Good question, I had the same problem. While "sniffing the air" it looks like windows is not specifying the right ssid in it's probe-request.
(When I set "Allow "Broadcast" SSID to Associate?" to no in the AP I'm also not able to associate to the primary SSID anymore. Strange, since the only difference "in the air" seems to be the that the SSID is not broadcasted. When I use another brand AP and specify that there should be no SSID broadcasts this works fine.)
With other clients then XP (e.g. iPAQ with Lucent drivers) it also works as expected.
It seems that if you disable /all/ broadcasting you should be able to connect to an SSID since windows tries that after all broadcasted SSID's.
Since this isn't working for me (I can't be sure that there is no other AP nearby, there /are/) I'm using (RADIUS) authentication now to assign an VLAN (with 802.1x/EAP). Specifing an SSID with cisco-avpair didn't help either, it's usefull however to disallow an connection to SSID's.
I hope this problem will be solved somehow.
P.S. Is your native VLAN tagged on the wire? If so, can you mail me, I've some further questions on your setup then. This is an unresolved issue for me.
Something else: when you remove all broadcasted SSID's from your "known network list" (which is NOT what I want anyway, it's a pity if that's the only sollution apart from installing other client software) and keep your non-broadcasted one it works fine.
So for me it's still the assignment I mentioned (with my unresolved VLAN-issue ;-))
Thanks Paul. Sounds like a good point. I am not sure how to "TURN OFF [ALL] BROADCASTING" as you mentioned. I thought by turning it off in the usual place would work (did not)
Yes, I do have tagging on all VLAN's... What I do is trunk VLAN's 1,602,700,888 to the AP,. I define 700 and 888 on the AP and 888 is the native VLAN... I have found that the only way to get to the AP is if the management IP for the AP is in the native VLAN...
I have probably tried everything imaginable to get this to work. It works fine with Cisco's ACU software... but not with built in Win XP. I am also curious if anyone with a MAC with built in wireless management has any problems...
Hmm, I used "Allow "Broadcast" SSID to Associate" at Setup/Network Ports/Hardware. Where did you try to disable SSID broadcasting? Maybe that works as well...
The best option to use this was to delete all broadcasting networks from the XP box, and keep the SSID that is not broadcasted in the preferred networks list: it get's associated right away. But it's a workaround - it's doesn't look like a nice solution to me.
Hmm, if you don't have untagged traffic on the link from your switch to your AP then you managed to do what I want. It's strange: I defined the native VLAN ID (4 in my case), and have an 802.1Q tagged VLAN 4 on the wire, but it uses the VLAN for neither authentication on this VLAN nor for SSID's that have this VLAN ID by default.
Maybe you can send me your downloaded "non-default-system-configuration" by mail (my username on this post ;-))? (It's at Setup / Cisco Services / Manage System Configuration.) I can then compare it with my setup and see what I'm doing wrong.
As a WISP we're very frustrated by the Cisco -> XP combo.
If SSIDs are turned off, the XP clients (especially XP Home is the worst) will find but keep losing it's association, and repeatedly have to be setup over and over, unless they leave the properties window open for that network device, even if you're NEXT TO THE AP.
We've this issue with Netgear MA101 USB, Lanready WUB1500, Linksys, dlink, 3com, and other clients.
At first we though it just another MS/XP issue, until we tested against other APs.
If we turn SSID broadcasts on, the XP systems have no trouble keeping the connection/associations.
This is one more security issue, on top of the many issues already extant, because now it means advertising the service is out there even louder than it already would be with SSID's off.
Using other AP products such as Orinoco/Lucent/Agere, Netgear, Linksys, Dlink, 3Com, and Cabletron, we do not have that problem with XP at all, this only with Cisco 1200 AP (both with older firmwares and updates 12.01t firmware).
We're tried it with aironet extensions on or off and still no difference, it's a very easy to replicate issue with XP users.
Does Cisco have any updates or fixes on the way so we can go back to NOT broadcasting SSIDs and still have happy customers?