Hello airheads,
I currently have a problem with a small network.
Four APs are connected to a 7205 controller (AOS8.3). Until last week everything was running fine.
Now since friday the clients on the APs do not get an IP address anymore. I don't know if anyone has changed anything.
They can log on to the SSID normally and are listed as "authenticated" in the controller. I gave a client a static IP address and he can't ping his gateway. Forwarding mode is tunnel. Role authenticated. The Role has only one rule "any any permit".
The controller can ping all IP addresses. (Gateway of the SSID network, dhcp etc.).
The DHCP for the client network also works normally, I have tested this with a wired-device.
I can only imagine a layer-2 problem so I try to provide these informations. The Controller is directly connected with two links to the core.
The current configuration of the controller ports looks like this:
!
interface gigabitethernet 0/0/0
trusted
trusted vlan 1-4094
no poe
!
interface gigabitethernet 0/0/1
trusted
trusted vlan 1-4094
no poe
switchport mode trunk
switchport trunk allowed vlan 10,20
no spanning-tree
!
*Vlan 10 is the mgmt-network for the APs and Vlan 20 the client network.
APs are working correctly, they are pingable and providing the SSID
Now the Core ports looks like this:
interface 1 -> connected to Gi0/0/0
no power-over-ethernet
tagged vlan 10,20
untagged vlan 100
no cdp enable
loop-protect
!
interface 2 -> connected to Gi0/0/1
no power-over-ethernet
tagged vlan 10,20
no cdp enable
loop-protect
!
Both links are up/up, Spanning-Tree forwarding (except Controller port Gi0/0/1 where STP is disabled for a reason I dont know).
The Core is Gateway for vlan 10 and 20. The Controller has only one IP address in vlan 10.
Controller can ping any IP address.
- sorry for the long post, but I wanted to provide as many informations as I can.
I think Layer1 is working without issues.
Layer3 seems working fine, the Gateway and DHCP are working as I think it should-
So for me only Layer2 issues can be the reason for the failure.
I only wanted to get some ideas what can I test anymore, maybe I forgot something?
#7205