Access Points Not Passing DHCP to Clients

I have a 50+ access point deployment, all in a single VLAN (DMZ), across a dozen buildings. We recently experienced wierdness of the following sort. Clients would request DHCP request, DHCP servers would forward requests, which would not get passed from the AP to the clients. We could verify that DHCP and all other parts of network were fine. I had to cold boot each AP to clear the condition. I could find nothing in this mix of 350s and 1200s or the spectrum that would indicate an obvious attack... Couldn't find where to start looking for any tables that were full, or any real place to look for some other reason for this. Yet after cold boot- all is well.
Any thoughts, in case it happens again?

Hi Guys,
I am having a similar problem to you, however i can get authentciated via LEAP, but dont seem to get an IP adderss from the radius server.
My setup is very simple as i am at the design stage. We have a Cisco AP 1200 (2.4 and 5.0 GHZ) and we are using FUNK steel belted RADIUS server. LEAP authentication works fine and i can see the association on the AP. The wirless client (HP W400 integrated Wireless cards) shows that it has been authenticated successfully too. However no IP is being received. We have a IP Pool configured on the SBR server and the SBR server shows that it has issued an IP address.
Next step was to place a sniffer and capture the packets. The capture shows the radius requests and challenges and in the very last ACCEPT packet we can see that the SBR has issued an IP address.
I am confused as i cant see anything on AP that would block the IP address. There are also a few attributes showing as "unknown" in the sniffer trace, so im not too sure wgats going on.
Can anyone help. The IOS is 12.2 (13) JA

Similar Messages

AP 1231G Not Passing DHCP to clients

Hello My company AP 1231G is not passing the DHCP address to the client from the DHCP server can you please advise on my config listed below
basicly the AP is on its own VLAN 10.1.123.1 and the DHCP server is 10.1.10.2 -- trying to use iphelper to pass DHCP to clients and the AP is on static IP 10.1.123.2--
! Last configuration change at 13:15:56 +0800 Fri May 25 2012 by root
! NVRAM config last updated at 13:15:56 +0800 Fri May 25 2012 by root
version 12.3
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
hostname XXXXXXXXXX
clock timezone +0800 8
ip subnet-zero
no ip domain lookup
ip domain name XXXXXXXXXXXXX
aaa new-model
aaa authentication login default local
aaa authorization exec default local
aaa session-id common
dot11 syslog
dot11 ssid XXXXXXXXXX
   authentication open
   authentication key-management wpa
   guest-mode
   infrastructure-ssid optional
   wpa-psk ascii XXXXXXXXXXXXXXXXXXXXXXX
dot11 arp-cache optional
username root privilege 15 password XXXXXXXXXXXXXXXXXXXXX
bridge irb
interface Dot11Radio0
no ip address
no ip route-cache
encryption mode ciphers aes-ccm tkip
ssid XXXXXXXXXXX
speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0
no preamble-short
channel 2432
station-role root access-point
no dot11 extension aironet
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
bridge-group 1 spanning-disabled
interface FastEthernet0
no ip address
no ip route-cache
duplex auto
speed auto
bridge-group 1
no bridge-group 1 source-learning
bridge-group 1 spanning-disabled
interface BVI1
ip address 10.1.123.2 255.255.255.0
ip helper-address 10.1.10.2
ip default-gateway 10.1.123.1
ip http server
ip http authentication aaa
no ip http secure-server
ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag
access-list 111 permit tcp any any neq telnet
snmp-server view dot11view ieee802dot11 included
snmp-server view ieee802dot11 ieee802dot11 included
snmp-server community public RO
snmp-server community private view undefined RW
bridge 1 route ip
line con 0
terminal-type teletype
line vty 0 4
terminal-type teletype
sntp server 114.80.81.13
sntp broadcast client
end

Roan:
Where is your DHCP server configured (swtich, firewall, 3rd party server..etc)?
Does it work correctly if the AP IP on same subnet and ip-helper is not being utilized?

1 port on 2960 wont pass DHCP onto client

I am stumped on this one. I have a PoE 2960 that connects a few phone/workstation pairs to the network. All of them work correctly except for one...
For example, the good / working configs look like this on the interfaces:
interface GigabitEthernet1/0/45
description _X211
switchport trunk native vlan 16
switchport mode trunk
switchport voice vlan 52
srr-queue bandwidth share 10 10 60 20
queue-set 2
priority-queue out
mls qos trust cos
auto qos voip trust
spanning-tree portfast
And.....
interface GigabitEthernet1/0/38
description _X208
switchport trunk native vlan 16
switchport mode trunk
switchport voice vlan 52
srr-queue bandwidth share 10 10 60 20
queue-set 2
priority-queue out
mls qos trust cos
auto qos voip trust
spanning-tree portfast
The port that is not passing DHCP info onto the client is this one:
interface GigabitEthernet1/0/12
description _X209
switchport trunk native vlan 16
switchport mode trunk
switchport voice vlan 52
srr-queue bandwidth share 10 10 60 20
queue-set 2
priority-queue out
mls qos trust cos
auto qos voip trust
spanning-tree portfast
What am I missing? This worked fine until last week when this site was connected via a trunk to another site (they used to connect via IPSec tunnel, but now have a dedicate link). As far as I can tell, that should not have effected this...and if it did effect this why didn't it effect any of the other ports?
The complete show run:
Building configuration...
Current configuration : 10102 bytes
version 12.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
hostname ...
boot-start-marker
boot-end-marker
no logging console
enable secret 5 ...
enable password 7 ...
no aaa new-model
clock timezone EST -5
switch 1 provision ws-c2960s-48lpd-l
ip name-server 10.1.0.10
ip name-server 10.0.0.10
vtp domain ...
vtp mode transparent
mls qos map cos-dscp 0 8 16 24 32 46 48 56
mls qos srr-queue output cos-map queue 1 threshold 3 5
mls qos srr-queue output cos-map queue 2 threshold 3 3 6 7
mls qos srr-queue output cos-map queue 3 threshold 3 2 4
mls qos srr-queue output cos-map queue 4 threshold 2 1
mls qos srr-queue output cos-map queue 4 threshold 3 0
mls qos srr-queue output dscp-map queue 1 threshold 3 40 41 42 43 44 45 46 47
mls qos srr-queue output dscp-map queue 2 threshold 3 24 25 26 27 28 29 30 31
mls qos srr-queue output dscp-map queue 2 threshold 3 48 49 50 51 52 53 54 55
mls qos srr-queue output dscp-map queue 2 threshold 3 56 57 58 59 60 61 62 63
mls qos srr-queue output dscp-map queue 3 threshold 3 16 17 18 19 20 21 22 23
mls qos srr-queue output dscp-map queue 3 threshold 3 32 33 34 35 36 37 38 39
mls qos srr-queue output dscp-map queue 4 threshold 1 8
mls qos srr-queue output dscp-map queue 4 threshold 2 9 10 11 12 13 14 15
mls qos srr-queue output dscp-map queue 4 threshold 3 0 1 2 3 4 5 6 7
mls qos queue-set output 1 threshold 1 138 138 92 138
mls qos queue-set output 1 threshold 2 138 138 92 400
mls qos queue-set output 1 threshold 3 36 77 100 318
mls qos queue-set output 1 threshold 4 20 50 67 400
mls qos queue-set output 2 threshold 1 149 149 100 149
mls qos queue-set output 2 threshold 2 118 118 100 235
mls qos queue-set output 2 threshold 3 41 68 100 272
mls qos queue-set output 2 threshold 4 42 72 100 242
mls qos queue-set output 1 buffers 10 10 26 54
mls qos queue-set output 2 buffers 16 6 17 61
mls qos
spanning-tree mode pvst
spanning-tree extend system-id
vlan internal allocation policy ascending
vlan 8,16,21,48,52,100-101,104,112,120,128,500,900,999
interface Port-channel1
description ...
switchport access vlan 500
interface FastEthernet0
no ip address
interface GigabitEthernet1/0/1
description PHONE_x204
switchport trunk native vlan 16
switchport mode trunk
switchport voice vlan 52
srr-queue bandwidth share 10 10 60 20
queue-set 2
priority-queue out
mls qos trust cos
auto qos voip trust
spanning-tree portfast
interface GigabitEthernet1/0/2
description PHONE_x212
switchport access vlan 16
switchport trunk native vlan 16
switchport mode trunk
switchport voice vlan 52
srr-queue bandwidth share 10 10 60 20
queue-set 2
priority-queue out
mls qos trust cos
auto qos voip trust
spanning-tree portfast
interface GigabitEthernet1/0/3
description voice vlan 52
switchport access vlan 16
switchport trunk native vlan 16
switchport mode trunk
switchport voice vlan 52
srr-queue bandwidth share 10 10 60 20
queue-set 2
priority-queue out
mls qos trust cos
auto qos voip trust
spanning-tree portfast
interface GigabitEthernet1/0/4
description RUCKUS_WAP
switchport trunk native vlan 104
switchport mode trunk
interface GigabitEthernet1/0/5
switchport mode trunk
interface GigabitEthernet1/0/6
description PHONE_x205
switchport trunk native vlan 16
switchport mode trunk
switchport voice vlan 52
srr-queue bandwidth share 10 10 60 20
queue-set 2
priority-queue out
mls qos trust cos
auto qos voip trust
spanning-tree portfast
interface GigabitEthernet1/0/7
switchport access vlan 16
interface GigabitEthernet1/0/8
switchport access vlan 21
switchport mode access
switchport voice vlan 52
srr-queue bandwidth share 10 10 60 20
queue-set 2
priority-queue out
spanning-tree portfast
interface GigabitEthernet1/0/9
description PHONE_x206
switchport trunk native vlan 16
switchport mode trunk
switchport voice vlan 52
srr-queue bandwidth share 10 10 60 20
queue-set 2
priority-queue out
mls qos trust cos
auto qos voip trust
spanning-tree portfast
interface GigabitEthernet1/0/10
switchport access vlan 16
interface GigabitEthernet1/0/11
switchport access vlan 16
interface GigabitEthernet1/0/12
description ..._X209
switchport trunk native vlan 16
switchport mode trunk
switchport voice vlan 52
srr-queue bandwidth share 10 10 60 20
queue-set 2
priority-queue out
mls qos trust cos
auto qos voip trust
spanning-tree portfast
interface GigabitEthernet1/0/13
description PHONE_x208
switchport trunk native vlan 16
switchport mode trunk
switchport voice vlan 52
srr-queue bandwidth share 10 10 60 20
queue-set 2
priority-queue out
mls qos trust cos
auto qos voip trust
spanning-tree portfast
interface GigabitEthernet1/0/14
description HP_OFFICEJET_PRO_8600
switchport access vlan 21
switchport mode access
interface GigabitEthernet1/0/15
switchport access vlan 16
interface GigabitEthernet1/0/16
description PHONE_x203
switchport trunk native vlan 16
switchport mode trunk
switchport voice vlan 52
srr-queue bandwidth share 10 10 60 20
queue-set 2
priority-queue out
mls qos trust cos
auto qos voip trust
spanning-tree portfast
interface GigabitEthernet1/0/17
switchport access vlan 16
interface GigabitEthernet1/0/18
description PHONE_x202
switchport trunk native vlan 16
switchport mode trunk
switchport voice vlan 52
srr-queue bandwidth share 10 10 60 20
queue-set 2
priority-queue out
mls qos trust cos
auto qos voip trust
spanning-tree portfast
interface GigabitEthernet1/0/19
switchport access vlan 16
interface GigabitEthernet1/0/20
switchport access vlan 16
interface GigabitEthernet1/0/21
switchport access vlan 16
interface GigabitEthernet1/0/22
description ..._X212
switchport trunk native vlan 16
switchport mode trunk
switchport voice vlan 52
srr-queue bandwidth share 10 10 60 20
queue-set 2
priority-queue out
mls qos trust cos
auto qos voip trust
spanning-tree portfast
interface GigabitEthernet1/0/23
switchport access vlan 16
interface GigabitEthernet1/0/24
switchport access vlan 16
interface GigabitEthernet1/0/25
switchport access vlan 16
interface GigabitEthernet1/0/26
switchport access vlan 16
interface GigabitEthernet1/0/27
switchport access vlan 500
channel-group 1 mode on
interface GigabitEthernet1/0/28
switchport access vlan 16
interface GigabitEthernet1/0/29
switchport access vlan 500
channel-group 1 mode on
interface GigabitEthernet1/0/30
switchport access vlan 16
interface GigabitEthernet1/0/31
description SNAPBACK
switchport access vlan 500
interface GigabitEthernet1/0/32
switchport access vlan 16
interface GigabitEthernet1/0/33
switchport access vlan 16
srr-queue bandwidth share 10 10 60 20
queue-set 2
priority-queue out
mls qos trust cos
auto qos voip trust
spanning-tree portfast
interface GigabitEthernet1/0/34
switchport access vlan 16
interface GigabitEthernet1/0/35
description PHONE_x201
switchport trunk native vlan 16
switchport mode trunk
switchport voice vlan 52
srr-queue bandwidth share 10 10 60 20
queue-set 2
priority-queue out
mls qos trust cos
auto qos voip trust
spanning-tree portfast
interface GigabitEthernet1/0/36
description PRINTER__OFFICES
switchport access vlan 21
interface GigabitEthernet1/0/37
switchport access vlan 16
interface GigabitEthernet1/0/38
description ..._X208
switchport trunk native vlan 16
switchport mode trunk
switchport voice vlan 52
srr-queue bandwidth share 10 10 60 20
queue-set 2
priority-queue out
mls qos trust cos
auto qos voip trust
spanning-tree portfast
interface GigabitEthernet1/0/39
switchport access vlan 16
interface GigabitEthernet1/0/40
switchport access vlan 16
interface GigabitEthernet1/0/41
switchport access vlan 16
interface GigabitEthernet1/0/42
description CARD_ACCESS_SYSTEM
switchport access vlan 48
interface GigabitEthernet1/0/43
description SIP_PHONE
switchport access vlan 52
interface GigabitEthernet1/0/44
description PANASONIC_PHONE
switchport trunk native vlan 16
switchport mode trunk
switchport voice vlan 52
srr-queue bandwidth share 10 10 60 20
queue-set 2
priority-queue out
mls qos trust cos
auto qos voip trust
spanning-tree portfast
interface GigabitEthernet1/0/45
description TECH_TBD_PHONE_X211
switchport trunk native vlan 16
switchport mode trunk
switchport voice vlan 52
srr-queue bandwidth share 10 10 60 20
queue-set 2
priority-queue out
mls qos trust cos
auto qos voip trust
spanning-tree portfast
interface GigabitEthernet1/0/46
switchport access vlan 16
switchport mode access
interface GigabitEthernet1/0/47
description RUCKUS_WAP
switchport trunk native vlan 104
switchport mode trunk
interface GigabitEthernet1/0/48
description site-to-site-link
switchport mode trunk
interface GigabitEthernet1/0/49
interface GigabitEthernet1/0/50
interface TenGigabitEthernet1/0/1
interface TenGigabitEthernet1/0/2
interface Vlan1
ip address 10.0.1.254 255.255.255.0
interface Vlan48
ip address 10.0.48.254 255.255.255.0
interface Vlan52
ip address 10.0.52.254 255.255.255.0
interface Vlan101
ip address 10.0.101.254 255.255.255.0
interface Vlan128
no ip address
interface Vlan500
ip address 10.1.0.7 255.255.255.128 secondary
ip address 10.0.0.126 255.255.255.128
ip default-gateway 10.0.101.1
no ip http server
no ip http secure-server
logging 10.1.0.10
banner login ^CC
UNAUTHORIZED LOGIN PROHIBITED
^C
line con 0
exec-timeout 15 0
password 7 ...
logging synchronous
login
line vty 0 4
exec-timeout 15 0
password 7 ...
logging synchronous
login
length 0
line vty 5 15
exec-timeout 15 0
password 7 ...
logging synchronous
login
ntp clock-period 22519016
ntp server 198.60.73.8
end

I removed the line:
switchport trunk native vlan 16
From that port, but I am still not receiving DHCP info on the client.
As a workaround I have set a static IP on the phone. I am still unable to get the workstation (in this case a laptop) to get on the network even setting a static address. I put it onto the wireless for now to get them up and running.
This is quite odd. Any idea what I could try to adjust on that port?

HELP! Ovi Suite "Packet Data Access Point Not Vali...

So i downloaded Ovi suite to get internet from my phone i have a Nokia 3711 and when i try to connect i get this message on my phone "Packet data access point not valid" what does this mean? and how can i fix it? I have unlimited internet data thing..

I guess you can call up your service provider customer service and ask them to re-send the settings!

Access Points not overwritten when restoring a bac...

Hi people,
Seems like the new and still buggy firmware of the E70 has another problem.
Before restoring a backup, if you do not remove the Access Point definitions (only operator Access Points, not Wi-Fi or others), the restore does not overwrite the definitions and makes new copies of the Access Points.
That would be OK if we could remove the extra Access Points but we cannot. When you delete one of the copies, it seems like it is removed but its definition is still somewhere on the phone, so while "Connection Settings" program cannot see it, all programs that use Access Points can see it (but cannot use it because it is a stale record).
Does anyone know where this info is stored so, if I forget to remove them before restoring a backup, I can remove them afterwards?
Kerem Erkan
IT Professional
E70 (2.0618.07.10 - 31.08.06 RM-10)

Welcome to the many problems of the LAPAC1750. I finally gave up and went with Ubnt. Uptime is at 75 days now and would've been longer if not for a firmware update.
The LAPAC had good range and worked well when it worked, but it's unstable to be marketed right now. Hopefully Linksys issues a firmware update to fix everything.

I have an airport extreme i am trying to add to an existing netowrk as an access point not as a router, any help is appreciated as i don't know much about networking.

At my work we have a modem and router to network 8 different pc's- all hard wired. My boss wants me to add an airport extreme so that he can get wireless connection on mobile devices. when i plug in the airport it creates a new network and i need to be able to connect to the existing network and not have the routers compete. is there a way to make the airport an access point instead? maybe by adding it to the exisiting router instead of one of the workstations?

When you introduced the AirPort Extreme, you had a condition where you have two routers in series. The simpliest solution is to reconfigure the downstream router (in this case the Extreme) as a bridge. This will allow the upstream router to provide the required NAT & DHCP services to all network clients regardless of which router they are connected to.
To reconfigure the Extreme as a bridge, you will use the AirPort Utility. (Note: I will provide the steps for using AirPort Utility v5.x)
AirPort Utility > Select the AirPort > Manual Setup
Internet > Internet Connection tab > Connection Sharing = Off (Bridge Mode)

1242AG Wireless Access Point - Cannot Get DHCP IP for BVI1 interface - Multiple SSIDs...

Hello,
I am attempting to set up three Cisco 1242AG Wireless Access Points with multiple SSID's. I used the web interface and directions online to set up the two networks I want and at least one of the networks work wirelessly.
However, I have two problems:
The first, which is the most important, is that the "management" interface, BVI1, doesn't get an ip address from our DHCP server. I set the VLAN 60 (which you'll see in the documenation below) to be the native VLAN on the device as well as on the switch that the device is connected to as well as other settings in the configeration file below. Because of this, I can only manage the device via the console port which would be a huge pain once all of the devices are mounted.
The second problem is that I am not sure how to get both wireless networks broadcasting their SSID's. I have to manually type in the SSID for the second wireless network I have which I would prefer I don't have to. Anyway I can enable broadcasting on all of the SSID's?
Thank you for your time.
Regards,
Christopher Koeber
Using 7916 out of 32768 bytes
version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
hostname AP-18.wesleysem.edu
enable secret {Number Here} {Encrypted Password Here}
enable password {Number Here} {Encrypted Password Here}
aaa new-model
aaa session-id common
dot11 syslog
dot11 vlan-name Kresge vlan 20
dot11 vlan-name Library vlan 30
dot11 vlan-name Public vlan 60
dot11 vlan-name Secure_Public vlan 70
dot11 vlan-name Secure_Seminary vlan 80
dot11 vlan-name Server_Room vlan 1
dot11 vlan-name Straughn vlan 40
dot11 vlan-name Trott vlan 10
dot11 vlan-name Web_Room vlan 50
dot11 ssid (Secure) Wesley Campus
vlan 80
authentication open
authentication key-management wpa version 2
wpa-psk ascii {Number Here} {WPA Key Here}
dot11 ssid Public
vlan 60
authentication open
mobility network-id 60
username Cisco password {Number Here} {Encrypted Password Here}
username admin privilege 15 secret {Number Here} {Encrypted Password Here}!
bridge irb
interface Dot11Radio0
no ip address
no ip route-cache
encryption vlan 80 mode ciphers aes-ccm
ssid (Secure) Campus
ssid Public
mbssid
station-role root
interface Dot11Radio0.1
encapsulation dot1Q 1
no ip route-cache
bridge-group 254
bridge-group 254 block-unknown-source
no bridge-group 254 source-learning
no bridge-group 254 unicast-flooding
bridge-group 254 spanning-disabled
interface Dot11Radio0.10
encapsulation dot1Q 10
no ip route-cache
bridge-group 10
bridge-group 10 subscriber-loop-control
bridge-group 10 block-unknown-source
no bridge-group 10 source-learning
no bridge-group 10 unicast-flooding
bridge-group 10 spanning-disabled
interface Dot11Radio0.20
encapsulation dot1Q 20
no ip route-cache
bridge-group 20
bridge-group 20 subscriber-loop-control
bridge-group 20 block-unknown-source
no bridge-group 20 source-learning
no bridge-group 20 unicast-flooding
bridge-group 20 spanning-disabled
interface Dot11Radio0.30
encapsulation dot1Q 30
no ip route-cache
bridge-group 30
bridge-group 30 subscriber-loop-control
bridge-group 30 block-unknown-source
no bridge-group 30 source-learning
no bridge-group 30 unicast-flooding
bridge-group 30 spanning-disabled
interface Dot11Radio0.40
encapsulation dot1Q 40
no ip route-cache
bridge-group 40
bridge-group 40 subscriber-loop-control
bridge-group 40 block-unknown-source
no bridge-group 40 source-learning
no bridge-group 40 unicast-flooding
bridge-group 40 spanning-disabled
interface Dot11Radio0.50
encapsulation dot1Q 50
no ip route-cache
bridge-group 50
bridge-group 50 subscriber-loop-control
bridge-group 50 block-unknown-source
no bridge-group 50 source-learning
no bridge-group 50 unicast-flooding
bridge-group 50 spanning-disabled
interface Dot11Radio0.60
encapsulation dot1Q 60 native
no ip route-cache
bridge-group 1
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
bridge-group 1 spanning-disabled
interface Dot11Radio0.70
encapsulation dot1Q 70
no ip route-cache
bridge-group 70
bridge-group 70 subscriber-loop-control
bridge-group 70 block-unknown-source
no bridge-group 70 source-learning
no bridge-group 70 unicast-flooding
bridge-group 70 spanning-disabled
interface Dot11Radio0.80
encapsulation dot1Q 80
no ip route-cache
bridge-group 80
bridge-group 80 subscriber-loop-control
bridge-group 80 block-unknown-source
no bridge-group 80 source-learning
no bridge-group 80 unicast-flooding
bridge-group 80 spanning-disabled
interface Dot11Radio1
no ip address
no ip route-cache
shutdown
encryption vlan 80 mode ciphers aes-ccm
dfs band 3 block
channel dfs
station-role root
interface Dot11Radio1.1
encapsulation dot1Q 1
no ip route-cache
bridge-group 254
bridge-group 254 block-unknown-source
no bridge-group 254 source-learning
no bridge-group 254 unicast-flooding
bridge-group 254 spanning-disabled
interface Dot11Radio1.10
encapsulation dot1Q 10
no ip route-cache
bridge-group 10
bridge-group 10 subscriber-loop-control
bridge-group 10 block-unknown-source
no bridge-group 10 source-learning
no bridge-group 10 unicast-flooding
bridge-group 10 spanning-disabled
interface Dot11Radio1.20
encapsulation dot1Q 20
no ip route-cache
bridge-group 20
bridge-group 20 subscriber-loop-control
bridge-group 20 block-unknown-source
no bridge-group 20 source-learning
no bridge-group 20 unicast-flooding
bridge-group 20 spanning-disabled
interface Dot11Radio1.30
encapsulation dot1Q 30
no ip route-cache
bridge-group 30
bridge-group 30 subscriber-loop-control
bridge-group 30 block-unknown-source
no bridge-group 30 source-learning
no bridge-group 30 unicast-flooding
bridge-group 30 spanning-disabled
interface Dot11Radio1.40
encapsulation dot1Q 40
no ip route-cache
bridge-group 40
bridge-group 40 subscriber-loop-control
bridge-group 40 block-unknown-source
no bridge-group 40 source-learning
no bridge-group 40 unicast-flooding
bridge-group 40 spanning-disabled
interface Dot11Radio1.50
encapsulation dot1Q 50
no ip route-cache
bridge-group 50
bridge-group 50 subscriber-loop-control
bridge-group 50 block-unknown-source
no bridge-group 50 source-learning
no bridge-group 50 unicast-flooding
bridge-group 50 spanning-disabled
interface Dot11Radio1.60
encapsulation dot1Q 60 native
no ip route-cache
bridge-group 1
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
bridge-group 1 spanning-disabled
interface Dot11Radio1.70
encapsulation dot1Q 70
no ip route-cache
bridge-group 70
bridge-group 70 subscriber-loop-control
bridge-group 70 block-unknown-source
no bridge-group 70 source-learning
no bridge-group 70 unicast-flooding
bridge-group 70 spanning-disabled
interface Dot11Radio1.80
encapsulation dot1Q 80
no ip route-cache
bridge-group 80
bridge-group 80 subscriber-loop-control
bridge-group 80 block-unknown-source
no bridge-group 80 source-learning
no bridge-group 80 unicast-flooding
bridge-group 80 spanning-disabled
interface FastEthernet0
ip dhcp client update dns
no ip address
no ip route-cache
duplex auto
speed auto
interface FastEthernet0.1
encapsulation dot1Q 1
no ip route-cache
bridge-group 254
no bridge-group 254 source-learning
bridge-group 254 spanning-disabled
interface FastEthernet0.10
encapsulation dot1Q 10
no ip route-cache
bridge-group 10
no bridge-group 10 source-learning
bridge-group 10 spanning-disabled
interface FastEthernet0.20
encapsulation dot1Q 20
no ip route-cache
bridge-group 20
no bridge-group 20 source-learning
bridge-group 20 spanning-disabled
interface FastEthernet0.30
encapsulation dot1Q 30
no ip route-cache
bridge-group 30
no bridge-group 30 source-learning
bridge-group 30 spanning-disabled
interface FastEthernet0.40
encapsulation dot1Q 40
no ip route-cache
bridge-group 40
no bridge-group 40 source-learning
bridge-group 40 spanning-disabled
interface FastEthernet0.50
encapsulation dot1Q 50
no ip route-cache
bridge-group 50
no bridge-group 50 source-learning
bridge-group 50 spanning-disabled
interface FastEthernet0.60
encapsulation dot1Q 60 native
no ip route-cache
bridge-group 1
no bridge-group 1 source-learning
bridge-group 1 spanning-disabled
interface FastEthernet0.70
encapsulation dot1Q 70
no ip route-cache
bridge-group 70
no bridge-group 70 source-learning
bridge-group 70 spanning-disabled
interface FastEthernet0.80
encapsulation dot1Q 80
no ip route-cache
bridge-group 80
no bridge-group 80 source-learning
bridge-group 80 spanning-disabled
interface BVI1
ip address dhcp client-id FastEthernet0
no ip route-cache
ip http server
no ip http secure-server
ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag
bridge 1 route ip
line con 0
line vty 0 4
end

I am using a third party DHCP server which is our Windows Domain Controller. I have the ip helper-address set for the native vlan of the Access Point through a layer 3 distribution switch (a Catalyst 4506) that the current switch connects to.
I didn't see any event on the logs for the AP.
Let me know if I need to do something else.
Thanks.

AIR-CAP3501I access point not joining the Cisco 2100 Wireless Lan controller.

Hello All,
I am installing a new LAP (AIR-CAP3501I ) through the wireless lan controller (AIR-WLC2112-K9) with software version 7.0. I have an external ADSL modem which will act as the DHCP server for the wireless clients and the LAP.
Please find my network setup as below:
The ISP ADSL modem , WLC and LAP are connected to a unmanaged POE switch. The LAP gets its power through the POE switch. When i connect the LAP and the WLC to the switch along with the ADSL modem, the LAPs are getting the ip address from the ADSL modem, however they are not joining the WLC for further process.
ADSL Modem ip address: 192.168.1.254
Management ip address on the LAP: 192.168.1.1 ( Assigned to port 1, untagged Vlan).
Ap Manager ip address: 192.168.1.1 ( Assigned to the same port i.e port1, Untagged Vlan).
The LAP is getting an IP address from the ADSL modem in the range of the DHCP scope.
I will paste the logs very soon.
Please let me know if i am doing anything wrong oe what will be the issue.
Thanks in advance,
Mohammed Ameen

Hello All,
Please find the logs for "debug capwap event" from the WLC below:
*spamReceiveTask: Sep 26 19:44:59.196: e8:04:62:0a:3f:10 Join Version: = 117465600
*spamReceiveTask: Sep 26 19:44:59.197: e8:04:62:0a:3f:10 Join resp: CAPWAP Maximum Msg element len = 92
*spamReceiveTask: Sep 26 19:44:59.197: e8:04:62:0a:3f:10 Join Response sent to 192.168.1.156:45510
*spamReceiveTask: Sep 26 19:44:59.197: e8:04:62:0a:3f:10 CAPWAP State: Join
*spamReceiveTask: Sep 26 19:44:59.197: e8:04:62:0a:3f:10 capwap_ac_platform.c:1216 - Operation State 0 ===> 4
*apfReceiveTask: Sep 26 19:44:59.198: e8:04:62:0a:3f:10 Register LWAPP event for AP e8:04:62:0a:3f:10 slot 0
*spamReceiveTask: Sep 26 19:44:59.341: e8:04:62:0a:d1:20 DTLS connection not found, creating new connection for 192:168:1:158 (45644) 192:168:1:2 (5246)
*spamReceiveTask: Sep 26 19:45:00.119: e8:04:62:0a:d1:20 DTLS Session established server (192.168.1.2:5246), client (192.168.1.158:45644)
*spamReceiveTask: Sep 26 19:45:00.119: e8:04:62:0a:d1:20 Starting wait join timer for AP: 192.168.1.158:45644
*spamReceiveTask: Sep 26 19:45:00.121: e8:04:62:0a:d1:20 Join Request from 192.168.1.158:45644
*spamReceiveTask: Sep 26 19:45:00.123: e8:04:62:0a:d1:20 Join Version: = 117465600
*spamReceiveTask: Sep 26 19:45:00.123: e8:04:62:0a:d1:20 Join resp: CAPWAP Maximum Msg element len = 92
*spamReceiveTask: Sep 26 19:45:00.124: e8:04:62:0a:d1:20 Join Response sent to 192.168.1.158:45644
*spamReceiveTask: Sep 26 19:45:00.124: e8:04:62:0a:d1:20 CAPWAP State: Join
*spamReceiveTask: Sep 26 19:45:00.124: e8:04:62:0a:d1:20 capwap_ac_platform.c:1216 - Operation State 0 ===> 4
*apfReceiveTask: Sep 26 19:45:00.125: e8:04:62:0a:d1:20 Register LWAPP event for AP e8:04:62:0a:d1:20 slot 0
*spamReceiveTask: Sep 26 19:45:00.273: e8:04:62:0a:d1:20 Configuration Status from 192.168.1.158:45644
*spamReceiveTask: Sep 26 19:45:00.273: e8:04:62:0a:d1:20 CAPWAP State: Configure
*spamReceiveTask: Sep 26 19:45:00.273: Invalid channel 1 spacified for the AP APf866.f2ab.24b6, slotId = 0
*spamReceiveTask: Sep 26 19:45:00.274: e8:04:62:0a:d1:20 Updating IP info for AP e8:04:62:0a:d1:20 -- static 0, 192.168.1.158/255.255.255.0, gtw 192.168.1.254
*spamReceiveTask: Sep 26 19:45:00.274: e8:04:62:0a:d1:20 Updating IP 192.168.1.158 ===> 192.168.1.158 for AP e8:04:62:0a:d1:20
*spamReceiveTask: Sep 26 19:45:00.274: e8:04:62:0a:d1:20 Setting MTU to 1485
*spamReceiveTask: Sep 26 19:45:00.274: e8:04:62:0a:d1:20 Finding DTLS connection to delete for AP (192:168:1:158/45644)
*spamReceiveTask: Sep 26 19:45:00.274: e8:04:62:0a:d1:20 Disconnecting DTLS Capwap-Ctrl session 0xa06d6a4 for AP (192:168:1:158/45644)
*spamReceiveTask: Sep 26 19:45:00.274: e8:04:62:0a:d1:20 CAPWAP State: Dtls tear down
*spamReceiveTask: Sep 26 19:45:00.277: spamProcessGlobalPathMtuUpdate: Changing Global LRAD MTU to 576
*spamReceiveTask: Sep 26 19:45:00.277: e8:04:62:0a:d1:20 DTLS connection closed event receivedserver (192:168:1:2/5246) client 192:168:1:158/45644).
The Acess point joins the Controller for 2-3 seconds and then unjoins again. I am not sure what i am doing wrong here. The access points are getting the IPs from the ADSL modem through the switch, then it talks to the WLC, however it does not join the controller for further process.
Note:
The Managemnet interface and the AP manager interface are assigned to the same port 1 with unassigned Vlan as mention above.

Repeater Access Point 1240 works like WGB client

Hello, i have a problem. In my Network i have 5 Access Point. 4 Aironet 350 and 1 Aironet 1242. IOS for aironet 350 is12.2(13)JA1, E .
Ios for Aironet 1242 is 12.4(10b)JDA3.
Then .. I have an Access Point 350 configured as Access Point/root while all the other Access Point are configured as Repeater/non root.
My problem is that the Cisco Aironet 1242 is the last Access point in the chain, but not work fine.
all the Wifi client connected to Aironet 1242 not access to wired LAN.
I not ping all the Wifi client connected to Aironet 1242.
p.s.
My Aironet 1242 is seen in the association table of the its parent Access point like WGB_CLIENT.
any suggestion

Hi,
here is the link which mat help you!!
http://www.cisco.com/en/US/products/hw/wireless/ps430/products_configuration_example09186a00805b9b87.shtml
Regards
Surendra

CISCO Aironet access point - not able to connect by user.

Hi,
I have CISCO Aironet access point C1130 in my network , but not able to connect by users, I can see below logs from access point. please help on this.
Jun 13 17:50:10.686: RADIUS: no sg in radius-timers: ctx 0x10653F8 sg 0x0000
Jun 13 17:50:10.686: RADIUS: Retransmit to (20.33.100.11:1645,1646) for id 1645/247
Jun 13 17:50:15.678: RADIUS: no sg in radius-timers: ctx 0x10653F8 sg 0x0000
Jun 13 17:50:15.678: RADIUS: Retransmit to (20.33.100.11:1645,1646) for id 1645/247
Jun 13 17:50:20.544: RADIUS: no sg in radius-timers: ctx 0x10653F8 sg 0x0000
Jun 13 17:50:20.544: RADIUS: Retransmit to (20.33.100.11:1645,1646) for id 1645/247
Jun 13 17:50:24.832: RADIUS: no sg in radius-timers: ctx 0x10653F8 sg 0x0000
Jun 13 17:50:24.832: RADIUS: Retransmit to (20.33.100.11:1645,1646) for id 1645/247
Jun 13 17:50:29.741: RADIUS: no sg in radius-timers: ctx 0x10653F8 sg 0x0000
Jun 13 17:50:29.741: RADIUS: Fail-over denied to (20.33.100.11:1645,1646) for id 1645/247
Jun 13 17:50:29.741: RADIUS: No response from (20.33.100.11:1645,1646) for id 1645/247
Jun 13 17:50:29.741: RADIUS/DECODE: No response from radius-server; parse response; FAIL
Jun 13 17:50:29.741: RADIUS/DECODE: Case error(no response/ bad packet/ op decode);parse response; FAIL
Jun 13 17:50:29.741: dot11_auth_dot1x_parse_aaa_resp: Received server response: FAILOVER_RETRY
Jun 13 17:50:29.742: dot11_auth_dot1x_parse_aaa_resp: found eap pak in server response
Jun 13 17:50:29.742: Client 5864.6c67.3718 failed: EAP reason 0
Jun 13 17:50:29.742: dot11_auth_dot1x_parse_aaa_resp: Failed client 5894.6b37.3518 with aaa_req_status_detail 0
Jun 13 17:50:29.742: dot11_auth_dot1x_run_rfsm: Executing Action(SERVER_WAIT,SERVER_FAIL) for 5894.6b37.3518
Jun 13 17:50:29.742: dot11_auth_dot1x_send_response_to_client: Forwarding server message to client 5894.6b37.3518
Jun 13 17:50:29.742: dot11_auth_dot1x_send_response_to_client: Started timer client_timeout 30 seconds
Jun 13 17:50:29.743: dot11_auth_dot1x_send_client_fail: Authentication failed for 5894.6b37.3518
Jun 13 17:50:29.743: %DOT11-7-AUTH_FAILED: Station 5894.6b37.3518 Authentication failed
Regards,

Hi Niham,
You can try few things to troubleshoot this -
1. check the reachability of Radius server from your wlc (ping).
2. verify the IP address of Raduis server configured on wlc.
3. wlc in the Radius server ?
4. Shared Secret must be same on wlc and in raduis server.
Plz do not forget to rate useful post.
Thanks

Access point not online on controller

Hi,
I have been trying to get a 1262AP registered to wireless lan controller.
The core switch has three 2 vlans in it, management which is vlan 41 and AP interaction vlan which is vlan 51.
Controller also has both these vlans.
Vlan 41 - 192.168.40.x/23 ( management vlan)
Vlan 61 - 192.168.61.x/24 (AP vlan)
WLC management interface IP is 192.168.40.18
WLC AP interface IP is 192.168.6.241
Now , during the initial steps, the access points are attached to the switchports on vlan41, wherein they get the dhcp ip from the temporary pool created on the controller and get registered.
But, these access points in actual environment needs to be on static ip address. When it's ip is changed to a static IP address from the controller , it fails to register to the controller. the switchport is put on vlan6 as access port , after static ip is assigned to the access point.
The error i receive is ;
%CAPWAP-3-EVENTLOG: Could not resolve gateway. Not sending discovery request to 0.0.0.0, type 1
the core switch we are using in this new setup is a 2960 with a lanbase image. I realised the switch is not routing enabled. it doesn't accept the command "ip routing". Will this be creating a problem for the access points?
From the switch , the controller management and AP vlan IP address can be pinged. similarly, from the controller, AP and management vlan interface ip address of the switch can be pinged.
Please help.

Did you get it to work? The thing you have to understand is how the AP is able to join the WLC and the process the AP goes through to try to join. Here is a document that will help you understand the process and the various ways an AP can join or find the WLC. The easiest almost fool proof way is to place the ap in the same subnet as the management of the WLC. If the AP joins, then the AP will know of the ip of that WLC it joined or any in the mobility group if defined. Take a look at the doc as it explains it better than I can:)
http://www.cisco.com/en/US/tech/tk722/tk809/technologies_tech_note09186a00806c9e51.shtml
Thanks,
Scott
Help out other by using the rating system and marking answered questions as "Answered"

Access Points Not Pingable or Accesable LAPAC1750PRO

We have been having connectivity issues with two of these Access points serial numbers
Let me give you some Details about our environment first . We are in a very large Old 6 floor office building that is split by two sides East and West. They are separated by the building elevators and the Stairwell. We occupy the entire 6th floor and the east side of the second.
All the offices on the west side connect to a switch room on the west which has a fiber backbone to the east side. The second floor also connects via fiber backbone to the east side where our core switch is .
These two AP`s where located to the 6th floor west . They have been giving us trouble whereas they work for a short time and then they lose connectivity with the LAN and The wireless clients. If the AP`s are rebooted they will sometimes work for a few days and sometimes they will lose connectivity right away .
Strangely enough during troubleshooting we have discovered that when the AP`s are on the east side of the building they preform flawlessly . So your probably saying what is different between these two sides. We are having trouble determining this . right now we think it¹s something environmental . The AP`s respond the same way whether the POE connection is utilized or not . he is what we have done to try and isolate the issues
We have connected the AP directly to a laptop with a cross cable and powered up the AP in several parts of the West side . They are pingable and accessible always
We connected the AP directly to our switches ( we Have Poe and NON Poe ) we can ping the AP for 20 to 36 pings , sometimes 120 pings and then they are not responsive.
We have two back up networks that run from the west side to the east side . One is a spare fiber pair and the other is a CAT 6 Cable . This bypasses the switches by using a different pair of fiber back to the east side . Connecting the AP`s this way also results in no connectivity shortly after they are powered on . If we take the AP and move them physically to the east side and use the same back up connection to the west side they are responsive.
We have rebooted the switches on the west side of the building
We have reset the Ap back to the factory setting and only gave then An Ip address Subnet and DNS Info . They respond the same way when on the west side

Welcome to the many problems of the LAPAC1750. I finally gave up and went with Ubnt. Uptime is at 75 days now and would've been longer if not for a firmware update.
The LAPAC had good range and worked well when it worked, but it's unstable to be marketed right now. Hopefully Linksys issues a firmware update to fix everything.

Access Point not visible in UMS server for Application using UMS adapter

Email Driver Properties for email is configured in UMS and works fine which means its able to poll for any incoming Email from the Configured Account.
Now i am builiding a soa Composite application and and using UMS adapter to receive that incoming mail and process it further.
I have succesfully deployed that application in my soa server but it doesn't show any access point for that application.
I have followed oracle Documentation (section 11.2.3.3)
http://docs.oracle.com/cd/E28280_01/integration.1111/e10231/ums_adapter.htm
how to get that Access point configured for application ?
Please Help.
Thanks in Advance
Divyanshu

Thanks for the reply.
I had readded the access points after phone reset, so they are available under internet destination but none of the apps are able to see them.
I also saw 3-4 processes listed under panic tab in KillMe application, not sure if being inside panic tab means that the processes crashed, i hope it's not a hardware related problem.

Access point not work correctly

Hello everybody, I have a problem in my BlackBerry Passport. I can't turn on "access point" function,this function not work. Does this function work in the future OS updates?
P.S access point give your internet from the mobile network to your WiFi

Hotspot does work on all versions of BlackBerry 10 OS and all BB10 models. It is, however, controlled by your carrier. If it won't turn on you have one of several possible problems:
1) Your mobile data is off or not working.
2) You need to have Hotspot provisioned on your account by your carrier.

E71x gprs access point not shown in internet desti...

Hi All,
I am having problems with gprs in my e71x. It used to work fine earlier but now when on using the web browser it just shows wifi under the internet destinations.
I have gprs configured as an accesspoint inside internet destination and it worked great earlier but now for some reason it is no more visible to any apps.
I tried restoring the phone to factory settings, reformatted it and even reflashed the 3.78 firmware but couldn't fix the problem.
Help!
Thanks,
Smt96

Thanks for the reply.
I had readded the access points after phone reset, so they are available under internet destination but none of the apps are able to see them.
I also saw 3-4 processes listed under panic tab in KillMe application, not sure if being inside panic tab means that the processes crashed, i hope it's not a hardware related problem.

Access Points Not Passing DHCP to Clients

Similar Messages

Maybe you are looking for