Welcome to Cisco Support Community. We would love to have your feedback.
For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.
I am configuring a single Catalyst 3650 switch with Aironet 3702E APs.
If I join an SSID weather its open authentication or otherwise, my devices never receive an IP address. If I statically assign them, I cannot browse the network.
Router > Switch A (VTP Server) > Trunk > Catalyst 3650 (VTP Client)
*Default VLAN: 1
I have the Wireless Management IP set to the VLAN 1 IP Address.
CAT3650#show wireless client summ
Number of Local Clients : 1
MAC Address AP Name WLAN State Protocol
xxxx.xxxx.xxxx APxxxx.xxxx.xxxx 50 IPLEARN 11n(2.4)
This is the only Mobility device for the company. I have it operating as a Mobility Controller.
Here is the conf:
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
vrf definition Mgmt-vrf
enable secret x
username x privilege 15 password x
no aaa new-model
clock timezone CST -6 0
clock summer-time CDT recurring
switch 1 provision ws-c3650-24pd
ip name-server 192.168.254.1
ip name-server 192.168.254.254
ip device tracking
crypto pki trustpoint TP-self-signed-764008471
crypto pki certificate chain TP-self-signed-764008471
certificate self-signed 01
diagnostic bootup level minimal
spanning-tree mode pvst
spanning-tree extend system-id
class-map match-any non-client-nrt-class
bandwidth remaining ratio 10
vrf forwarding Mgmt-vrf
ip address 192.168.254.249 255.255.255.0
switchport mode access
switchport mode trunk
ip default-gateway 192.168.254.254
ip http server
ip http authentication local
ip http secure-server
snmp-server location x
snmp-server contact x
line con 0
line aux 0
line vty 0 4
transport input telnet ssh
line vty 5 15
ntp server 1.pool.ntp.org
ntp server 0.pool.ntp.org
wsma agent exec
wsma agent config
wsma agent filesys
wsma agent notify
wsma profile listener httplistener
wsma profile listener httpslistener
wireless mobility controller
wireless management interface Vlan1
wireless client fast-ssid-change
wlan Test 50 Test
no security wpa
no security wpa akm dot1x
no security wpa wpa2
no security wpa wpa2 ciphers aes
ap mgmtuser username xpassword 0 x secret 0 x
ap group default-group
ap group WAREHOUSE_GROUP
Any help is appreciated
Is this an updated show run? You have the WLAN disabled
Thanks, Scott *****Help out other by using the rating system and marking answered questions as "Answered"*****
Do you have 'ip dhcp required' set under your wlan config? Turn it off and give a try.
The shutdown command is not present while testing (no shutdown is configured)
I did see that ip dhcp required issue on another post, but I never had that checked.
I don't see that you have ip dhcp required on your config you posted... that's why I asked if that was a current config or not.
Sorry Scott, my wording was a little off. I mean that that under Configuration > Wireless > Test > Advanced > DHCP Address Assignment required - the box has never been checked / ip dhcp required under wlan Test 50 Test has never been configured.
I'm still having trouble with this. Am I ok to have everything on one vlan? Or do I need to have the wireless management address on another vlan/IP address other than the VLAN 1's ip?
I have multiple reports from various sites running Cisco 3850 (MC) that the wireless client fails to connect to a SSID.
-The problem do not happen to all clients in the sites, only a few.
-Rebooting/Reconnecting the client sometime helps, but not all them time.
-The problem stays on a particular client (appears to be tied to Client's mac address)
-ACS shows authentication successful, but client with missing IP address.
-Cisco 3850 Client Status "sometime" shows Client in IPLEARN status and cannot be cleared.
-Cisco 3850 switch side show client making DHCP request repeatedly, and the DHCP server making multiple IP allocation to the same MAC address can be seen on the ARP table.
For this environment, the Wired and Wireless share the same VLAN and DHCP range.