Cisco 7921 / WLC / Cisco 1252 LWAPPS – Intermittent Wireless Voice Connectivity

I was working on a CUWN deployment in a healthcare environment with the following Charcteristics :

  • 7921 Phone Handsets
  • A Cisco 4404 Wireless Lan Controller running controller code
  • 1252 Light weight Access-points powered by 15.4W POE ports on a Catalyst 3750
  • Internal DHCP Server was being used.

The Site also had existing 1242 AP’s connected to the controller, however these where geographically seperate from the new deployment.

Everything was installed, configured and appeared to be running correctly, until after several days the 7921’s were having issues connecting. The following Symptoms were displayed:

  • The 7921 would display “DHCP TIMEOUT” on the screen and go into a loop
  • Not all of the AP’s would display the problem at the same time.
  • If you connected when associated with a functional AP and then roamed to a non-funtional AP network connectivity was extremly flaky.
  • The 1242 AP’s at the other end of the site were unaffected.

Once a 1252 was affected the only way to rectify the issue was to perform one of the following:

  • Perform a factory reset from the WCS by selecting “Clear AP Config”
  • Disabling and Re-enabling the WLAN.

It should be noted that merly rebooting the AP would not fix the issue.

OK, time to call TAC.

With TAC’s assistance I took the following action:

  1. Moved to an external DHCP server – This rectified the DHCP TIMEOUT Issue, however the poor connectivity continued
  2. I was using dot1x authentication with PEAP on the phones. – I moved to WPA/WPA2 with a Pre-shared Key for the voice WLAN. Didn’t fix the issue, however I was impressed with how much quicker association and Authentication took place.
  3. I upgraded the 4404 controller code to – This Appears to have Fixed the Issue.

WLC 4404 – 7921 PEAP Authentication

If you are using a Cisco Wireless Lan Controller and want to Authenticate your phones using PEAP, make sure you adjust the eap request-timeout with the following command on the CLI of the controller :

config advanced eap request-timeout 20

make sure you type “save config” to write the change to flash.