Buy or Renew
Buy or Renew
Cisco Virtual Engineer generative AI bot now active in Wireless Discussion Forum. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
926
Views
0
Helpful
13
Replies

WiSM Roaming Issue

Go to solution
Roger Alderman
Level 3
Level 3

‎01-16-2012 08:56 AM - edited ‎07-03-2021 09:23 PM

Hi All

I have 2 WiSM blades with all 4 controllers running version 7.0.98.0 code. Each controller is responsible for a floor of a building.

If I connect to the first floor I get the correct IP address on a test laptop.

I then disconnect the laptop wireless and move to a different floor and enable the wireless adaptor again.

When the wireless connects it has kept the IP address from the 1st floor controller.

Even if I disconnect the client wireless and monitor the controller that it was connected to the controller still shows the client in the client list. The only way it will disappear is if I remove the client from the controller page.

Whilst this doesn't cause an operational issue it isn't right. The client appears to stick to a controller and will not be disassociated even if the client wireless adaptor is disabled. The logs don't even show the client being de-authenticated.

Anybody seen this before?

Regards

Roger

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Stephen Rodriguez
Cisco Employee
Cisco Employee

‎01-16-2012 09:06 AM

this is working as designed.

The client will retain the IP address that it got even if you disconnect until the entry has been removed from the MSCB. Either by you removing it manually or the user idle timeout expires, default of 5 minutes.

Steve

Sent from Cisco Technical Support iPhone App

HTH,
Steve

------------------------------------------------------------------------------------------------
Please remember to rate useful posts, and mark questions as answered

View solution in original post

0 Helpful
13 Replies 13

Go to solution
Scott Fella
Hall of Fame
Hall of Fame

‎01-16-2012 09:00 AM

If you reset your wireless and you don't actually connect to a 1st floor ap even though you are on the 2nd floor, you should get an ip from the wlc that controls the 2nd floor. Verify that you connect to the correct AP

Thanks,

Scott Fella

Sent from my iPhone

-Scott
*** Please rate helpful posts ***
0 Helpful

Go to solution
Scott Fella
Hall of Fame
Hall of Fame
In response to Scott Fella

‎01-16-2012 09:06 AM

If you wanted to have client be placed on a different subnet per floor, why not use AP Groups.  How you have it setup, there will be mobility roaming between the different wlcs.  If you use AP Groups, then you can manage the ap primary, secondary and or tertiary WLC.s  With AP Groups, you can specify AP's on floor 1 will have these ssid's and be mapped to these interfaces, AP's on floor 2 will have these ssid's and be mapped to these interfaces.  Makes it easy.

http://www.cisco.com/en/US/tech/tk722/tk809/technologies_configuration_example09186a008073c723.shtml

http://www.cisco.com/en/US/docs/solutions/Enterprise/Mobility/emob41dg/ch2_Arch.html#wp1028169

-Scott
*** Please rate helpful posts ***
0 Helpful

Go to solution
Roger Alderman
Level 3
Level 3
In response to Scott Fella

‎01-16-2012 01:27 PM


Guys

Connecting to the wrong AP is not the issue and neither is AP Groups. I am using AP Groups successfully already.

Stephen has hit the nail on the head with the user idle timeout value being at a default value of 5 minutes. Is there a command to change the default user idle timeout value? I can't find it anywhere.

Thanks for the comment about the code version - I'll look at 7.0.220.0 although I was going to use 7.0.116.0

Regards

Roger

0 Helpful

Go to solution
Stephen Rodriguez
Cisco Employee
Cisco Employee

‎01-16-2012 09:06 AM

this is working as designed.

The client will retain the IP address that it got even if you disconnect until the entry has been removed from the MSCB. Either by you removing it manually or the user idle timeout expires, default of 5 minutes.

Steve

Sent from Cisco Technical Support iPhone App

HTH,
Steve

------------------------------------------------------------------------------------------------
Please remember to rate useful posts, and mark questions as answered
0 Helpful

Go to solution
weterry
Level 4
Level 4
In response to Stephen Rodriguez

‎01-16-2012 01:26 PM

To add to what Steve is saying:

Most wireless clients don't send a disassociate or deauth, and even if they did, I believe the WLC is programmed to ignore it (in case of spoofed attack).  If your client shuts down, he will remain on the WLC for the Idle Timeout period (default 5 minutes).

If at any point in time within this 5 minutes the client comes up on any other WLC that is mobility-aware of the original WLC, there will be a mobility handoff and your client will work with its original IP.  This is completely expected behavior and in most ideas consider a feature (real feature, not bug "feature").

If you dont want roaming between floors, then break mobility between the floors... But I think that would be worse practice.

0 Helpful

Go to solution
George Stefanick
VIP Alumni
VIP Alumni

‎01-16-2012 09:22 AM

Roger -- Unrelated to your issue but 7.0.98.0 is pretty buggy ... You might want to look at testing 7.0.220.0 code.

Here is a video on AP groups to better understand the concept.

http://www.my80211.com/cisco-wlc-labs/2009/3/22/cisco-ap-group-nugget.html

"Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin
___________________________________________________________
0 Helpful

Go to solution
Roger Alderman
Level 3
Level 3
In response to George Stefanick

‎01-16-2012 01:30 PM

Guys

Connecting to the wrong AP is not the issue and neither is AP Groups. I am using AP Groups successfully already.

Stephen has hit the nail on the head with the user idle timeout value being at a default value of 5 minutes. Is there a command to change the default user idle timeout value? I can't find it anywhere.

Thanks for the comment about the code version - I'll look at 7.0.220.0 although I was going to use 7.0.116.0

Regards

Roger

0 Helpful

Go to solution
Scott Fella
Hall of Fame
Hall of Fame

‎01-16-2012 01:34 PM

You would have to change the idle timeout then you can't change a user timeout.

Sent from Cisco Technical Support iPhone App

-Scott
*** Please rate helpful posts ***
0 Helpful

Go to solution
Roger Alderman
Level 3
Level 3
In response to Scott Fella

‎01-16-2012 02:11 PM

Can this be changed from the CLI or the GUI? I can't see a CLI command.

Regards

Roger

0 Helpful

Go to solution
Scott Fella
Hall of Fame
Hall of Fame
In response to Roger Alderman

‎01-16-2012 02:17 PM

On the GUI it's under the controller tab. I don't know the CLI command off hand.

Thanks,

Scott Fella

Sent from my iPhone

-Scott
*** Please rate helpful posts ***
0 Helpful

Go to solution
Scott Fella
Hall of Fame
Hall of Fame
In response to Roger Alderman

‎01-16-2012 03:17 PM

config network usertimeout

Thanks,

Scott Fella

Sent from my iPhone

-Scott
*** Please rate helpful posts ***
0 Helpful

Go to solution
George Stefanick
VIP Alumni
VIP Alumni
In response to Roger Alderman

‎01-16-2012 04:20 PM

Normally this gets tuned the other way (longer duration timeout). I dont know of many folks tuning it down. You may want to monitor your logs and clients.

"Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin
___________________________________________________________
0 Helpful

Go to solution
Stephen Rodriguez
Cisco Employee
Cisco Employee

‎01-16-2012 03:37 PM

be careful how much you lower the idle timeout. You may cause unnecessary authentications if you put it too low.

Sent from Cisco Technical Support iPhone App

HTH,
Steve

------------------------------------------------------------------------------------------------
Please remember to rate useful posts, and mark questions as answered
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card