Hi,
It's my first time deploying Meraki and I'm having an issue with a specific SSID as the client is not getting an IP address. I will be replacing aironet with Meraki.
Meraki SSID with issue is on Bridge mode and it's using VLAN 308 for VLAN tagging.
The switchport is on trunk-mode and native VLAN is set to the VLAN for Meraki management IP(NO VLAN filtering on switchport), VLAN 308 is on the VLAN database of the core and access switches but VLAN 308 is behind Cisco ASA firewall.
VLAN 308 is already existing and it's being used by aironet access points. Clients connected to SSID from aironet are able to acquire IP address.
DHCP IPs are not depleted as well.
Kindly guide me if there is something I need to add on Meraki Dashboard or on Cisco ASA.
Thank you.
Hi @gabbybher go to Wireless > configure > Firewall and Traffic shaping
Are you Allowing or Denying clients access to the LAN? If set to deny then clients won’t get an Ip from your dhcp server
Hi Ucert,
I think the SSID is on default settings for Firewall and Traffic Shapping.
Scroll down on that page. What are your outbound rules? By default Local LAN is blocked
it's also on default, allow IPv4 any any.
Some part of the information you have supplied is wrong - as the above should work - so you need to double check everything.
Make sure the SSID is set to bridge mode and is definitely bridging to VLAN308.
Make sure the switch port is definitely in trunk mode and definitely allowing VLAN308. Make sure the switch's uplink is able allowed to send and receive VLAN308.
Make sure the client is definitely authenticated to the SSID. They wont get an IP address if they haven't authenticated.
Hi PhilipDAth,
SSID is set to bridge mode.
Switchport is on trunk(no VLAN filtering)
Switch uplink allows all VLANs.
VLAN 308 is on the VLAN database of Core and Access switches.
The tester is able to authenticate and connect to SSID but it's not getting an IP from the DHCP server, just getting APIPA(169.254.x.x).
VLAN 308 is behind Cisco ASA firewall.
Are there configurations that I should add on Dashboard or Cisco ASA side?
Thank you.
@gabbybher , what are you seeing in the ASA logs? Can you see the dhcp requests from the clients?
If the other WiFi system has security features try turning them off. Perhaps it is seeing a rogue connected AP and is sending dis-association requests to prevent the client from being attached to the Meraki AP.
What does Meraki Wireless Sentry say? Anything in the Meraki wireless event log?