06-09-2009 06:10 PM - edited 07-03-2021 05:41 PM
We just started testing WPA2 on our IOS APs & WLCs; no problems yet except for with the 1250. We have a 1250 running IOS 124-10b.JDA.
Some users get authenticated and get a DHCP address no problems. A handful of users (no common thread yet in terms of laptop/wireless NIC/wireless driver version) get associated, then authenticated, but never get a DHCP address. If we set a static IP in their wireless settings, they get on the network just fine.
These users had NO problems when only WPA TKIP was configured.
Any thoughts?
06-15-2009 07:57 PM
Do a debug on a problem client.
Here is a link for more info:
http://www.cisco.com/en/US/products/hw/wireless/ps430/products_tech_note09186a008091b08b.shtml
Tell us what you see ...
06-26-2009 06:53 AM
I ran some debugs on the AP which did not show much. A wireshark trace off a problem laptop's wireless NIC shows that the user gets authenticated successfully, sends out 4 DHCP requests, then gives up and goes with the local 169.254.x.y address.
Met with a TAC engineer and IOS specialist; they had us disable the "TKIP MIC Failure Holdoff Time" in Security > Advanced Security > Timers, thinking it wouldn't change the problem but they just wanted to try it.
Once that was disabled, all users picked up their DHCP IPs with no problems. Very strange, but it has solved the problem!
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: