Showing results for 
Search instead for 
Did you mean: 

Wireless and DHCP

My colleague made a change to the wireless environment and I'm trying to understand why we observed the unexpected behavior I will now describe.
Prior to the change, the port configuration for all of our HQ-based WAPs was this:


interface Gix/0/z

  switchport trunk native vlan 198

  switchport trunk allowed vlan 198

  switchport mode trunk


Vlan198 is the Vlan for the staff SSID.  The WAPs got their IP address from the same network as the staff wireless users.  Everything worked fine.

My colleague wanted the WAPs to get their IP address from a different network (the same network that the WLCs use for the management interface).

He changed the configuration of the switch ports for HQ-based WAPs to this:


interface Gix/0/z

  switchport trunk native vlan 105

  switchport trunk allowed vlan 105,198

  switchport mode trunk


After making this change, wireless users (staff SSID) were getting their IP address from the 105 VLAN.  I'm having trouble explaining this.  Regardless of how the trunk port is configured on the switch, shouldn't the tunneled traffic enter the WLC tagged with vlan 198 if its coming from the staff SSID?


I don't know much at all about wireless so even though I can look through the management UI most of what I'm looking at is just guess work.  Please tell me if there are configuration elements from the management UI that you want to see and I'll post it to this thread.




Hall of Fame Master

I'm guessing that your doing

I'm guessing that your doing FlexConnect mode.... It's pretty simple... when you are trunking an access point, the ap has to and will get their ip from the native vlan.  The ap will not use a tagged vlan for its management.  On FlexConnect, or if your AP's are in local mode, bot the ap and the client will use native vlan.  I'n FlexConnect, you can specify the SSID to vlan mapping, but this is strictly for FlexConnect.


Please rate helpful post and Cisco Support Community will donate to Kiva




*** Please rate helpful posts ***

"In FlexConnect, you can

"In FlexConnect, you can specify the SSID to vlan mapping, but this is strictly for FlexConnect"


Are you stating that regardless of what I have under "VLAN Mappings", it will not change the behavior that AP AND clients get their IP from the native VLAN when using FlexConnect mode?  We presently have VLAN Mappings defined (see attached - page 5 of 9 in wlc-config.pdf)

VIP Mentor

After this change did you try

After this change did you try reload the AP & see wether staff users will get IP from vlan 198 ?




The colleague who implemented

The colleague who implemented the change claimed that the APs rebooted.


Without changing the design

Without changing the design of how your clients get DHCP or how the traffic flows on the network you will need to do the following:

  1. Log into the WLC
  2. Click on the Wireless tab
  3. Click on host name of an AP in the affected area
  4. Click on the FlexConnect tab
  5. Check the box for VLAN support (assuming it is not already checked)
  6. Enter 105 in the "Native VLAN ID" field
  7. Click Apply
  8. Go back to the FlexConnect tab
  9. Click on the VLAN Mappings button

10. Enter 198 for the Staff SSID and click Apply

Repeat the above steps for each AP in the affected area.

I hope this helps.


Hall of Fame Master

How you have it setup on the

How you have it setup on the AP, Vlan 105 is your ap Vlan and client associating to that SSID will be placed in Vlan 198. So on the trunk port, Vlan 105 is native and Vlan 198 is tagged.  Vlan 105 and 198 allowed on the trunk. 

*** Please rate helpful posts ***
CreatePlease to create content
Content for Community-Ad

Cisco COVID-19 Survey