cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
17604
Views
0
Helpful
7
Replies

Wireless client cannot connect to wlan

maucapina
Level 1
Level 1

Hi Guys

I'm configuring an WLC 5508 with 3702 APs, but I am not able to connect wireless client to wlan, it seems like DHCP is not working, because the client is not able to get an IP address (I've configured the DHCP server on Cisco Router). I've configured the Dynamic Interface (120) for Guest Users in WLC as follow:

SSID: Guest-Users

Interface Name: Guest-Users

VLAN Identifier: 120

IP Address: 10.1.10.254

Netmask: 255.255.255.0

Gateway: 10.1.10.1

The wlan (Guest-Users) is mapped to VLAN 120 and has no any security policies

This is the Router Configuration for Lab purpose

!

ip dhcp pool Test-Guest-Users

import all

network 10.1.10.0 255.255.255.0

default-router 10.1.10.1

dns-server 10.1.10.1

!

!        

interface GigabitEthernet0/1.100

encapsulation dot1Q 100 native

ip address 10.1.7.1 255.255.255.0

!

interface GigabitEthernet0/1.120

description ### Test Guest Users ###

encapsulation dot1Q 120

ip address 10.1.10.1 255.255.255.0

!

This is the swtich configuration

!

interface GigabitEthernet1/0/46

description ### Link to AP ###

switchport access vlan 100

switchport mode access

!

!

interface GigabitEthernet1/0/47

description ### Link to WLC ###

switchport trunk native vlan 100

switchport trunk allowed vlan 100,110,111,120,130,131,140

switchport mode trunk

!

!

interface GigabitEthernet1/0/48

description ### Link to Router ###

switchport trunk native vlan 100

switchport trunk allowed vlan 100,110,111,120,130,131,140

switchport mode trunk

!

Hope any suggestions

Thanks

Marcelo

1 Accepted Solution

Accepted Solutions

Well if you can use a static and it works, then if you use the WLC as the internal DHCP, then you must have something configured wrong. First when using an internal DHCP, you need to make sure you have DHCP proxy enabled. Second, in the dynamic interface you created, you need to define the primary DHCP server as the WLC management IP.

Give that a try.

Sent from Cisco Technical Support iPhone App

-Scott
*** Please rate helpful posts ***

View solution in original post

7 Replies 7

Scott Fella
Hall of Fame
Hall of Fame

If you connect a wired machine on the switch assigned to access Vlan 120, does the device get an address? Let's make sure that works first. Connect the laptop to the same switch the WLC is connected to.

Sent from Cisco Technical Support iPhone App

-Scott
*** Please rate helpful posts ***

Hi Scott

I have not done exactly that test, but I tested by assign a static IP address to the laptop and I am able to connect to the wireless network. I also tried by configuring DHCP server locally on WLC, but does not work as well.

What other thing could be the root cause for you?

Thanks,

Marcelo

Well if you can use a static and it works, then if you use the WLC as the internal DHCP, then you must have something configured wrong. First when using an internal DHCP, you need to make sure you have DHCP proxy enabled. Second, in the dynamic interface you created, you need to define the primary DHCP server as the WLC management IP.

Give that a try.

Sent from Cisco Technical Support iPhone App

-Scott
*** Please rate helpful posts ***

Thanks Scott

DHCP proxy was enabled, but I made an error while I defined the primary DHCP server as the WLC management IP. Also I've configured an external DHCP and does work fine now.

Marcelo

Glad you got it working!

Sent from Cisco Technical Support iPhone App

-Scott
*** Please rate helpful posts ***

Are you sure you don't have any DHCP starvation?

Your configuration does not have any DHCP IP exclude statements.  Next, your DHCP pool does not have a lease time. 

Hi Leo,

What are the solution when facing a DHCP starvation attack over several Access Points?

I thought of ip dhcp snooping limit but I believe this end up by limiting legitimate requests too.

Simply enabling DHCP Snooping on the affected Vlan should decline additional requests coming with different chaddr values from the same source MAC address of the attacker?

Thanks in advance!

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: