aironet 1131, 1141, ios 12.4-21a.JA dhcp problem

Unanswered Question
Nov 26th, 2010

I have 2 ssid,  one open and other with wpa in 2 vlans, i use a external dhcp server, this run ok with ios version 12.4-10b JDA, when i upgrade firmware to 12.4-21a.JA the dhcp server received dhcp request and send ip number to clients but the clients not received this ips. Can  any one help me ?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Average Rating: 5 (1 ratings)
Nicolas Darchis Sat, 11/27/2010 - 11:44

I've never seen something this big happening.

If you upgrade to 12.4.21 JY or so, does it give better result ?

I would suggest to investigate deeper, like checking if the DHCP offer from the server reaches the AP and if it really seems that the AP is trashing it.

Nicolas

joseavalero Sun, 11/28/2010 - 12:01

if I downgrade the ios version the problem disapear , i upgrade one 1141 to to 12.4.21 JY and dhcp fails too.

Tomorrow i will review the configuration line by line.

Surendra BG Mon, 11/29/2010 - 17:40

Hi.. just tried the same and the DHCP is working well.. without any issues..

Regards

Surendra

joseavalero Tue, 11/30/2010 - 03:09

i found the problem, l2-filter block-arp , with previous version not fail, and with this ios fail.

Any idea ?

Madhuri C Tue, 11/30/2010 - 05:42

Hi,

Have you configured 'wpa optional' by any chance ?

If yes, there is a bug  CSCte08161 on 12.4(21a)JA1 where in AP may drop DHCP offer though it is sent by wired lan

Link : http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCte08161

In your case, you mentioned that DHCP server does send offer but clients do not get.

This bug does not affect 12.4(10b)JDA as you can see from bug description.

Workaround : not to use optional or downgrade to 12.4(10b)JDA

Again this might be the bug iff you are using 'wpa optional'

Regards,

Madhuri

joseavalero Tue, 11/30/2010 - 09:01

My configuration is :

   authentication open eap eap_methods

   authentication key-management wpa

   accounting acct_methods

   mbssid guest-mode

I try  to change to

     authentication key-management wpa 1

or keep version 12.4(10b)JDA

Thanks

Madhuri C Tue, 11/30/2010 - 17:18

Hi,

If you are not using wpa optional then this might not be the bug. However we can doublecheck.

If you are using TKIP as cipher, try setting it to 'authentication key-management wpa 1' and see if issue can be reproduced in 12.4-21a.JA

If you are using AES as cipher try setting it to 'authentication key-management wpa version 2' 

Regards,

Madhuri

Actions

Login or Register to take actions

This Discussion

Posted November 26, 2010 at 5:53 AM
Stats:
Replies:7 Avg. Rating:5
Views:1032 Votes:0
Shares:0
Tags: No tags.
 

Discussions Leaderboard

Trending Topics - Security & Network