WRT54GX2 Wireless Security Enabled DHCP blocked for wireless clients

Hey gang,
My subject says it all.  Yesterday  I updated my WRT54GX2 version 1's firmware to the latest and greatest.I first reset the box, and rebooted. I updated the firmware. On the first attempt I picked the wrong image file. The machine halted and told me bad image. I then found and installed the correct image. I then added an Admin password, and entered a new SSID. I left the DHCP settings at the default. I then set wireless security at WPA Personl/WPA2 with TKIP&AES.
I found the wired client could obtain an IP address and to connect to the internet. The wireless clients could connect, but could not obtain an IP address.
I left the wireless security settings off.
Any suggestions?

The wireless security settings are correct. The wireless clients "CONNECT" to the WRT54GX2. The clients stall on obtaining an IP address via DHCP. Fixing the clients with static IP addresses also does not work.
I repeat: The wireless clients successfully connect to the WRT54GX2. The WPA/WPA2 & TKIP/AES settings are correct. The clients cannot receive a dynamic IP address.
On Friday I will reset the box for 30+ seconds. I doubt this will have any effect. I reset it on Tuesday twice on Tuesday, and still have the problem.
Any help appreciated.
-WJ

Similar Messages

  • Enable anonymous access for Javascript Client Object Model

    In SharePoint 2010 it was possible to use the Javascript Client Object Model with anonymous access enabled by removing "GetItems" from the ClientCallableSettings.AnonymousRestrictedTypes.
    In SharePoint 2013 however, it seems that an extra security barrier has been implemented. Trying to use the Javascript Client Object Model results in the following message: "Access denied. You do not have permission to perform this action or access this
    resource."
    After this I went on to do a little research, and it appears that Javascript Client Object Model actually relies on the REST API (please correct me if I'm mistaken), and the REST API also doesn't seem to work as an anonymous user.
    So I'm in the dark here. I can't imagine that SharePoint 2013 (so heavily relying on the client object model) can't be used with anonymous access. I've also found very little documentation on anonymous access in combination with SharePoint 2013.
    So, how do I enable the Javascript Client Object Model to be used with anonymous access enabled?
    P.S. Needless to say, my web application is enabled for anonymous access and so is my site collection.

    There are really 4 things you need to do to enable anonymous access:
    1. In web application level, enable anonymous.
    2. In site collection level, make sure anonymous access Entire Website.
    3. In Web level, set Full Permission Masks, till here, you're able to anonymously access REST APIs.
    # Enable Anonymous access
    $web = Get-SPWeb $url
    if($web -ne $null)
        Write-Host
        Write-Host -ForegroundColor Yellow "Enabling Anonymous access on:" $web.Url
        Write-Host
        $web.AnonymousState = "On"
        Write-Host -ForegroundColor Yellow "AnonymousState set to:" $web.AnonymousState
        $web.AnonymousPermMask64 = "FullMask"
        Write-Host -ForegroundColor Yellow "AnonymousPermMask64 set to:" $web.AnonymousPermMask64
        $web.Update()
        Write-Host
    Below are the things to enable anonymous client object model APIs:
    4. In web application level, Require Use Remote Interfaces Permission - uncheck it.
    5. In web application level, Anonymous Restricted Types, remove all of them:
    $app.ClientCallableSettings.AnonymousRestrictedTypes.RemoveAll()

  • Enabling Spotlight search for server clients?

    I have a mac mini server running OSX Mavericks, and 6 client mac also running Mavericks.
    The server provides access to the main storage raid for our design dept, and all the designers need to be able to search for files on this server, but Spotlight never seems to work when trying to search the server.
    No of us are It types, so the few possible solutions i have found seem to be aimed at advanced unix programmers, and as a result assume that a single line of code is enough of a hint for us to sort out the problem!
    Pleae can someone explain how i can set up the server to index the raid, and allow the users to perform searches?
    thanks
    adam

    It used to be that you could manually enable and disable spotlight indexing for network shares on a  Mac server. With Server.app and therefore your Macvericks server this is automatically enabled. The process would be along the following lines.
    You have a drive which has permissions enabled, external drives may default to having this turned off you can if needed enable it by doing a 'Get Info' on the external drive, and at the bottom will be an option 'Ignore ownership on this volume' this needs to be turned off i.e. unticked.
    You then tell Server.app to 'share' the volume or a folder within the volume.
    Server.app will automatically enable both AFP and SMB sharing for this new share, you can modify this if you wish.
    Server.app will also automatically add an ACL (Access Control List) record containing the special server account 'Spotlight' so it can access every single file and folder within the share, this lets the server spotlight indexing software be able to access and therefore index all those files.
    Client Macs can then search the share, it should only return results of files that that user has permission to access.
    There is nothing really to configure. I have seen problems where the server will periodically decide to re-index the share again and while it is doing this searching does not work because the server is busy rebuilding the index. You can tell if this is happening by clicking on the Spotlight menu on the server, if it says it is re-indexing then this is what is happening.

  • OS X DHCP problem for Windows client

    I have DHCP server running on my mac OS X Mountain Lion and all my user client (they all are using macbook) are able to access the network by IP address given by this DHCP.
    Unfortunatly, any Windows 7 or Windows client can't get DHCP. Appreciate a help.
    Thanks

    Since you are asking about Snow Leopard Server, you might have better luck of getting an answer if you ask it over in the Snow Leopard Server Forum .
    Allan

  • Finding DHCP addresses for LAN connected devices

    i am suffering from information overwhelm!
    can anyone tell me how I can find out the DHCP assigned addresses for devices that are connected to my airport extreme via wired connections to the lan?
    i have a voip box connected to the base station and i need to know it's 10.0.1.x address so that i can work with the voip company to check why that box is currently having problems.
    tia for any and all help!
    iMac G5 (PowerPC) & MacBook   Mac OS X (10.4.8)  

    You should be able to choose Logs and Statistics from
    the Base station menu and then choose the DHCP
    clients tab. That will show you all of the DHCP
    leases currently in use.
    It appears that there is a problem displaying DHCP information for wired clients.
    I discovered that if you disable the wireless (I'm only running wired clients), the Logs and Statistics tab only shows "Logs". The other tabs are not even displayed.
    When I turn the Wireless back on, the other tabs re-appear but are empty (no entries). This appears to be a bug that will hopefully be corrected in the next update
    PowerMac G5   Mac OS X (10.4.8)  
    PowerMac G5   Mac OS X (10.4.8)  

  • Enable Kerberos Authentication for OWA only

    Hi guys,
    Having a customer that asked me if we can enable Kerberos Authentication for OWA only?
    When reading various blogposts (official and unofficial sources) it seems that this is done for the whole CASArray which means every vdir right? Is this so and shall we instead aim for using kerberos for both MAPI/Outlook Anywhere and OWA?
    Found this for MAPI clients: http://blogs.technet.com/b/exchange/archive/2011/04/15/recommendation-enabling-kerberos-authentication-for-mapi-clients.aspx
    This seems to be more complicated?

    Hi Fredrik,
    Base on my search , I found an article which may give you some hints:
    OWA publishing using Kerberos Constrained Delegation method for authentication delegation
    This article is to show case how you would configure kerberos constrained delegation method for authentication delegation .We would use the OWA publishing post as reference.
    Best regards,
    Niko Cheng
    TechNet Community Support

  • Can router dhcp different addresses to different vlans for wireless clients

    is it possible for the router to hand out different ip's to wireless clients on different vlans?

    Yes, the router needs to have a dhcp pool on each subnet and have an "interface Vlan x" for each vlan. It will then assign ips to clients in different vlans.
    One vlan per SSID.

  • Wireless clients don't receive IP addresses (DHCP)

    Hello,
    I have a 3502i ap and a WLC 5508, software version 8.0.100.0, currently under configuration.  After following configuration guides and trying to get clients to function on the wireless network, I came to a roadblock with the client being recognized by the controller but not receiving an IP address.  I get a "Acquiring network address" whenever I try to connect on the client laptop and it doesn't move from there.  The WLC does recognize the client's MAC address, but the IP reads 0.0.0.0.
    On the WLAN, I don't have Layer 2 or Layer 3 security turned on.  I have clients for the Interface/Interfaces Group(G).  I do not have the DHCP Override radio button turned on because it's to my understanding it is for internal DHCP, which is disabled.  As for the Controller, the interface named "clients" is on a seperate vlan than the management and APs.  The primary and secondary DHCP servers on this interface are the client vlan's IP and the helper address on the vlan (the helper address points to a GUI accessible Infoblox, which has a scope of available IPs).  DHCP proxy is disabled and so is option 82.  I have no form of IPv6 turned on that I could check for.  I'm not sure if it's hurting, but the same DHCP parameters are set for the management interface; it's just the interface itself is set for a different subnet.
    I tried to search through this forum for the answer, but it seems each situation is unique and with different variables involved.  Or at least I'm interpeting them differently.

    David,
    In the above response to Steven Rodriguez, I posted the >show interface results.  Pasted below here are the debug results:
    *DHCP Socket Task: Dec 15 14:32:59.747: 00:0e:35:0a:0c:35 DHCP successfully bridged packet to DS
    *emWeb: Dec 16 13:56:51.818:  Configuring IPv6 ACL for WLAN:2, aclName passed is NULL
    *apfMsConnTask_7: Dec 16 13:57:04.257: 00:0e:35:0a:0c:35 Processing assoc-req station:00:0e:35:0a:0c:35 AP:70:10:5c:b0:b3:20-00 thread:150e50c0
    *apfMsConnTask_7: Dec 16 13:57:04.258: 00:0e:35:0a:0c:35 Adding mobile on LWAPP AP 70:10:5c:b0:b3:20(0)
    *apfMsConnTask_7: Dec 16 13:57:04.258: 00:0e:35:0a:0c:35 Association received from mobile on BSSID 70:10:5c:b0:b3:21 AP 1622_1st
    *apfMsConnTask_7: Dec 16 13:57:04.258: 00:0e:35:0a:0c:35 Global 200 Clients are allowed to AP radio
    *apfMsConnTask_7: Dec 16 13:57:04.258: 00:0e:35:0a:0c:35 Max Client Trap Threshold: 0  cur: 0
    *apfMsConnTask_7: Dec 16 13:57:04.258: 00:0e:35:0a:0c:35 Rf profile 600 Clients are allowed to AP wlan
    *apfMsConnTask_7: Dec 16 13:57:04.258: 00:0e:35:0a:0c:35 override for default ap group, marking intgrp NULL
    *apfMsConnTask_7: Dec 16 13:57:04.258: 00:0e:35:0a:0c:35 Applying Interface policy on Mobile, role Unassociated. Ms NAC State 0 Quarantine Vlan 0 Access Vlan 0
    *apfMsConnTask_7: Dec 16 13:57:04.258: 00:0e:35:0a:0c:35 Re-applying interface policy for client
    *apfMsConnTask_7: Dec 16 13:57:04.258: 00:0e:35:0a:0c:35 0.0.0.0 START (0) Changing IPv4 ACL 'none' (ACL ID 255) ===> 'none' (ACL ID 255) --- (caller apf_policy.c:2385)
    *apfMsConnTask_7: Dec 16 13:57:04.258: 00:0e:35:0a:0c:35 0.0.0.0 START (0) Changing IPv6 ACL 'none' (ACL ID 255) ===> 'none' (ACL ID 255) --- (caller apf_policy.c:2406)
    *apfMsConnTask_7: Dec 16 13:57:04.258: 00:0e:35:0a:0c:35 apfApplyWlanPolicy: Apply WLAN Policy over PMIPv6 Client Mobility Type
    *apfMsConnTask_7: Dec 16 13:57:04.258: 00:0e:35:0a:0c:35 In processSsidIE:5680 setting Central switched to TRUE
    *apfMsConnTask_7: Dec 16 13:57:04.258: 00:0e:35:0a:0c:35 In processSsidIE:5683 apVapId = 2 and Split Acl Id = 65535
    *apfMsConnTask_7: Dec 16 13:57:04.258: 00:0e:35:0a:0c:35 Applying site-specific Local Bridging override for station 00:0e:35:0a:0c:35 - vapId 2, site 'default-group', interface 'clients'
    *apfMsConnTask_7: Dec 16 13:57:04.258: 00:0e:35:0a:0c:35 Applying Local Bridging Interface Policy for station 00:0e:35:0a:0c:35 - vlan 13, interface id 12, interface 'clients'
    *apfMsConnTask_7: Dec 16 13:57:04.258: 00:0e:35:0a:0c:35 processSsidIE  statusCode is 0 and status is 0
    *apfMsConnTask_7: Dec 16 13:57:04.258: 00:0e:35:0a:0c:35 processSsidIE  ssid_done_flag is 0 finish_flag is 0
    *apfMsConnTask_7: Dec 16 13:57:04.258: 00:0e:35:0a:0c:35 STA - rates (8): 130 132 139 12 18 150 24 36 0 0 0 0 0 0 0 0
    *apfMsConnTask_7: Dec 16 13:57:04.258: 00:0e:35:0a:0c:35 suppRates  statusCode is 0 and gotSuppRatesElement is 1
    *apfMsConnTask_7: Dec 16 13:57:04.258: 00:0e:35:0a:0c:35 STA - rates (12): 130 132 139 12 18 150 24 36 48 72 96 108 0 0 0 0
    *apfMsConnTask_7: Dec 16 13:57:04.259: 00:0e:35:0a:0c:35 extSuppRates  statusCode is 0 and gotExtSuppRatesElement is 1
    *apfMsConnTask_7: Dec 16 13:57:04.259: 00:0e:35:0a:0c:35 0.0.0.0 START (0) Initializing policy
    *apfMsConnTask_7: Dec 16 13:57:04.259: 00:0e:35:0a:0c:35 0.0.0.0 START (0) Change state to AUTHCHECK (2) last state START (0)
    *apfMsConnTask_7: Dec 16 13:57:04.259: 00:0e:35:0a:0c:35 0.0.0.0 AUTHCHECK (2) Change state to L2AUTHCOMPLETE (4) last state AUTHCHECK (2)
    *apfMsConnTask_7: Dec 16 13:57:04.259: 00:0e:35:0a:0c:35 Not Using WMM Compliance code qosCap 00
    *apfMsConnTask_7: Dec 16 13:57:04.259: 00:0e:35:0a:0c:35 Sending 11w Flag 0 for Client 00:0E:35:0A:0C:35
    *apfMsConnTask_7: Dec 16 13:57:04.259: 00:0e:35:0a:0c:35 0.0.0.0 L2AUTHCOMPLETE (4) Plumbed mobile LWAPP rule on AP 70:10:5c:b0:b3:20 vapId 2 apVapId 2 flex-acl-name:
    *apfMsConnTask_7: Dec 16 13:57:04.259: 00:0e:35:0a:0c:35 0.0.0.0 L2AUTHCOMPLETE (4) Change state to DHCP_REQD (7) last state L2AUTHCOMPLETE (4)
    *apfMsConnTask_7: Dec 16 13:57:04.259: 00:0e:35:0a:0c:35 apfMsAssoStateInc
    *apfMsConnTask_7: Dec 16 13:57:04.259: 00:0e:35:0a:0c:35 apfMsOpenStateInc
    *apfMsConnTask_7: Dec 16 13:57:04.259: 00:0e:35:0a:0c:35 apfPemAddUser2 (apf_policy.c:352) Changing state for mobile 00:0e:35:0a:0c:35 on AP 70:10:5c:b0:b3:20 from Idle to Associated
    *apfMsConnTask_7: Dec 16 13:57:04.259: 00:0e:35:0a:0c:35 apfPemAddUser2:session timeout forstation 00:0e:35:0a:0c:35 - Session Tout 1800, apfMsTimeOut '1800' and sessionTimerRunning flag is  0
    *apfMsConnTask_7: Dec 16 13:57:04.259: 00:0e:35:0a:0c:35 Scheduling deletion of Mobile Station:  (callerId: 49) in 1800 seconds
    *apfMsConnTask_7: Dec 16 13:57:04.259: 00:0e:35:0a:0c:35 Func: apfPemAddUser2, Ms Timeout = 1800, Session Timeout = 1800
    *apfMsConnTask_7: Dec 16 13:57:04.259: 00:0e:35:0a:0c:35 Sending assoc-resp with status 0 station:00:0e:35:0a:0c:35 AP:70:10:5c:b0:b3:20-00 on apVapId 2
    *apfMsConnTask_7: Dec 16 13:57:04.259: 00:0e:35:0a:0c:35 Sending Assoc Response to station on BSSID 70:10:5c:b0:b3:21 (status 0) ApVapId 2 Slot 0
    *apfMsConnTask_7: Dec 16 13:57:04.259: 00:0e:35:0a:0c:35 apfProcessAssocReq (apf_80211.c:9452) Changing state for mobile 00:0e:35:0a:0c:35 on AP 70:10:5c:b0:b3:20 from Associated to Associated
    *apfMsConnTask_7: Dec 16 13:57:04.259: 00:0e:35:0a:0c:35 Mobility query, PEM State: DHCP_REQD
    *apfMsConnTask_7: Dec 16 13:57:04.259: 00:0e:35:0a:0c:35 Building Mobile Announce :
    *apfMsConnTask_7: Dec 16 13:57:04.260: 00:0e:35:0a:0c:35   Building Client Payload:
    *apfMsConnTask_7: Dec 16 13:57:04.260: 00:0e:35:0a:0c:35     Client Ip: 0.0.0.0
    *apfMsConnTask_7: Dec 16 13:57:04.260: 00:0e:35:0a:0c:35     Client Vlan Ip: 10.10.3.254 Vlan mask : 255.255.255.0
    *apfMsConnTask_7: Dec 16 13:57:04.260: 00:0e:35:0a:0c:35     Client Vap Security: 0
    *apfMsConnTask_7: Dec 16 13:57:04.260: 00:0e:35:0a:0c:35     Virtual Ip: 1.1.1.1
    *apfMsConnTask_7: Dec 16 13:57:04.260: 00:0e:35:0a:0c:35     ssid: Diddly
    *apfMsConnTask_7: Dec 16 13:57:04.260: 00:0e:35:0a:0c:35   Building VlanIpPayload.
    *apfReceiveTask: Dec 16 13:57:04.260: 00:0e:35:0a:0c:35 0.0.0.0 DHCP_REQD (7) mobility role update request from Unassociated to Local
      Peer = 0.0.0.0, Old Anchor = 0.0.0.0, New Anchor = 10.10.6.128
    *apfReceiveTask: Dec 16 13:57:04.260: 00:0e:35:0a:0c:35 0.0.0.0 DHCP_REQD (7) State Update from Mobility-Incomplete to Mobility-Complete, mobility role=Local, client state=APF_MS_STATE_ASSOCIATED
    *apfReceiveTask: Dec 16 13:57:04.260: 00:0e:35:0a:0c:35 0.0.0.0 DHCP_REQD (7) pemAdvanceState2 6102, Adding TMP rule
    *apfReceiveTask: Dec 16 13:57:04.260: 00:0e:35:0a:0c:35 0.0.0.0 DHCP_REQD (7) Adding Fast Path rule
      type = Airespace AP - Learn IP address
      on AP 70:10:5c:b0:b3:20, slot 0, interface = 1, QOS = 0
      IPv4 ACL ID = 255, IPv
    *apfReceiveTask: Dec 16 13:57:04.260: 00:0e:35:0a:0c:35 0.0.0.0 DHCP_REQD (7) Fast Path rule (contd...) 802.1P = 0, DSCP = 0, TokenID = 15206, IntfId = 12  Local Bridging Vlan = 13, Local Bridging intf id = 12
    *apfReceiveTask: Dec 16 13:57:04.260: 00:0e:35:0a:0c:35 0.0.0.0 DHCP_REQD (7) Fast Path rule (contd...) AVC Ratelimit:  AppID = 0 ,AppAction = 0, AppToken = 15206  AverageRate = 0, BurstRate = 0
    *apfReceiveTask: Dec 16 13:57:04.260: 00:0e:35:0a:0c:35 0.0.0.0 DHCP_REQD (7) Fast Path rule (contd...) AVC Ratelimit:  AppID = 0 ,AppAction = 0, AppToken = 15206  AverageRate = 0, BurstRate = 0
    *apfReceiveTask: Dec 16 13:57:04.260: 00:0e:35:0a:0c:35 0.0.0.0 DHCP_REQD (7) Fast Path rule (contd...) AVC Ratelimit:  AppID = 0 ,AppAction = 0, AppToken = 15206  AverageRate = 0, BurstRate = 0
    *apfReceiveTask: Dec 16 13:57:04.260: 00:0e:35:0a:0c:35 0.0.0.0 DHCP_REQD (7) Successfully plumbed mobile rule (IPv4 ACL ID 255, IPv6 ACL ID 255, L2 ACL ID 255)
    *pemReceiveTask: Dec 16 13:57:04.261: 00:0e:35:0a:0c:35 0.0.0.0 Added NPU entry of type 9, dtlFlags 0x0
    *pemReceiveTask: Dec 16 13:57:04.261: 00:0e:35:0a:0c:35 Sent an XID frame
    *apfMsConnTask_7: Dec 16 13:57:04.264: 00:0e:35:0a:0c:35 Processing assoc-req station:00:0e:35:0a:0c:35 AP:70:10:5c:b0:b3:20-00 thread:150e50c0
    *apfMsConnTask_7: Dec 16 13:57:04.318: 00:0e:35:0a:0c:35 Processing assoc-req station:00:0e:35:0a:0c:35 AP:70:10:5c:b0:b3:20-00 thread:150e50c0
    *apfMsConnTask_7: Dec 16 13:57:04.318: 00:0e:35:0a:0c:35 Association received from mobile on BSSID 70:10:5c:b0:b3:21 AP 1622_1st
    *apfMsConnTask_7: Dec 16 13:57:04.318: 00:0e:35:0a:0c:35 Global 200 Clients are allowed to AP radio
    *apfMsConnTask_7: Dec 16 13:57:04.318: 00:0e:35:0a:0c:35 Max Client Trap Threshold: 0  cur: 1
    *apfMsConnTask_7: Dec 16 13:57:04.318: 00:0e:35:0a:0c:35 Rf profile 600 Clients are allowed to AP wlan
    *apfMsConnTask_7: Dec 16 13:57:04.318: 00:0e:35:0a:0c:35 override for default ap group, marking intgrp NULL
    *apfMsConnTask_7: Dec 16 13:57:04.318: 00:0e:35:0a:0c:35 Applying Interface policy on Mobile, role Local. Ms NAC State 2 Quarantine Vlan 0 Access Vlan 13
    *apfMsConnTask_7: Dec 16 13:57:04.318: 00:0e:35:0a:0c:35 Re-applying interface policy for client
    *apfMsConnTask_7: Dec 16 13:57:04.318: 00:0e:35:0a:0c:35 0.0.0.0 DHCP_REQD (7) Changing IPv4 ACL 'none' (ACL ID 255) ===> 'none' (ACL ID 255) --- (caller apf_policy.c:2385)
    *apfMsConnTask_7: Dec 16 13:57:04.318: 00:0e:35:0a:0c:35 0.0.0.0 DHCP_REQD (7) Changing IPv6 ACL 'none' (ACL ID 255) ===> 'none' (ACL ID 255) --- (caller apf_policy.c:2406)
    *apfMsConnTask_7: Dec 16 13:57:04.318: 00:0e:35:0a:0c:35 apfApplyWlanPolicy: Apply WLAN Policy over PMIPv6 Client Mobility Type
    *apfMsConnTask_7: Dec 16 13:57:04.318: 00:0e:35:0a:0c:35 In processSsidIE:5680 setting Central switched to TRUE
    *apfMsConnTask_7: Dec 16 13:57:04.318: 00:0e:35:0a:0c:35 In processSsidIE:5683 apVapId = 2 and Split Acl Id = 65535
    *apfMsConnTask_7: Dec 16 13:57:04.318: 00:0e:35:0a:0c:35 Applying site-specific Local Bridging override for station 00:0e:35:0a:0c:35 - vapId 2, site 'default-group', interface 'clients'
    *apfMsConnTask_7: Dec 16 13:57:04.319: 00:0e:35:0a:0c:35 Applying Local Bridging Interface Policy for station 00:0e:35:0a:0c:35 - vlan 13, interface id 12, interface 'clients'
    *apfMsConnTask_7: Dec 16 13:57:04.319: 00:0e:35:0a:0c:35 processSsidIE  statusCode is 0 and status is 0
    *apfMsConnTask_7: Dec 16 13:57:04.319: 00:0e:35:0a:0c:35 processSsidIE  ssid_done_flag is 0 finish_flag is 0
    *apfMsConnTask_7: Dec 16 13:57:04.319: 00:0e:35:0a:0c:35 STA - rates (8): 130 132 139 12 18 150 24 36 48 72 96 108 0 0 0 0
    *apfMsConnTask_7: Dec 16 13:57:04.319: 00:0e:35:0a:0c:35 suppRates  statusCode is 0 and gotSuppRatesElement is 1
    *apfMsConnTask_7: Dec 16 13:57:04.319: 00:0e:35:0a:0c:35 STA - rates (12): 130 132 139 12 18 150 24 36 48 72 96 108 0 0 0 0
    *apfMsConnTask_7: Dec 16 13:57:04.319: 00:0e:35:0a:0c:35 extSuppRates  statusCode is 0 and gotExtSuppRatesElement is 1
    *apfMsConnTask_7: Dec 16 13:57:04.319: 00:0e:35:0a:0c:35 apfMs1xStateDec
    *apfMsConnTask_7: Dec 16 13:57:04.319: 00:0e:35:0a:0c:35 0.0.0.0 DHCP_REQD (7) Change state to START (0) last state DHCP_REQD (7)
    *apfMsConnTask_7: Dec 16 13:57:04.319: 00:0e:35:0a:0c:35 pemApfAddMobileStation2: APF_MS_PEM_WAIT_L2_AUTH_COMPLETE = 0.
    *apfMsConnTask_7: Dec 16 13:57:04.319: 00:0e:35:0a:0c:35 0.0.0.0 START (0) Initializing policy
    *apfMsConnTask_7: Dec 16 13:57:04.319: 00:0e:35:0a:0c:35 0.0.0.0 START (0) Change state to AUTHCHECK (2) last state START (0)
    *apfMsConnTask_7: Dec 16 13:57:04.319: 00:0e:35:0a:0c:35 0.0.0.0 AUTHCHECK (2) Change state to L2AUTHCOMPLETE (4) last state AUTHCHECK (2)
    *apfMsConnTask_7: Dec 16 13:57:04.319: 00:0e:35:0a:0c:35 Not Using WMM Compliance code qosCap 00
    *apfMsConnTask_7: Dec 16 13:57:04.319: 00:0e:35:0a:0c:35 Sending 11w Flag 0 for Client 00:0E:35:0A:0C:35
    *apfMsConnTask_7: Dec 16 13:57:04.319: 00:0e:35:0a:0c:35 0.0.0.0 L2AUTHCOMPLETE (4) Plumbed mobile LWAPP rule on AP 70:10:5c:b0:b3:20 vapId 2 apVapId 2 flex-acl-name:
    *apfMsConnTask_7: Dec 16 13:57:04.319: 00:0e:35:0a:0c:35 0.0.0.0 L2AUTHCOMPLETE (4) Change state to DHCP_REQD (7) last state L2AUTHCOMPLETE (4)
    *apfMsConnTask_7: Dec 16 13:57:04.319: 00:0e:35:0a:0c:35 0.0.0.0 DHCP_REQD (7) pemApfAddMobileStation2 3735, Adding TMP rule
    *apfMsConnTask_7: Dec 16 13:57:04.319: 00:0e:35:0a:0c:35 0.0.0.0 DHCP_REQD (7) Adding Fast Path rule
      type = Airespace AP - Learn IP address
      on AP 70:10:5c:b0:b3:20, slot 0, interface = 1, QOS = 0
      IPv4 ACL ID = 255, IPv
    *apfMsConnTask_7: Dec 16 13:57:04.319: 00:0e:35:0a:0c:35 0.0.0.0 DHCP_REQD (7) Fast Path rule (contd...) 802.1P = 0, DSCP = 0, TokenID = 15206, IntfId = 12  Local Bridging Vlan = 13, Local Bridging intf id = 12
    *apfMsConnTask_7: Dec 16 13:57:04.319: 00:0e:35:0a:0c:35 0.0.0.0 DHCP_REQD (7) Fast Path rule (contd...) AVC Ratelimit:  AppID = 0 ,AppAction = 0, AppToken = 15206  AverageRate = 0, BurstRate = 0
    *apfMsConnTask_7: Dec 16 13:57:04.319: 00:0e:35:0a:0c:35 0.0.0.0 DHCP_REQD (7) Fast Path rule (contd...) AVC Ratelimit:  AppID = 0 ,AppAction = 0, AppToken = 15206  AverageRate = 0, BurstRate = 0
    *apfMsConnTask_7: Dec 16 13:57:04.320: 00:0e:35:0a:0c:35 0.0.0.0 DHCP_REQD (7) Fast Path rule (contd...) AVC Ratelimit:  AppID = 0 ,AppAction = 0, AppToken = 15206  AverageRate = 0, BurstRate = 0
    *apfMsConnTask_7: Dec 16 13:57:04.320: 00:0e:35:0a:0c:35 0.0.0.0 DHCP_REQD (7) Successfully plumbed mobile rule (IPv4 ACL ID 255, IPv6 ACL ID 255, L2 ACL ID 255)
    *apfMsConnTask_7: Dec 16 13:57:04.320: 00:0e:35:0a:0c:35 0.0.0.0 DHCP_REQD (7) pemApfAddMobileStation2 3923, Adding TMP rule
    *apfMsConnTask_7: Dec 16 13:57:04.320: 00:0e:35:0a:0c:35 0.0.0.0 DHCP_REQD (7) Replacing Fast Path rule
      type = Airespace AP - Learn IP address
      on AP 70:10:5c:b0:b3:20, slot 0, interface = 1, QOS = 0
      IPv4 ACL ID = 255,
    *apfMsConnTask_7: Dec 16 13:57:04.320: 00:0e:35:0a:0c:35 0.0.0.0 DHCP_REQD (7) Fast Path rule (contd...) 802.1P = 0, DSCP = 0, TokenID = 15206, IntfId = 12  Local Bridging Vlan = 13, Local Bridging intf id = 12
    *apfMsConnTask_7: Dec 16 13:57:04.320: 00:0e:35:0a:0c:35 0.0.0.0 DHCP_REQD (7) Fast Path rule (contd...) AVC Ratelimit:  AppID = 0 ,AppAction = 0, AppToken = 15206  AverageRate = 0, BurstRate = 0
    *apfMsConnTask_7: Dec 16 13:57:04.320: 00:0e:35:0a:0c:35 0.0.0.0 DHCP_REQD (7) Fast Path rule (contd...) AVC Ratelimit:  AppID = 0 ,AppAction = 0, AppToken = 15206  AverageRate = 0, BurstRate = 0
    *apfMsConnTask_7: Dec 16 13:57:04.320: 00:0e:35:0a:0c:35 0.0.0.0 DHCP_REQD (7) Fast Path rule (contd...) AVC Ratelimit:  AppID = 0 ,AppAction = 0, AppToken = 15206  AverageRate = 0, BurstRate = 0
    *apfMsConnTask_7: Dec 16 13:57:04.320: 00:0e:35:0a:0c:35 0.0.0.0 DHCP_REQD (7) Successfully plumbed mobile rule (IPv4 ACL ID 255, IPv6 ACL ID 255, L2 ACL ID 255)
    *apfMsConnTask_7: Dec 16 13:57:04.320: 00:0e:35:0a:0c:35 apfPemAddUser2 (apf_policy.c:352) Changing state for mobile 00:0e:35:0a:0c:35 on AP 70:10:5c:b0:b3:20 from Associated to Associated
    *apfMsConnTask_7: Dec 16 13:57:04.320: 00:0e:35:0a:0c:35 apfPemAddUser2:session timeout forstation 00:0e:35:0a:0c:35 - Session Tout 1800, apfMsTimeOut '1800' and sessionTimerRunning flag is  0
    *apfMsConnTask_7: Dec 16 13:57:04.320: 00:0e:35:0a:0c:35 Scheduling deletion of Mobile Station:  (callerId: 49) in 1800 seconds
    *apfMsConnTask_7: Dec 16 13:57:04.320: 00:0e:35:0a:0c:35 Func: apfPemAddUser2, Ms Timeout = 1800, Session Timeout = 1800
    *pemReceiveTask: Dec 16 13:57:04.320: 00:0e:35:0a:0c:35 0.0.0.0 Removed NPU entry.
    *apfMsConnTask_7: Dec 16 13:57:04.320: 00:0e:35:0a:0c:35 Sending assoc-resp with status 0 station:00:0e:35:0a:0c:35 AP:70:10:5c:b0:b3:20-00 on apVapId 2
    *apfMsConnTask_7: Dec 16 13:57:04.320: 00:0e:35:0a:0c:35 Sending Assoc Response to station on BSSID 70:10:5c:b0:b3:21 (status 0) ApVapId 2 Slot 0
    *apfMsConnTask_7: Dec 16 13:57:04.320: 00:0e:35:0a:0c:35 apfProcessAssocReq (apf_80211.c:9452) Changing state for mobile 00:0e:35:0a:0c:35 on AP 70:10:5c:b0:b3:20 from Associated to Associated
    *pemReceiveTask: Dec 16 13:57:04.321: 00:0e:35:0a:0c:35 0.0.0.0 Added NPU entry of type 9, dtlFlags 0x0
    *pemReceiveTask: Dec 16 13:57:04.321: 00:0e:35:0a:0c:35 0.0.0.0 Added NPU entry of type 9, dtlFlags 0x0
    *DHCP Socket Task: Dec 16 13:57:07.372: 00:0e:35:0a:0c:35 DHCP received op BOOTREQUEST (1) (len 312,vlan 16, port 1, encap 0xec03)
    *DHCP Socket Task: Dec 16 13:57:07.372: 00:0e:35:0a:0c:35 DHCP (encap type 0xec03) mstype 0ff:ff:ff:ff:ff:ff
    *DHCP Socket Task: Dec 16 13:57:07.372: 00:0e:35:0a:0c:35 DHCP processing DHCP DISCOVER (1)
    *DHCP Socket Task: Dec 16 13:57:07.372: 00:0e:35:0a:0c:35 DHCP   op: BOOTREQUEST, htype: Ethernet, hlen: 6, hops: 0
    *DHCP Socket Task: Dec 16 13:57:07.372: 00:0e:35:0a:0c:35 DHCP   xid: 0xd8947c74 (3633609844), secs: 0, flags: 0
    *DHCP Socket Task: Dec 16 13:57:07.372: 00:0e:35:0a:0c:35 DHCP   chaddr: 00:0e:35:0a:0c:35
    *DHCP Socket Task: Dec 16 13:57:07.372: 00:0e:35:0a:0c:35 DHCP   ciaddr: 0.0.0.0,  yiaddr: 0.0.0.0
    *DHCP Socket Task: Dec 16 13:57:07.372: 00:0e:35:0a:0c:35 DHCP   siaddr: 0.0.0.0,  giaddr: 0.0.0.0
    *DHCP Socket Task: Dec 16 13:57:07.372: 00:0e:35:0a:0c:35 DHCP   requested ip: 169.254.99.106
    *DHCP Socket Task: Dec 16 13:57:07.372: 00:0e:35:0a:0c:35 DHCP Opt82 bridge mode insertion enabled, inserts opt82 if opt82 is enabled vlan=13, datalen =18, optlen=68
    *DHCP Socket Task: Dec 16 13:57:07.372: 00:0e:35:0a:0c:35 DHCP successfully bridged packet to DS
    *DHCP Socket Task: Dec 16 13:57:11.375: 00:0e:35:0a:0c:35 DHCP received op BOOTREQUEST (1) (len 312,vlan 16, port 1, encap 0xec03)
    *DHCP Socket Task: Dec 16 13:57:11.375: 00:0e:35:0a:0c:35 DHCP (encap type 0xec03) mstype 0ff:ff:ff:ff:ff:ff
    *DHCP Socket Task: Dec 16 13:57:11.375: 00:0e:35:0a:0c:35 DHCP processing DHCP DISCOVER (1)
    *DHCP Socket Task: Dec 16 13:57:11.375: 00:0e:35:0a:0c:35 DHCP   op: BOOTREQUEST, htype: Ethernet, hlen: 6, hops: 0
    *DHCP Socket Task: Dec 16 13:57:11.375: 00:0e:35:0a:0c:35 DHCP   xid: 0xd8947c74 (3633609844), secs: 1024, flags: 0
    *DHCP Socket Task: Dec 16 13:57:11.375: 00:0e:35:0a:0c:35 DHCP   chaddr: 00:0e:35:0a:0c:35
    *DHCP Socket Task: Dec 16 13:57:11.375: 00:0e:35:0a:0c:35 DHCP   ciaddr: 0.0.0.0,  yiaddr: 0.0.0.0
    *DHCP Socket Task: Dec 16 13:57:11.375: 00:0e:35:0a:0c:35 DHCP   siaddr: 0.0.0.0,  giaddr: 0.0.0.0
    *DHCP Socket Task: Dec 16 13:57:11.375: 00:0e:35:0a:0c:35 DHCP   requested ip: 169.254.99.106
    *DHCP Socket Task: Dec 16 13:57:11.375: 00:0e:35:0a:0c:35 DHCP Opt82 bridge mode insertion enabled, inserts opt82 if opt82 is enabled vlan=13, datalen =18, optlen=68
    *DHCP Socket Task: Dec 16 13:57:11.375: 00:0e:35:0a:0c:35 DHCP successfully bridged packet to DS
    *DHCP Socket Task: Dec 16 13:57:20.378: 00:0e:35:0a:0c:35 DHCP received op BOOTREQUEST (1) (len 312,vlan 16, port 1, encap 0xec03)
    *DHCP Socket Task: Dec 16 13:57:20.379: 00:0e:35:0a:0c:35 DHCP (encap type 0xec03) mstype 0ff:ff:ff:ff:ff:ff
    *DHCP Socket Task: Dec 16 13:57:20.379: 00:0e:35:0a:0c:35 DHCP processing DHCP DISCOVER (1)
    *DHCP Socket Task: Dec 16 13:57:20.379: 00:0e:35:0a:0c:35 DHCP   op: BOOTREQUEST, htype: Ethernet, hlen: 6, hops: 0
    *DHCP Socket Task: Dec 16 13:57:20.379: 00:0e:35:0a:0c:35 DHCP   xid: 0xd8947c74 (3633609844), secs: 3328, flags: 0
    *DHCP Socket Task: Dec 16 13:57:20.379: 00:0e:35:0a:0c:35 DHCP   chaddr: 00:0e:35:0a:0c:35
    *DHCP Socket Task: Dec 16 13:57:20.379: 00:0e:35:0a:0c:35 DHCP   ciaddr: 0.0.0.0,  yiaddr: 0.0.0.0
    *DHCP Socket Task: Dec 16 13:57:20.379: 00:0e:35:0a:0c:35 DHCP   siaddr: 0.0.0.0,  giaddr: 0.0.0.0
    *DHCP Socket Task: Dec 16 13:57:20.379: 00:0e:35:0a:0c:35 DHCP   requested ip: 169.254.99.106
    *DHCP Socket Task: Dec 16 13:57:20.379: 00:0e:35:0a:0c:35 DHCP Opt82 bridge mode insertion enabled, inserts opt82 if opt82 is enabled vlan=13, datalen =18, optlen=68
    *DHCP Socket Task: Dec 16 13:57:20.379: 00:0e:35:0a:0c:35 DHCP successfully bridged packet to DS
    *DHCP Socket Task: Dec 16 13:57:20.379: 00:0e:35:0a:0c:35 Interface Group was NULL.Number of DHCP Discovery 3 from client
    *DHCP Socket Task: Dec 16 13:57:36.382: 00:0e:35:0a:0c:35 DHCP received op BOOTREQUEST (1) (len 312,vlan 16, port 1, encap 0xec03)
    *DHCP Socket Task: Dec 16 13:57:36.383: 00:0e:35:0a:0c:35 DHCP (encap type 0xec03) mstype 0ff:ff:ff:ff:ff:ff
    *DHCP Socket Task: Dec 16 13:57:36.383: 00:0e:35:0a:0c:35 DHCP processing DHCP DISCOVER (1)
    *DHCP Socket Task: Dec 16 13:57:36.383: 00:0e:35:0a:0c:35 DHCP   op: BOOTREQUEST, htype: Ethernet, hlen: 6, hops: 0
    *DHCP Socket Task: Dec 16 13:57:36.383: 00:0e:35:0a:0c:35 DHCP   xid: 0xd8947c74 (3633609844), secs: 7424, flags: 0
    *DHCP Socket Task: Dec 16 13:57:36.383: 00:0e:35:0a:0c:35 DHCP   chaddr: 00:0e:35:0a:0c:35
    *DHCP Socket Task: Dec 16 13:57:36.383: 00:0e:35:0a:0c:35 DHCP   ciaddr: 0.0.0.0,  yiaddr: 0.0.0.0
    *DHCP Socket Task: Dec 16 13:57:36.383: 00:0e:35:0a:0c:35 DHCP   siaddr: 0.0.0.0,  giaddr: 0.0.0.0
    *DHCP Socket Task: Dec 16 13:57:36.383: 00:0e:35:0a:0c:35 DHCP   requested ip: 169.254.99.106
    *DHCP Socket Task: Dec 16 13:57:36.383: 00:0e:35:0a:0c:35 DHCP Opt82 bridge mode insertion enabled, inserts opt82 if opt82 is enabled vlan=13, datalen =18, optlen=68

  • Wireless 3850 and Web-Auth for Wireless clients

    Hi
    I can't get the web-auth feature to work properly on the Catalyst 3850 for wireless clients.
    Internet is all tested and there is full IP connectivity.
    Issue is when I enable the webauth feature on the SSID. Incidentally when I enable the SSID to use consent it works.
    I am using local authentication for the guest users.
    When user logs onto the wireless, they get to the landing page, and are able to enter the credentials then there is a 30 second pause. The client detail says WEBAUTH_PEND and then a pop up window comes back as seen below
    Config below
    interface Vlan302
    description **** Wireless Guest ****
    ip address 10.145.224.161 255.255.255.224
    ip helper-address 10.144.214.134
    ip helper-address 172.17.2.56
    ip http server
    ip http secure server
    ip dhcp snooping
    wlan XXXXX 2 XXXXXX
    aaa-override
    accounting-list default
    client vlan 302
    ip flow monitor wireless-avc-basic input
    ip flow monitor wireless-avc-basic output
    no security wpa
    no security wpa akm dot1x
    no security wpa wpa2
    no security wpa wpa2 ciphers aes
    security dot1x authentication-list WEB_AUTH
    security ft
    security web-auth
    security web-auth authentication-list WEB_AUTH
    security web-auth parameter-map vit_web
    no shutdown
    parameter-map type webauth vit_web
    type webauth
    security web-auth parameter-map vit_web
    user-name Guest1
    creation-time 1390837878
    privilege 15
    password 7 022D0156060F1B351D
    type network-user description Temp-Guest-User guest-user lifetime year 0 month 1 day 0 hour 0 minute 0 second 0
    user-name Guest2
    creation-time 1390838016
    privilege 15
    password 7 0724244143000D1145
    type network-user description Temp-Guest-User guest-user lifetime year 0 month 1 day 0 hour 0 minute 0 second 0
    aaa new-model
    aaa authentication login WEB_AUTH local
    aaa authorization network WEB_AUTH local

    Hey Greg,
    Did you also define the global webauth parameter? I think I had to do this to get my 5760 "working" or as working as these new controllers can be.
    parameter-map type webauth global
    type webauth
    virtual-ip ipv4 x.x.x.x wlc.whatever.org
    max-http-conns 50
    Also I had to enable http server in addition to secure server
    ip http server
    ip http secure-server
    Are you using a self signed cert?
    I saw windows clients take a long time to load the page when using a self signed cert.
    MAC clients dont seem to work if you use the IOS or OSX based logon. You'll need to disable the auto logon and launch a browser for the redirect. There was a bug ID around this MAC problem which was supposedly resolved in 3.3.1SE  but I still have the problem.
    -Kyle

  • Airport Express as wireless client for Linksys WRT54G (v2)

    Hi gang. I've been trying without success for some time to get my new AX configured as a wireless client on my existing network. Here's the particulars:
    Linksys WRT54G (version 2, latest firmware), 802.11 b/g, channel 6. MAC filtering is enabled, and the AX's MAC address has been added to the persmissions table. WPA shared key security is enabled. AX is latest firmware, 6.3.
    I can access the AX no problem by connecting it via ethernet/cat-5 cable to my router. I see it in the list of connected devices on the Linksys admin page, its IP address, etc. I can configure it, no problem. Except that every time I configure it, it reboots and never joins the wireless network, no matter what I seem to do.
    Here's my normal procedure:
    - Access AirPort Admin Utility
    - Select the AX from the first screen, then click Configure. Up comes the configuration screen.
    - Click on Airport tab.
    - I change Wireless Mode to "Join an Existing Wireless Network (Wireless Client)" and enter my network SSID in the Network Name box.
    - I then click the Wireless Security button, then select "WPA2 Personal", then click "Set Pre-Shared Key" and enter my WPA key, exactly as it appears in the Linksys wireless security page. I save the configuration and the AX reboots.
    After that, I wait for half a minute, then the flashing amber (problem/no connectivity) light returns.
    I'm completely frustrated with this thing. I've searched some other postings in these forums and on the net and tried some of it but it doesn't work for me. My wireless or network setup is pretty standard stuff, so I don't get why this thing won't join the network. I don't have these problems with any other devices.
    Any help is greatly appreciated!!
    Scott

    I am experiencing the exact same problem here... I can set up a new network to this device, but cannot set it up as a client on my existing linksys network. I believe I have followed the procedure precisely yet no dice. The iTunes plays on the new network albeit on a weak signal which cuts out periodically. My thought was to put it on the linksys router with a stronger wireless signal...

  • Initial configuration of ACS 5.1 for EAP authentication for Wireless clients

    Hi,
    I have set-up with below devices :
    Wireless LAN controller 5508
    LAP 3302i
    and ACS 5.1
    since i am new in ACS 5.1 configuration , I need so information to go ahead to configure ACS 5.1.
    which EAP method to use for wireless client authentication ? what is the best practice ?
    I have gone through some cisco documents and it shows that best practice is to configure PEAP but for the same , I need to install certificate in ACS server as well in client PC. is that so ?
    I have no clear picture for this certificate ?
    from where i can get this certificate or do i need to purchase this certificate separately from cisco. how to install it in ACS server ?
    I will be obliged to get atleast initial configuration for ACS 5.1 to enable the EAP method,
    I need GUI based initial configuration for ACS 5.1
    This mentioned ACS 5.1 is installed on ACS 1121 hardware appliance.

    Hi,
    which EAP method to use for wireless client authentication ? what is the best practice ?
    -> I would advise the most widely spread EAP method, which has the best ratio security/easy to deploy: PEAP with MSCHAPv2, which is available by default by all windows machines.
    I  have gone through some cisco documents and it shows that best practice  is to configure PEAP but for the same , I need to install certificate in  ACS server as well in client PC. is that so ?
    -> You will always need to install a server certificate, however, there is no need for client certificate because the authentication is based on the MSCHAP credentials exchange, not certificate based. The only requirement on the client regarding certificates is the following.
    If you want to validate the server certificate, you have to install the server certificate under the trusted CAs of the clients.
    If you do not require to trust the server certificate, you can simply disable the option of server certificate validation.
    I have no clear picture for this certificate ?
    from  where i can get this certificate or do i need to purchase this  certificate separately from cisco. how to install it in ACS server ?
    -> The server certificate can be a simple self signed certificate that you generate and install on the ACS GUI.
    Please feel free to follow this step-by-step guide on
    PEAP under Unified Wireless Networks with ACS 5.1 and Windows 2003 Server:
    http://www.cisco.com/en/US/partner/products/ps10315/products_configuration_example09186a0080b4cdb9.shtml or in pdf
    http://www.cisco.com/image/gif/paws/112175/acs51-peap-deployment-00.pdf.
    HTH,
    Tiago
    If  this helps you and/or answers your question please mark the question as  "answered" and/or rate it, so other users can easily find it.

  • Can I use ASA to be a DHCP Server use in WLC wireless Client

    I want to use ASA to be a DHCP Server for Wireless Client not it can't.
    I check the debug log in WLC, I confirm the WLC have send the request to ASA.
    In the ASA, it don't have any hits in the rule when the WLC send the DHCP relay request.
    I have try don't use dhcp relay in WLC but don't success. Anybody have the same case with me? And Is the ASA can't support DHCP relay agent to request to get the IP Addr.
    P.S. In the Network Design limitation so I can't use WLC to be DHCP Server.
    Equipment:
    ASA5510
    WLC4402
    How can I fix it.
    Thank you very much

    The issue is that the ASA doesn't accept DHCP requests from a relay agent, only broadcast DHCP requests. In the 4.2 version for the controllers there is now an option so you can change the way the controller forwards DHCP requests so that it is sent as a broadcast and not from a relay agent.

  • Trying to get a WRT54GX2 wireless router working with a W...

    Trying to get a WRT54GX2 wireless router working with a WPC54G wireless card. The laptop and desktop both will access the Internet and work when hardwired through the router's Ethernet ports. When trying to access wireless, the Laptop shows to be connected to the router and also to Internet, but Internet Explorer can not access any websites.  Suggestions? Thanks.

    what ip address does the laptop get ?? ensure that the laptop is not set for a static ip add....and it gets an ip add from the router ..

  • Bridge does not work for wireless clients - connecting to existing network.

    Hi - I really hope somebody can help out here, after hours of trial & error, I have finally given up
    I need to connect my Airport Extreme Base Station to my existing network. I have a linksys router (192.168.15.1) connected to my modem and this linksys router acts as DHCP server too.
    I suppose I have to use "bridge mode" for that to work. But should the linksys be connected to the AEBS using the AEBS's WAN or LAN port?
    If I use "bridge mode", then wired computers to the AEBS works fine - getting an IP from the linksys etc. BUT, the wireless clients will have a self-assigned IP and not get through to the internet. It's like the AEBS will not allow wireless clients to "get through" unless AEBS itself is handing out IP addresses.
    Page 36 of this manual ( http://manuals.info.apple.com/en/DesigningAirPort_Networks10.5-Windows.pdf ) shows the setup I want. But in the picture, it says "Ethernet WAN port" but the text says: "The Apple wireless device (in this example, a Time Capsule) uses your Ethernet network to communicate with the Internet through the Ethernet LAN port ( <--> )." I don't know which one to use, WAN or LAN - they show WAN but say LAN?
    When I set it up as "share an IP address", the AEBS status tells me "double nat" and to change from "shared IP" to "bridge mode". I do that, and everything seems fine - for the wired clients. Now the wireless clients cannot connect, Airport on the MacBook Pro just say "Connection failed" and the MacBook says "Invalid password" (translated from danish), even though I set the Airport Utlity to save the password in keyring, so it should be correct... If I disable wireless encryption, the wireless clients will connect but get a self-assigned IP, and therefor not work (cannot get online)...
    It seems the only way I can get wireless to work, is if I set AEBS up as DHCP, but then it won't be on the "same network" as the linksys (192.168.15.1), but rather on 10.0.x.x as I select. If I select 192.168.x.x within AEBS, I'm also getting some error messages, conflict/subnet thing.
    Anyway - I really hope somebody knows how to get wireless clients to get an IP address from existing ethernet when connected to the AEBS.
    Thanks!!

    I've given up and had to go back to running "Double NAT" which also reports as a "problem" within the AEBS, but I just "ignore" it so the light will always be green.
    It still ***** though, as "Double NAT" is also a reason for "Back to my Mac" not working properly, but how the ** am I supposed to avoid Double NAT when the wireless will not work in bridged mode?!

  • Wireless Clients getting DHCP IP from other WLAN

    Hi,
    My client has a wireless setup consisting of a WLC 2112 and about 7 1131AG LWAPPs. There are two SSIDs, say CORP(mapped to VLAN 900) and GUEST(mapped to VLAN 901). Wireless clients get IP through DHCP. DHCP IP is configured in the Dynamic interface.
    The problem is sometimes (not always), clients connecting to SSID CORP get a DHCP IP assigned for GUEST VLAN(VLAN 901).
    Since it is happening randomly, clueless as to what is causing the problem.
    Any inputs?
    Regards
    Gnan.
    P.S Just to add though this could be irrelevant, only after making VLAN ID of the admin interface and AP Manager interface as '0', the APs could talk to the WLC and i was able to http to the WLC from the LAN.(WLC Mgmt, AP Mgmt IPs and AP Manager interface are in same VLAN).

    It sounds like the client may be connecting to the guest WLAN first, then connecting to the Corp WLAN.
    As to the VLAN setting.  0 in the WLC means untagged.  If your switchport has the switchport trunk native valn < x > command you would need to be untagged.  Otherwise the switch would get a packet tagged with the native vlan, and then drop the traffic.
    ***if your management is in VLAN 1, the above is true with out the native setting, as VLAN 1 is native by default
    HTH,
    Steve
    Please remember to rate helpful posts or to mark the question as answered so that it can be found later.

Maybe you are looking for