Preview Tool

Cisco Bug: CSCte08161 - cannot get IP address from server if key-management is "wpa optional"

Last Modified

Feb 28, 2018

Products (1)

  • Cisco Aironet 3700 Series

Known Affected Releases

12.4(21a)JA1 6.0(188.0)

Description (partial)


Wireless client does not get the IP address from dhcp server since AP 
does not forward the dhcp offer packet to the client if key-management 
is "wpa optional".
We can see 802.1x succeeds, then dhcp offer is in ethernet side.

This problem happens when dhcp offer is a broadcast packet.
If dhcp offer is an unicast packet, this problem does not happen.

12.4(10b)JDA does not cause this problem.

/config highlight/
dot11 ssid tsunami
   authentication open eap eap_methods 
   authentication network-eap eap_methods 
   authentication key-management wpa optional
interface Dot11Radio0
 encryption mode ciphers tkip wep128 

 Reproducibility : Yes
 Condition : key-management is "wpa optional"
             dhcp offer is broadcast packet

 Software: 12.4(21a)JA1

Related Community Discussions

what does "key-management is "wpa optional"" mean in wireless controller ?
Dear all : We did have a few users who failed to get DHCP IP address, but the authentication is successful. After rebooting the AP, the issue was disappeared. We seem to hit bug <key>CSCte08161</key> in our WLC 5508 with firmware 6.0(188.0). <key>CSCte08161</key> was first found-in  12.4(21a)JA1 and 6.0(188.0) and  symptom of <key>CSCte08161</key> is             &quot; can not get IP address from server if key-management is &quot;wpa optional&quot;&quot; But what kind of security policy is &quot;wpa optional&quot; in wireless controller ? We are not sure we ...
Latest activity: Apr 07, 2010
Bug details contain sensitive information and therefore require a account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.