+ Reply to Thread
Results 1 to 11 of 11
  1. Cantankerous Old Fart hermeszdata's Avatar
    Join Date
    Jan 2010
    Location
    Colorado
    Posts
    225

    Certifications
    CCNA, CCNA:Voice (Ent) AdTran ATSA Internetworking
    #1

    Default Client DHCP issues with WLC4136 Controller

    Well, I managed to get my WLC4136 WLAN controller up and running ... somewhat!

    For the past couple of days I have been banging my head on the desk trying to figure this out but have not gotten any where. I am able to configure the WLC via telnet/ssh and via the GUI. APs register without issues and I am able to configure those. Wired clients are able to access local devices and the internet. Wireless Clients connect to the AP(s) but do not obtain a DHCP address!

    Current topology includes:
    c2911 Router
    c3550 Switch as Distribution Switch
    c3560 PoE 24 as Wireless COre switch
    WLC4136 Wireless Lan COntroller
    AIR-AP1010-A-K9 APs


    c2811 Router Configs
    Code:
    version 12.4
    service timestamps debug datetime msec
    service timestamps log datetime msec
    service password-encryption
    !
    hostname CO172Rtr
    !
    boot-start-marker
    boot-end-marker
    !
    no logging buffered
    !
    no aaa new-model
    clock timezone mst -7
    clock summer-time MDT recurring
    voice-card 3
    !
    ip cef
    !
    !
    no ip dhcp use vrf connected
    ip dhcp excluded-address 10.0.0.1 10.0.0.100
    ip dhcp excluded-address 10.0.100.1 10.0.100.99
    ip dhcp excluded-address 172.16.0.1 172.16.0.10
    ip dhcp excluded-address 192.168.255.1 192.168.255.5
    !
    ip dhcp pool qiGuestWLAN
    network 10.0.0.0 255.255.252.0
    default-router 10.0.0.1 
    dns-server 4.2.2.2
    !
    ip dhcp pool CO172WAP
    network 10.0.100.0 255.255.255.0
    default-router 10.0.100.1
    !
    ip dhcp pool CO172HN
    network 172.16.0.0 255.255.255.0
    default-router 172.16.0.1 
    dns-server 205.171.3.65 205.171.2.65 
    !
    ip dhcp pool Service
    network 192.168.255.0 255.255.255.0
    default-router 192.168.255.1 
    ! 
    !
    !
    multilink bundle-name authenticated
    !
    !
    !
    !
    ! 
    archive
    log config
    hidekeys
    ! 
    !
    !
    !
    !
    !
    !
    !
    interface FastEthernet0/1
    no shut
    !
    !
    interface FastEthernet0/1.10
    description Hotel Management Network Connection Through Workgroup Switch $FW_INSIDE$
    encapsulation dot1Q 10
    ip address 172.16.0.1 255.255.255.0
    ip nat inside
    ip virtual-reassembly
    no shut
    !
    interface FastEthernet0/1.11
    description NetManagementLAN $FW_INSIDE$
    encapsulation dot1Q 11 native
    ip address 192.168.255.1 255.255.255.0
    ip nat inside
    ip virtual-reassembly
    no shut
    !
    interface FastEthernet0/1.100
    description $Guest WLAN$
    encapsulation dot1Q 100
    ip address 10.0.100.1 255.255.255.0
    ip nat inside
    ip virtual-reassembly
    no shut
    !
    interface FastEthernet0/1.101
    enc dot1q 101
    ip address 10.0.0.1 255.255.252.0
    ip nat inside
    ip virtual-reassembly
    no shutdown
    !
    !
    ip forward-protocol nd
    ip route 0.0.0.0 0.0.0.0 173.164.45.206
    !
    !
    ip http server
    ip http authentication local
    ip http secure-server
    ip nat inside source list CO172NAT interface FastEthernet0/0 overload
    !
    ip access-list standard CO172NAT
    permit 10.0.0.0 0.0.3.255
    permit 10.0.100.0 0.0.0.255
    permit 172.16.0.0 0.0.0.255
    permit 192.168.255.0 0.0.0.7
    !
    !
    !
    !
    !
    !
    !
    line con 0
    exec-timeout 15 0
    login local
    line aux 0
    line vty 0 4
    access-class CO172vtySecure in
    exec-timeout 15 0
    logging synchronous
    login local
    transport input telnet ssh
    !
    ntp clock-period 17180169
    ntp server 192.43.244.18
    end
    c3550 Switch (This is the Primary Switch)
    Code:
    CO172SW#sh run
    Building configuration...
    Current configuration : 5749 bytes
    !
    ! No configuration change since last restart
    !
    version 12.2
    no service pad
    service timestamps debug uptime
    service timestamps log uptime
    service password-encryption
    !
    hostname CO172SW
    !
    !
    no aaa new-model
    ip subnet-zero
    !
    !
    !
    !
    !
    !
    spanning-tree mode pvst
    spanning-tree etherchannel guard misconfig
    spanning-tree extend system-id
    !
    vlan internal allocation policy ascending
    !
    !
    ! 
    !
    !
    !
    interface FastEthernet0/1
    switchport access vlan 2
    switchport mode access
    !
    interface FastEthernet0/2
    switchport access vlan 2
    switchport mode access
    !
    interface FastEthernet0/3
    switchport access vlan 2
    switchport mode access
    !
    interface FastEthernet0/4
    switchport access vlan 2
    switchport mode access
    shutdown
    !
    interface FastEthernet0/5
    switchport mode dynamic desirable
    shutdown
    !
    interface FastEthernet0/6
    switchport mode dynamic desirable
    shutdown
    !
    interface FastEthernet0/7
    switchport mode dynamic desirable
    shutdown
    ! 
    interface FastEthernet0/8
    switchport mode dynamic desirable
    shutdown
    !
    interface FastEthernet0/9
    switchport trunk encapsulation dot1q
    switchport trunk native vlan 11
    switchport mode trunk
    !
    interface FastEthernet0/10
    switchport access vlan 11
    switchport mode access
    spanning-tree portfast
    !
    interface FastEthernet0/11
    switchport access vlan 11
    switchport mode access
    !
    interface FastEthernet0/12
    switchport access vlan 10
    switchport mode access
    !
    interface FastEthernet0/13
    switchport access vlan 10
    switchport mode access
    !
    interface FastEthernet0/14
    switchport access vlan 10
    switchport mode access
    spanning-tree portfast
    spanning-tree bpdufilter enable
    !
    interface FastEthernet0/15
    switchport access vlan 10
    switchport mode access
    shutdown
    !
    interface FastEthernet0/16
    switchport access vlan 10
    switchport mode access
    shutdown
    !
    interface FastEthernet0/17
    switchport trunk encapsulation dot1q
    switchport trunk native vlan 11
    switchport mode trunk
    !
    interface FastEthernet0/18
    switchport access vlan 11
    switchport mode access
    spanning-tree portfast
    !
    interface FastEthernet0/19
    switchport access vlan 10
    switchport mode access
    !
    interface FastEthernet0/20
    switchport access vlan 10
    switchport mode dynamic desirable
    shutdown
    !
    interface FastEthernet0/21
    switchport access vlan 100
    switchport mode dynamic desirable
    shutdown
    !
    interface FastEthernet0/22
    switchport access vlan 100
    switchport mode access
    !
    interface FastEthernet0/23
    switchport access vlan 100
    switchport mode access
    !
    interface FastEthernet0/24
    switchport trunk encapsulation dot1q
    switchport trunk native vlan 11
    switchport mode trunk
    !
    interface GigabitEthernet0/1
    switchport trunk encapsulation dot1q
    switchport mode trunk
    !
    interface GigabitEthernet0/2
    switchport trunk encapsulation dot1q
    switchport trunk native vlan 11
    switchport mode trunk
    !
    interface Vlan1
    no ip address
    no ip route-cache
    ! 
    interface Vlan11
    ip address 192.168.255.2 255.255.255.248
    !
    ip default-gateway 192.168.255.1
    ip classless
    ip http server
    ip http authentication local
    ip http secure-server
    !
    !
    !
    control-plane
    !
    !
    line con 0
    exec-timeout 15 0
    login local
    line vty 0 4
    exec-timeout 15 0
    login local
    transport input telnet
    line vty 5 15
    no login
    !
    ntp clock-period 17180210
    ntp server 192.43.244.18
    ntp server 192.168.255.1
    end
    CO172SW#
    c3560 Config (this switch is remote and powers the APs)
    Code:
    CO172WCore#sh run
    Building configuration...
    Current configuration : 8001 bytes
    !
    version 12.2
    no service pad
    service timestamps debug uptime
    service timestamps log uptime
    no service password-encryption
    !
    hostname CO172WCore
    !
    boot-start-marker
    boot-end-marker
    !
    no aaa new-model
    system mtu routing 1500
    ip subnet-zero
    ! 
    !
    !
    !
    !
    !
    !
    !
    !
    spanning-tree mode pvst
    spanning-tree etherchannel guard misconfig
    spanning-tree extend system-id
    !
    vlan internal allocation policy ascending
    !
    !
    ! 
    !
    interface FastEthernet0/1
    switchport trunk encapsulation dot1q
    switchport trunk native vlan 100
    switchport trunk allowed vlan 1,10,11,100,101
    switchport mode trunk
    spanning-tree portfast
    !
    interface FastEthernet0/2
    switchport trunk encapsulation dot1q
    switchport trunk native vlan 100
    switchport trunk allowed vlan 1,10,11,100,101
    switchport mode trunk
    spanning-tree portfast
    !
    interface FastEthernet0/3
    switchport trunk encapsulation dot1q
    switchport trunk native vlan 100
    switchport trunk allowed vlan 1,10,11,100,101
    switchport mode trunk
    spanning-tree portfast
    !
    interface FastEthernet0/4
    switchport trunk encapsulation dot1q
    switchport trunk native vlan 100
    switchport trunk allowed vlan 1,10,11,100,101
    switchport mode trunk
    spanning-tree portfast
    !
    !
    !Output cut! All ports configured same
    !
    !
    interface FastEthernet0/23
    switchport trunk encapsulation dot1q
    switchport trunk allowed vlan 1,10,11,100,101
    switchport mode trunk
    shutdown
    !
    interface FastEthernet0/24
    switchport trunk encapsulation dot1q
    switchport trunk native vlan 11
    switchport trunk allowed vlan 1,10,11,100,101
    switchport mode trunk
    switchport nonegotiate
    !
    interface GigabitEthernet0/1
    switchport trunk encapsulation dot1q
    switchport trunk allowed vlan 1,11,100,101,1002-1005
    switchport mode trunk
    !
    interface GigabitEthernet0/2
    switchport trunk encapsulation dot1q
    switchport mode trunk
    !
    interface Vlan1
    no ip address
    no ip route-cache
    no ip mroute-cache
    !
    interface Vlan11
    ip address 192.168.255.3 255.255.255.248
    !
    ip default-gateway 192.168.255.1
    ip classless
    ip http server
    ip http authentication local
    ip http secure-server
    !
    !
    !
    !
    control-plane
    !
    !
    !
    line con 0
    login local
    stopbits 1
    line vty 0 4
    login local
    line vty 5 15
    login
    !
    end
    CO172WCore#
    WLC4136 Configuration
    Code:
    (Cisco Controller) >show run
    Press Enter to continue... 
    System Inventory
    Switch Description............................... Cisco Controller
    Machine Model.................................... WLC4136
    Serial Number.................................... FLS0935H00L
    Burned-in MAC Address............................ 00:0B:85:33:3B:60
    Gig Ethernet/Fiber Card.......................... Present
    Crypto Accelerator 1............................. Absent
     
    System Information
    Manufacturer's Name.............................. Cisco Systems Inc.
    Product Name..................................... Cisco Controller
    Product Version.................................. 3.2.210.0
    RTOS Version..................................... 3.2.210.0
    Bootloader Version............................... 3.2.210.0
    Build Type....................................... DATA + WPS
    System Name...................................... CO)172WLC
    System Location.................................. 
    System Contact................................... 
    System ObjectID.................................. 1.3.6.1.4.1.14179
    IP Address....................................... 10.0.100.21
    System Up Time................................... 0 days 2 hrs 44 mins 35 secs
    Configured Country............................... US - United States
    Operating Environment............................ Commercial (0 to 40 C)
    Internal Temp Alarm Limits....................... 0 to 65 C
    Internal Temperature............................. +47 C
    State of 802.11b Network......................... Enabled
    State of 802.11a Network......................... Enabled
    Number of WLANs.................................. 2
    3rd Party Access Point Support................... Disabled
    Number of Active Clients......................... 1
     
    Switch Configuration
    802.3x Flow Control Mode......................... Disable 
    Current LWAPP Transport Mode..................... Layer 3
    LWAPP Transport Mode after next switch reboot.... Layer 3
    FIPS prerequisite features....................... Disabled
     
    Network Information
    RF-Network Name............................. co172
    Web Mode.................................... Disable
    Secure Web Mode............................. Enable
    Secure Shell (ssh).......................... Enable
    Telnet...................................... Disable
    Ethernet Multicast Mode..................... Disable
    User Idle Timeout........................... 300 seconds
    ARP Idle Timeout............................ 300 seconds
    ARP Unicast Mode............................ Disabled
    Cisco AP Default Master..................... Disable
    Mgmt Via Wireless Interface................. Disable
    Bridge AP Zero Config....................... Enable
    Bridge Shared Secret........................ youshouldsetme
    Allow Old Bridging Aps To Authenticate...... Enable
    Over The Air Provisioning of AP's........... Enable
    Mobile Peer to Peer Blocking................ Enable
    Apple Talk ................................. Disable
    AP Fallback ................................ Enable
    Web Auth Redirect Ports .................... 80
    Fast SSID Change ........................... Disabled
    
    Port Summary
    STP Admin Physical Physical Link Link Mcast 
    Pr Type Stat Mode Mode Status Status Trap Appliance POE 
    -- ------- ---- ------- ---------- ---------- ------ ------- --------- -------
    1 Normal Forw Enable Auto 1000 Full Up Enable Enable N/A 
     
    AP Summary
    AP Name Slots AP Model Ethernet MAC Location Port
    ------------------ ----- ------------------- ----------------- ---------------- ----
    Guest4 2 AP1010 00:0b:85:8d:83:a0 default_location 1 
     
    AP Config
    Cisco AP Identifier.............................. 7
    Cisco AP Name.................................... Guest4
    AP Regulatory Domain............................. -A
    Switch Port Number .............................. 1
    MAC Address...................................... 00:0b:85:8d:83:a0
    IP Address Configuration......................... DHCP
    IP Address....................................... 10.0.100.100
    IP NetMask....................................... 255.255.255.0
    Gateway IP Addr.................................. 10.0.100.1
    Cisco AP Location................................ default_location
    Cisco AP Group Name.............................. Guest_HSIA
    Primary Cisco Switch............................. 
    Secondary Cisco Switch........................... 
    Tertiary Cisco Switch............................ 
    Administrative State ............................ ADMIN_ENABLED
    Operation State ................................. REGISTERED
    Mirroring Mode .................................. Disabled
    AP Mode ......................................... Local
    Remote AP Debug ................................. Disabled
    S/W Version .................................... 3.2.210.0
    Boot Version ................................... 2.1.78.0
    Mini IOS Version ................................ -- 
    Stats Reporting Period .......................... 180
    LED State........................................ Enabled
    Number Of Slots.................................. 2 
    AP Model......................................... AP1010
    AP Serial Number................................. WCN110600W9
    AP Certificate Type.............................. Manufacture Installed
    Attributes for Slot 1
    Radio Type................................... RADIO_TYPE_80211g
    Administrative State ........................ ADMIN_ENABLED
    Operation State ............................. UP
    WLAN Override ............................... Enabled
    CellId ...................................... 0
    Station Configuration
    Configuration ............................. AUTOMATIC
    Number Of WLANs ........................... 1
    Medium Occupancy Limit .................... 100
    CFP Period ................................ 4
    CFP MaxDuration ........................... 60
    BSSID ..................................... 00:0b:85:8d:83:a0
    Operation Rate Set 
    1000 Kilo Bits........................... MANDATORY
    2000 Kilo Bits........................... MANDATORY
    5500 Kilo Bits........................... MANDATORY
    11000 Kilo Bits.......................... MANDATORY
    6000 Kilo Bits........................... SUPPORTED
    9000 Kilo Bits........................... SUPPORTED
    12000 Kilo Bits.......................... SUPPORTED
    18000 Kilo Bits.......................... SUPPORTED
    24000 Kilo Bits.......................... SUPPORTED
    36000 Kilo Bits.......................... SUPPORTED
    48000 Kilo Bits.......................... SUPPORTED
    54000 Kilo Bits.......................... SUPPORTED
    Beacon Period ............................. 100
    DTIM Period ............................... 1
    Fragmentation Threshold ................... 2346
    Multi Domain Capability Implemented ....... TRUE
    Multi Domain Capability Enabled ........... TRUE
    Country String ............................ US 
    Multi Domain Capability
    Configuration ............................. AUTOMATIC
    First Chan Num ............................ 1
    Number Of Channels ........................ 11
    MAC Operation Parameters 
    Configuration ............................. AUTOMATIC
    RTS Threshold ............................. 2347
    Short Retry Limit ......................... 7
    Long Retry Limit .......................... 4
    Fragmentation Threshold ................... 2346
    Maximum Tx MSDU Life Time ................. 512
    Maximum Rx Life Time ...................... 512
    Tx Power 
    Num Of Supported Power Levels ............. 5
    Tx Power Level 1 .......................... 20 dBm
    Tx Power Level 2 .......................... 17 dBm
    Tx Power Level 3 .......................... 14 dBm
    Tx Power Level 4 .......................... 11 dBm
    Tx Power Level 5 .......................... 8 dBm
    Tx Power Configuration .................... CUSTOMIZED
    Current Tx Power Level .................... 3
    Phy OFDM parameters
    Configuration ............................. CUSTOMIZED
    Current Channel ........................... 11
    TI Threshold .............................. -50
    Antenna Type............................... INTERNAL_ANTENNA
    Internal Antenna Gain (in .5 dBm units).... 11
    Diversity.................................. DIVERSITY_ENABLED
    Performance Profile Parameters
    Configuration ............................. AUTOMATIC
    Interference threshold..................... 10 %
    Noise threshold............................ -70 dBm
    RF utilization threshold................... 80 %
    Data-rate threshold........................ 1000000 bps
    Client threshold........................... 12 clients
    Coverage SNR threshold..................... 12 dB
    Coverage exception level................... 25 %
    Client minimum exception level............. 3 clients
    Rogue Containment Information
    Containment Count............................ 0
    Cisco AP Identifier.............................. 7
    Cisco AP Name.................................... Guest4
    AP Regulatory Domain............................. -A
    Switch Port Number .............................. 1
    MAC Address...................................... 00:0b:85:8d:83:a0
    IP Address Configuration......................... DHCP
    IP Address....................................... 10.0.100.100
    IP NetMask....................................... 255.255.255.0
    Gateway IP Addr.................................. 10.0.100.1
    Cisco AP Location................................ default_location
    Cisco AP Group Name.............................. Guest_HSIA
    Primary Cisco Switch............................. 
    Secondary Cisco Switch........................... 
    Tertiary Cisco Switch............................ 
    Administrative State ............................ ADMIN_ENABLED
    Operation State ................................. REGISTERED
    Mirroring Mode .................................. Disabled
    AP Mode ......................................... Local
    Remote AP Debug ................................. Disabled
    S/W Version .................................... 3.2.210.0
    Boot Version ................................... 2.1.78.0
    Mini IOS Version ................................ -- 
    Stats Reporting Period .......................... 180
    LED State........................................ Enabled
    Number Of Slots.................................. 2 
    AP Model......................................... AP1010
    AP Serial Number................................. WCN110600W9
    AP Certificate Type.............................. Manufacture Installed
    Attributes for Slot 0
    Radio Type................................... RADIO_TYPE_80211a
    Administrative State ........................ ADMIN_ENABLED
    Operation State ............................. UP
    WLAN Override ............................... Disabled
    CellId ...................................... 0
    Station Configuration
    Configuration ............................. AUTOMATIC
    Number Of WLANs ........................... 0
    Medium Occupancy Limit .................... 100
    CFP Period ................................ 4
    CFP MaxDuration ........................... 60
    BSSID ..................................... 00:0b:85:8d:83:a0
    Operation Rate Set 
    6000 Kilo Bits........................... MANDATORY
    9000 Kilo Bits........................... SUPPORTED
    12000 Kilo Bits.......................... MANDATORY
    18000 Kilo Bits.......................... SUPPORTED
    24000 Kilo Bits.......................... MANDATORY
    36000 Kilo Bits.......................... SUPPORTED
    48000 Kilo Bits.......................... SUPPORTED
    54000 Kilo Bits.......................... SUPPORTED
    Beacon Period ............................. 100
    DTIM Period ............................... 1
    Fragmentation Threshold ................... 2346
    Multi Domain Capability Implemented ....... TRUE
    Multi Domain Capability Enabled ........... TRUE
    Country String ............................ US 
    Multi Domain Capability
    Configuration ............................. AUTOMATIC
    First Chan Num ............................ 36
    Number Of Channels ........................ 4
    MAC Operation Parameters 
    Configuration ............................. AUTOMATIC
    RTS Threshold ............................. 2347
    Short Retry Limit ......................... 7
    Long Retry Limit .......................... 4
    Fragmentation Threshold ................... 2346
    Maximum Tx MSDU Life Time ................. 512
    Maximum Rx Life Time ...................... 512
    Tx Power 
    Num Of Supported Power Levels ............. 5
    Tx Power Level 1 .......................... 20 dBm
    Tx Power Level 2 .......................... 17 dBm
    Tx Power Level 3 .......................... 14 dBm
    Tx Power Level 4 .......................... 11 dBm
    Tx Power Level 5 .......................... 8 dBm
    Tx Power Configuration .................... AUTOMATIC
    Current Tx Power Level .................... 1
    Phy OFDM parameters
    Configuration ............................. AUTOMATIC
    Current Channel ........................... 161
    TI Threshold .............................. -50
    Antenna Type............................... INTERNAL_ANTENNA
    Internal Antenna Gain (in .5 dBm units).... 11
    AntennaMode................................ ANTENNA_OMNI
    Performance Profile Parameters
    Configuration ............................. AUTOMATIC
    Interference threshold..................... 10 %
    Noise threshold............................ -70 dBm
    RF utilization threshold................... 80 %
    Data-rate threshold........................ 1000000 bps
    Client threshold........................... 12 clients
    Coverage SNR threshold..................... 16 dB
    Coverage exception level................... 25 %
    Client minimum exception level............. 3 clients
    Rogue Containment Information
    Containment Count............................ 0
     
    AP Airewave Director Configuration
    Number Of Slots.................................. 2 
    AP Name.......................................... Guest4
    MAC Address...................................... 00:0b:85:8d:83:a0
    Radio Type..................................... RADIO_TYPE_80211b/g
    Noise Information
    Noise Profile................................ PASSED
    Channel 1.................................... -84 dBm
    Channel 2.................................... -78 dBm
    Channel 3.................................... -86 dBm
    Channel 4.................................... -89 dBm
    Channel 5.................................... -95 dBm
    Channel 6.................................... -97 dBm
    Channel 7.................................... -95 dBm
    Channel 8.................................... -94 dBm
    Channel 9.................................... -94 dBm
    Channel 10................................... -93 dBm
    Channel 11................................... -93 dBm
    Interference Information
    Interference Profile......................... PASSED
    Channel 1.................................... -75 dBm @ 1 % busy
    Channel 2.................................... -128 dBm @ 0 % busy
    Channel 3.................................... -128 dBm @ 0 % busy
    Channel 4.................................... -128 dBm @ 0 % busy
    Channel 5.................................... -128 dBm @ 0 % busy
    Channel 6.................................... -86 dBm @ 8 % busy
    Channel 7.................................... -84 dBm @ 4 % busy
    Channel 8.................................... -128 dBm @ 0 % busy
    Channel 9.................................... -128 dBm @ 0 % busy
    Channel 10................................... -87 dBm @ 1 % busy
    Channel 11................................... -85 dBm @ 4 % busy
    Load Information
    Load Profile................................. PASSED
    Receive Utilization.......................... 0 %
    Transmit Utilization......................... 0 %
    Channel Utilization.......................... 6 %
    Attached Clients............................. 0 clients
    Coverage Information
    Coverage Profile............................. PASSED
    Failed Clients............................... 0 clients
    Client Signal Strengths
    RSSI -100 dbm................................ 0 clients
    RSSI -92 dbm................................ 0 clients
    RSSI -84 dbm................................ 0 clients
    RSSI -76 dbm................................ 0 clients
    RSSI -68 dbm................................ 0 clients
    RSSI -60 dbm................................ 0 clients
    RSSI -52 dbm................................ 1 clients
    Client Signal To Noise Ratios
    SNR 0 dbm................................. 0 clients
    SNR 5 dbm................................. 0 clients
    SNR 10 dbm................................. 0 clients
    SNR 15 dbm................................. 0 clients
    SNR 20 dbm................................. 0 clients
    SNR 25 dbm................................. 0 clients
    SNR 30 dbm................................. 0 clients
    SNR 35 dbm................................. 0 clients
    SNR 40 dbm................................. 1 clients
    SNR 45 dbm................................. 0 clients
    Nearby APs
    Radar Information
    RF Parameter Recommendations
    Power Level.................................. 3
    RTS/CTS Threshold............................ 2347
    Fragmentation Tnreshold...................... 2346
    Antenna Pattern.............................. 0
    Number Of Slots.................................. 2 
    AP Name.......................................... Guest4
    MAC Address...................................... 00:0b:85:8d:83:a0
    Radio Type..................................... RADIO_TYPE_80211a
    Noise Information
    Noise Profile................................ PASSED
    Channel 36................................... -93 dBm
    Channel 40................................... -92 dBm
    Channel 44................................... -93 dBm
    Channel 48................................... -92 dBm
    Channel 52................................... -93 dBm
    Channel 56................................... -93 dBm
    Channel 60................................... -93 dBm
    Channel 64................................... -92 dBm
    Channel 149.................................. -98 dBm
    Channel 153.................................. -98 dBm
    Channel 157.................................. -99 dBm
    Channel 161.................................. -100 dBm
    Channel 165.................................. -100 dBm
    Interference Information
    Interference Profile......................... PASSED
    Channel 36................................... -128 dBm @ 0 % busy
    Channel 40................................... -128 dBm @ 0 % busy
    Channel 44................................... -128 dBm @ 0 % busy
    Channel 48................................... -128 dBm @ 0 % busy
    Channel 52................................... -128 dBm @ 0 % busy
    Channel 56................................... -128 dBm @ 0 % busy
    Channel 60................................... -128 dBm @ 0 % busy
    Channel 64................................... -128 dBm @ 0 % busy
    Channel 149.................................. -128 dBm @ 0 % busy
    Channel 153.................................. -128 dBm @ 0 % busy
    Channel 157.................................. -128 dBm @ 0 % busy
    Channel 161.................................. -128 dBm @ 0 % busy
    Channel 165.................................. -128 dBm @ 0 % busy
    Load Information
    Load Profile................................. PASSED
    Receive Utilization.......................... 0 %
    Transmit Utilization......................... 0 %
    Channel Utilization.......................... 0 %
    Attached Clients............................. 0 clients
    Coverage Information
    Coverage Profile............................. PASSED
    Failed Clients............................... 0 clients
    Client Signal Strengths
    RSSI -100 dbm................................ 0 clients
    RSSI -92 dbm................................ 0 clients
    RSSI -84 dbm................................ 0 clients
    RSSI -76 dbm................................ 0 clients
    RSSI -68 dbm................................ 0 clients
    RSSI -60 dbm................................ 0 clients
    RSSI -52 dbm................................ 0 clients
    Client Signal To Noise Ratios
    SNR 0 dbm................................. 0 clients
    SNR 5 dbm................................. 0 clients
    SNR 10 dbm................................. 0 clients
    SNR 15 dbm................................. 0 clients
    SNR 20 dbm................................. 0 clients
    SNR 25 dbm................................. 0 clients
    SNR 30 dbm................................. 0 clients
    SNR 35 dbm................................. 0 clients
    SNR 40 dbm................................. 0 clients
    SNR 45 dbm................................. 0 clients
    Nearby APs
    Radar Information
    Channel Assignment Information
    Current Channel Average Energy............... unknown
    Previous Channel Average Energy.............. unknown
    Channel Change Count......................... 0
    Last Channel Change Time..................... Sun May 1 13:04:19 2011
    Recommendd Best Channel...................... 161
    RF Parameter Recommendations
    Power Level.................................. 1
    RTS/CTS Threshold............................ 2347
    Fragmentation Tnreshold...................... 2346
    Antenna Pattern.............................. 0
     
    802.11A Configuration
    802.11a Network.................................. Enabled
    802.11a Low Band........................... Enabled
    802.11a Mid Band........................... Enabled
    802.11a High Band.......................... Enabled
    802.11a Operational Rates
    802.11a 6M Rate.............................. Mandatory
    802.11a 9M Rate.............................. Supported
    802.11a 12M Rate............................. Mandatory
    802.11a 18M Rate............................. Supported
    802.11a 24M Rate............................. Mandatory
    802.11a 36M Rate............................. Supported
    802.11a 48M Rate............................. Supported
    802.11a 54M Rate............................. Supported
    Beacon Interval.................................. 100
    CF Pollable mandatory............................ Disabled
    CF Poll Request mandatory........................ Disabled
    CFP Period....................................... 4
    CFP Maximum Duration............................. 60
    Default Channel.................................. 36
    Default Tx Power Level........................... 1
    DTPC Status..................................... Enabled
    DTIM Period...................................... 1
    Fragmentation Threshold.......................... 2346
    Long Retry Limit................................. 4
    Maximum Rx Life Time............................. 512
    Max Tx MSDU Life Time............................ 512
    Medium Occupancy Limit........................... 100
    Pico-Cell Status................................. Disabled
    RTS Threshold.................................... 2347
    Short Retry Limit................................ 7
    TI Threshold..................................... -50
     
    802.11A Advanced Configuration
    AP Name Channel TxPower Level
    -------------------------------- ----------- -------------
    Guest4 161* 1*
    Press Enter to continue Or <Ctl Z> to abort 
    802.11A Airewave Director Configuration
    RF Event and Performance Logging
    Channel Update Logging......................... Off
    Coverage Profile Logging....................... Off
    Foreign Profile Logging........................ Off
    Load Profile Logging........................... Off
    Noise Profile Logging.......................... Off
    Performance Profile Logging.................... Off
    TxPower Update Logging......................... Off
    Default 802.11a AP performance profiles
    802.11a Global Interference threshold.......... 10 %
    802.11a Global noise threshold................. -70 dBm
    802.11a Global RF utilization threshold........ 80 %
    802.11a Global throughput threshold............ 1000000 bps
    802.11a Global clients threshold............... 12 clients
    802.11a Global coverage threshold.............. 16 dB
    802.11a Global coverage exception level........ 25 %
    802.11a Global client minimum exception lev.... 3 clients
    Default 802.11a AP monitoring
    802.11a Monitor Mode........................... enable
    802.11a Monitor Channels....................... Country channels
    802.11a AP Coverage Interval................... 180 seconds
    802.11a AP Load Interval....................... 60 seconds
    802.11a AP Noise Interval...................... 180 seconds
    802.11a AP Signal Strength Interval............ 60 seconds
    Automatic Transmit Power Assignment
    Transmit Power Assignment Mode................. AUTO
    Transmit Power Update Interval................. 600 seconds
    Transmit Power Threshold....................... -65 dBm
    Transmit Power Neighbor Count.................. 3 APs
    Transmit Power Update Contribution............. SNI.
    Transmit Power Assignment Leader............... 00:0b:85:33:3b:60
    Last Run....................................... 304 seconds ago
    Automatic Channel Assignment
    Channel Assignment Mode........................ AUTO
    Channel Update Interval........................ 600 seconds
    Channel Update Contribution.................... SNI.
    Channel Assignment Leader...................... 00:0b:85:33:3b:60
    Last Run....................................... 304 seconds ago
    Channel Energy Levels 
    Minimum...................................... unknown
    Average...................................... unknown
    Maximum...................................... unknown
    Channel Dwell Times 
    Minimum...................................... 0 days, 00 h 39 m 09 s
    Average...................................... 0 days, 00 h 39 m 09 s
    Maximum...................................... 0 days, 00 h 39 m 09 s
    Radio RF Grouping
    802.11a Group Mode............................. AUTO
    802.11a Group Update Interval.................. 600 seconds
    802.11a Group Leader........................... 00:0b:85:33:3b:60
    802.11a Group Member......................... 00:0b:85:33:3b:60
    802.11a Last Run............................... 304 seconds ago
     
    802.11B Configuration
    802.11b Network.................................. Enabled
    11gSupport....................................... Enabled
    802.11b/g Operational Rates
    802.11b/g 1M Rate............................ Mandatory
    802.11b/g 2M Rate............................ Mandatory
    802.11b/g 5.5M Rate.......................... Mandatory
    802.11b/g 11M Rate........................... Mandatory
    802.11g 6M Rate.............................. Supported
    802.11g 9M Rate.............................. Supported
    802.11g 12M Rate............................. Supported
    802.11g 18M Rate............................. Supported
    802.11g 24M Rate............................. Supported
    802.11g 36M Rate............................. Supported
    802.11g 48M Rate............................. Supported
    802.11g 54M Rate............................. Supported
    Beacon Interval.................................. 100
    CF Pollable mode................................. Disabled
    CF Poll Request mandatory........................ Disabled
    CFP Period....................................... 4
    CFP Maximum Duration............................. 60
    Default Channel.................................. 1
    Default Tx Power Level........................... 1
    DTPC Status..................................... Enabled
    Call Admission Limit ........................... 105
    G711 CU Quantum ................................. 15
    DTIM Period...................................... 1
    ED Threshold..................................... -50
    Fragmentation Threshold.......................... 2346
    Long Retry Limit................................. 4
    Maximum Rx Life Time............................. 512
    Max Tx MSDU Life Time............................ 512
    Medium Occupancy Limit........................... 100
    PBCC mandatory................................... Disabled
    Pico-Cell Status................................. Disabled
    RTS Threshold.................................... 2347
    Short Preamble mandatory......................... Enabled
    Short Retry Limit................................ 7
     
    802.11B Advanced Configuration
    AP Name Channel TxPower Level
    -------------------------------- ----------- -------------
    Guest4 11 3 
     
    802.11B Airewave Director Configuration
    RF Event and Performance Logging
    Channel Update Logging......................... Off
    Coverage Profile Logging....................... Off
    Foreign Profile Logging........................ Off
    Load Profile Logging........................... Off
    Noise Profile Logging.......................... Off
    Performance Profile Logging.................... Off
    Transmit Power Update Logging.................. Off
    Default 802.11b AP performance profiles
    802.11b Global Interference threshold.......... 10 %
    802.11b Global noise threshold................. -70 dBm
    802.11b Global RF utilization threshold........ 80 %
    802.11b Global throughput threshold............ 1000000 bps
    802.11b Global clients threshold............... 12 clients
    802.11b Global coverage threshold.............. 12 dB
    802.11b Global coverage exception level........ 25 %
    802.11b Global client minimum exception lev.... 3 clients
    Default 802.11b AP monitoring
    802.11b Monitor Mode........................... enable
    802.11b Monitor Channels....................... Country channels
    802.11b AP Coverage Interval................... 180 seconds
    802.11b AP Load Interval....................... 60 seconds
    802.11b AP Noise Interval...................... 180 seconds
    802.11b AP Signal Strength Interval............ 60 seconds
    Automatic Transmit Power Assignment
    Transmit Power Assignment Mode................. AUTO
    Transmit Power Update Interval................. 600 seconds
    Transmit Power Threshold....................... -65 dBm
    Transmit Power Neighbor Count.................. 3 APs
    Transmit Power Update Contribution............. SNI.
    Transmit Power Assignment Leader............... 00:0b:85:33:3b:60
    Last Run....................................... 371 seconds ago
    Automatic Channel Assignment
    Channel Assignment Mode........................ AUTO
    Channel Update Interval........................ 600 seconds
    Channel Update Contribution.................... SNI.
    Channel Assignment Leader...................... 00:0b:85:33:3b:60
    Last Run....................................... 371 seconds ago
    Channel Energy Levels 
    Minimum...................................... unknown
    Average...................................... unknown
    Maximum...................................... unknown
    Channel Dwell Times 
    Minimum...................................... 0 days, 00 h 39 m 46 s
    Average...................................... 0 days, 00 h 39 m 46 s
    Maximum...................................... 0 days, 00 h 39 m 46 s
    Radio RF Grouping
    802.11b Group Mode............................. AUTO
    802.11b Group Update Interval.................. 600 seconds
    802.11b Group Leader........................... 00:0b:85:33:3b:60
    802.11b Group Member......................... 00:0b:85:33:3b:60
    802.11b Last Run............................... 371 seconds ago
     
    Mobility Configuration
    Mobility Protocol Port........................... 16666
    Mobility Security Mode........................... Disabled
    Default Mobility Domain.......................... co172
    Mobility Group members configured................ 1
    Switches configured in the Mobility Group
    MAC Address IP Address Group Name
    00:0b:85:33:3b:60 10.0.100.21 <local> 
     
    Interface Configuration
    Interface Name................................... ap-manager
    IP Address....................................... 10.0.100.32
    IP Netmask....................................... 255.255.255.0
    IP Gateway....................................... 10.0.100.1
    VLAN............................................. 100 
    Physical Port.................................... 1 
    Primary DHCP Server.............................. 10.0.100.1
    Secondary DHCP Server............................ Unconfigured
    ACL.............................................. Unconfigured
    AP Manager....................................... Yes
    Interface Name................................... guestwlan
    IP Address....................................... 10.0.0.2
    IP Netmask....................................... 255.255.252.0
    IP Gateway....................................... 10.0.0.1
    VLAN............................................. 101 
    Physical Port.................................... 1 
    Primary DHCP Server.............................. 10.0.0.1
    Secondary DHCP Server............................ Unconfigured
    ACL.............................................. Unconfigured
    AP Manager....................................... No
    Interface Name................................... management
    MAC Address...................................... 00:0b:85:33:3b:60
    IP Address....................................... 10.0.100.21
    IP Netmask....................................... 255.255.255.0
    IP Gateway....................................... 10.0.100.1
    VLAN............................................. 100 
    Physical Port.................................... 1 
    Primary DHCP Server.............................. 10.0.100.1
    Secondary DHCP Server............................ Unconfigured
    ACL.............................................. Unconfigured
    AP Manager....................................... No
    Interface Name................................... service-port
    MAC Address...................................... 00:0b:85:33:3b:61
    IP Address....................................... 0.0.0.0
    DHCP Protocol.................................... Enabled
    AP Manager....................................... No
    Interface Name................................... virtual
    IP Address....................................... 1.1.1.1
    Virtual DNS Host Name............................ Disabled
    AP Manager....................................... No
     
    WLAN Configuration
    WLAN Identifier.................................. 1
    Network Name (SSID).............................. CO172
    Status........................................... Disabled
    MAC Filtering.................................... Disabled
    Broadcast SSID................................... Enabled
    AAA Policy Override.............................. Disabled
    Number of Active Clients......................... 0
    Exclusionlist Timeout............................ 60 seconds
    Session Timeout.................................. Infinity
    Interface........................................ management
    WLAN ACL......................................... unconfigured
    DHCP Server...................................... Default
    Quality of Service............................... Silver (best effort)
    WMM.............................................. Disabled
    802.11e.......................................... Disabled
    Dot11-Phone Mode (7920).......................... Disabled
    Wired Protocol................................... None
    IPv6 Support..................................... Disabled
    Radio Policy..................................... All
    Security
    802.11 Authentication:........................ Open System
    Static WEP Keys............................... Disabled
    802.1X........................................ Enabled
    Encryption:..................................... 128-bit WEP
    Wi-Fi Protected Access (WPA1)................. Disabled
    Wi-Fi Protected Access v2 (WPA2).............. Disabled
    IP Security................................... Disabled
    IP Security Passthru.......................... Disabled
    Web Based Authentication...................... Disabled
    Web-Passthrough............................... Disabled
    Auto Anchor................................... Disabled
    Cranite Passthru.............................. Disabled
    Fortress Passthru............................. Disabled
    WLAN Identifier.................................. 2
    Network Name (SSID).............................. qi172
    Status........................................... Enabled
    MAC Filtering.................................... Disabled
    Broadcast SSID................................... Enabled
    AAA Policy Override.............................. Disabled
    Number of Active Clients......................... 1
    Exclusionlist Timeout............................ 60 seconds
    Session Timeout.................................. 1800 seconds
    Interface........................................ guestwlan
    WLAN ACL......................................... unconfigured
    DHCP Server...................................... Default
    Quality of Service............................... Silver (best effort)
    WMM.............................................. Disabled
    802.11e.......................................... Disabled
    Dot11-Phone Mode (7920).......................... Disabled
    Wired Protocol................................... None
    IPv6 Support..................................... Disabled
    Radio Policy..................................... 802.11G only
    Security
    802.11 Authentication:........................ Open System
    Static WEP Keys............................... Disabled
    802.1X........................................ Enabled
    Encryption:..................................... None
    Wi-Fi Protected Access (WPA1)................. Disabled
    Wi-Fi Protected Access v2 (WPA2).............. Disabled
    IP Security................................... Disabled
    IP Security Passthru.......................... Disabled
    Web Based Authentication...................... Disabled
    Web-Passthrough............................... Disabled
    Auto Anchor................................... Disabled
    Cranite Passthru.............................. Disabled
    Fortress Passthru............................. Disabled
     
    ACL Configuration
     
     
    RADIUS Configuration
    Vendor Id Backward Compatibility................. Disabled
    Credentials Caching.............................. Disabled
    Call Station Id Type............................. IP Address
    Administrative Authentication via RADIUS......... Enabled
    Aggressive Failover.............................. Enabled
    Keywrap.......................................... Disabled
    Authentication Servers
    Idx Type Server Address Port State Tout RFC3576 IPSec - AuthMode/Phase1/Group/Lifetime/Auth/Encr
    --- ---- ---------------- ------ -------- ---- ------- ------------------------------------------------
    Accounting Servers
    Index Type Server Address Port State Tout RFC-3576 IPSec - AuthMode/Phase1/Group/Lifetime/Auth/Encr
    ----- ---- ---------------- ------ -------- ---- -------- ------------------------------------------------
     
     
    Route Info
    Number of Routes................................. 0
    Destination Network Genmask Gateway
    ------------------- ------------------- -------------------
     
     
    Qos Queue Length Info
    Platinum queue length............................ 100
    Gold queue length................................ 75
    Silver queue length.............................. 50
    Bronze queue length.............................. 25
     
     
    Mac Filter Info
     
     
    Authorization List
     
     
     
     
    Load Balancing Info
    Aggressive Load Balancing........................ Enabled
    Aggressive Load Balancing Window................. 0 clients
     
     
    Dhcp Scope Info
    Scope: GuestDHCP
    Enabled.......................................... No
    Lease Time....................................... 86400 (1 day )
    Pool Start....................................... 10.0.0.100
    Pool End......................................... 10.0.3.254
    Network.......................................... 10.0.0.0
    Netmask.......................................... 255.255.252.0
    Default Routers.................................. 10.0.0.1 0.0.0.0 0.0.0.0
    DNS Domain....................................... 
    DNS.............................................. 4.2.2.2 0.0.0.0 0.0.0.0
    Netbios Name Servers............................. 0.0.0.0 0.0.0.0 0.0.0.0
     
     
    Exclusion List ConfigurationUnable to retrieve exclusion-list entry
     
     
     
    WPS Configuration Summary
    Client Exclusion Policy
    Excessive 802.11-association failures.......... Enabled
    Excessive 802.11-authentication failures....... Enabled
    Excessive 802.1x-authentication................ Enabled
    IP-theft....................................... Enabled
    Excessive Web authentication failure........... Enabled
    Trusted AP Policy
    Mis-configured AP Action....................... Alarm Only
    Enforced encryption policy................... none
    Enforced preamble policy..................... none
    Enforced radio type policy................... none
    Validate SSID................................ Disabled
    Alert if Trusted AP is missing................. Disabled
    Trusted AP timeout............................. 120
    Untrusted AP Policy
    Rogue Location Discovery Protocol.............. Disabled
    RLDP Action.................................. Alarm Only
    Rogue APs
    Rogues AP advertising my SSID................ Alarm Only
    Detect and report Ad-Hoc Networks............ Enabled
    Rogue Clients
    Validate rogue clients against AAA........... Disabled
    Detect trusted clients on rogue APs.......... Alarm Only
    Rogue AP timeout............................... 1200
    Signature Policy
    Signature Processing........................... Enabled
     
    Spanning Tree Switch Configuration
    STP Specification...................... IEEE 802.1D
    STP Base MAC Address................... 00:0B:85:33:3B:60
    Spanning Tree Algorithm................ Disable 
    STP Bridge Priority.................... 32768
    STP Bridge Max. Age (seconds).......... 20
    STP Bridge Hello Time (seconds)........ 2
    STP Bridge Forward Delay (seconds)..... 15
     
    Spanning Tree Port Configuration
    STP Port ID................................. 8001
    STP Port State.............................. Forwarding
    STP Port Administrative Mode................ 802.1D
    STP Port Priority........................... 128
    STP Port Path Cost.......................... 4
    STP Port Path Cost Mode..................... Auto
    (Cisco Controller) >
    If I configure a wireless client with a static IP in VLAN101 and try to ping any valid ip address I get the dreaded Destination Unreachable response.
    Any suggestions?

    John
    Reply With Quote Quote  

  2. SS -->
  3. Senior Member SteveO86's Avatar
    Join Date
    Oct 2010
    Location
    FL
    Posts
    1,405

    Certifications
    CCNP, CCIP, CCDP, CCNP: Security/Data Center, CCNA Wireless, CWNA, WCNA
    #2
    The Switch port that connect to the AP's should be access ports. Only the the controller should be connected with a dot1q trunk.

    By "remote" are these AP's configured as REAP/H-REAP or in Local mode?

    If you provide a static address to the WLAN client can they ping the WLC/AP? Then try to ping the switch neighboring the WLC.

    Also is the SSID interface configured with the proper VLAN?

    From the controller, can you ping the DHCP Device?

    With LWAP's, the client traffic goes from:

    Client -> RF (SSID) -> AP -> Wired Network (Encapsulated LWAP) -> WLC -> Wired network (Decapsulated) as normal 802.3 traffic.

    If you associate and authenticate to the WLAN with a static address, ping the closest point first and reach out. If you can ping the WLC (The IP of the Interface in question) but not the switch connected to the WLC then I would verify the trunk and the SSID configuration.
    Last edited by SteveO86; 05-01-2011 at 09:48 PM.
    Reply With Quote Quote  

  4. Cantankerous Old Fart hermeszdata's Avatar
    Join Date
    Jan 2010
    Location
    Colorado
    Posts
    225

    Certifications
    CCNA, CCNA:Voice (Ent) AdTran ATSA Internetworking
    #3
    Quote Originally Posted by SteveO86 View Post
    The Switch port that connect to the AP's should be access ports. Only the the controller should be connected with a dot1q trunk.

    By "remote" are these AP's configured as REAP/H-REAP or in Local mode?

    If you provide a static address to the WLAN client can they ping the WLC/AP? Then try to ping the switch neighboring the WLC.

    Also is the SSID configured with the proper VLAN?

    With LWAP's, the client traffic goes from:

    Client -> RF (SSID) -> AP -> Wired Network (Encapsulated LWAP) -> WLC -> Wired network (Decapsulated) as normal 802.3 traffic.

    If you associate and authenticate to the WLAN with a static address, ping the closest point first and reach out. If you can ping the WLC but not the switch connected to the WLC then I would verify the trunk and the SSID configuration.
    WCore Switch (APs connected to this) ports are configured as show in the 3560 PoE config. Having more than one VLAN requires the switch ports configured as trunks, not access ports, and configured with a native vlan assigned (in this case the management vlan is vlan100). Additionally, all VLANs are in each switch's database.

    APs are configured as Local. and SSID(s) are configured correctly. (NOTE: I had the same issue with a single SSID and the switch ports set as access on VLAN 100.

    Clients associate/connect to APs. Authentication is open with no encryption (unsecure network). Statically configured clients are unable to ping anything nor are they pingable from the WLC or any device. The WLC GUI shows clients connected to AP(s).

    I pulled my 1121 AP from my local network aftrer setting it up for DHCP and plugged it into the 3560 switch (initially the port set for VLAN100 and then VLAN101) in both cases the AP pulled an IP address and when the client connected it to pulled an IP address via DHCP and was able to connect completely to the network/internet.

    This confirms the router and switch setups and points directly to an issue with the WLC config.
    Reply With Quote Quote  

  5. Senior Member SteveO86's Avatar
    Join Date
    Oct 2010
    Location
    FL
    Posts
    1,405

    Certifications
    CCNP, CCIP, CCDP, CCNP: Security/Data Center, CCNA Wireless, CWNA, WCNA
    #4
    Quote Originally Posted by hermeszdata View Post
    WCore Switch (APs connected to this) ports are configured as show in the 3560 PoE config. Having more than one VLAN requires the switch ports configured as trunks, not access ports, and configured with a native vlan assigned (in this case the management vlan is vlan100). Additionally, all VLANs are in each switch's database.
    Wireless LAN Controller and Lightweight Access Point Basic Configuration Example - Cisco Systems

    While the Cisco WLCs always connect to 802.1Q trunks, Cisco lightweight APs do not understand VLAN tagging and should only be connected to the access ports of the neighbor switch.

    Quote Originally Posted by hermeszdata View Post
    Clients associate/connect to APs. Authentication is open with no encryption (unsecure network). Statically configured clients are unable to ping anything nor are they pingable from the WLC or any device. The WLC GUI shows clients connected to AP(s).
    Pretty odd.. The client can't ping the IP of the dynamic interface the SSID is configured for.. Any useful logs on the WLC? Maybe create a temporary pool on the WLC. And the WLC can ping the sub-interface (of the guest network) on router.

    Quote Originally Posted by hermeszdata View Post
    I pulled my 1121 AP from my local network aftrer setting it up for DHCP and plugged it into the 3560 switch (initially the port set for VLAN100 and then VLAN101) in both cases the AP pulled an IP address and when the client connected it to pulled an IP address via DHCP and was able to connect completely to the network/internet. This confirms the router and switch setups and points directly to an issue with the WLC config.
    Agreed the DHCP setup from the router to the switches/VLAN look correct.
    Last edited by SteveO86; 05-01-2011 at 11:16 PM.
    Reply With Quote Quote  

  6. Cantankerous Old Fart hermeszdata's Avatar
    Join Date
    Jan 2010
    Location
    Colorado
    Posts
    225

    Certifications
    CCNA, CCNA:Voice (Ent) AdTran ATSA Internetworking
    #5

    Thumbs up Boils down to security settings!

    Quote Originally Posted by SteveO86 View Post
    Wireless LAN Controller and Lightweight Access Point Basic Configuration Example - Cisco Systems






    Pretty odd.. The client can't ping the IP of the dynamic interface the SSID is configured for.. Any useful logs on the WLC? Maybe create a temporary pool on the WLC. And the WLC has full connectivity to the rest of the network?



    Agreed the DHCP setup from the router to the switches/VLAN look correct.
    Issues resolved ... at last.

    It's all those undefined buttons and switches. So, I just began experimenting a bit.

    Under the WLANs tab in the WLC's GUI is a Security Policy area. When I switched Layer 2 Security to none (default is 802.1X) clients began grabbing IPs right away and proper access to networks gained.

    Playing with the encryption settings now.

    RE: Switch port settings. The text you quoted is accurate ... However ...
    when we define the port's config as follows:

    Code:
    !
    interface FastEthernet0/3
    switchport trunk encapsulation dot1q
    switchport trunk native vlan 100
    switchport trunk allowed vlan 1,10,11,100,101
    switchport mode trunk
    spanning-tree portfast
    !
    the port become's an access (untagged) port for the specified native vlan. This is the same process used for data/voice trunking in VoIP configurations.

    Using VLANs with Cisco Aironet Wireless Equipment - Cisco Systems

    The above document (I've actually had this printed for a couple of months) is a great reference for VLAN trunking on APs and clearly references the aspect/importance of the native vlan, both from the AP's and Switch's perspective.

    I just wish that there was better documentation on the rest of the WLC configuration. Now on to figuring out ACLs and the rest of the security configuration.

    Thanks.
    Reply With Quote Quote  

  7. Senior Member SteveO86's Avatar
    Join Date
    Oct 2010
    Location
    FL
    Posts
    1,405

    Certifications
    CCNP, CCIP, CCDP, CCNP: Security/Data Center, CCNA Wireless, CWNA, WCNA
    #6
    As far as the port configuration, that document is for Autonomous AP's not LWAPs, but hey if it works it works. Since the native vlan isn't tag your right you'll be ok.

    Layer 2 security settings, that means the client would associate to the AP but will not pass traffic until authenticated.

    (When in doubt I've found it helpful to SSH into the AP and debug the client, that probably would have helped with situation quicker, I just didn't think about the SSID security settings, and of course it's right their in the config )
    Reply With Quote Quote  

  8. Cantankerous Old Fart hermeszdata's Avatar
    Join Date
    Jan 2010
    Location
    Colorado
    Posts
    225

    Certifications
    CCNA, CCNA:Voice (Ent) AdTran ATSA Internetworking
    #7
    Quote Originally Posted by SteveO86 View Post
    As far as the port configuration, that document is for Autonomous AP's not LWAPs, but hey if it works it works. Since the native vlan isn't tag your right you'll be ok.

    Layer 2 security settings, that means the client would associate to the AP but will not pass traffic until authenticated.

    (When in doubt I've found it helpful to SSH into the AP and debug the client, that probably would have helped with situation quicker, I just didn't think about the SSID security settings, and of course it's right their in the config )
    Tried the SSH thing but I apparently have other things to configure to allow that connectivity.

    That was a lot to look at config wise. I'm still trying to make sense of it all. Back to the books.
    Reply With Quote Quote  

  9. Cantankerous Old Fart hermeszdata's Avatar
    Join Date
    Jan 2010
    Location
    Colorado
    Posts
    225

    Certifications
    CCNA, CCNA:Voice (Ent) AdTran ATSA Internetworking
    #8

    Default VLAN Trunking, LAP and Switch Configs

    Reply With Quote Quote  

  10. Senior Member SteveO86's Avatar
    Join Date
    Oct 2010
    Location
    FL
    Posts
    1,405

    Certifications
    CCNP, CCIP, CCDP, CCNP: Security/Data Center, CCNA Wireless, CWNA, WCNA
    #9
    Here's the Cisco Config guide for the IOS/Model, not sure if you got this already. (it's seem that model is EoL, now wonder that was tough to find, or I would have posted it earlier)

    Cisco Wireless LAN Controller Configuration Guide, Release 3.2 - Chapter 1 - Overview [Cisco 4400 Series Wireless LAN Controllers] - Cisco Systems

    As far as the SSH thing, it should be a configurable option under the individual AP's.

    Just wait till you get more AP's on their, the config grows.

    Good luck!

    (I don't how v3.2.2 is but I know earlier versions of v5 and v6 were exceptionally buggy for me, and some of the bugs required me to reboot the AP to recover from. We are up v7 as far as controller code goes so if some of the documentation on Cisco's site don't match that would be why)
    Last edited by SteveO86; 05-02-2011 at 01:20 AM.
    Reply With Quote Quote  

  11. Cantankerous Old Fart hermeszdata's Avatar
    Join Date
    Jan 2010
    Location
    Colorado
    Posts
    225

    Certifications
    CCNA, CCNA:Voice (Ent) AdTran ATSA Internetworking
    #10
    Quote Originally Posted by SteveO86 View Post
    Here's the Cisco Config guide for the IOS/Model, not sure if you got this already. (it's seem that model is EoL, now wonder that was tough to find, or I would have posted it earlier)

    Cisco Wireless LAN Controller Configuration Guide, Release 3.2 - Chapter 1 - Overview [Cisco 4400 Series Wireless LAN Controllers] - Cisco Systems

    As far as the SSH thing, it should be a configurable option under the individual AP's.

    Just wait till you get more AP's on their, the config grows.

    Good luck!

    (I don't how v3.2.2 is but I know earlier versions of v5 and v6 were exceptionally buggy for me, and some of the bugs required me to reboot the AP to recover from. We are up v7 as far as controller code goes so if some of the documentation on Cisco's site don't match that would be why)

    The 4136 I have has 3.2.210.0. I currently have 20 of the AIR-AP1010s. looking to get an upgrade on the IOS for the 4136 and the APs.

    I have to start (tomorrow) on resetting what I have in APs and get them ready for installation/migration. I also need to work on the authentication process for the Quest access and how to use a URL to do this.
    Reply With Quote Quote  

  12. Senior Member SteveO86's Avatar
    Join Date
    Oct 2010
    Location
    FL
    Posts
    1,405

    Certifications
    CCNP, CCIP, CCDP, CCNP: Security/Data Center, CCNA Wireless, CWNA, WCNA
    #11
    Yea when you after you get the upgrade on the WLC and reboot the WLC (so it boots to the new version) all the LWAPs will be down until the the LWAPs download the new code.

    I think older version only allowed 4-6 LWAP's to download the update at once, the rest will continuously reboot, until a slot is open. So you definitely want to upgrade prior to putting everything in production. I think the latest code for the 4136 is 3.2.215.. I think not a 100% on that one.
    Reply With Quote Quote  

+ Reply to Thread

Social Networking & Bookmarks