cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
514
Views
0
Helpful
2
Replies

1100 wireless clients on same SSID cannot communicate with each other

bhoops
Level 1
Level 1

On one of our 1100 APs the wireless devices that are connected cannot ping or access each other. All devices are accessible from wired workstations, as well as from the AP itself. The affected devices can also access the other wireless devices when plugged in to the switch.

AP firmware is v12.3 and this issue has arrisen sometime in the past 30 days despite the fact that the AP has not been restarted or had any configuration changes. I did restart the AP and all devices with no success. I have also connected the devices to a different AP and then they were all able to communicate fine.

I have attached the AP's configuration. Any suggestions?

Thanks. -Brian

2 Replies 2

Rob Huffman
Hall of Fame
Hall of Fame

Hi Brian,

Here is the related setting;

Enabling and Disabling Public Secure Packet Forwarding

Public Secure Packet Forwarding (PSPF) prevents client devices associated to an access point from inadvertently sharing files or communicating with other client devices associated to the access point. It provides Internet access to client devices without providing other capabilities of a LAN. This feature is useful for public wireless networks like those installed in airports or on college campuses.

--------------------------------------------------------------------------------

Note To prevent communication between clients associated to different access points, you must set up protected ports on the switch to which your access points are connected. See the "Configuring Protected Ports" section for instructions on setting up protected ports.

--------------------------------------------------------------------------------

To enable and disable PSPF using CLI commands on your access point, you use bridge groups. You can find a detailed explanation of bridge groups and instructions for implementing them in this document:

•Cisco IOS Bridging and IBM Networking Configuration Guide, Release 12.2. Click this link to browse to the Configuring Transparent Bridging chapter: http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/fibm_c/bcfpart1/bcftb.htm

You can also enable and disable PSPF using the web-browser interface. The PSPF setting is on the Radio Settings pages.

PSPF is disabled by default. Beginning in privileged EXEC mode, follow these steps to enable PSPF:

Command Purpose

Step 1

configure terminal

Enter global configuration mode.

Step 2

interface dot11radio { 0 | 1 }

Enter interface configuration mode for the radio interface. The 2.4-GHz radio is radio 0, and the 5-GHz radio is radio 1.

Step 3

bridge-group group port-protected

Enable PSPF.

Step 4

end

Return to privileged EXEC mode.

Step 5

copy running-config startup-config

(Optional) Save your entries in the configuration file.

Use the no form of the command to disable PSPF.

http://www.cisco.com/en/US/docs/wireless/access_point/12.2_15_JA/configuration/guide/s15rf.html#wp1038494

Hope this helps!

Rob

Thank you for the answer, but unless I have misinterpreted it PSPF is not the cause.

We're using VLANs, so PSPF is set per VLAN. Currently it is disabled on all VLANs. The affected devices are on VLAN1 (the other VLANs are untested) and VLAN1 is configured as such:

interface Dot11Radio0.1

encapsulation dot1Q 1

no ip route-cache

bridge-group 254

bridge-group 254 block-unknown-source

no bridge-group 254 source-learning

no bridge-group 254 unicast-flooding

bridge-group 254 spanning-disabled

Any additional suggestions to try?

Thanks!

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: