Mam dziwny problem na AP AIR-AP1141N-E-K9, mianowicie chodzi o przyznawanie adresów IP via DHCP.
Objaw jest następujący, stacja czy to PC, czy Symbian przyłączają się do AP ale nie mogą pobrać adresu IP. Jeśli ten adres wprowadzę ręcznie wszystko działa tak jak należy.
Serwer DHCP mam skonfigurowany na routerze który również działa prawidłowo, jeśli wykroje sobie VLAN 30 na przełączniku adres dla PC jest przyznawany bez problemu.
Jeszcze żeby było dziwniej czasami adres zostanie przyznany np. po restarcie AP ale też maksymalnie raz lub dwa i koniec.
Firmware na AP: Version 12.4(25d)JA
Show dot11 associations pokazuje coś takiego:
Kod: Zaznacz cały
001f.3c75.9018 169.254.138.120 ccx-client APDol self Assoc
0021.fe54.0f2c 0.0.0.0 ccx-client - self Assoc
Pozdrawiam
mhuba
Kod: Zaznacz cały
Current configuration : 5235 bytes
!
! No configuration change since last restart
!
version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
no service dhcp
!
hostname xxx
!
logging rate-limit console 9
enable secret 5 xxxxxxxxxx
!
aaa new-model
!
!
aaa group server radius rad_eap
!
aaa group server radius rad_mac
!
aaa group server radius rad_acct
!
aaa group server radius rad_admin
!
aaa group server tacacs+ tac_admin
!
aaa group server radius rad_pmip
!
aaa group server radius dummy
!
aaa group server radius rad_eap2
server 10.10.20.4 auth-port 1645 acct-port 1646
!
aaa authentication login eap_methods group rad_eap
aaa authentication login mac_methods local
aaa authentication login eap_methods2 group rad_eap2
aaa authorization exec default local
aaa accounting network acct_methods start-stop group rad_acct
!
aaa session-id common
clock timezone CEST 1
ip domain name xxx.pl
no ip dhcp use vrf connected
!
!
dot11 syslog
dot11 vlan-name LAN_VLAN vlan 1
dot11 vlan-name VLAN_30 vlan 30
!
dot11 ssid XXX_Guest
vlan 30
authentication open
authentication key-management wpa version 2
mbssid guest-mode
wpa-psk ascii 0 xxxx
information-element ssidl
!
dot11 ssid XXX
vlan 1
authentication open eap eap_methods2
authentication network-eap eap_methods2
authentication key-management wpa version 2
mbssid guest-mode
information-element ssidl
!
!
crypto pki trustpoint TP-self-signed-3112539474
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-3112539474
revocation-check none
rsakeypair TP-self-signed-3112539474
!
!
crypto pki certificate chain TP-self-signed-3112539474
certificate self-signed 01
30820248 308201B1 A0030201 02020101 300D0609 2A864886 F70D0101 04050030
31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 33313132 35333934 3734301E 170D3131 30333234 31343138
34335A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D33 31313235
33393437 3430819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
8100B403 4D645B03 0535A097 92690EAF 37B187E5 380E72E8 3D8C6A4E 82DED2B1
C28D9C00 8F41EA47 0E52940F F9FBF62C C8503B1C 812C49A7 ADB1C8F6 D06D93B3
D41D5075 2B9D00D2 E1CE1EB0 E108A705 C55FA3E7 00E5419F 6061853A 26D23EF1
6FBFAE58 68CD8361 C02A1013 BEA06934 47E2DA3E 997BC045 DD4DF4FC 769FBF09
19270203 010001A3 70306E30 0F060355 1D130101 FF040530 030101FF 301B0603
551D1104 14301282 10415044 6F6C2E61 64766163 6F6D2E70 6C301F06 03551D23
04183016 8014A4E7 DF4A17AF 20826B25 559C62D6 6FA5DE00 48E3301D 0603551D
0E041604 14A4E7DF 4A17AF20 826B2555 9C62D66F A5DE0048 E3300D06 092A8648
86F70D01 01040500 03818100 85538B8B 1F76D466 E5C6DD67 03B38C5E A17659F9
B7ADFAA9 23FBB6CC 4C6A450C 5E79868A E850ECB7 AAB02617 A0AFE855 49B30BDB
4BEF945C 9601D75C 48090A5D 59D95185 C56BD51B 81A3363F 0A85477F 3BDA04A5
AF5D2329 A3412500 07293A51 64B1ABBB 1F0D50C1 3446381E BE845E3F CBC04238
2FA2EAE9 E759D05A 2E1574BC
quit
username xxxxx privilege 15 password 7 xxxxxxxxxxx
!
!
bridge irb
!
!
interface Dot11Radio0
no ip address
no ip route-cache
!
encryption vlan 1 mode ciphers aes-ccm tkip
!
encryption vlan 30 mode ciphers aes-ccm tkip
!
ssid XXX_Guest
!
ssid XXX
!
antenna gain 0
mbssid
power client 20
station-role root access-point
beacon period 20
!
interface Dot11Radio0.1
description WLAN_LAN
encapsulation dot1Q 1 native
no ip route-cache
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
bridge-group 1 spanning-disabled
!
interface Dot11Radio0.30
encapsulation dot1Q 30
no ip route-cache
bridge-group 30
bridge-group 30 subscriber-loop-control
bridge-group 30 block-unknown-source
no bridge-group 30 source-learning
no bridge-group 30 unicast-flooding
bridge-group 30 spanning-disabled
!
interface GigabitEthernet0
no ip address
no ip route-cache
duplex auto
speed auto
no keepalive
!
interface GigabitEthernet0.1
encapsulation dot1Q 1 native
no ip route-cache
bridge-group 1
no bridge-group 1 source-learning
bridge-group 1 spanning-disabled
!
interface GigabitEthernet0.30
encapsulation dot1Q 30
no ip route-cache
bridge-group 30
no bridge-group 30 source-learning
bridge-group 30 spanning-disabled
!
interface BVI1
ip address 10.10.20.241 255.255.255.0
no ip route-cache
!
interface BVI30
ip address 10.10.30.20 255.255.255.0
no ip route-cache
!
ip default-gateway 10.10.20.1
no ip http server
ip http secure-server
ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag
ip radius source-interface BVI1
radius-server attribute 32 include-in-access-req format %h
radius-server host xxxxxxxxx auth-port 1645 acct-port 1646 key xxxxx
radius-server vsa send accounting
bridge 1 route ip
!
!
!
line con 0
line vty 0 4
transport input ssh
!
sntp server xxxxxxxxxxxxxx
sntp source-interface BVI1
end