Problem solve Get help with specific problems with your technologies, process and projects.

Why can't our wireless NIC get an IP address?

Wireless association followed by DHCP failure is not uncommon. Learn why your wireless NIC is unable to get an IP address from an access point (AP) that it can see and detect a signal from, in this Ask the Expert answer.

Have you ever had a problem with wireless NIC not being able to get an IP address from an access point that it can see and detect a signal from?

Wireless association followed by DHCP failure is not uncommon. The wireless association establishes the data link. Once associated, the station can transmit and receive data frames. At that point, most stations send a DHCP request: a UDP packet from port 67 to port 68. If a DHCP server is reachable on the LAN, it evaluates the request and responds -- usually by leasing an IP address to the requesting station. So what can go wrong?

First, the station can fail to associate with the AP. Even when signal is strong, the AP can reject the station's associate or authenticate requests. For example, it may be too busy, or there may be a mismatch in supported data rates or security parameters (e.g., the station may not have the right WEP key.) Look for a mismatch in capabilities and security settings between your wireless NIC and AP, and use your AP's log to verify that an association IS being established.

Second, a station that associates may still get disconnected by the AP. For example, the AP may be configured with a MAC Access Control List that does not include the station's address. Or the stations may fail WPA-PSK or WPA (802.1X) authentication. Using WPA-PSK, a station that does not present the right Pre-Shared Key will appear to associate, but never get an IP address. Using WPA (802.1X), a station may appear to associate for perhaps a minute, then get disconnected when the 802.1X exchange fails. Carefully watch the station's connection status and double-check authentication settings. If using Windows XP SP2, enable the Wzctrace.log using the command "netsh ras set tracing."

Third, a station that's really connected to an AP can still be unable to reach a DHCP server. Wireless routers often have built-in DHCP servers, but that service may be turned off. Wireless APs usually require a DHCP server somewhere upstream from the AP's Ethernet connection. Verify that a DHCP server exists on your LAN (or VLAN) and can be reached from your AP. It is also possible (but not very likely) that DHCP is being blocked by a personal firewall on the wireless station, or by IP filters on the AP. If you suspect a DHCP problem, watch IP packets using Ethereal, both on the station itself and somewhere on the wired LAN. On Windows, use "ipconfig /release" and "ipconfig /renew" commands to repeat DHCP while you're watching.

Finally, the DHCP server must be willing to lease an IP address to the station. We usually take this step for granted, but if you exhaust other possibilities, then examine logs on your DHCP server to verify that the station's requests are being received, and that an address is being assigned. For example, an unusually busy DHCP server may temporarily reject requests when its IP address block is exhausted.

The most common culprits are the first and second above. In particular, if your station is running Windows XP SP2 and has a connection that is enabled/active, but reports limited or no connectivity, then you are probably stuck on problem #2.

This was last published in March 2006

Dig Deeper on Network services

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.