WLC-4402+AIR-LAP1142N problem

Unanswered Question
Jul 14th, 2009
User Badges:

Hello all,


I've got a following problem with bringing up simple wireless configuration. There is a WLC-4402 controller and several remote locations (I am testing one so far). Two WLAN configured (one for employee and the other for guest access - no mobility anchoring used, guest is just mapper to VLAN restricted on the firewall). WLC serves DHCP pools for wireless clients. Problem I am experiencing at the moment is that user with laptop is able to connect to guest WLAN, got an IP but can communicate (ping) only its own IP, the controller IP in guest subnet and default gateway (which is the firewall interface). Traffic to any other destinations never hit gateway (I am running tcpdump on it to confirm). I double checked controller config but no luck so far. Could that be caused by missconfigured tunnel? No ACL or restriction set on WLC - see attached config.


Thank you in advance,


Peter



Attachment: 
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
dancampb Tue, 07/14/2009 - 11:04
User Badges:
  • Cisco Employee,

I don't see any issues with the config that would cause this issue. Was the PC maybe also wired into the network at the same time? The wired connection usually gets a higher priority than the wireless interface on a PC.

piotrderda Tue, 07/14/2009 - 11:06
User Badges:

Nope, that was the first thing I checked. Wifi was the only connection during the test and routing table on client consist only one default gateway through wireless.

Scott Fella Tue, 07/14/2009 - 18:51
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    The Hall of Fame designation is a lifetime achievement award based on significant overall achievements in the community. 

  • Cisco Designated VIP,

    2017 Wireless

Post the show run-config if you can. I would like to see what that shows.

mat.edwards Wed, 07/15/2009 - 03:52
User Badges:

Is this an open network or have you enabled layer 3 security? Web Auth? I can see you have created a lobby admin account so expect that you use this for guest account creation with web auth..


When you associate/receieve IP address to the open guest network have you then opened a web browser and authenticated? Until you enter your login details created on the WLC I would imagine that you wouldn't be able to send any data.


If you have authenticated already, can you check on the WLC that the client is associated/authenticated and is the Corp network ok? Also what is the topology between the WLC/Firewall/Remote sites.


Cheers

Mat

Actions

This Discussion

 

 

Trending Topics: Other Wireless Mobility

client could not be authenticated
Network Analysis Module (NAM) Products
Cisco 6500 nam
reason 440 driver failure
Cisco password cracker
Cisco Wireless mode