Problem solve Get help with specific problems with your technologies, process and projects.

Is my firewall setting preventing wireless network guest access?

In a wireless guest network, find out why some vendors can connect without authentication while others cannot get an IP in this ask the expert response.

Where I work we have a wireless guest network that vendors can connect to without any authentication. Most vendors using Windows XP connect without any problem, but some see the network but can't get an IP. Is this a firewall setting or what?
Connecting to a wireless network but not obtaining a dynamic IP address is usually a sign of post-association failure -- for example, when a station's MAC address is blocked on the LAN or when a station cannot successfully complete the 802.1X key handshake because it has the wrong Pre-Shared Key or a bad PEAP password.

Because your wireless guest network is not using authentication -- and I assume it is also not using encryption -- then the most likely culprit is DHCP itself. Put a LAN analyzer like Wireshark between the AP and the DHCP server, and watch to see whether DHCP requests are actually making it onto the LAN. If not, try capturing wireless packets to see whether the affected station is actually generating DHCP requests. If you still see nothing, look at the configuration of the station itself -- for example, is the DHCP Client service not running or is a personal firewall blocking DHCP? Work your way back through the path until you find the culprit.

This was last published in April 2008

Dig Deeper on Network Access Control

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.