I am having some problems with ARP requests from wireless clients to wired hosts. I have a 4402 setup with a a few WLANs and their associated dynamic interfaces. I also have an ASA that is the default gateway for each of the VLANs associated with the 4402's dynamic interfaces. After I associate, I try and ping the default gateway. If I monitor the VLAN, I see the ARP request emitted onto the wired network as usual, broadcast, and I see the reply from the ASA's interface, unicast. The ARP reply never seems to make it back to the wireless client. If I issue the command "debug arp all enable" on the WLC I get the following message:
dtlArpFindClient:ARP lookup for <gateway IP> failed (not a client).
If I issue a "show arp switch" command I see the gateway's MAC address in the table listed as a 'host' type, rather than a 'client' type.
What is strange is I get the same dtlArpFindClient errors when I try and contact other hosts on the same subnet, however I can communicate correctly. The ASA uses the same MAC address across its interfaces, although I'm not sure if this is part of the problem.
The 4402 is running software version 220.127.116.11.