aironet 1131, 1141, ios 12.4-21a.JA dhcp problem

Unanswered Question
Nov 26th, 2010
User Badges:

I have 2 ssid,  one open and other with wpa in 2 vlans, i use a external dhcp server, this run ok with ios version 12.4-10b JDA, when i upgrade firmware to 12.4-21a.JA the dhcp server received dhcp request and send ip number to clients but the clients not received this ips. Can  any one help me ?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Nicolas Darchis Sat, 11/27/2010 - 11:44
User Badges:
  • Cisco Employee,

I've never seen something this big happening.

If you upgrade to 12.4.21 JY or so, does it give better result ?

I would suggest to investigate deeper, like checking if the DHCP offer from the server reaches the AP and if it really seems that the AP is trashing it.


joseavalero Sun, 11/28/2010 - 12:01
User Badges:

if I downgrade the ios version the problem disapear , i upgrade one 1141 to to 12.4.21 JY and dhcp fails too.

Tomorrow i will review the configuration line by line.

Surendra BG Mon, 11/29/2010 - 17:40
User Badges:
  • Cisco Employee,

Hi.. just tried the same and the DHCP is working well.. without any issues..



joseavalero Tue, 11/30/2010 - 03:09
User Badges:

i found the problem, l2-filter block-arp , with previous version not fail, and with this ios fail.

Any idea ?

Madhuri C Tue, 11/30/2010 - 05:42
User Badges:
  • Cisco Employee,


Have you configured 'wpa optional' by any chance ?

If yes, there is a bug  CSCte08161 on 12.4(21a)JA1 where in AP may drop DHCP offer though it is sent by wired lan

Link :

In your case, you mentioned that DHCP server does send offer but clients do not get.

This bug does not affect 12.4(10b)JDA as you can see from bug description.

Workaround : not to use optional or downgrade to 12.4(10b)JDA

Again this might be the bug iff you are using 'wpa optional'



joseavalero Tue, 11/30/2010 - 09:01
User Badges:

My configuration is :

   authentication open eap eap_methods

   authentication key-management wpa

   accounting acct_methods

   mbssid guest-mode

I try  to change to

     authentication key-management wpa 1

or keep version 12.4(10b)JDA


Madhuri C Tue, 11/30/2010 - 17:18
User Badges:
  • Cisco Employee,


If you are not using wpa optional then this might not be the bug. However we can doublecheck.

If you are using TKIP as cipher, try setting it to 'authentication key-management wpa 1' and see if issue can be reproduced in 12.4-21a.JA

If you are using AES as cipher try setting it to 'authentication key-management wpa version 2' 




This Discussion



Trending Topics - Security & Network