DHCP with Cisco ap 1300

Similar Messages

• DHCP issues with Cisco WAP 321

  I have 4 Cisco WAP 321's in my office connected to our Cisco 2911 ISR for DHCP, everything is fine on the office wifi on vlan 1 but vlan 3 with the guest wifi network it fails to obtain an IP address. I have tried under each of the WAPs to make sure it wasnt just the one nearest my desk. I was on the phone yesterday with Cisco about this and we turned on debugging and watched the DHCP requests and no requests even hit the ISR (only thing I have smartnet support on). I noticed our firmware was a few versions old so updated that this morning but still have the same issues so now I am turning to you all to help me figure this out.
  Thanks
  Jake
  This topic first appeared in the Spiceworks Community

  I have 4 Cisco WAP 321's in my office connected to our Cisco 2911 ISR for DHCP, everything is fine on the office wifi on vlan 1 but vlan 3 with the guest wifi network it fails to obtain an IP address. I have tried under each of the WAPs to make sure it wasnt just the one nearest my desk. I was on the phone yesterday with Cisco about this and we turned on debugging and watched the DHCP requests and no requests even hit the ISR (only thing I have smartnet support on). I noticed our firmware was a few versions old so updated that this morning but still have the same issues so now I am turning to you all to help me figure this out.
  Thanks
  Jake
  This topic first appeared in the Spiceworks Community

• IPad and iPhone Intermittent WiFi with Cisco

  I have around 35 iPhones and iPads that are at best intermittent with our internal wireless network. I have been working with Cisco for two days and they are unable to resolve the issue. The WiFi works perfectly with our notebooks so it is definetly narrowed down to the Apple hardware needing a special configuration other than the ones we have tried.
  I am currently using a Cisco WLC2106 controller with 1142N access points. The dhcp is working. I can forget the network or turn off the WiFi and back on and get an assigned address. At first it took several minutes to populate but Cisco helped me resolve that first problem. The iPhones and iPads will get the private IP but will not allow it to go out on the Internet. I get a good association (WiFi indicator in top-left is full strength.) At times one iPad will connect and another will stop working. For example: yesterday I had my iPad, laptop, and iPhone while I was working with Cisco. All three were connected to the WiFi network with seperate IP's. The laptop never stopped working. My iPhone worked for a few minutes and then I left the office with my phone for about 20 miinutes. When I returned the iPad worked but my iPhone did not, even after making sure the iPhone reconnected and gave it more than 10 minutes and a reboot. I have configured 1 iPad1, 2 iPad2's, and four iPhone 4's. They are all intermittent and I have yet to figure out any formula for why one might work while the others stop. I have done resets on them, statically assigned ip's, and changed DNS settings. Again, the laptop never missed a beat while the iPads just come and go. The way I have been testing is through using a website in Safari on the iPad or iPhone to check the external IP to make sure it is our ISP and not using ATT 3G. I also check the App Store which also fails on WiFi. The WiFi works fine at home with my linksys router. I have tried changing the WiFi encryption from WPA2 to WEP and even disabled the security for testing. Even with no encryption the same result prevails. Maybe one out of five tries to connect works and it alternates between devices. If I didn't know any better I would think it was an IP conflict or a maximum connection limit somewhere.
  Here is the general config:
  Cisco based wireless using no encryption. I will eventaully need to go WPA2 but for troubleshooting I have tried it as open. I am not broadcasting SSID. I CAN connect to WiFi network and receive IP, Gateway, DNS, and Domain Name consistently. I CANNOT access the Internet consistently. This is a business network with Cisco Catalyst Switches, Routers, and Firewalls. Again, the laptops that connect using WiFi are working as intended,
  Does Apple have publicly accessible engineers for these situations? I have left the case open with Cisco in order to provide as much information as possible to Apple.
  Thanks for any suggestions.

  Internally I am not blocking any traffic. I have over 100 other Windows devices, cameras and printers on this single subnet. I'm not using any other Apple hardware at this time so I'm not sure what the Bonjour will do for me that TCP/IP can't do. I am also not using Bonjour at either of the homes I have done other testing on.
  One more tidbit. One of our goals is to use FaceTime between the iPads. I have successfully connected a few times between the devices but it's almost every time I connect two iPads to FaceTime they will not connect again. Without changing anything else on the WiFi or the Firewall I can come back the next day, reset the iPads, obtain Internet access and the FaceTime will work. Thanks gyrhead!

• Ask the Expert: ISE 1.2: Configuration and Deployment with Cisco expert Craig Hyps

  Welcome to the Cisco Support Community Ask the Expert conversation. This is an opportunity to learn and ask questions about how to deploy and configure Cisco Identity Services Engine (ISE) Version 1.2 and to understand the features and enhanced troubleshooting options available in this version, with Cisco expert Craig Hyps.
  October 27, 2014 through November 7, 2014.
  The Cisco Identity Services Engine (ISE) helps IT professionals meet enterprise mobility challenges and secure the evolving network across the entire attack continuum. Cisco ISE is a security policy management platform that identifies users and devices using RADIUS, 802.1X, MAB, and Web Authentication methods and automates secure access controls such as ACLs, VLAN assignment, and Security Group Tags (SGTs) to enforce role-based access to networks and network resources. Cisco ISE delivers superior user and device visibility through profiling, posture and mobile device management (MDM) compliance validation, and it shares vital contextual data with integrated ecosystem partner solutions using Cisco Platform Exchange Grid (pxGrid) technology to accelerate the identification, mitigation, and remediation of threats.
  Craig Hyps is a senior Technical Marketing Engineer for Cisco's Security Business Group with over 25 years networking and security experience. Craig is defining Cisco's next generation Identity Services Engine, ISE, and concurrently serves as the Product Owner for ISE Performance and Scale focused on the requirements of the largest ISE deployments.
  Previously Craig has held senior positions as a customer Consulting Engineer, Systems Engineer and product trainer.   He joined Cisco in 1997 and has extensive experience with Cisco's security portfolio.  Craig holds a Bachelor's degree from Dartmouth College and certifications that include CISSP, CCSP, and CCSI.
  Remember to use the rating system to let Craig know if you have received an adequate response.
  Because of the volume expected during this event, Ali might not be able to answer each question. Remember that you can continue the conversation on the Security community, sub-community shortly after the event. This event lasts through November 7, 2014. Visit this forum often to view responses to your questions and the questions of other community members.
  (Comments are now closed)

  1. Without more specifics it is hard to determine actual issue. It may be possible that if configured in same subnet that asymmetric traffic caused connections to fail. A key enhancement in ISE 1.3 is to make sure traffic received on a given interface is sent out same interface.
  2. Common use cases for using different interfaces include separation of management traffic from user traffic such as web portal access or to support dedicated profiling interfaces. For example, you may want employees to use a different interface for sponsor portal access. For profiling, you may want to use a specific interface for HTTP SPAN traffic or possibly configure IP Anycast to simplify reception and redundancy of DHCP IP Helper traffic. Another use case is simple NIC redundancy.
  a. Management traffic is restricted to eth0, but standalone node will also have PSN persona so above use cases can apply for interfaces eth1-eth3.
  b. For dedicated PAN / MnT nodes it usually does not make sense to configure multiple interfaces although ISE 1.3 does add support for SNMP on multiple interfaces if needed to separate out. It may also be possible to support NIC redundancy but I need to do some more testing to verify. 
  For PSNs, NIC redundancy for RADIUS as well as the other use cases for separate profiling and portal services apply.
  Regarding Supplicant Provisioning issue, the flows are the same whether wireless or wired. The same identity stores are supported as well. The key difference is that wireless users are directed to a specific auth method based on WLAN configuration and Cisco wired switches allow multiple auth methods to be supported on same port. 
  If RADIUS Proxy is required to forward requests to a foreign RADIUS server, then decision must be made based on basic RADIUS attributes or things like NDG. ISE does not terminate the authentication requests and that is handled by foreign server. ISE does support advanced relay functions such as attribute manipulation, but recommend review with requirements with local Cisco or partner security SE if trying to implement provisioning for users authenticated via proxy. Proxy is handled at Authentication Policy level. CWA and Guest Flow is handled in Authorization Policy.  If need to authenticate a CWA user via external RADIUS, then need to use RADIUS Token Server, not RADIUS Proxy.
  A typical flow for a wired user without 802.1X configured would be to hit default policy for CWA.  Based on successful CWA auth, CoA is triggered and user can then match a policy rule based on guest flow and CWA user identity (AD or non-AD) and returned an authorization for NSP.
  Regarding AD multi-domain support...
  Under ISE 1.2, if need to authenticate users across different forests or domains, then mutual trusts must exist, or you can use multiple LDAP server definitions if the EAP protocol supports LDAP. RADIUS Proxy is another option  to have some users authenticated to different AD domains via foreign RADIUS server.
  Under ISE 1.3, we have completely re-architected our AD connector and support multiple AD Forests and Domains with or without mutual trusts.
  When you mention the use of RADIUS proxy, it is not clear whether you are referring to ISE as the proxy or another RADIUS server proxying to ISE.  If you had multiple ISE deployments, then a separate RADIUS Server like ACS could proxy requests to different ISE 1.2 deployments, each with their own separate AD domain connection.  If ISE is the proxy, then you could have some requests being authenticated against locally joined AD domain while others are sent to a foreign RADIUS server which may have one or more AD domain connections.
  In summary, if the key requirement is ability to join multiple AD domains without mutual trust, then very likely ISE 1.3 is the solution.  Your configuration seems to be a bit involved and I do not want to provide design guidance on a paper napkin, so recommend consult with local ATP Security SE to review overall requirements, topology, AD structure, and RADIUS servers that require integration.
  Regards,
  Craig

• Cisco Aironet 1300 - Coverage area

  Hi,
  could you please tell me what is the max coverage area that supports on Cisco Aironet 1300 with integrated antenna (13 dbi).

  Check out the following URLs
  http://www.cisco.com/en/US/products/hw/wireless/ps458/products_tech_note09186a008009459b.shtml
  and
  http://www.cisco.com/en/US/products/ps5861/prod_brochure09186a0080230777.html

• Cisco CTS-1300

  Looking for direction: We have been asked to install and calibrate a Cisco CTS-1300. This brand new (never unboxed) CTS-1300 has been sitting on the client premise waiting to be installed since 2014. The present software version on the system is 1.8****. My problem is when I try to access the Troubleshooting > Hardware Setup > Displays, in order to set up the camera calibration. I get an on screen message that say's "The Cisco TelePresence system is updating-Depending on which components are being updated, this could take less than a minute or as much as 30 or more minutes. Troubleshooting is disabled until the updates complete. Please try again in a few minutes." Please note, the system is not connected to any network, it’s sitting as a standalone right now. We are using a laptop connected to the auxiliary data port on the CTS-1300 via a crossover cable. Please instruct me as to how I can get pass this message and continue on with calibrating the system. The customer’s idea was to have the system physically set up and camera calibration completed, so that when they ultimately connect their system to the CUCM all should be ready. Looking for some answers.
  Thank you,
  LW

  did you try to connect to the codec via the console port? did you do a tcpdump to see if the file is really transfered? did you try to receive the file from the tftp server and do a md5 checksum test to see if its the right one? You are sure that its the right software version, ....?
  If you have a service contract and you do not get an answer here, please consider to escalate the thread to Cisco TAC

• Cisco Aironet 1300 Series Power

  Can the 1310ap receive it's power from a POE switch?

  Hi Edward,
  Sadly the 1310 cannot be powered by PoE ,but, the Power Injector can be up to 100 meters away from the unit.
  Dual coaxial cable to run from the power injector to the 1300. See attached notes:
  Cisco Aironet 1300 Series
  Cisco Aironet 1300 Series Access Point/Bridge Power Injector
  The Cisco Aironet 1300 Series Outdoor Access Point/Bridge Power Injector,converts the standard 10/100 BaseT Ethernet interface that is suitable for weather protected areas to a dual F-Type connector interface for coax cables that are more suitable for harsh outdoor environments. The Power Injector also provides power to the outdoor unit over the same cables with a power discover feature and surge protection. To support longer cable runs from your wireless network switch or router, the Power Injector LR is designed to accommodate up to a 100 meter coaxial cable run plus 100 meters of indoor cat5 cable?enabling total cable runs up to 200 meters. The Cisco Aironet 1300 Series Outdoor Access Point/Bridge ships with the Power Injector LR2 and an AC power supply.
  From this link:
  http://www.cisco.com/en/US/products/ps5861/products_data_sheet09186a008022551d.html
  Cisco Aironet 1300 Series Outdoor Access Point/Bridge Hardware Installation Guide
  Ethernet Ports
  The access point/bridge dual-coax Ethernet ports consists of a pair of 75-ohm F-type connectors, linking the unit to your 100BASE-T Ethernet LAN through the power injector. The dual-coax cables are used to send and receive Ethernet data and to supply inline 48-VDC power from the power injector to the access point/bridge.
  Power
  The access point/bridge receives inline power from the Cisco Aironet Power Injector (hereafter called the power injector). Dual-coax cables are used to provide Ethernet data and power from the power injector to the access point/bridge. The power injector is an external unit designed for operation in a sheltered environment, such as inside a building or vehicle. The power injector also functions as an Ethernet repeater by connecting to a Category 5 LAN backbone and using the dual-coax cable interface to the access point/bridge.
  AIR-PWRINJ-BLR2
  F-Type Connectors
  Dual coaxial cable carries full-duplex Ethernet, DC power, and full-duplex console port (RS-232 connection)
  From this link:
  http://www.cisco.com/en/US/products/ps5861/products_data_sheet09186a00802252e1.html
  Hope this helps!
  Rob

• Time Capsule does not play nicely with Cisco Router

  Three days ago, I had an older Linksys router attached to our ISP's cable modem by ethernet; the network included a wireless time capsule and apple express base station set up by our son last year (who understands this stuff, but lives 2,000 miles distant).  The router died and I purchased a new Linksys router (E2500).  It is occupying the same spot as the old router, but running with no security settings as yet.  My wife's iMac and two Windows XP laptops work just fine on the network, as well as our NetFlix connection on our TV.  My MacPro, however, can not access the main network - it can see it but won't grab an IP address.  It will, however, see and connect to the router's guest account, although with reduced signal strength.  The Time Capsule is now connected to the MacPro by ethernet (if I make it wireless, it will back up fine, but I can't access Internet or send email on the guest account).  The AirPort Express is unplugged and not a factor.
  Yesterday, I spent most of the day on the phone with Cisco (who claimed AirPort Express will not work with their routers, which I know to be, um, less than accurate), and with Apple Support - who did not help (other than to set up a Genius Bar appointment this morning at the local Apple Store).  The Genius Bar turned out to be a disappointment as well - the MacPro with Time Capsule attached worked perfectly on the main network in the store, but at home, even with a test user account with Admin authority, as they suggested), no go.
  If I unpower Time Capsule, I loose Internet.  With Time Capsule plugged in, I can access my router's guest account -
  Aside from returning this router and starting fresh with a different brand router, any suggestions?
  Thanks for any guidance, suggestions, etc.

  My first reaction is to suggest you ring your son.. !!
  And I guess my second one, would be to remove the E2500, and connect the time capsule directly to the cable modem.. they are equivalent devices. The TC is an excellent wireless router and will work better as the primary router in your network. Turn off the cable modem so it can pick up the new device.. plug the TC directly to the cable modem then turn on both.
  Make sure the TC is working as router.. and you should be able to setup the wireless to connect all your computers etc.
  The E2500 can also be used as a WAP if you need more range. But be aware you have to make sure it uses a separate channel to the TC. Plug it in via ethernet to LAN port not WAN.. and turn off dhcp and set the IP to same IP range as the TC but make it outside the dhcp scope. So for example the TC is running 10.0.1.1 and then make the E2500 10.0.1.254
  The express cannot do WDS to the Linksys.. so what you were told is correct. It may be able to connect via ethernet but not as repeater. But you can do that with the TC now that it is the main router.

• Hi Team, I wuold like to know if you have any app to make Firefox OS working with cisco Call Manager 10.5. Something like Cisco Jabber for Android or iOS.

  I'm interesting on buying a Firefox Smart Phone, but
  I would like to know if are any app to install on Firefox OS smart phone in order to work with cisco call manager 10.5.
  Something like Cisco Jabber for Android o iOS.
  Thanks,

  Hi Itech,
  If Cisco Jabber has a webapp, or mobile version of their website available, you should technically be able to access it through Firefox OS.
  You may also search Firefox Marketplace for an alternative solution:
  * [https://marketplace.firefox.com/]
  - Ralph

• Issue with cisco acs 4.2.Users unable to login aaa client but after restarting group policy able to login

  issue with cisco acs 4.2.Users unable to login aaa client but after restarting group policy able to login

  issue with cisco acs 4.2.Users unable to login aaa client but after restarting group policy able to login

• Directory Caching issue with Cisco Jabber client for Windows

  Hi ,
  I am facing cache issue with Cisco Jabber client for Windows. If I do any change related to modification or deletion of contacts in Active Directory/ Callmanager, it does not reflect in the Jabber. Because jabber takes the contacts from the locally stored cache file in the Windows system.
  Every time I have to remove the cache file to overcome this issue, practically it's not possible to do the same with all the Widows users. As, if any employee leaves the company and still I can see his contact appears in the "Cisco Jabber client". I have not seen this issue with Android/Apple iOS.
  Is there any automated way to remove the cache file? 
  Here is the detail of CUCM,Presence and Jabber.
  CUCM version: 9.1.x
  Presence          : 9.1.X
  Jabber              : 10.5 and 10.6

  Hello
  On our environment we had to install a dedicated Microsoft Certificate Authority "just for Cisco Jabber usage" to house the
  Network Device Enrollment Service.
  Our certificate for the CUPS were generated on this Certification Authority too.
  I discussed this certificate matter with my colleagues this afternoon and nobody seems to remember how these certificates were deployed into the
  Enterprise Trust store for the users.
  But I think they asked all 400 users to accept the 3 certificates by answering "yes" to the popup instead of using a script deployed by GPO...
  I wish you success with that deployment and really hope you have a technical partner that *Knows* this subject.
  Our partner left us alone with that unfortunately.
  Florent
  EDIT: If the "Certutil script method" works, please let me know. This could be useful in our own deployment.

• Azure multiple site-to-site VPNs (dynamic gateway) with Cisco ASA devices

  Hello
  I've been experimenting with moving certain on-premise servers to Azure however they would need a site-to-site VPN link to our many branch sites e.g. monitoring of nodes.
  The documentation says I need to configure a dynamic gateway to have multiple site-to-site VPNs. This is not a problem for our typical Cisco ISR's. However three of our key sites use Cisco ASA devices which are listed as 'Not Compatible' with dynamic routing.
  So I am stuck...
  What options are available to me? Is there any sort of tweak-configuration to make a Cisco ASA work with Azure and dynamic routing?
  I was hoping Azure's VPN solution would be very flexible.
  Thanks

  Hello RTF_Admin,
  1. Which is the Series of CISCO ASA device you are using?
  Thank you for your interest in Windows Azure. The Dynamic routing is not supported for the Cisco ASA family of devices.
  Unfortunately, a dynamic routing VPN gateway is required for Multi-Site VPN, VNet to VNet, and Point-to-Site.
  However, you should be able to setup a site-to-site VPN with Cisco ASA 5505 series security appliance as demonstrated in this blog:
  Step-By-Step: Create a Site-to-Site VPN between your network and Azure
  http://blogs.technet.com/b/canitpro/archive/2013/10/09/step-by-step-create-a-site-to-site-vpn-between-your-network-and-azure.aspx
  You can refer to this article for Cisco ASA templates for Static routing:
  http://msdn.microsoft.com/en-us/library/azure/dn133793.aspx
  If your requirement is only for Multi-Site VPN then there is no option but to upgrade the device as Multisite VPN requires dyanmic routing and unfortunately there is no tweak or workaround due to hardware compatibility issue.
  I hope that this information is helpful
  Thanks,
  Syed Irfan Hussain

• Azure Site to Site VPN with Cisco ASA 5505

  I have got Cisco ASA 5505 device (version 9.0(2)). And i cannot connect S2S with azure (azure network alway in "connecting" state). In my cisco log:
  IP = 104.40.182.93, Keep-alives configured on but peer does not support keep-alives (type = None)
  Group = 104.40.182.93, IP = 104.40.182.93, QM FSM error (P2 struct &0xcaaa2a38, mess id 0x1)!
  Group = 104.40.182.93, IP = 104.40.182.93, Removing peer from correlator table failed, no match!
  Group = 104.40.182.93, IP = 104.40.182.93,Overriding Initiator's IPSec rekeying duration from 102400000 to 4608000 Kbs
  Group = 104.40.182.93, IP = 104.40.182.93, PHASE 1 COMPLETED
  I have done all cisco s2s congiguration over standard wizard cos seems your script for 8.x version of asa only?
  (Does azure support 9.x version of asa?)
  How can i fix it?

  Hi,
  As of now, we do not have any scripts for Cisco ASA 9x series.
  Thank you for your interest in Windows Azure. The Dynamic routing is not supported for the Cisco ASA family of devices.
  Unfortunately, a dynamic routing VPN gateway is required for Multi-Site VPN, VNet to VNet, and Point-to-Site.
  However, you should be able to setup a site-to-site VPN with Cisco ASA 5505 series security appliance as
  demonstrated in this blog:
  Step-By-Step: Create a Site-to-Site VPN between your network and Azure
  http://blogs.technet.com/b/canitpro/archive/2013/10/09/step-by-step-create-a-site-to-site-vpn-between-your-network-and-azure.aspx
  You can refer to this article for Cisco ASA templates for Static routing:
  http://msdn.microsoft.com/en-us/library/azure/dn133793.aspx
  Did you download the VPN configuration file from the dashboard and copy the content of the configuration
  file to the Command Line Interface of the Cisco ASDM application? It seems that there is no specified IP address in the access list part and maybe that is why the states message appeared.
  According to the
  Cisco ASA template, it should be similar to this:
  access-list <RP_AccessList>
  extended permit ip object-group
  <RP_OnPremiseNetwork> object-group <RP_AzureNetwork>
  nat (inside,outside) source static <RP_OnPremiseNetwork>
  <RP_OnPremiseNetwork> destination static <RP_AzureNetwork>
  <RP_AzureNetwork>
  Based on my experience, to establish
  IPSEC tunnel, you need to allow the ESP protocol and UDP Port 500. Please make sure that the
  VPN device cannot be located behind a NAT. Besides, since Cisco ASA templates are not
  compatible for dynamic routing, please make sure that you chose the static routing.
  Since you configure the VPN device yourself, it's important that you would be familiar with the device and its configuration settings.
  Hope this helps you.
  Girish Prajwal

• I'm hooked up to the ethernet using DHCP with manual address. It's running (green) but my internet (Safari, messenger, email) doesn't work! Help!

  I'm running an iMac with Mountain Lion. Not only do we do accounting work on this computer with AccountEdge, but the computer functions as a server to another computer in a different state.
  Anyway, I set a static IP address (Using DHCP with manual address) on it (to allow for a VPN to the computer in the different state) and it is connected (green dot) - meaning that the other computer in the different state can connect to us via that ethernet line - but for some reason Safari, Messanger, and Apple Email won't work.
  But if I switch a dynamic IP (DHCP auto), I can use the internet (Safari, messanger, email), but the computer in the different state can't connect to this computer.
  How can I fix this so that the computer in the different state can connect to this computer and that the internet (Safari, messanger, and email) can work at the same time?
  Much thanks!

  No but if they are using a VPN Tunnel for the connection that restricts all internet traffic over the tunnel. Which means you can't use that same computer to broswe the internet or connect to other computers or devices on your LAN.
  I'd need to see the actual setup, router and the IP addresses you are using.
  Networking and remote networking is fairly easy when you are in front of the systems you are working on. Doing it over the internet on a forum is almost impossible. Tha is why I suggested you get local help, like the person that originally set it up.

• Adaptiva Software Distribution not working with Cisco APs in Local Mode

  A worldwide customer would like to use a new Software distribution system called Adaptiva to replace SCCM within Windows environment. As far as I understand, Adaptiva is designed to work like a snowball system. A single PC at a remote side can be "infected" with new Software and will distribute the package to other PCs within the same IP-subnet, saving WAN bandwidth.
  First tests are showing that it is working well with Cisco WLAN solution as long as we are using Flexconnect WLAN APs.
  Customer locations with Local WLAN AP design create problems for this new software distribution method.
  The WLAN-PCs can be reached from outside, but the establishment of the Client/Server-model between the WLAN Clients is not working. The Port used by this software for communication between clients in each WLAN subnet is UDP Port 34329.
  Our WLCs are running at  7.4.130.0. The problem is appearing independently of AP Multicast settings or Broadcast Forwarding.  Enabling Broadcast forwarding without Reboot did not improve the situation.
  Global Multicast Mode and IGMP Snooping are also of no influence.
  P2P Blocking Action is "Disabled" within the WLAN setup.
  Who has any idea what might cause this communication problem between WLAN clients in Local Mode of APs ?
  Thank You for answers
  Wini

  I can think of two solutions. You could 1: turn the "auto-lock" to never, so that your phone never sleeps. Or, you could 2: jailbreak your iPhone and install "insomnia". I wish we had the Cisco Mobile app. I usually use wifi/insomnia and turn data off at work since we have wireless pretty much everywhere...
  Sent from Cisco Technical Support iPad App