Print

Please login or register.
1 Hour 1 Day 1 Week 1 Month Forever
Login with username, password and session length

[jeffesmi]

I have the following setup:

3 DAP-2553 (1 per floor) acting as APs for each floor (EB1 Building)
3 Cisco Series 300 POE Switches (1 per floor) (EB1 Building)
1 DAP-2553 as bridge (EB1 Building)

1 DAP-2553 as a bridge (Admin Building - Internet on this side)
1 Cisco RV120W Router (Admin Building - Internet on this side) Providing Internet, VLAN, and Routing Functions
1 Server 2008 R2 providing DHCP & DNS (Admin Building - Internet on this side)

2 VLANs (VLAN 1 and VLAN 5)

Okay, here is the problem: Everything works great.  Hardwired connections work flawlessly, apple devices connect wirelessly without a problem, most laptops & android devices connect wirelessly without a problem. HOWEVER, some windows laptops and android devices refuse to acquire a DHCP address when connected to the wireless access points.  I'm pretty sure the problem lies somewhere in the AP as when I power-cycle the APs, all the devices that were having problems start connecting and acquiring IP addresses. If this happened once every three months or even once a month, I'd just deal with it.  However, this seems to happen multiple times a week. Some information that may help or may just confuse:

- I can have my laptop and Nexus 7 right next to each other.  The Nexus will connect but the laptop won't when the problem is happening.
- I can connect from my laptop WHEN THE PROBLEM IS HAPPENING to VLAN5 through the multi-SSID which get's it's DHCP from the Cisco router instead of the WIndows 2008 R2 server.  When I try switching to VLAN1, I have the same problem with no DHCP address acquired.
- I put a DHCP Relay on the Cisco Series 300 switch that the DAP-2553 in question is trunked to for VLAN1, but this did not seem to resolve the problem.
- When the problem is occuring, I reboot the DAP-2553, and all of the systems are fine again.
- I have the latest F/W on the DAP-2553 v1.25

Anyone got any ideas?  The fact that it gets through on VLAN 5 to a different DHCP server would make me think that the problem is with the Windows Server 2008 R2 server, but ONLY rebooting the DAP-2553 resolves the problem which makes me think it's an issue with that device. I've seen this at multiple clients using DLink devices and Server 2008 and higher, so I'm thinking it may be a compatibility issue between the two, but I've looked and don't see a way to resolve this.  Also, is there a limit to the number of VLANs that the DAP-2553 can carry?  The reason I ask is that I was trying to setup a 3rd VLAN to test if the problem was something specific with VLAN1, but could not get my 3rd VLAN to communicate back over the bridge to the RV120W.  I know the RV120W supports 4 VLANs, but I'm unsure if the DAP-2553s have a limitation.

Thanks,

Jeffery Smith

[FurryNutz]

  Wow, what a set up. Took some time to digest that. This is kind of complex and troubleshooting will be interesting...

Um, Hmm...Have you tried testing with only 1 of the 3 DAPs ON to see if the problem persists?
Try swapping DAP positions?

What is the distances between the DAPs and these two buildings?
Any cordless house phones?
Any other WiFi routers in the area? Link> Use InSSIDer to find out. How many?

Are the DAP using Auto channel scan or Manual? Try testing each DAP on a different channel if you can with 1, 6 and 11 if no other neighboring WiFi is using them. Test anyways if there are unless the area is congested with Wifi.

Try setting Medium or Low power output settings and test again.

[jeffesmi]

Yes, it took some time to get it functional. I originally tried it with the Cisco APs for the bridge, but there as a bug in their F/W and they couldn't keep the bridge open for any amount of time. 

I figured out that power-cycling the device fixed the problem the other day while I was there, but this problem keeps popping up, so it appears to be an issue I'll need to deal with.  I'm not sure what trying a single AP would accomplish?  I know that I can use static settings to connect w/o a problem, so it doesn't appear to be a signal issue.  Can you tell me what you are thinking so I can figure out the best way to test it in our environment?  Unfortunately, once the AP has been power-cycled, it is good for "x amount of time" until it stops handling DHCP broadcasts again.  This makes taking APs offline for testing either something that I have to do for a long time until the problem reoccurs which will greatly inconvenience the users or for very short periods of time where I will be unlikely to collect any information that is useful. I just power-cylced the one AP the other day and I'm trying to find out if people are still having problems on the other APs.

The APs are one per floor on static channels 1,6, and 11 to facilitate proper roaming.  There WERE NO OTHER APS OR ROUTERS, but the other day when I was there, the school who shares the space appears to have put their own AP up.  I'm looking into this, but have little sway and have more of an advisory position. The new AP is on CH 10.   The problem seems to have been around since before this new access point, so while it is possible it made the problem worse, it is not the root cause. I actually use WiFi Analyzer on my phone to spot the new AP, but I use INSSIDER too.  This is how I am SURE which AP I was connected to when having problems. 

I'm used to most smart devices have a DHCP relay option, but these devices don't have such a thing, so I'm thinking that their ability to relay the DHCP broadcasts is getting corrupted over time and without a hardwired setting, they just start droping the broadcasts like a bridge should.  In the past, D-Link support has assured me that the DHCP relay is not necessary, but it seems odd that most every other smart-switch, router, and AP I've worked with has this option and I have no problem.

I haven't played with the power settings, but again, the connection is GREAT, if I use static IPs or setup the AP as a DHCP server, everything works GREAT. Also, the School Network on VLAN 5 uses the DHCP server from a Cisco RV 120w and has no such problem.   It's just that after awhile, the APs appear to stop passing DHCP requests on VLAN 1 to the Windows Server 2008 R2 server. I would gladly lay the blame on Microsoft's Server if rebooting the server fixed the problem.  However, the thing that fixes it at least temporarily is to reboot the DAP.

Let me know what you are thinking and maybe I can find a way to test it without causing too much of an uproar.  I've considered loading wireshark or another sniffer, but I've never used those before and am hoping that someone has run into this before and knows a good solution.

Thanks,

Jeff

[FurryNutz]

What region are you located?

One reason for asking you to try one AP and swapping APs around is to see if you can maybe narrow down if this problem is happening to one AP at a time or possibly narrowing it to one particular AP that could be the root cause or if all of them in combination this is happing too. I do understand that doing this will impact your customer operation and normal working environment.

We are curious about this.

What are the Wireless settings currently? All different SSIDs and PW or different per AP?
What modes are the APs currently set on? Can you change to modes that are most commonly used like G and N or single mode G or N only. A and B modes aren't used much any more so if you don't have any devices that need that, you could disable those modes.

What security modes are you using? Auto WPA/WPA2? Try WPA only then WPA2 only as a test.
What cypher type are you using? Auto TPIK and AES? Try TPIK only then AES only as a test.
Are the DAPs web pages accessible when this problem happens? Before you power cycle them.

We are tracking other users having this model AP hang on them after a period of time. This could be a similar issue.

I'll pass this along to D-Link.

If any of my suggestions fail or you can't seem to get any resolve for this, please PHONE contact D-Link support and lets get a case number going.

Keep us posted...

[jeffesmi]

I'm back here today and I'm hoping that I will have time to look into it some more. Part of the reason I only reset the one AP was to see if everyone was fine or if the problem continued.  From physical location of the incidents, I expect that the problem involves multiple access points, but I can't swear to that.  I guess I could try take one access point offline at a time to minimize the impact and see if the problem goes away.  Unfortunately, the people are in and out, have different types of equipment, and don't always communicate the issues in a timely fashion.  The fact that my new laptop seems to have the same problem helps.  Also, I have a surface that seems to have a similar issue. My old laptop and none of my androids have ever had an issue.  all of my laptops have been Windows 7 or 8 and my androids are: Nexus 7, HTC Thunderbolt (old), Samsung Galaxy 4 (new), and an old Viewsonic android tablet that had been modded with the CyanogenMod.  I don't use that anymore. It's my daughter's play toy now.

Settings:
- All AP share the same SSID & password
- I tried setting the CH to auto to see if that helped, but I haven't gotten any feedback yet. Previously, the first floor was on CH 1, the 2nd floor CH 6, and the 3rd floor was CH11.
- All DAP-2553's have multiple SSIDs enabled
     *VLAN 1 is 192.168.0.x; Primary SSID; WPA-PSK; AES;
     *VLAN 5 is 192.168.5.x; SSID1; WPA2-PSK; AES;
- VLAN5 uses DHCP off the Cisco RV 120W and VLAN1 uses DHCP from a Windows 2008 R2 server. When VLAN 1 has trouble getting a DHCP address, VLAN 5 does not appear to have any problems.  I would think this indicates an issue with the VLAN OR the DHCP server (in this case Windows Server 2008R2).  I tried rebooting the server and it had no affect on the problem.  However, rebooting the AP fixed the problem This is why I am focusing on the AP.  It might still be some weird problem with the VLAN1.
- There is an AP in another building that is part of the same AP network.  It does double-time as a WDS bridge & AP. For some reason, the only selection in this mode for cipher is WPA or WPA2.  I don't have an option to do WPA only. Since the bridge is the primary SSID, the AP is SSID1. I have some concerns that someone connecting at this AP would authenticate using WPA2 and then not be able to connect at the other building. However, cross traffic is light and there should be few users passing between the two buildings.

I was originally on WPA2 and we had multiple people with devices and/or XP laptops who had trouble, so that is when I set it down to WPA. Enabling TKIP would open the TKIP Encryption weakness and allow our network to be easily compromised.  I could do this for testing, but wouldn't a change like that cause the router to restart and thus make the problem go away in the short term?  Just a side note, our separate bridge devices use WPA2/AES on separate bridge devices except for the one small building that does double-duty as a bridge and AP.

Another note, I tried setting up a new VLAN that I was going to pipe the primary office traffic through INSTEAD of VLAN1, but I can't get it to work.  Is there a limitation on the DAP-2553s on how many VLANs can be sent through the bridge?  Our router supports 4 VLANs, so I don't think that is the issue.  Let me know if there is some type of limitation built in as right now I'm assuming that is the issue and haven't done additional troubleshooting. It may end up being a simple configuration issue, but since I did it on a lark, I don't have a ton of time I can put into it.

Ours don't seem to lock up. The last time I had issues with that was on the 2100 series AP that locked up when the mac address of allowed bridges started with c8 ... or something like that... A f/w update fixed that issue.

I may end up doing a phone incident, but I'm trying to do this on the cheap for my client.  I can do posting on my off hours without hitting them up with charges, but if I'm locked on a phone call during business hours, I have to charge them. If you want, I'll send you the config file and you can peak at It to see if there is anything obvious.

Thanks,

Jeff

What region are you located?

One reason for asking you to try one AP and swapping APs around is to see if you can maybe narrow down if this problem is happening to one AP at a time or possibly narrowing it to one particular AP that could be the root cause or if all of them in combination this is happing too. I do understand that doing this will impact your customer operation and normal working environment.

We are curious about this.

What are the Wireless settings currently? All different SSIDs and PW or different per AP?
What modes are the APs currently set on? Can you change to modes that are most commonly used like G and N or single mode G or N only. A and B modes aren't used much any more so if you don't have any devices that need that, you could disable those modes.

What security modes are you using? Auto WPA/WPA2? Try WPA only then WPA2 only as a test.
What cypher type are you using? Auto TPIK and AES? Try TPIK only then AES only as a test.
Are the DAPs web pages accessible when this problem happens? Before you power cycle them.

We are tracking other users having this model AP hang on them after a period of time. This could be a similar issue.

I'll pass this along to D-Link.

If any of my suggestions fail or you can't seem to get any resolve for this, please PHONE contact D-Link support and lets get a case number going.

Keep us posted...

[FurryNutz]

Any status on this? 

You can send me the config file(s) if you want and I'll pass them along to my contact at D-Link. I don't have this model AP so I won't be of help here. 

[FurryNutz]

Can someone review this and see if it works for you?
http://forums.dlink.com/index.php?topic=56048.0