172.24.13.251, dhcpNetmask: 0.0.0.0,
dhcpGateway: 0.0.0.0, dhcpRelay: 172.24.16.251 VLAN: 93
*DHCP Socket Task: Apr 30 11:44:58.594: a4:c3:61:7a:1a:4f DHCP selected relay 1 - 172.24.13.251 (local address 172.24.16.251, gateway 172.24.16.254, VLAN 93, port 13)
*DHCP Socket Task: Apr 30 11:44:58.594: a4:c3:61:7a:1a:4f DHCP transmitting DHCP DISCOVER (1)
*DHCP Socket Task: Apr 30 11:44:58.594: a4:c3:61:7a:1a:4f DHCP op: BOOTREQUEST, htype: Ethernet, hlen: 6, hops: 1
*DHCP Socket Task: Apr 30 11:44:58.594: a4:c3:61:7a:1a:4f DHCP xid: 0x7e549f4a (2119475018), secs: 8, flags: 0
*DHCP Socket Task: Apr 30 11:44:58.594: a4:c3:61:7a:1a:4f DHCP chaddr: a4:c3:61:7a:1a:4f
*DHCP Socket Task: Apr 30 11:44:58.594: a4:c3:61:7a:1a:4f DHCP ciaddr: 0.0.0.0, yiaddr: 0.0.0.0
*DHCP Socket Task: Apr 30 11:44:58.594: a4:c3:61:7a:1a:4f DHCP siaddr: 0.0.0.0, giaddr: 172.24.16.251
*DHCP Socket Task: Apr 30 11:44:58.595: a4:c3:61:7a:1a:4f DHCP selecting relay 2 - control block settings:
dhcpServer: 172.24.13.251, dhcpNetmask: 0.0.0.0,
dhcpGateway: 0.0.0.0, dhcpRelay: 172.24.16.251 VLAN: 93
*DHCP Socket Task: Apr 30 11:44:58.595: a4:c3:61:7a:1a:4f DHCP selected relay 2 - NONE
*DHCP Proxy Task: Apr 30 11:44:58.595: a4:c3:61:7a:1a:4f DHCP received op BOOTREPLY (2) (len 572,vlan 0, port 0, encap 0x0)
*DHCP Proxy Task: Apr 30 11:44:58.595: a4:c3:61:7a:1a:4f DHCP sending packet in EoIP tunnel to foreign 10.65.31.8 (len 346)
*DHCP Proxy Task: Apr 30 11:44:58.595: a4:c3:61:7a:1a:4f DHCP transmitting DHCP OFFER (2)
*DHCP Proxy Task: Apr 30 11:44:58.595: a4:c3:61:7a:1a:4f DHCP op: BOOTREPLY, htype: Ethernet, hlen: 6, hops: 0
*DHCP Proxy Task: Apr 30 11:44:58.595: a4:c3:61:7a:1a:4f DHCP xid: 0x7e549f4a (2119475018), secs: 0, flags: 0
*DHCP Proxy Task: Apr 30 11:44:58.595: a4:c3:61:7a:1a:4f DHCP chaddr: a4:c3:61:7a:1a:4f
*DHCP Proxy Task: Apr 30 11:44:58.595: a4:c3:61:7a:1a:4f DHCP ciaddr: 0.0.0.0, yiaddr: 172.24.16.102
*DHCP Proxy Task: Apr 30 11:44:58.595: a4:c3:61:7a:1a:4f DHCP siaddr: 0.0.0.0, giaddr: 0.0.0.0
*DHCP Proxy Task: Apr 30 11:44:58.595: a4:c3:61:7a:1a:4f DHCP server id: 0.0.0.0 rcvd server id: 172.24.13.251
*DHCP Socket Task: Apr 30 11:45:07.059: a4:c3:61:7a:1a:4f DHCP received op BOOTREQUEST (1) (len 308,vlan 92, port 13, encap 0xec05)
*DHCP Socket Task: Apr 30 11:45:07.059: a4:c3:61:7a:1a:4f DHCP selecting relay 1 - control block settings:
dhcpServer: 172.24.13.251, dhcpNetmask: 0.0.0.0,Thanks Scott, here you go...
On Foreign:
WLAN Identifier.................................. 2
Profile Name..................................... BAI-Beta
Network Name (SSID).............................. BAI-Beta
Status........................................... Enabled
MAC Filtering.................................... Disabled
Broadcast SSID................................... Disabled
AAA Policy Override.............................. Disabled
Network Admission Control
Client Profiling Status ....................... Disabled
DHCP ......................................... Disabled
HTTP ......................................... Disabled
Radius-NAC State............................... Disabled
SNMP-NAC State................................. Disabled
Quarantine VLAN................................ 0
Maximum number of Associated Clients............. 0
Maximum number of Clients per AP Radio........... 200
Number of Active Clients......................... 42
Exclusionlist Timeout............................ 60 seconds
Session Timeout.................................. 86400 seconds
User Idle Timeout................................ 300 seconds
--More-- or (q)uit
User Idle Threshold.............................. 0 Bytes
NAS-identifier................................... CHTWLC
CHD per WLAN..................................... Enabled
Webauth DHCP exclusion........................... Disabled
Interface........................................ management
Multicast Interface.............................. Not Configured
WLAN IPv4 ACL.................................... unconfigured
WLAN IPv6 ACL.................................... unconfigured
mDNS Status...................................... Enabled
mDNS Profile Name................................ default-mdns-profile
DHCP Server...................................... Default
DHCP Address Assignment Required................. Enabled
Static IP client tunneling....................... Disabled
PMIPv6 Mobility Type............................. none
Quality of Service............................... Bronze
Per-SSID Rate Limits............................. Upstream Downstream
Average Data Rate................................ 0 0
Average Realtime Data Rate....................... 0 0
Burst Data Rate.................................. 0 0
Burst Realtime Data Rate......................... 0 0
Per-Client Rate Limits........................... Upstream Downstream
Average Data Rate................................ 0 0
Average Realtime Data Rate....................... 0 0
--More-- or (q)uit
Burst Data Rate.................................. 0 0
Burst Realtime Data Rate......................... 0 0
Scan Defer Priority.............................. 5,6
Scan Defer Time.................................. 100 milliseconds
WMM.............................................. Disabled
WMM UAPSD Compliant Client Support............... Disabled
Media Stream Multicast-direct.................... Disabled
CCX - AironetIe Support.......................... Enabled
CCX - Gratuitous ProbeResponse (GPR)............. Disabled
CCX - Diagnostics Channel Capability............. Disabled
Dot11-Phone Mode (7920).......................... Disabled
Wired Protocol................................... None
Passive Client Feature........................... Disabled
Peer-to-Peer Blocking Action..................... Disabled
Radio Policy..................................... All
DTIM period for 802.11a radio.................... 1
DTIM period for 802.11b radio.................... 1
Radius Servers
Authentication................................ 172.24.13.20 1812
Accounting.................................... Disabled
Dynamic Interface............................. Disabled
Dynamic Interface Priority.................... wlan
Local EAP Authentication......................... Disabled
--More-- or (q)uit
Security
802.11 Authentication:........................ Open System
FT Support.................................... Disabled
Static WEP Keys............................... Disabled
802.1X........................................ Disabled
Wi-Fi Protected Access (WPA/WPA2)............. Enabled
WPA (SSN IE)............................... Disabled
WPA2 (RSN IE).............................. Enabled
TKIP Cipher............................. Disabled
AES Cipher.............................. Enabled
Auth Key Management
802.1x.................................. Enabled
PSK..................................... Disabled
CCKM.................................... Disabled
FT-1X(802.11r).......................... Disabled
FT-PSK(802.11r)......................... Disabled
PMF-1X(802.11w)......................... Disabled
PMF-PSK(802.11w)........................ Disabled
FT Reassociation Timeout................... 20
FT Over-The-DS mode........................ Enabled
GTK Randomization.......................... Disabled
SKC Cache Support.......................... Disabled
--More-- or (q)uit
CCKM TSF Tolerance......................... 1000
WAPI.......................................... Disabled
Wi-Fi Direct policy configured................ Disabled
EAP-Passthrough............................... Disabled
CKIP ......................................... Disabled
Web Based Authentication...................... Disabled
Web-Passthrough............................... Disabled
Conditional Web Redirect...................... Disabled
Splash-Page Web Redirect...................... Disabled
Auto Anchor................................... Enabled
FlexConnect Local Switching................... Disabled
flexconnect Central Dhcp Flag................. Disabled
flexconnect nat-pat Flag...................... Disabled
flexconnect Dns Override Flag................. Disabled
FlexConnect Vlan based Central Switching ..... Disabled
FlexConnect Local Authentication.............. Disabled
FlexConnect Learn IP Address.................. Enabled
Client MFP.................................... Optional
PMF........................................... Disabled
PMF Association Comeback Time................. 1
PMF SA Query RetryTimeout..................... 200
Tkip MIC Countermeasure Hold-down Timer....... 60
AVC Visibilty.................................... Disabled
--More-- or (q)uit
AVC Profile Name................................. None
Flow Monitor Name................................ None
Call Snooping.................................... Disabled
Roamed Call Re-Anchor Policy..................... Disabled
SIP CAC Fail Send-486-Busy Policy................ Enabled
SIP CAC Fail Send Dis-Association Policy......... Disabled
KTS based CAC Policy............................. Disabled
Assisted Roaming Prediction Optimization......... Disabled
802.11k Neighbor List............................ Disabled
802.11k Neighbor List Dual Band.................. Disabled
Band Select...................................... Disabled
Load Balancing................................... Disabled
Multicast Buffer................................. Disabled
Mobility Anchor List
WLAN ID IP Address Status
2 172.24.13.251 Up
802.11u........................................ Disabled
MSAP Services.................................. Disabled
On Anchor:
WLAN Identifier.................................. 1
Profile Name..................................... BAI-Beta
Network Name (SSID).............................. BAI-Beta
Status........................................... Enabled
MAC Filtering.................................... Disabled
Broadcast SSID................................... Disabled
AAA Policy Override.............................. Disabled
Network Admission Control
Client Profiling Status ....................... Disabled
DHCP ......................................... Disabled
HTTP ......................................... Disabled
Radius-NAC State............................... Disabled
SNMP-NAC State................................. Disabled
Quarantine VLAN................................ 0
Maximum number of Associated Clients............. 0
Maximum number of Clients per AP Radio........... 200
Number of Active Clients......................... 48
Exclusionlist Timeout............................ 60 seconds
Session Timeout.................................. 86400 seconds
User Idle Timeout................................ 300 seconds
--More-- or (q)uit
User Idle Threshold.............................. 0 Bytes
NAS-identifier................................... CHADWLC01
CHD per WLAN..................................... Enabled
Webauth DHCP exclusion........................... Disabled
Interface........................................ bai-beta
Multicast Interface.............................. Not Configured
WLAN IPv4 ACL.................................... unconfigured
WLAN IPv6 ACL.................................... unconfigured
mDNS Status...................................... Enabled
mDNS Profile Name................................ default-mdns-profile
DHCP Server...................................... Default
DHCP Address Assignment Required................. Enabled
Static IP client tunneling....................... Disabled
PMIPv6 Mobility Type............................. none
Quality of Service............................... Bronze
Per-SSID Rate Limits............................. Upstream Downstream
Average Data Rate................................ 0 0
Average Realtime Data Rate....................... 0 0
Burst Data Rate.................................. 0 0
Burst Realtime Data Rate......................... 0 0
Per-Client Rate Limits........................... Upstream Downstream
Average Data Rate................................ 0 0
Average Realtime Data Rate....................... 0 0
--More-- or (q)uit
Burst Data Rate.................................. 0 0
Burst Realtime Data Rate......................... 0 0
Scan Defer Priority.............................. 5,6
Scan Defer Time.................................. 100 milliseconds
WMM.............................................. Disabled
WMM UAPSD Compliant Client Support............... Disabled
Media Stream Multicast-direct.................... Disabled
CCX - AironetIe Support.......................... Enabled
CCX - Gratuitous ProbeResponse (GPR)............. Disabled
CCX - Diagnostics Channel Capability............. Disabled
Dot11-Phone Mode (7920).......................... Disabled
Wired Protocol................................... None
Passive Client Feature........................... Disabled
Peer-to-Peer Blocking Action..................... Disabled
Radio Policy..................................... All
DTIM period for 802.11a radio.................... 1
DTIM period for 802.11b radio.................... 1
Radius Servers
Authentication................................ 172.24.13.20 1812
Accounting.................................... Disabled
Dynamic Interface............................. Disabled
Dynamic Interface Priority.................... wlan
Local EAP Authentication......................... Disabled
--More-- or (q)uit
Security
802.11 Authentication:........................ Open System
FT Support.................................... Disabled
Static WEP Keys............................... Disabled
802.1X........................................ Disabled
Wi-Fi Protected Access (WPA/WPA2)............. Enabled
WPA (SSN IE)............................... Disabled
WPA2 (RSN IE).............................. Enabled
TKIP Cipher............................. Disabled
AES Cipher.............................. Enabled
Auth Key Management
802.1x.................................. Enabled
PSK..................................... Disabled
CCKM.................................... Disabled
FT-1X(802.11r).......................... Disabled
FT-PSK(802.11r)......................... Disabled
PMF-1X(802.11w)......................... Disabled
PMF-PSK(802.11w)........................ Disabled
FT Reassociation Timeout................... 20
FT Over-The-DS mode........................ Enabled
GTK Randomization.......................... Disabled
SKC Cache Support.......................... Disabled
--More-- or (q)uit
CCKM TSF Tolerance......................... 1000
WAPI.......................................... Disabled
Wi-Fi Direct policy configured................ Disabled
EAP-Passthrough............................... Disabled
CKIP ......................................... Disabled
Web Based Authentication...................... Disabled
Web-Passthrough............................... Disabled
Conditional Web Redirect...................... Disabled
Splash-Page Web Redirect...................... Disabled
Auto Anchor................................... Enabled
FlexConnect Local Switching................... Disabled
flexconnect Central Dhcp Flag................. Disabled
flexconnect nat-pat Flag...................... Disabled
flexconnect Dns Override Flag................. Disabled
FlexConnect Vlan based Central Switching ..... Disabled
FlexConnect Local Authentication.............. Disabled
FlexConnect Learn IP Address.................. Enabled
Client MFP.................................... Optional
PMF........................................... Disabled
PMF Association Comeback Time................. 1
PMF SA Query RetryTimeout..................... 200
Tkip MIC Countermeasure Hold-down Timer....... 60
AVC Visibilty.................................... Disabled
--More-- or (q)uit
AVC Profile Name................................. None
Flow Monitor Name................................ None
Call Snooping.................................... Disabled
Roamed Call Re-Anchor Policy..................... Disabled
SIP CAC Fail Send-486-Busy Policy................ Enabled
SIP CAC Fail Send Dis-Association Policy......... Disabled
KTS based CAC Policy............................. Disabled
Assisted Roaming Prediction Optimization......... Disabled
802.11k Neighbor List............................ Disabled
802.11k Neighbor List Dual Band.................. Disabled
Band Select...................................... Disabled
Load Balancing................................... Disabled
Multicast Buffer................................. Disabled
Mobility Anchor List
WLAN ID IP Address Status
1 172.24.13.251 Up
802.11u........................................ Disabled
MSAP Services.................................. Disabled -
DHCP and Pointers for Addresses Not Released
I was aksed to see if there could be anything to fix this:
Our DHCP hands out new IPs within a 24 hour period.
The Macs in our mixed environment ( 300 PCs, 52 Macs)
will get assigned an IP Address, and then keep it for the day, and in the morning release and get a new one at boot.
HOWEVER, according to the DHCP server, the IP address
still "points" to the Mac, and thus the DHCP server
thinks its in use.
Our IS department is convinced its a Mac problem,
and there has to be some way to make the Macs
release address, and tell the server its released
that address, so that the Server can re-assign
the address down the line.
I personally do not think so, I think it is something
on the DHCP server's end, but I'm not sure.
Any help on this or insight or general theorizing
would be helpful. I have also posted this over in
microsoft.public.windows.server.dns,
if this post seems familiar....Backing up a bit - what is the actual problem leading
to this investigation? A DHCP server keeps a database
of pairings of IP addresses with MAC addresses (not
Macintosh addresses). It should automatically prevent
any MAC address from consuming more than one IP
address.
Most likely it is the fact that we have close to 400 total computers on site, and that we only have a limited available blocks
of IP addresses ( ranges 10.0.0.x, 10.0.1.x, and 10.0.2.x), and although at any given time not all 400 total computers
are on the network ( people out of house, some only go online
when necessary for updates etc), the fact that the DNS pointers keep saying that, for instance that an imac
on my desk is using 10.0.1.174, and that the DNS server is
saying that it should also be 10.0.1.146 ( which it had yesterday) as well as 10.0.1.174, but since the DNS server thinks
that 10.0.1.146 is still validily assigned, then it won't release this address, and thus on the PC side, they cannot
get the address 10.0.1.146, hich then causes a shortage of addresses.
I hope I explained that the best way possible; to me, it seems like it should be an easily fixed cache problem, if a cache exists for the DNS pointers, that it could be
regualrly dumped? -
DNS/DHCP Managment Console- IP Addresses not releasing
Hello,
I have added a new subnet on our network so we can add more wireless devices (iPads, Cellphones, etc. are all now needing IP addresses)
Everything is working fine except that the addresses are not releasing after 3 days. If someone with a Laptop comes into our building with a cell phone or laptop they are picking up an IP address automatically. Then once they leave (and the 3 day lease time expires) DNS/DHCP is not making that address available for another device.
Now we are quickly running out of local IP addresses on this new subnet. How can I get DNS/DHCP management console to hand out previously used expired IP addresses to new devices?
Thanks in advance!Originally Posted by Marcel_Cox
Have you actually run out of IP addresses? I have not checked the behavior of the DHCP server too closely, but it is well possible that it will hand out unused addresses before reusing expired ones, but that doesn't mean it will really run out of addresses.
Hello,
No we haven't run out yet so that my very well be the case.
We do have two subnets in the same building .30 subnet and .32 subnet
They both work, and any client can pickup an IP on either subnet.
The .30 subnet was the old one and the .32 subnet has just been created. Now all new clients pickup an address on the .32 subnet.
Is there any way to figure out why all the clients want to pull a .32 address now?
Thanks
Maybe you are looking for
-
I have an iPhone 4S and for some reason when I go to turn my wifi on sometimes it's greys out and Won't let me turn it on so what can I do to fix this ???
-
I am replacing a Sony Wega 32" with a flat panel. I have basic Time Warner cable (no box), a 12 year old Sony A/V surroundsound reciever, a JVC combo VHS/DVD player, a second DVD player ( these both use the red, white, yellow rca cables, and an ol
-
Additional Invoice Plan for Periodic Invoicing
HI, Can any body help me to configure periodic invoice plan.... i can see the determination rule is available for Monthly, weekly, daily and yearly. but how to configure for Quarterly & Half yearly..? t. code: OM7R - table for rule determination. wan
-
Media Foundation:Playback using Raw Data Bytes Frame by Frame
I have a stream of bytes encoded by H264.Now I want to playback using Media Foundation I have the frames as raw data without container and I receive it frame by frame.does any one have any idea how can I do that?
-
SharePoint 2013 Stretched Farm
Considering implemented a Stretched Farm in SharePoint 2013 / with SQL Server Always On AG Synchronise commit We have <1ms latency and 10gbps bandwidth between data centres Has anyone implemented a stretched farm in SP2013 and what was the experience