DHCP client not getting ip address from dhcp server

Unanswered Question
Nov 24th, 2010
User Badges:

dear all,


           see the attached diagram, i am facing small problem.


I have 4 1140 Access point, configure windows IAS and local radius authentication and i am facing problem that client not getting ip address from dhcp server.  When i was connected without radius its ok working fine, when i used radius for authentication weather that should be local radius or external radius (windows IAS) then client not getting ip address.



         I have core switch connected to all edge switches and from that edge i was connected access point.  DHCP Server and all vlans are configure in core switch 3750, edges model 2960 series.



anybody can help me in these issue,

Attachment: 
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Srinivasaraghav... Wed, 11/24/2010 - 13:49
User Badges:
  • Cisco Employee,

Hi, Do you have  default gateway configured on the AP and can  you ping it from  your AP. Just make the ssid an open auth and check if the cleint is  getting associated and authenticated and gets an Ip address. If it does then you can eliminte DHCP issue. That leaves with the  EAP configuration. If  using  local radius  then  check the config. if  using external RADIUS server , check shared secret is same on AP and IAS server. Check if you have  your client configured corretly for  correct EAP , like PEAP etc , check same settings on IAS. For Peap  you need to have a certificate installed on the IAS server. Srini

Srinivasaraghav... Wed, 11/24/2010 - 13:56
User Badges:
  • Cisco Employee,

Hi , Here is a link for external Radius server config http://www.cisco.com/en/US/products/hw/wireless/ps4570/products_configuration_example09186a00801bd035.shtml Here is an example for LEAP configuration using  LOCAL RADIUS server on AP http://www.cisco.com/en/US/products/hw/wireless/ps4570/products_configuration_example09186a00801c0912.shtml check this  out.

Scott Fella Wed, 11/24/2010 - 15:38
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    The Hall of Fame designation is a lifetime achievement award based on significant overall achievements in the community. 

  • Cisco Designated VIP,

    2017 Wireless

You mentioned that when you don't use radius, then the clients obtain an ip address.  So either the clients are not setup correctly since you are probably using 802.1x instead of open, wep or psk.  Or if they are setup right, then the credentials are not correct.  What does the log on the radius show?

mrsystemengineer Sat, 11/27/2010 - 01:50
User Badges:

Dear All,


         I was told you in my last discussion, when i was used without radius i can access wireless and getting ip address also perfect.  When i was used Local or External Radius IP address not getting to client and authentication is OK.



          Anybody have any snapshot of external radius (windows IAS) i will very it.



Thanks for sending the link and your support, my case is something typical and even cisco tac also following from last 3 months.



regards,

maldehne Sun, 11/28/2010 - 10:09
User Badges:
  • Cisco Employee,

You need to check if the AAA server is sending RADIUS attributes responsible for assigning vlans to the client

and make sure that subinterfaces have been configured properly for those vlans on the AP.

Actions

This Discussion

 

 

Trending Topics - Security & Network