ARP issue on new install

Unanswered Question
Aug 26th, 2007

Hi. I'm having a problem with clients connecting to other clients or devices on the same subnet they are on.

It might have something to do with ARP. As when i ping another device on the client, the ARP entry shows as '00-00-00-00-00-00 invalid' (is not receiving the mac address of the other device)

but if a go to another devices on the same network Eg router (default gateway) and ping that client.... the router actually gets the MAC address of the wireless card on the client.

We have no special setup... WLC 4404 (not using LAG) and APs are C1130

I'm a missing some setting on the WLC?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
scottmac Sun, 08/26/2007 - 19:39

Check to see if PSPF is enabled. PSPF (Public Secure Packet Forwarding) is a safety / security mechanism designed (and enabled by default, I think) that prevents members of an AP from communicating with other memberrs of that AP.

The idea was to protect (network / wireless ignorant) patrons of Internet Cafe-type places from predatory activity.

Disable PSPF if it's enabled and you should be good to go.

Good Luck


markc.williams Mon, 08/27/2007 - 19:37

i cant find a setting for PSPF on the WLC... does this apply when running the APs in LWAP mode?

markc.williams Tue, 08/28/2007 - 01:28

OK.. i've done furthure investigation

I enabled 'debug arp all enabled" and i got this message when the device tries to ping the gateway:

Tue Aug 28 19:08:58 2007: dtlArpFindClient:ARP look-up for failed (not a client).

Tue Aug 28 19:08:58 2007: dtlArpRequest: Recv ARP Request from mobile 00:14:A5:4B:6D:2C for IP forward to DS 1.

debug arp detail Tue Aug 28 19:09:05 2007: dtlArpRequest: Arp request. src: 00:14:a5:4b:6d:2c

I have no idea what " dtlArpFindClient:ARP look-up for failed (not a client)." means.

00:14:A5:4B:6D:2C = wireless client is the default gateway


This Discussion