14
Release Notes for Cisco Aironet Access Points and Bridges for Cisco IOS Release 15.2(2)JA
OL-23990-01
Important Notes
Pings and Link Tests Sometimes Fail to Clients with Both Wired and Wireless
Network Connections
When you ping or run a link test from an access point to a client device installed in a PC running
Microsoft Windows 2000, the ping or link test sometimes fails when the client has both wired and
wireless connections to the LAN. Microsoft does not recommend this configuration. For more
information, refer to Microsoft Knowledge Base article 157025 at this URL:
http://support.microsoft.com/default.aspx?scid=kb;en-us;157025&Product=win2000
Layer 3 Mobility Not Supported on Repeaters and Workgroup Bridges
Repeater access points and workgroup bridges cannot associate to an SSID configured for Layer 3
mobility. Layer 3 mobility is not supported on repeaters and workgroup bridges.
WLSM Required for Layer 3 Mobility
You must use a Wireless LAN Services Module (WLSM) as your WDS device in order to properly
configure Layer 3 mobility. If you enable Layer 3 mobility for an SSID and your WDS device does not
support Layer 3 mobility, client devices cannot associate using that SSID.
The Cisco Aironet 1250 and 1140 Series Access Points Have a Hardware
Limitation
The beacons on the Cisco Aironet 1250 and 1140 Access Points can only have output at intervals that
are multiples of 17 milliseconds. When these access points are configured for a 100 millisecond beacon
interval, they transmit beacons every 102 milliseconds. Similarly, when the beacon interval is configured
for 20 milliseconds, these access points transmit beacons every 17 milliseconds.
Potential RFC 3748 Violation
When the following command is configured under the SSID settings (for LEAP authentication):
authentication client username <WORD> password [0 | 7] <LINE>
If the first access-challenge returned by the Radius server after the access-request from the access point
is not for the LEAP method but for EAP-MD5, the acces point violates RFC 3748.
Instead of sending an EAP NAK requesting LEAP authentication, the access point sends the user's
credentials with EAP-MD5 and drops the derived keys, since it cannot read the EAP-MD5 from the
access-accept.
This violates RFC 3748.
The workaround for this is to use the commands
dot1x credentials and dot1x eap profile for LEAP
authentication.
For configuration procedures, see the Cisco IOS Software Configuration Guide for Cisco Aironet Access
Points.
(28 pages)
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Comments to this Manuals