No DHCP request after changing to WPA on WAP4410N

Unanswered Question
Feb 22nd, 2010
User Badges:

Hi,


I´m working with a Cisco WAP4410N to get wireless access to my network. If I configure the AP to use WEP, everything is working fine. All hosts get an IP-adress via DHCP.

When I change to WPA, I do not see any DHCP broadcast message on my network, although I get the messages "Associated" and "ptk update success" on the WAP4410N log so physically I´m connected to the AP, but I do not get an IP-adress because of the missing DHCP dialog.


Feb 22 09:13:52 airrace kernel: [][00:21:FE:CC:19:02] SUBTYPE_AUTH
Feb 22 09:13:52 airrace kernel: [test123][00:21:FE:CC:19:02] Associated
Feb 22 09:13:52 airrace hostapd: ptk update success



PID VID:WAP4410N-E V01
Software Version:2.0.1.0


Behind the AP I do have a network with a DHCP/DNS server running SuSe 11.0 with dnsmasq with DHCP.


Is anyone facing the same problem?


br

Markus

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
edpaz Mon, 02/22/2010 - 08:12
User Badges:

Markus,

I understand your situation. First off, our Cisco WAP series device does not sent out requests for DHCP. This information is obtained from your routers, or DHCP servers. When a wireless device connects to our WAP it requests the user to type in the security password, or Shared Key. And once that is made the WAP will relay the information to your router, switch, or DHCP server to give the wireless device its IP address.

Second, since you changed your Security mode from WEP to WPA. All your PC, laptops have saved the wireless connection using WEP. I suggest removing the wireless profile in the laptops, and PC application. Then submit a Wireless Broadcast Network search once it see the new SSID you should be able to reconnect with the new Security mode.

Also, verify that under the Setup Tab> Basic Setup> Network Setup and verify the following:

Default Gateway is pointing to your Router

Primary DNS: [your DHCP/DNS server]

Secondary DNS: [your DHCP/DNS server]

I believe the first step should do the trick.

If you have any more questions and would like to contact us, please call our Cisco Small Business Support Center – Click here

doingmusic Mon, 02/22/2010 - 08:30
User Badges:

Hi,


of course the AP doesn´t send out DHCP requests ;), but in case of WEP, an DHCP request is relayed - in case of WPA or WPA2, no DHCP request is relayed.


I already tried all that stuff you mentioned - without success.


I also tried another DHCP server but the traces of my network always show the same - in case of WEP everything works fine (means that an ip adress is obtained via DHCP) - changing to WPA no DHCP broadcast message is seen on my network, so the DHCP server has no chance to answer.

For me it looks like, that the WAP4410N doesn´t relay the DHCP request from my laptop.

I also tried various clients (Mobile, PDA, Laptop). All of them are working over other wireless equipment with WPA - only th WAP4410N makes troubles.


Is that any known issue? I searched the internet now for days but without result. Is it possible, that a hardware defect can lead to this behaviour?


br

Markus

alissitz Mon, 02/22/2010 - 20:24
User Badges:
  • Silver, 250 points or more

Hello and good evening,


I might suggest to call the small biz support center if you still have support on this.


Good idea to get away from WEP ... WEP is bad.  Have you upgraded this to the latest firmware?  Sounds like you have.


Any chance you can get some stats on the problem occurring?  For example, some PC NIC cards will give you counters for packet counts, errors or authentication.  My first thoughts are that this is likely related to the clients not supporting WPA, preshared ... maybe it is tkip, etc ...


Perhaps some counters of visibility will help us understand a few things.  Also a sniffer capture might help you see if the dhcp request ever reaches the server or vice versa.


Any thoughts on whether or not you can get some additional visibility?


The 4410 does not really care what kind of packets are being sent ... however it cannot get this far if the client cannot associate with the AP.  Once the association occurs, then dhcp request and offer packets can come and go.


HTH,


Andrew Lissitz

doingmusic Mon, 02/22/2010 - 23:02
User Badges:

Hello,


I´m already in touch with the small business support and have already sent them a trace with working DHCP(WEP) and with a not working case (WPA2).


And of course I do have the latest firmware available :D.


All equipment I´m using is working in other WLANs with WPA or WPA2 so I can exclude missbehaviour of the client.


The traces I mentioned above show, that there is an DHCP broadcast when using WEP but it isn´t if I change to WPA - even though I´m configuring a completely new WLAN with a different SSID :(


So you might be right that the AP doesn´t care about packets sent from client to server - but it looks if some packets are blocked because of some reasons.


As I mentioned in my posting before I also tried another DHCP-Server - without any changes...


Let´s see, if your small business support will find a solution.


br

Markus

alissitz Tue, 02/23/2010 - 06:23
User Badges:
  • Silver, 250 points or more

Thanks for the update.  if you find the time, do please let us know how you make out.


I am also due to get a WAP4410 in a week or so, and can do some testing as well.  Let me know if you can,


Andrew Lissitz

doingmusic Mon, 03/08/2010 - 05:07
User Badges:

Hi anybody out there ;),


after some mailings with the small business support we come to the conclusion to change the WAP4410N by a new one.

So I went to mey dealer, told him the story and he changed the WAP4410N.

After upgrading to the latest firmware and configuring the AP everything works fine (so far ;)).


The DHCPDiscovery mesage and all that DHCP stuff is now passed through properly.


So WPA now works fine - hope this makes my WLAN a little bit safer :D.


Thanks guys,


cu


over and out



alissitz Mon, 03/08/2010 - 07:39
User Badges:
  • Silver, 250 points or more

Many thanks for providing us an update.  Glad to hear you are 'rockin and rolling'.


you = safer now.  ;-)


Kindest regards and best wishes for the week!!!


Andrew Lissitz