Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

WLC cannot get IP of the Wireless Clients and client not able to ping to the gateway

Dear Cisco Expertise,

I have configured WLC embedded in Cisco C3650 switch and also 1 unit AP3702I. AP now able to join to the controller. My client able to connect to the AP and get the IP address (10.127.117.1) from the DHCP server but unable to ping to the gateway (10.127.117.254 - interface gateway). Both switch and AP able to ping to the interface gateway. I also trying to ping to the client from the switch and also from the AP to the client but not able to ping. 

I've check via switch can see the client's IP address and MAC address (using ARP)

#sh arp vlan 77
Protocol  Address          Age (min)  Hardware Addr   Type   Interface
Internet  10.127.117.1          0   843a.4b90.17e0  ARPA   Vlan77
Internet  10.127.117.254          -   3c08.f6b7.2173  ARPA   Vlan77

Need your expertise on this matter. Thank you.

Configuration as below:

Switch

ip dhcp pool LWAPP_VLAN
 network 10.127.117.0 255.255.255.0
 default-router 10.127.117.254
 dns-server 10.127.113.10
 domain-name xxx.com

vlan 77
 name LWAP_VLAN

interface Vlan10
 ip address 10.127.112.254 255.255.255.128

interface Vlan77
 ip address 10.127.117.254 255.255.255.0
 ip helper-address 10.127.117.254

interface GigabitEthernet3/0/5
 description Connect to AP Test
 switchport access vlan 10
 switchport mode access
 no logging event link-status

wireless mobility controller
wireless management interface Vlan10
wireless security web-auth retries 5
wireless mgmt-via-wireless

wlan APAC-WLAN 2 Wifi-Test
 client vlan LWAP_VLAN
 ip dhcp opt82
 ip dhcp opt82 ascii
 ip dhcp opt82 format add-ssid
 ip dhcp required
 ip dhcp server 10.127.117.254
 no security wpa akm dot1x
 security wpa akm psk set-key ascii 0 B*MY2014
 security wpa wpa2 ciphers tkip
 session-timeout 300
 no shutdown

ap group APGroup-Test
 description "For Testing Purposes"
 wlan APAC-WLAN
  vlan LWAP_VLAN

AP

interface Dot11Radio0
 antenna gain 0
 stbc
 mbssid
 power client local
 packet retries 64 drop-packet
 station-role root

interface Dot11Radio1
 antenna gain 0
 stbc
 mbssid
 power client local
 packet retries 64 drop-packet
 station-role root

interface GigabitEthernet0
 duplex auto
 speed auto

interface GigabitEthernet0.1
 encapsulation dot1Q 1 native
 bridge-group 1
 bridge-group 1 spanning-disabled
 no bridge-group 1 source-learning

interface BVI1
 mtu 1792
 ip address 10.127.112.202 255.255.255.128

interface Virtual-WLAN0

ip default-gateway 10.127.112.254
ip forward-protocol nd
ip dns server

Everyone's tags (1)
2 REPLIES
VIP Purple

Pls try the below SSID

Pls try the below SSID configuration. WPA2 to be configured with AES & not TKIP. 

 

wlan APAC-WLAN 2 Wifi-Test
 client vlan LWAP_VLAN
 security wpa
 no security wpa akm dot1x
 security wpa wpa2 ciphers aes                        
 security wpa akm psk set-key ascii 0 B*MY2014
 ip dhcp required
 no shutdown

            

This post should give you some help as well

http://mrncciew.com/2013/12/04/wlan-config-in-3850-part-1/

 

HTH

Rasika

**** Pls rate all useful responses ****

New Member

Hi Rasika

Hi Rasika

I also having the same problem like fadzin. 

I have done what you suggest in this post, unfortunately i still couldn't ping the default gateway (vlan 103 interface) from my wireless client (vlan 103).

However, i have no issue to ping the vlan 103 interface from my 3650 switch. 

I have also have checked the ACL configuration in switch but no luck. 

Any ideas what could be the problem ?

Thank you. 

BR

Adam

657
Views
0
Helpful
2
Replies
CreatePlease login to create content