Guest network stopped working on the some APs

  • 1
  • Question
  • Updated 2 years ago
Hey there, 

Recently we've been having an issue with our guest wireless network. Our receptionist usually issues 1-day-valid password for guests. Starting from couple weeks ago our guests cannot connect to the network receiving an error message: "Connection to "..." timed out. Connection failed." 

Strange thing is that the issue seem to be presented only with the certain group of APs connected to the same switch.

I checked configuration of the switch, seem normal and it has not been changed since it was working normally.

And also our other wireless network for staff is working perfectly on the same switch.

Any tips?

Thanks.
Photo of Alex

Alex

  • 5 Posts
  • 0 Reply Likes

Posted 2 years ago

  • 1
Photo of Dianne Dunlap

Dianne Dunlap

  • 75 Posts
  • 15 Reply Likes
Have you rebooted the switch?  The APs?   The guest addresses would be in a different subnet from staff, would they not?  Have you checked dhcp leases for the problem subnet?   If you take a problem AP and move it to a different switch,  does the problem stay with the AP or the switch?
Photo of Alex

Alex

  • 5 Posts
  • 0 Reply Likes
Hey Dianne,
- Yes, I rebooted the switch, did not help.
- I also rebooted APs and even swapped them, no result. APs from the 'troubled' switch are working fine being connected to other switches.
- Guest WiFi takes addresses from the different pool from staff
- APs from the 'troubled' area are working fine being connected to the 'normal' switch, I can connect to the guest WiFi

Thanks))
Photo of Dianne Dunlap

Dianne Dunlap

  • 75 Posts
  • 15 Reply Likes
Is the dhcp server on the same segment or is there a helper address on the switch to get to it?  If you set up an address-pool on the switch instead of using the server beyond the switch, does ip addressing work?   If not, can you run dhcp debugs on the switch to see if the traffic is getting there?  If you use Hivemanager tools > client monitor, where do you see the dhcp sequence stop?  If you sniff at spanport on the AP gateway, are you seeing dhcp request from the client/AP?
Photo of Bill W.

Bill W.

  • 222 Posts
  • 35 Reply Likes
Try using the VLAN Probe Tool to test that the switch is configured properly. Go to Tools->VLAN Probe.  This is a quick way to check if you have something mis-configured on the switch(s). If there is no response from the guest VLAN, then you know you need to check the config of all switches (or any other network equipment) between the AP and the DHCP server.
Photo of Alex

Alex

  • 5 Posts
  • 0 Reply Likes
Thanks, VLAN Probe for APs in the problem area fails and passes for APs in other areas. Must be something wrong with VLAN settings on the switch.
Photo of Bill W.

Bill W.

  • 222 Posts
  • 35 Reply Likes
Make sure to check the VLAN settings on the upstream switch/router that the problem switch is connected to. The problem switch could be configured just fine, and it's actually the upstream switch that doesn't have the proper VLAN configuration for the port the problem switch is linked on.

Here is a scenario that could have happened. Your problem switch is connected to port 1 on the core switch and everything is configured and working fine. For some reason, the switch uplink on the core got moved to port 2. But when it was moved to port 2, someone forgot to tag port 2 for the guest VLAN. So at first you think the switch that the APs are attached to is the problem and are left wondering why it isn't working when the switch is configured correctly. Then you have to move upstream to check there next.

Just something to keep an eye out for. Hope you find it.
Photo of Alex

Alex

  • 5 Posts
  • 0 Reply Likes
Thanks for a tip. I checked the switch uplink, actually a core switch and everything seem to be fine there. The port is tagged for the guest vlan.

The switch with the troubled sector of the guest wifi is a stacked switch. I wonder if the other switches in that stack could affect our guest wifi?
Photo of Alex

Alex

  • 5 Posts
  • 0 Reply Likes
Found it! The port-channel on the edge switch (troubled switch) was misconfigured.

Since it was a stacked switch with 2x1GB fibers connected to a core switch a port channel should have been configured properly, but it was not. We tagged a port channel with Guest VLAN and voila, it is working now!

Thanks guys for your help!
Photo of Luke Harris

Luke Harris

  • 265 Posts
  • 18 Reply Likes
Out of curiosity Alex, what switching infrastructure are you using? I dare say you will be the last person to forget to tag a VLAN on an uplink port! 
(Edited)