09-20-2013 07:13 AM
I have two Location with IAP-135 and IAP-134 mixed. One location on has 3 IAPs and the other has 8 IAPs. They both have two different DHCP servers The one with 8 uses a IP helper on the router for an off site dhcp server and the one with 3 has a local one. They have one SSID that uses 802.1x and one SSID with WPA2-PSK. The problem I am having is that some client, maybe 2 or 3 at a time, will authenticate but wont pull an IP address. It is different devices each time but does seem to be Apple device more than others, and it will happen on both SSIDs. Most of the time after a couple of hours they will get an ip. I can see in ClearPass that the clients do pass authetication. Has anyone else seen anything like this?
09-21-2013 09:25 AM
Are both SSIDs mapped to the same VLAN(s) on the IAPs? Is it possible that somewhere one or more of the IAPs do not have connectivity to the user VLAN(s)?
What version of IAP code are you running?
09-23-2013 05:43 AM
Both the SSIDs are on the same vlan. There is only one vlan at that those two locations. I upgraded the the code to the newest code, I believe it was 6.2-3.4 or something close to that. Connectivity is fine with with the wired network. I replace cisco APs running in hreap mode with IAP-135s and the problem with the DHCP started as soon as the new APs were in place. They are authenticating to clearpass which is connected to activedirectory. Im trying to give you all as much information as I can.
09-24-2013 05:53 AM
I experieced a smiliar issue while I was testing the latest 6.2-3.4 code. I did notice that when I used the internal DHCP server on the IAP (as in setting up a "Guest" SSID) I appeared to have no issues. I haven't spent the time to evaluate the network packets and have instead reverted back to 6.2-3.3 code.