Recently upgraded a remote 1231-AG AP to run in LWAPP mode. The controller talks to the AP; AP's running in Local mode since it doesn't support REAP or HREAP. Remote clients are not getting IP addresses.
It's my understanding... since the AP is running in Local mode, the DHCP server must reside where the WLC is located. I enabled DHCP server on the WLC.
When I had a remote client try authenticating, I see the following in the message logs:
Jun 21 11:00:29.746 dtl_net.c:1191 DTL-1-ARP_POISON_DETECTED: STA [00:13:ce:e3:40:6c, 0.0.0.0] ARP (op 1) received with invalid SPA 169.254.208.65/TPA 169.254.208.65
Re: Any idea what DTL-1-ARP_POISON_DETECTED means?
Nope, I sure haven't. However, ARP poisoning is one method of establishing a man-in-the-middle attack.
Basically the attacking machine convinces both sides that the MAC of the attacking machine is the Client / AP/Server that the other is trying to communicate with. It does this by "poisoning" the ARP cache with the attacker's MAC.
So that's (likely) the "poison" reference.
The 169.254 addresses are provided by (at least) Microsoft when DHCP fails.
Check to see if the client you were using has a wireless MAC of 00:13:ce:e3:40:6c (STA = Station), STA [00:13:ce:e3:40:6c, 0.0.0.0] = MAC and current IP address of that station.
SPA = Single Packet Authentication - Here's a link for a Google search, pick a link or two that you trust and read all about it.
Transferring Crash file from standby:
Login to the Active WLC in HA.
(Cisco Controller) >transfer upload datatype crash
(Cisco Controller) >transfer upload filename <Desired filename>
(Cisco Controller) >transfer up...
This is the start of a display filter cross reference between Wireshark and OmniPeek.
The 1st installment is a table of advanced filters. More filters will be added as time allows.
It is a living doc, so check back for changes every so often
Please feel ...
I have created a Powershell script to automatically add a Wireless Guest User on Cisco WLCs. (tested on 2500 Series)
The script should be completely self explanatory.
Powershell SNMP Module (Install-Module -Name SNMP)
SNMP Write Access to...