Home > IT Answers > Networking > Cisco AP 1242 wireless
Ekansh
400 pts.
 Cisco AP 1242 wireless
Cisco 1242, Cisco Access Points, Cisco Wireless Access Points
we have cisco APs, one we have installed, configuratin is OK as matches older config.

Problem is that clients is associating with the AP and showing Association in GUI, but When client associates with AP it gives RTO, while same client associates with other APs it is pinging.

Please suggest



Software/Hardware used:
Cisco AP 1242
ASKED: October 3, 2009  7:56 AM
UPDATED: November 24, 2010  12:01 AM
RELATED QUESTIONS
Answer Wiki:
Check weither the clients are getting an IP address from the DHCP server, also if you can post the configuration we can see where excatly the problem is. Some times the native VLAN is not configured properly either in a Cisco Switch or an access point. To have a better understanding please post the current configuration and how the AP is connected to your network. One more thing you can do is to assign the IP address statically and try to ping the DG. Cheers Yasir
Last Wiki Answer Submitted:  October 3, 2009  9:08 am  by  Yasir Irfan   5,395 pts.
All Answer Wiki Contributors:  Yasir Irfan   5,395 pts.
To see all answers submitted to the Answer Wiki: View Answer History.


RSS - Discussions Help
Discuss This Question:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

 

Hi yasir
When i shut down this AP then the client is work ing fine with other AP association.
We have a netowork with wpa with tkip authentication. the client are working with seperate ssid, and the ssid are authenticated by cisco ACS. All these things are working fine. i am sure that the problem is related to that AP 3 only.
I am confused wheathere the problem is from AP hardware side or the software side.
letus view my config.
!
! Last configuration change at 13:58:02 GMT Thu Oct 1 2009
! NVRAM config last updated at 14:09:11 GMT Thu Oct 1 2009 by satish
!
version 12.3
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname AP1_LT3
!
enable secret 5 $1$7ELJ$vEfRltZcHAmmn4Yzfc7xG/
!
clock timezone GMT 5 30
ip subnet-zero
no ip igmp snooping
ip domain name gti.com
!
!
aaa new-model
!
!
aaa group server radius rad_eap
server XXXXXX auth-port 1514 acct-port 1515
server XXXX auth-port 1514 acct-port 1515
!
aaa group server radius rad_mac
!
aaa group server radius rad_acct
server XXXX auth-port 1514 acct-port 1515
server XXXX auth-port 1514 acct-port 1515
!
aaa group server radius rad_admin
server XXXX auth-port 1514 acct-port 1515
server XXXX auth-port 1514 acct-port 1515
cache expiry 1
!
aaa group server radius rad_pmip
!
aaa group server radius dummy
!
aaa authentication login default group radius local
aaa authentication login eap_methods group rad_eap
aaa authentication login mac_methods local
aaa authentication login aaa-http-access group rad_admin local
aaa authentication enable default group radius enable
aaa authorization console
aaa authorization exec default group radius local
aaa authorization exec aaa-http-access group rad_admin local
aaa authorization network default group radius local
aaa accounting exec default start-stop group rad_acct
aaa accounting network default start-stop group rad_acct
aaa accounting network acct_methods start-stop group rad_acct
aaa cache profile admin_cache
all
!
aaa session-id common
dot11 activity-timeout client default 100000
dot11 activity-timeout repeater default 100000
dot11 activity-timeout workgroup-bridge default 100000
dot11 activity-timeout bridge default 100000
!
dot11 ssid nuGmng4o
vlan 30
authentication open eap eap_methods
authentication network-eap eap_methods
authentication key-management wpa cckm
infrastructure-ssid optional
!
dot11 ssid XXXX
vlan 61
authentication open
!
power inline negotiation prestandard source
!
crypto pki trustpoint TP-self-signed-3563860770
enrollment selfsigned
XXXXXX

!
crypto ca certificate chain TP-self-signed-3563860770
XXXXXX
bridge irb
!
!
interface Dot11Radio0
no ip address
no ip route-cache
!
encryption key 1 size 128bit 7 XXXX transmit-key
encryption mode ciphers wep128
!
encryption vlan 30 mode ciphers tkip
!
XXXXXXX
ssid nuGmng4o
!
ssid nuGmng5o
!
speed basic-1.0 basic-2.0 5.5 6.0 9.0 11.0 12.0 18.0 24.0 36.0 48.0 54.0
channel 2462
station-role root
infrastructure-client
!
interface Dot11Radio0.30
encapsulation dot1Q 30 native
no ip route-cache
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
bridge-group 1 spanning-disabled
!
interface Dot11Radio0.61
encapsulation dot1Q 61
no ip route-cache
bridge-group 61
bridge-group 61 subscriber-loop-control
bridge-group 61 block-unknown-source
no bridge-group 61 source-learning
no bridge-group 61 unicast-flooding
bridge-group 61 spanning-disabled
!
interface Dot11Radio1
no ip address
no ip route-cache
shutdown
dfs band 3 block
speed basic-6.0 9.0 basic-12.0 18.0 basic-24.0 36.0 48.0 54.0
channel dfs
station-role root
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
bridge-group 1 spanning-disabled
!
interface FastEthernet0
no ip address
no ip route-cache
duplex auto
speed auto
hold-queue 160 in
!
interface FastEthernet0.30
encapsulation dot1Q 30 native
no ip route-cache
bridge-group 1
no bridge-group 1 source-learning
bridge-group 1 spanning-disabled
!
interface FastEthernet0.61
encapsulation dot1Q 61
no ip route-cache
bridge-group 61
no bridge-group 61 source-learning
bridge-group 61 spanning-disabled
!
interface BVI1
ip address 192.168.10.8 255.255.255.0
no ip route-cache
!
ip default-gateway 192.168.8.1
no ip http server
ip http authentication aaa login-authentication aaa-http-access
ip http authentication aaa exec-authorization aaa-http-access
ip http secure-server
ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag
ip radius source-interface BVI1
!
access-list 111 permit tcp any any neq telnet
snmp-server view iso iso included
snmp-server view dot11view ieee802dot11 included
snmp-server XXXX
snmp-server community XXXX
tacacs-server host XXXXX
tacacs-server directed-request
radius-server attribute 32 include-in-access-req format %h
radius-server host 192.168.7.20 auth-port 1645 acct-port 1515 key XXXX
radius-server host 192.168.7.21 auth-port 1645 acct-port 1515 key XXXX
radius-server vsa send accounting
radius-server vsa send authentication
!
control-plane
!
bridge 1 route ip
!
!
wlccp ap username wds-ap password 7 XXXX
!
line con 0
password 7 XXXX
line vty 5 15
!
sntp server 192.168.0.21
sntp broadcast client
end

please suggest.

Ekansh
 400 pts.
 

Ekansh, Is this problem solved? I have similar issue. Couldnt find the cause yet.

Netkal
 55 pts.
 

Have you checked the frequencies they are operating at.

It could be the client is having problems with interference from another AP, and can’t associate properly.

They must have sufficient gap to avoid overlap, which can cause flip-flopping and time outs, if the wireless device is able to roam about the building.

Chippy088
 4,625 pts.
 

The problem I was facing was solved. I checked the cisco ACS and the key was the same as in Acces point. Then I was able to reach the IP;s obtained by laptop. I didnt change any config. There was similar issue with another two AP’s connected tot he same switch, its also started to work some how. Dont know where was the issue.

Netkal
 55 pts.