roaming issue between ap's? 4402 controller, 1010 AP's.

Unanswered Question
Sep 12th, 2007
User Badges:

We are having an issue logging into wireless. If I am authenticate at one location on campus I have no problems authenticating there at any time. However, if going to a different part of campus, different ap, I can not authenticate and the attempted authentication does not even show up in the passed or failed attempts log on the acs server. I can see the WiFi and I am able to obtain an IP. So, dhcp is working properly. I just can't authenticate.

All of our ap's are the light weight 1010, controlled by a 4402 controller. Authentication goes through the ACS controller which queries the LDAP server. It doesn't appear to be an LDAP issue because I don't have authentication problem as long as I authenticate to the same ap every time.

The default group they belong to allows an unlimited number of authentications.

Any ideas?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
ericgarnel Wed, 09/12/2007 - 06:46
User Badges:
  • Gold, 750 points or more

perhaps it is a routing or acl issue.

Are you using the same subnet/vlan/wlan in both areas and/or routing between the two or have acls that may be blocking traffic? Given the fact that you are not seeing any logs on the ACS, it sounds like the auth does not even reach the ACS to begin with.

simpsoro2 Wed, 09/12/2007 - 06:53
User Badges:

the ap's and users are all on the same vlan and there are no acl's blocking traffic.

ericgarnel Wed, 09/12/2007 - 07:15
User Badges:
  • Gold, 750 points or more

In that case, perhaps the next step is to compare the AP configurations, the disfunctional

AP vs the functional AP.

I've seen some issues in which I have upgraded the controllers, yet a few APs still had the old code.

Also, do you use WCS or the WLC to drive your AP templates?

simpsoro2 Wed, 09/12/2007 - 12:53
User Badges:

A little more info after some trouble shooting....I didn't mention previously but should have, we to 2 4402 wireless controllers. I took some of the ap's that were on controller 1 and set their primary controller to be controller 2 instead. After that I was able to authenticate to those ap's.

So, it appears that the issue is with the first controller.


This Discussion



Trending Topics: Other Wireless Mobility

client could not be authenticated
Network Analysis Module (NAM) Products
Cisco 6500 nam
reason 440 driver failure
Cisco password cracker
Cisco Wireless mode