1100 wireless clients on same SSID cannot communicate with each other

Unanswered Question
Jun 2nd, 2008
User Badges:

On one of our 1100 APs the wireless devices that are connected cannot ping or access each other. All devices are accessible from wired workstations, as well as from the AP itself. The affected devices can also access the other wireless devices when plugged in to the switch.


AP firmware is v12.3 and this issue has arrisen sometime in the past 30 days despite the fact that the AP has not been restarted or had any configuration changes. I did restart the AP and all devices with no success. I have also connected the devices to a different AP and then they were all able to communicate fine.


I have attached the AP's configuration. Any suggestions?


Thanks. -Brian





  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Rob Huffman Mon, 06/02/2008 - 08:53
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 IP Telephony, Unified Communications

Hi Brian,


Here is the related setting;


Enabling and Disabling Public Secure Packet Forwarding

Public Secure Packet Forwarding (PSPF) prevents client devices associated to an access point from inadvertently sharing files or communicating with other client devices associated to the access point. It provides Internet access to client devices without providing other capabilities of a LAN. This feature is useful for public wireless networks like those installed in airports or on college campuses.




--------------------------------------------------------------------------------


Note To prevent communication between clients associated to different access points, you must set up protected ports on the switch to which your access points are connected. See the "Configuring Protected Ports" section for instructions on setting up protected ports.



--------------------------------------------------------------------------------


To enable and disable PSPF using CLI commands on your access point, you use bridge groups. You can find a detailed explanation of bridge groups and instructions for implementing them in this document:


•Cisco IOS Bridging and IBM Networking Configuration Guide, Release 12.2. Click this link to browse to the Configuring Transparent Bridging chapter: http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/fibm_c/bcfpart1/bcftb.htm


You can also enable and disable PSPF using the web-browser interface. The PSPF setting is on the Radio Settings pages.


PSPF is disabled by default. Beginning in privileged EXEC mode, follow these steps to enable PSPF:



Command Purpose

Step 1

configure terminal

Enter global configuration mode.


Step 2

interface dot11radio { 0 | 1 }

Enter interface configuration mode for the radio interface. The 2.4-GHz radio is radio 0, and the 5-GHz radio is radio 1.


Step 3

bridge-group group port-protected

Enable PSPF.


Step 4

end

Return to privileged EXEC mode.


Step 5

copy running-config startup-config

(Optional) Save your entries in the configuration file.




Use the no form of the command to disable PSPF.


http://www.cisco.com/en/US/docs/wireless/access_point/12.2_15_JA/configuration/guide/s15rf.html#wp1038494


Hope this helps!

Rob



bhoops Mon, 06/02/2008 - 09:10
User Badges:

Thank you for the answer, but unless I have misinterpreted it PSPF is not the cause.


We're using VLANs, so PSPF is set per VLAN. Currently it is disabled on all VLANs. The affected devices are on VLAN1 (the other VLANs are untested) and VLAN1 is configured as such:


interface Dot11Radio0.1

encapsulation dot1Q 1

no ip route-cache

bridge-group 254

bridge-group 254 block-unknown-source

no bridge-group 254 source-learning

no bridge-group 254 unicast-flooding

bridge-group 254 spanning-disabled


Any additional suggestions to try?


Thanks!

Actions

This Discussion

 

 

Trending Topics: Other Wireless Mobility

client could not be authenticated
Network Analysis Module (NAM) Products
Cisco 6500 nam
reason 440 driver failure
Cisco password cracker
Cisco Wireless mode