Users Not Getting DHCP Address with WPA2 AES Config'd on 1250

Unanswered Question
Jun 9th, 2009
User Badges:

We just started testing WPA2 on our IOS APs & WLCs; no problems yet except for with the 1250. We have a 1250 running IOS 124-10b.JDA.

Some users get authenticated and get a DHCP address no problems. A handful of users (no common thread yet in terms of laptop/wireless NIC/wireless driver version) get associated, then authenticated, but never get a DHCP address. If we set a static IP in their wireless settings, they get on the network just fine.

These users had NO problems when only WPA TKIP was configured.

Any thoughts?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading. Fri, 06/26/2009 - 06:53
User Badges:

I ran some debugs on the AP which did not show much. A wireshark trace off a problem laptop's wireless NIC shows that the user gets authenticated successfully, sends out 4 DHCP requests, then gives up and goes with the local 169.254.x.y address.

Met with a TAC engineer and IOS specialist; they had us disable the "TKIP MIC Failure Holdoff Time" in Security > Advanced Security > Timers, thinking it wouldn't change the problem but they just wanted to try it.

Once that was disabled, all users picked up their DHCP IPs with no problems. Very strange, but it has solved the problem!


This Discussion



Trending Topics - Security & Network