?
Solved

Cisco Aironet 1240ag - Client unable to obtain valid ip

Posted on 2009-12-29
9
Medium Priority
?
1,306 Views
Last Modified: 2013-11-12
Trying to setup 2 access points to allow roaming. We have 1 old accesspoint Aironet 1100 and the new one Aironet 1240AG.

I am having problems obtaining a valid IP when connecting to the new accesspoint. Only get a private ip address. I know the accesspoint has a valid ip, as I can connect to it from the server. Also able to ping from the server. Only clients cannot get a valid ip. The config looks like this. Anyone could help me find a solution? :)


!
version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname TESTAP02
!
no logging console
enable secret 5 $1$Gx7/$dRhUfAiSX4Pk24OKk2MkU0
!
no aaa new-model
!
!
!
dot11 ssid TestWLAN
   authentication open 
   guest-mode
!
!
!
username Cisco password 7 01300F175804
!
bridge irb
!
!
interface Dot11Radio0
 no ip address
 no ip route-cache
 !
 encryption key 1 size 128bit 7 44D05C2072888B8DFB4E63D160D3 transmit-key
 encryption key 2 size 128bit 7 57A923F257C450C1DBE4694F094A
 encryption key 3 size 128bit 7 0EC0156E39A27E979231468AA185
 encryption key 4 size 128bit 7 FC82494E9C9A8CF462590BAF4EB7
 encryption mode wep mandatory 
 !
 ssid TestWLAN
 !
 channel 2462
 station-role root
 bridge-group 1
 bridge-group 1 subscriber-loop-control
 bridge-group 1 block-unknown-source
 no bridge-group 1 source-learning
 no bridge-group 1 unicast-flooding
 bridge-group 1 spanning-disabled
!
interface Dot11Radio1
 no ip address
 no ip route-cache
 shutdown
 no dfs band block
 channel dfs
 station-role root
 bridge-group 1
 bridge-group 1 subscriber-loop-control
 bridge-group 1 block-unknown-source
 no bridge-group 1 source-learning
 no bridge-group 1 unicast-flooding
 bridge-group 1 spanning-disabled
!
interface FastEthernet0
 no ip address
 no ip route-cache
 duplex auto
 speed auto
 bridge-group 1
 no bridge-group 1 source-learning
 bridge-group 1 spanning-disabled
!
interface BVI1
 ip address 192.168.1.97 255.255.255.0
 no ip route-cache
!
ip default-gateway 192.168.1.254
ip http server
no ip http secure-server
ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag
ip radius source-interface BVI1 
snmp-server community private RW
snmp-server enable traps tty
bridge 1 route ip
!
!
!
line con 0
 transport output all
line vty 0 4
 login local
 transport input all
 transport output all
line vty 5 15
 login
 transport input all
 transport output all
!
end

Open in new window

0
Comment
Question by:WhiteMafiosi
  • 4
  • 3
  • 2
9 Comments
 
LVL 16

Expert Comment

by:memo_tnt
ID: 26137748
0
 

Author Comment

by:WhiteMafiosi
ID: 26137788
Same problem when using your config :(
0
 
LVL 16

Expert Comment

by:memo_tnt
ID: 26137872
hi

plz post the new configuration that similar to mine
0
A Cyber Security RX to Protect Your Organization

Join us on December 13th for a webinar to learn how medical providers can defend against malware with a cyber security "Rx" that supports a healthy technology adoption plan for every healthcare organization.

 
LVL 22

Expert Comment

by:Jakob Digranes
ID: 26139680
First of all - where's your DHCP server located? on the same LAN?
If you connect with wire - can you get IP?

It could be several issues concerning IP-addresses:
- incorrect key. Make sure you have the right key
- Switches/Router configuration error
- Firewall - if any between servers and AP

Look at DHCP server, do you find any errors in event log?
Look at the switch connected to AP, is there any errors here? What kind of switch is it? How is the port where the AP is connected configured?

When you set a static IP with the WiFi-card, can you then connect and browse internet through the AP? If you can - look at your switches/firewall/router config, remember that DHCP is broadcast.

You can also install Wireshark on your laptop and possibly the DHCP server to see if the request is sent. (www.wireshark.org)

This is the DHCP-process

DHCP DISCOVER (Broadcast MAC - FF:FF:FF:FF:FF:FF) Sender: Computers MAC-address
if DHCP server gets this and is authorized and running it responds with:
DHCP OFFER (a valid IP configuration sent to DHCP DISCOVER senders MAC)
if this reaches the requesting computer, it responds with a
DHCP REQUEST (To say that it takes the IP-configuration offered) sent to server
Server then responds with (most likely) a DHCPACK to verify that the IP configuration is given to the client.

WIth wireshark you can easily follow this and that way find out where the problem lies ...


0
 
LVL 22

Expert Comment

by:Jakob Digranes
ID: 26139689
btw: do NOT use WEP-encryption for anything important ... :-)
0
 

Author Comment

by:WhiteMafiosi
ID: 26139799
Thank you jakob_di!

Will try this when I get back from vacation in the new year. Hopefully wireshark wil give me some answers. Looks like a great program :)
0
 
LVL 22

Accepted Solution

by:
Jakob Digranes earned 500 total points
ID: 26139824
Yup ... Wireshark (formerly Ethereal) is probarbly the tool I use the most in networking.
Great for troubleshooting, even better for training
0
 

Author Comment

by:WhiteMafiosi
ID: 26169723
Hi!

Do anyone understand anything from this dhcp request information from wireshark? :)


wireshark.jpg
0
 

Author Closing Comment

by:WhiteMafiosi
ID: 31670753
Managed to trace network traffic from the aironet to switch using wireshark, found that dhcp ack stopped in the router. Had to set port type on the port to access point. After that everything worked fine :)

0

Featured Post

A Cyber Security RX to Protect Your Organization

Join us on December 13th for a webinar to learn how medical providers can defend against malware with a cyber security "Rx" that supports a healthy technology adoption plan for every healthcare organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I recently purchased a Bluetooth headset called the Music Jogger (model BSH10). The control buttons on it look like this: One of my goals is to use it as the microphone and speakers for Skype calls. In that respect, it works well. However, I …
Using in-flight Wi-Fi when you travel? Business travelers beware! In-flight Wi-Fi networks could rip the door right off your digital privacy portal. That’s no joke either, as it might also provide a convenient entrance for bad threat actors.
This Micro Tutorial will show you how to maximize your wireless card to its maximum capability. This will be demonstrated using Intel(R) Centrino(R) Wireless-N 2230 wireless card on Windows 8 operating system.
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
Suggested Courses

807 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question