I am in the process of connecting non Cisco AP's as transparent clients with an attached Ethernet embedded Linux network device to the facility wireless network. The wireless security is set to WPA2-PSK with TKIP. My non Cisco AP's are configured with the correct Security (WPA2-PSK) and cipher is TKIP.
I have tested the clients and the attached device with a autonomous Cisco 1242 and a 1310 and the client AP's connect without any problem. I can ping/access the AP and attached device flawlessly. The Client AP's connect automatically after being power down many times without fail and allow me to access the attached device without fail.
The WLC however reports authentication failures when the client AP's attempt to connect. The IT staff at the facility disabled exclusions for any authentication failure and the client AP's still fail to connect using WPA2-PSK(TKIP)
For testing purposes the facility IT department configured the WLC for WPA-PSK(TKIP) on our designated SSID and the non Cisco client AP's connect, however the connection is intermittent and very unstable.
Also note that my laptop and 2 other Dell laptops using three different wireless adapters have issues connecting and maintaining a stable connection without being disconnected. (Facility AP is a 1252 AP and it has an external 8dBi Omni directional antenna and our client AP's and laptops are within 35 feet of the antenna. The antenna is mounted 20 to 25 feet from the ground.
Since the AP's are now able to authenticate (sometimes they do and sometime they don't) we then try to ping the devices and we are unable to do so. I had to enter the WLC's IP as the Gateway for the client AP and the attached device's GW to allow a ping/connection from the physical network to the device behind the client AP.
I suspect the WLC is doing some form of ARP filtering, any suggestions?
So I now have the ability to ping the client AP and attached network device except the connection is unreliable with high latency and some packet loss. (Remember that I had flawless connectivity with a autonomous 1242 and 1310 previously and still do if I use them)
Now to make things even harder I have no real control/access to the WLC. The facility IT department is not allowing me to make any changes, however I can make suggestions and they will make the changes if the changes I suggest are blessed by management.
let me sum it up:
- Client AP's work perfectly with a autonomous Cisco 1242 or 1310 AP using WPA2-PSK(AES or TKIP)
- Authentication issues with WLC using WPA2
- I can "sometime" authenticate when the WLC is using WPA and when exclusions are disabled
- the coverage is also poor even with the 8dBi antenna
Transferring Crash file from standby:
Login to the Active WLC in HA.
(Cisco Controller) >transfer upload datatype crash
(Cisco Controller) >transfer upload filename <Desired filename>
(Cisco Controller) >transfer up...
This is the start of a display filter cross reference between Wireshark and OmniPeek.
The 1st installment is a table of advanced filters. More filters will be added as time allows.
It is a living doc, so check back for changes every so often
Please feel ...
I have created a Powershell script to automatically add a Wireless Guest User on Cisco WLCs. (tested on 2500 Series)
The script should be completely self explanatory.
Powershell SNMP Module (Install-Module -Name SNMP)
SNMP Write Access to...