Cisco Aironet 1240ag - Client unable to obtain valid ip

Trying to setup 2 access points to allow roaming. We have 1 old accesspoint Aironet 1100 and the new one Aironet 1240AG.

I am having problems obtaining a valid IP when connecting to the new accesspoint. Only get a private ip address. I know the accesspoint has a valid ip, as I can connect to it from the server. Also able to ping from the server. Only clients cannot get a valid ip. The config looks like this. Anyone could help me find a solution? :)


!
version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname TESTAP02
!
no logging console
enable secret 5 $1$Gx7/$dRhUfAiSX4Pk24OKk2MkU0
!
no aaa new-model
!
!
!
dot11 ssid TestWLAN
   authentication open 
   guest-mode
!
!
!
username Cisco password 7 01300F175804
!
bridge irb
!
!
interface Dot11Radio0
 no ip address
 no ip route-cache
 !
 encryption key 1 size 128bit 7 44D05C2072888B8DFB4E63D160D3 transmit-key
 encryption key 2 size 128bit 7 57A923F257C450C1DBE4694F094A
 encryption key 3 size 128bit 7 0EC0156E39A27E979231468AA185
 encryption key 4 size 128bit 7 FC82494E9C9A8CF462590BAF4EB7
 encryption mode wep mandatory 
 !
 ssid TestWLAN
 !
 channel 2462
 station-role root
 bridge-group 1
 bridge-group 1 subscriber-loop-control
 bridge-group 1 block-unknown-source
 no bridge-group 1 source-learning
 no bridge-group 1 unicast-flooding
 bridge-group 1 spanning-disabled
!
interface Dot11Radio1
 no ip address
 no ip route-cache
 shutdown
 no dfs band block
 channel dfs
 station-role root
 bridge-group 1
 bridge-group 1 subscriber-loop-control
 bridge-group 1 block-unknown-source
 no bridge-group 1 source-learning
 no bridge-group 1 unicast-flooding
 bridge-group 1 spanning-disabled
!
interface FastEthernet0
 no ip address
 no ip route-cache
 duplex auto
 speed auto
 bridge-group 1
 no bridge-group 1 source-learning
 bridge-group 1 spanning-disabled
!
interface BVI1
 ip address 192.168.1.97 255.255.255.0
 no ip route-cache
!
ip default-gateway 192.168.1.254
ip http server
no ip http secure-server
ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag
ip radius source-interface BVI1 
snmp-server community private RW
snmp-server enable traps tty
bridge 1 route ip
!
!
!
line con 0
 transport output all
line vty 0 4
 login local
 transport input all
 transport output all
line vty 5 15
 login
 transport input all
 transport output all
!
end

Open in new window

WhiteMafiosiAsked:
Who is Participating?
 
Jakob DigranesConnect With a Mentor Senior ConsultantCommented:
Yup ... Wireshark (formerly Ethereal) is probarbly the tool I use the most in networking.
Great for troubleshooting, even better for training
0
 
memo_tntCommented:
0
 
WhiteMafiosiAuthor Commented:
Same problem when using your config :(
0
Protect Your Employees from Wi-Fi Threats

As Wi-Fi growth and popularity continues to climb, not everyone understands the risks that come with connecting to public Wi-Fi or even offering Wi-Fi to employees, visitors and guests. Download the resource kit to make sure your safe wherever business takes you!

 
memo_tntCommented:
hi

plz post the new configuration that similar to mine
0
 
Jakob DigranesSenior ConsultantCommented:
First of all - where's your DHCP server located? on the same LAN?
If you connect with wire - can you get IP?

It could be several issues concerning IP-addresses:
- incorrect key. Make sure you have the right key
- Switches/Router configuration error
- Firewall - if any between servers and AP

Look at DHCP server, do you find any errors in event log?
Look at the switch connected to AP, is there any errors here? What kind of switch is it? How is the port where the AP is connected configured?

When you set a static IP with the WiFi-card, can you then connect and browse internet through the AP? If you can - look at your switches/firewall/router config, remember that DHCP is broadcast.

You can also install Wireshark on your laptop and possibly the DHCP server to see if the request is sent. (www.wireshark.org)

This is the DHCP-process

DHCP DISCOVER (Broadcast MAC - FF:FF:FF:FF:FF:FF) Sender: Computers MAC-address
if DHCP server gets this and is authorized and running it responds with:
DHCP OFFER (a valid IP configuration sent to DHCP DISCOVER senders MAC)
if this reaches the requesting computer, it responds with a
DHCP REQUEST (To say that it takes the IP-configuration offered) sent to server
Server then responds with (most likely) a DHCPACK to verify that the IP configuration is given to the client.

WIth wireshark you can easily follow this and that way find out where the problem lies ...


0
 
Jakob DigranesSenior ConsultantCommented:
btw: do NOT use WEP-encryption for anything important ... :-)
0
 
WhiteMafiosiAuthor Commented:
Thank you jakob_di!

Will try this when I get back from vacation in the new year. Hopefully wireshark wil give me some answers. Looks like a great program :)
0
 
WhiteMafiosiAuthor Commented:
Hi!

Do anyone understand anything from this dhcp request information from wireshark? :)


wireshark.jpg
0
 
WhiteMafiosiAuthor Commented:
Managed to trace network traffic from the aironet to switch using wireshark, found that dhcp ack stopped in the router. Had to set port type on the port to access point. After that everything worked fine :)

0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.