ARP issue on new install

markc.williams · ‎08-26-2007

Hi. I'm having a problem with clients connecting to other clients or devices on the same subnet they are on.

It might have something to do with ARP. As when i ping another device on the client, the ARP entry shows as '00-00-00-00-00-00 invalid' (is not receiving the mac address of the other device)

but if a go to another devices on the same network Eg router (default gateway) and ping that client.... the router actually gets the MAC address of the wireless card on the client.

We have no special setup... WLC 4404 (not using LAG) 4.1.171.0. and APs are C1130

I'm a missing some setting on the WLC?

scottmac · ‎08-26-2007

Check to see if PSPF is enabled. PSPF (Public Secure Packet Forwarding) is a safety / security mechanism designed (and enabled by default, I think) that prevents members of an AP from communicating with other memberrs of that AP.

The idea was to protect (network / wireless ignorant) patrons of Internet Cafe-type places from predatory activity.

Disable PSPF if it's enabled and you should be good to go.

Good Luck

Scott

markc.williams · ‎08-27-2007

i cant find a setting for PSPF on the WLC... does this apply when running the APs in LWAP mode?

markc.williams · ‎08-28-2007

OK.. i've done furthure investigation

I enabled 'debug arp all enabled" and i got this message when the device tries to ping the gateway:

Tue Aug 28 19:08:58 2007: dtlArpFindClient:ARP look-up for 10.1.23.1 failed (not a client).

Tue Aug 28 19:08:58 2007: dtlArpRequest: Recv ARP Request from mobile 00:14:A5:4B:6D:2C for IP 10.1.23.1. forward to DS 1.

debug arp detail Tue Aug 28 19:09:05 2007: dtlArpRequest: Arp request. src: 00:14:a5:4b:6d:2c

I have no idea what " dtlArpFindClient:ARP look-up for 10.1.23.1 failed (not a client)." means.

00:14:A5:4B:6D:2C = wireless client

10.1.23.1 is the default gateway