Buy or Renew
Buy or Renew
Cisco Virtual Engineer generative AI bot now active in Wireless Discussion Forum. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2584
Views
5
Helpful
20
Replies

4400 WLC - AP Client routing issue

cbeaufoy
Level 1
Level 1

‎07-15-2008 03:16 PM - edited ‎07-03-2021 04:10 PM

Cisco 4404 WLC

AP 1240 - LWAP

Wireless client receives a DHCP address from central DHCP server fine.

Unable to route outside of own subnet -

Continuous ARP WHO HAS (Default Gateway addr) TELL (client IP) messages being received

WLC running OS 4.2.99.0

If anyway one can help with this problem it would be great. Thanks.

Labels:
0 Helpful
20 Replies 20

Scott Fella
Hall of Fame
Hall of Fame
In response to cbeaufoy

‎07-16-2008 05:45 AM

The thing is, what is the ip of the router local to the clients... 71.1 or not. You had 71.128 which if that is the local gateway, then that is what the clients need to have. Just let me know what happens when you get a new scope.

-Scott
*** Please rate helpful posts ***
0 Helpful

cbeaufoy
Level 1
Level 1
In response to Scott Fella

‎07-17-2008 07:09 PM

Hello,

Everything was correct, subnets, gateways etc. all as they should be.

The issue was caused by the WLAN AP Group Name being too long! I only discovered this as a last resort and as soon as i gave it a simpler name the problem dissappeared.

I've had a look around and can't find the max number of characters for a group name but am able to get 20 working. I'm surprised the WLC accepted the long name if it is actually invalid.

Cheers for your help.

Scott Fella
Hall of Fame
Hall of Fame
In response to cbeaufoy

‎07-17-2008 07:15 PM

Good to know

-Scott
*** Please rate helpful posts ***
0 Helpful

iswanizan
Level 1
Level 1

‎10-24-2011 05:33 AM

Hi,

I faced 1 problem with my WLC 4400 and RAP. Before this, my mesh network working fine for few month. But now my RAP (LWAPP1522) not joined (status) to controller. Its happen on 2nd Oct 2011. I checked from the log there have few error.

*Oct 24 23:13:58.850: %DTLS-3-HANDSHAKE_FAILURE: openssl_dtls.c:2171 Failed to complete DTLS handshake with peer 130.1.65.232

*Oct 24 15:04:55.644: %DTLS-3-HANDSHAKE_FAILURE: openssl_dtls.c:2171 Failed to complete DTLS handshake with peer 130.1.65.232

*Oct 24 14:56:46.641: %DTLS-3-HANDSHAKE_FAILURE: openssl_dtls.c:2171 Failed to complete DTLS handshake with peer 130.1.65.232

*Oct 24 14:53:02.238: %DTLS-3-HANDSHAKE_FAILURE: openssl_dtls.c:2171 Failed to complete DTLS handshake with peer 130.1.65.232

*Oct 24 14:51:58.038: %DTLS-3-HANDSHAKE_FAILURE: openssl_dtls.c:2171 Failed to complete DTLS handshake with peer 130.1.65.232

*Oct 24 14:49:03.435: %DTLS-3-HANDSHAKE_FAILURE: openssl_dtls.c:2171 Failed to complete DTLS handshake with peer 130.1.65.232

*Oct 24 14:47:46.835: %DTLS-3-HANDSHAKE_FAILURE: openssl_dtls.c:2171 Failed to complete DTLS handshake with peer 130.1.65.232

*Oct 24 14:43:30.232: %DTLS-3-HANDSHAKE_FAILURE: openssl_dtls.c:2171 Failed to complete DTLS handshake with peer 130.1.65.232

*Oct 24 14:40:28.629: %DTLS-3-HANDSHAKE_FAILURE: openssl_dtls.c:2171 Failed to complete DTLS handshake with peer 130.1.65.232

*Oct 24 14:39:17.629: %DTLS-3-HANDSHAKE_FAILURE: openssl_dtls.c:2171 Failed to complete DTLS handshake with peer 130.1.65.232

*Oct 24 14:37:32.629: %DTLS-3-HANDSHAKE_FAILURE: openssl_dtls.c:2171 Failed to complete DTLS handshake with peer 130.1.65.232

*Oct 24 14:32:56.026: %DTLS-3-HANDSHAKE_FAILURE: openssl_dtls.c:2171 Failed to complete DTLS handshake with peer 130.1.65.232

*Oct 24 14:31:54.023: %DTLS-3-HANDSHAKE_FAILURE: openssl_dtls.c:2171 Failed to complete DTLS handshake with peer 130.1.65.232

*Oct 24 14:28:56.423: %DTLS-3-HANDSHAKE_FAILURE: openssl_dtls.c:2171 Failed to complete DTLS handshake with peer 130.1.65.232

*Oct 24 14:28:22.823: %DTLS-3-HANDSHAKE_FAILURE: openssl_dtls.c:2171 Failed to complete DTLS handshake with peer 130.1.65.232

*Oct 24 14:25:59.820: %DTLS-3-HANDSHAKE_FAILURE: openssl_dtls.c:2171 Failed to complete DTLS handshake with peer 130.1.65.232

*Oct 24 14:25:10.220: %DTLS-3-HANDSHAKE_FAILURE: openssl_dtls.c:2171 Failed to complete DTLS handshake with peer 130.1.65.232

*Oct 24 14:17:34.017: %DTLS-3-HANDSHAKE_FAILURE: openssl_dtls.c:2171 Failed to complete DTLS handshake with peer 130.1.65.232

*Oct 24 14:14:28.415: %DTLS-3-HANDSHAKE_FAILURE: openssl_dtls.c:2171 Failed to complete DTLS handshake with peer 130.1.65.232

*Oct 24 14:07:25.008: %DTLS-3-HANDSHAKE_FAILURE: openssl_dtls.c:2171 Failed to complete DTLS handshake with peer 130.1.65.232

*Oct 24 14:05:36.808: %DTLS-3-HANDSHAKE_FAILURE: openssl_dtls.c:2171 Failed to complete DTLS handshake with peer 130.1.65.232

*Oct 24 14:04:22.208: %DTLS-3-HANDSHAKE_FAILURE: openssl_dtls.c:2171 Failed to complete DTLS handshake with peer 130.1.65.232

*Oct 24 14:01:09.605: %DTLS-3-HANDSHAKE_FAILURE: openssl_dtls.c:2171 Failed to complete DTLS handshake with peer 130.1.65.232

*Oct 24 13:58:51.405: %DTLS-3-HANDSHAKE_FAILURE: openssl_dtls.c:2171 Failed to complete DTLS handshake with peer 130.1.65.232

*Oct 24 13:55:20.402: %DTLS-3-HANDSHAKE_FAILURE: openssl_dtls.c:2171 Failed to complete DTLS handshake with peer 130.1.65.232

and this error to

Controller time base status - Controller is out of sync with the central timebase.

Whys its happen? please help me

0 Helpful

George Stefanick
VIP Alumni
VIP Alumni
In response to iswanizan

‎10-24-2011 09:17 AM

What controller code are you on?

What country domain is your WLC configured as?

What is the full part number of your AP?

Is your AP configured in the MAC address fliter ?

"Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin
___________________________________________________________
0 Helpful

jasonchristophercobb
Level 1
Level 1

‎08-21-2012 07:33 AM

WLC4404 - United States

Software Version 5.2.193.0

Hello, we are having a similair problem as above, where the new WLAN dosn't seem to be routing... but it's not related to name length (ours only 6 charecters). It's almost seems like the new WLC interface (interface2) isn't configured for the same subnet that it's plugged into, but it is.

We actually have 2 WLANS. Alot of the original config was done before my time, between about 3 different people.

The original WLAN config works fine, but part of the problem is the WLC4404 was configured our server VLAN, thus when a client gets an IP, they are placed on our main server VLAN.

Our WLC4404 is connected to our 6509 in our Datacenter, and we have dozens of PTP T1's to our remote offices, which all have WAPs.

On the WLC4404, I've configured a new interface on port 2, vlan404, and I have the new WLAN using that interface. The WLAN security is using WPA2, and authenticates via our ActiveDirector services.

The client wireless PC is able to connect to the WAP, but unable to connect to anything else. It can only ping the WLC4404 interface2 address, and nothing else. It does receieve DHCP info (via WLC via Windows DHCP server), but cannot see DHCP server.

From the WLC4404: I can telnet into the management IP address, and can ping PC's on the new WLAN, and anyplace else, except the vlan gateway ip address on the 6509.

From the 6509: when telnetted in, I can ping everything except interface2 of WLC on vlan404 and the wireless PC. I am able to ping the ip address of int for vlan404. The 6509 somewhat see's the WLC int2 & wireless PC. Show ARP | inc 404 from the 6509 shows the IP's of the VLAN int, WLC int2, and wireless PC.  Show mac-add-tab | inc 404 shows the WLC and wireless PC on same 6509 port.

From my work PC (via LAN) at a remote location: I can ping everything except Int2 on the WLC, and the wireless PC.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card