WLC 2504 some (not all) clients get ip 0.0.0.0, ext. DHCP,

Unanswered Question
Aug 30th, 2012
User Badges:

Hi all,


I've  problem with a WLC 2504. Some Clients like phones and Thin Clients get an IP 0.0.0.0.

Software Version is 7.0.235.0. Test with a Laptop seams to be OK. Some printers also got an 0.0.0.0.

Around 30% are not OK.

I also had the log:

Impersonation of AP with Base Radio MAC 00:yy:yy:yy:yy:yyusing source address of 00:xx:xx:xx:xx:xx has been detected by the AP with MAC Address: 00:yy:yy:yy:yy:yy on its 802.11b/g radio whose slot ID is 0


The problem is, I cannot go to 7.2 version because I have 2 x AP 1231 and 2 x 1242 AP's.

1231 AP's are not anymore supported in 7.2 Version.


Somebody an idea?


Many Thx!


Stephan

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Scott Fella Thu, 08/30/2012 - 05:52
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    The Hall of Fame designation is a lifetime achievement award based on significant overall achievements in the community. 

  • Cisco Designated VIP,

    2017 Wireless

What is doing dhcp?  What authentication method are you using.  One thing you can do is o theWLC or ssh/telnet and issue: debug client and post that while the device is trying to connect?


Other things I usually try to do is configure an open authentication and test and even create a dhcp scope on the wlc and test.



Thanks,


Scott


Help out other by using the rating system and marking answered questions as "Answered"

Stephan Keiper Thu, 08/30/2012 - 06:16
User Badges:

Hi Scott,


Thanks for your fast answer...

the WLC is by a customer and I try to get all information.

There are some SSID's configured, one with open authentication and one with WPA2.

I forgot to say that most Clients are configured with fix IP.... like the 4 phones..


More information and logs are coming soon...

Scott Fella Thu, 08/30/2012 - 06:22
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    The Hall of Fame designation is a lifetime achievement award based on significant overall achievements in the community. 

  • Cisco Designated VIP,

    2017 Wireless

Make sure dhcp required on the WLAN SSID Advanced tab is not enabled.



Thanks,


Scott


Help out other by using the rating system and marking answered questions as "Answered"

Stephan Keiper Thu, 08/30/2012 - 06:26
User Badges:

No, it's not enabled ;-) was first thing I thought about

DHCP proxy? Where I can check this?

Scott Fella Thu, 08/30/2012 - 06:32
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    The Hall of Fame designation is a lifetime achievement award based on significant overall achievements in the community. 

  • Cisco Designated VIP,

    2017 Wireless

Controller > Advanced > DHCP



Thanks,


Scott


Help out other by using the rating system and marking answered questions as "Answered"

fbarboza Thu, 08/30/2012 - 06:24
User Badges:
  • Bronze, 100 points or more

Hi,


If there a some wireless clients that have an static IP address configured, make sure that under the advance tab of the WLAN the option of DHCP required is not checked, becasue if it is the wireless clients with an static IP address will not be able to comunicate on the netowrk.


Also if for a WLAN you are using an external DHCP server you may require to disable DHCP proxy on the WLC because the WLC works as a relay agent and some DHCP servers may not like to reply back to it.


But iif you need to use the WLC build in DHCP option than DHCP proxy is required.


This is found under the controller tab under advance.

Stephan Keiper Thu, 08/30/2012 - 06:38
User Badges:

Hi, so, I disabled the proxy, it was enabled...


here a log of a client with 0.0.0.0


*apfMsConnTask_0: Aug 30 13:37:16.647: 64:b9:e8:a6:0e:52 0.0.0.0 DHCP_REQD (7) Fast Path rule (contd...) 802.1P = 0, DSCP = 0, TokenID = 7006  IPv6 Vlan = 0, IPv6 intf id = 0

*apfMsConnTask_0: Aug 30 13:37:16.647: 64:b9:e8:a6:0e:52 0.0.0.0 DHCP_REQD (7) Successfully plumbed mobile rule (ACL ID 255)

*apfMsConnTask_0: Aug 30 13:37:16.648: 64:b9:e8:a6:0e:52 apfPemAddUser2 (apf_policy.c:223) Changing state for mobile 64:b9:e8:a6:0e:52 on AP 00:12:43:4d:ec:00 from Associated to Associated


*apfMsConnTask_0: Aug 30 13:37:16.648: 64:b9:e8:a6:0e:52 Scheduling deletion of Mobile Station:  (callerId: 49) in 1800 seconds

*apfMsConnTask_0: Aug 30 13:37:16.648: 64:b9:e8:a6:0e:52 Sending Assoc Response to station on BSSID 00:12:43:4d:ec:00 (status 0) ApVapId 1 Slot 0

*apfMsConnTask_0: Aug 30 13:37:16.648: 64:b9:e8:a6:0e:52 apfProcessAssocReq (apf_80211.c:5272) Changing state for mobile 64:b9:e8:a6:0e:52 on AP 00:12:43:4d:ec:00 from Associated to Associated


*pemReceiveTask: Aug 30 13:37:16.650: 64:b9:e8:a6:0e:52 0.0.0.0 Removed NPU entry.

*pemReceiveTask: Aug 30 13:37:16.650: 64:b9:e8:a6:0e:52 0.0.0.0 Added NPU entry of type 9, dtlFlags 0x0

*pemReceiveTask: Aug 30 13:37:16.651: 64:b9:e8:a6:0e:52 0.0.0.0 Added NPU entry of type 9, dtlFlags 0x0

*DHCP Socket Task: Aug 30 13:37:16.682: 64:b9:e8:a6:0e:52 DHCP received op BOOTREQUEST (1) (len 308,vlan 0, port 1, encap 0xec03)

*DHCP Socket Task: Aug 30 13:37:16.682: 64:b9:e8:a6:0e:52 DHCP processing BOOTP (0)

*DHCP Socket Task: Aug 30 13:37:16.682: 64:b9:e8:a6:0e:52 DHCP   op: BOOTREQUEST, htype: Ethernet, hlen: 6, hops: 0

*DHCP Socket Task: Aug 30 13:37:16.682: 64:b9:e8:a6:0e:52 DHCP   xid: 0xf6da2481 (4141491329), secs: 0, flags: 0

*DHCP Socket Task: Aug 30 13:37:16.682: 64:b9:e8:a6:0e:52 DHCP   chaddr: 64:b9:e8:a6:0e:52

*DHCP Socket Task: Aug 30 13:37:16.682: 64:b9:e8:a6:0e:52 DHCP   ciaddr: 0.0.0.0,  yiaddr: 0.0.0.0

*DHCP Socket Task: Aug 30 13:37:16.682: 64:b9:e8:a6:0e:52 DHCP   siaddr: 0.0.0.0,  giaddr: 0.0.0.0

*DHCP Socket Task: Aug 30 13:37:16.682: 64:b9:e8:a6:0e:52 DHCP successfully bridged packet to DS

*DHCP Socket Task: Aug 30 13:37:18.210: 64:b9:e8:a6:0e:52 DHCP received op BOOTREQUEST (1) (len 308,vlan 0, port 1, encap 0xec03)

*DHCP Socket Task: Aug 30 13:37:18.210: 64:b9:e8:a6:0e:52 DHCP processing BOOTP (0)

*DHCP Socket Task: Aug 30 13:37:18.210: 64:b9:e8:a6:0e:52 DHCP   op: BOOTREQUEST, htype: Ethernet, hlen: 6, hops: 0

*DHCP Socket Task: Aug 30 13:37:18.210: 64:b9:e8:a6:0e:52 DHCP   xid: 0xf6da2481 (4141491329), secs: 1, flags: 0

*DHCP Socket Task: Aug 30 13:37:18.210: 64:b9:e8:a6:0e:52 DHCP   chaddr: 64:b9:e8:a6:0e:52

*DHCP Socket Task: Aug 30 13:37:18.210: 64:b9:e8:a6:0e:52 DHCP   ciaddr: 0.0.0.0,  yiaddr: 0.0.0.0

*DHCP Socket Task: Aug 30 13:37:18.210: 64:b9:e8:a6:0e:52 DHCP   siaddr: 0.0.0.0,  giaddr: 0.0.0.0

*DHCP Socket Task: Aug 30 13:37:18.210: 64:b9:e8:a6:0e:52 DHCP successfully bridged packet to DS

*DHCP Socket Task: Aug 30 13:37:21.048: 64:b9:e8:a6:0e:52 DHCP received op BOOTREQUEST (1) (len 308,vlan 0, port 1, encap 0xec03)

*DHCP Socket Task: Aug 30 13:37:21.048: 64:b9:e8:a6:0e:52 DHCP processing BOOTP (0)

*DHCP Socket Task: Aug 30 13:37:21.048: 64:b9:e8:a6:0e:52 DHCP   op: BOOTREQUEST, htype: Ethernet, hlen: 6, hops: 0

*DHCP Socket Task: Aug 30 13:37:21.048: 64:b9:e8:a6:0e:52 DHCP   xid: 0xf6da2481 (4141491329), secs: 4, flags: 0

*DHCP Socket Task: Aug 30 13:37:21.048: 64:b9:e8:a6:0e:52 DHCP   chaddr: 64:b9:e8:a6:0e:52

*DHCP Socket Task: Aug 30 13:37:21.048: 64:b9:e8:a6:0e:52 DHCP   ciaddr: 0.0.0.0,  yiaddr: 0.0.0.0

*DHCP Socket Task: Aug 30 13:37:21.048: 64:b9:e8:a6:0e:52 DHCP   siaddr: 0.0.0.0,  giaddr: 0.0.0.0

*DHCP Socket Task: Aug 30 13:37:21.048: 64:b9:e8:a6:0e:52 DHCP successfully bridged packet to DS

*DHCP Socket Task: Aug 30 13:37:25.270: 64:b9:e8:a6:0e:52 DHCP received op BOOTREQUEST (1) (len 308,vlan 0, port 1, encap 0xec03)

*DHCP Socket Task: Aug 30 13:37:25.270: 64:b9:e8:a6:0e:52 DHCP processing BOOTP (0)

*DHCP Socket Task: Aug 30 13:37:25.270: 64:b9:e8:a6:0e:52 DHCP   op: BOOTREQUEST, htype: Ethernet, hlen: 6, hops: 0

*DHCP Socket Task: Aug 30 13:37:25.270: 64:b9:e8:a6:0e:52 DHCP   xid: 0xf6da2481 (4141491329), secs: 8, flags: 0

Stephan Keiper Thu, 08/30/2012 - 06:40
User Badges:

some more:


*apfReceiveTask: Aug 30 13:39:16.515: 64:b9:e8:a6:0e:52 0.0.0.0 DHCP_REQD (7) DHCP Policy timeout. Number of DHCP request 15 from client

*apfReceiveTask: Aug 30 13:39:16.516: 64:b9:e8:a6:0e:52 0.0.0.0 DHCP_REQD (7) Pem timed out, Try to delete client in 10 secs.

*apfReceiveTask: Aug 30 13:39:16.516: 64:b9:e8:a6:0e:52 Scheduling deletion of Mobile Station:  (callerId: 12) in 10 seconds


(Cisco Controller) >

(Cisco Controller) >

(Cisco Controller) >*osapiBsnTimer: Aug 30 13:39:26.515: 64:b9:e8:a6:0e:52 apfMsExpireCallback (apf_ms.c:609) Expiring Mobile!

*apfReceiveTask: Aug 30 13:39:26.516: 64:b9:e8:a6:0e:52 apfMsExpireMobileStation (apf_ms.c:5021) Changing state for mobile 64:b9:e8:a6:0e:52 on AP 00:12:43:4d:ec:00 from Associated to Disassociated


*apfReceiveTask: Aug 30 13:39:26.516: 64:b9:e8:a6:0e:52 Scheduling deletion of Mobile Station:  (callerId: 45) in 10 seconds

*osapiBsnTimer: Aug 30 13:39:36.523: 64:b9:e8:a6:0e:52 apfMsExpireCallback (apf_ms.c:609) Expiring Mobile!

*apfReceiveTask: Aug 30 13:39:36.524: 64:b9:e8:a6:0e:52 Sent Deauthenticate to mobile on BSSID 00:12:43:4d:ec:00 slot 0(caller apf_ms.c:5113)

*apfReceiveTask: Aug 30 13:39:36.524: 64:b9:e8:a6:0e:52 apfMsAssoStateDec

*apfReceiveTask: Aug 30 13:39:36.524: 64:b9:e8:a6:0e:52 apfMsExpireMobileStation (apf_ms.c:5151) Changing state for mobile 64:b9:e8:a6:0e:52 on AP 00:12:43:4d:ec:00 from Disassociated to Idle


*apfReceiveTask: Aug 30 13:39:36.524: 64:b9:e8:a6:0e:52 pemApfDeleteMobileStation2: APF_MS_PEM_WAIT_L2_AUTH_COMPLETE = 0.

*apfReceiveTask: Aug 30 13:39:36.524: 64:b9:e8:a6:0e:52 0.0.0.0 DHCP_REQD (7) Deleted mobile LWAPP rule on AP [00:12:43:4d:ec:00]

*apfReceiveTask: Aug 30 13:39:36.524: 64:b9:e8:a6:0e:52 Deleting mobile on AP 00:12:43:4d:ec:00(0)

fbarboza Thu, 08/30/2012 - 06:44
User Badges:
  • Bronze, 100 points or more

Hi,


In a wireless client with the issue, if you configure it with an static IP address is it able to comuncate on the netowrk or not?

Stephan Keiper Thu, 08/30/2012 - 06:59
User Badges:

no, not able to ping it.....clients are associated but not Authenticated...

Stephen Rodriguez Thu, 08/30/2012 - 07:01
User Badges:
  • Purple, 4500 points or more

*DHCP Socket Task: Aug 30 13:37:16.682: 64:b9:e8:a6:0e:52 DHCP successfully bridged packet to DS


So the WLC thinks it sent the packet to the wire.  Can you check the DHCP server to see if it's either out of leases, or erroring on the request from this client?



HTH,
Steve

------------------------------------------------------------------------------------------------
Please remember to rate useful posts, and mark questions as answered

Stephan Keiper Thu, 08/30/2012 - 07:12
User Badges:

WE did not find sth. on the DHCP with this mac address.

The client with this mac has a fix ip......


perhaps the wlc does not like fix IP ?! ;-)

Stephen Rodriguez Thu, 08/30/2012 - 07:29
User Badges:
  • Purple, 4500 points or more

On the WLAN, do you have the DHCP required box checked?  That would be the only thing that would block a static IP.


Of course, if this is a passive client, like a wireless print server, that is something completely different. You would want to look at the passive client feature if that is the case.




HTH,
Steve

------------------------------------------------------------------------------------------------
Please remember to rate useful posts, and mark questions as answered

Stephan Keiper Thu, 08/30/2012 - 08:13
User Badges:

ok, for the passive client I did it. Multicast and IGMP Snooping all is now activated and ok....

but still 2 clients with no ip :-((( .. i removed them now and waiting

ok, in the moment all clients are authenticated...


we will make more tests tomorrow.... but a thin client is working now propper :-)


The passive client mode pehaps solve the problems.....


Thx at this time to you all guys!!


More information tomorrow :-)


Bye!


Stephan

Actions

This Discussion

 

 

Trending Topics: Other Wireless Mobility

client could not be authenticated
Network Analysis Module (NAM) Products
Cisco 6500 nam
reason 440 driver failure
Cisco password cracker
Cisco Wireless mode