02-25-2011 03:12 PM
Hi,
Here's what I'm trying to figure out:
My network is set up such that I have a Wireless Network in VLAN 1, which is the primary network that we use. The subnet is 10.5.1.x.
My goal is to set up a completely isolated Guest Wireless Network, however it would work best. What I am trying to do now is I created a seperate VLAN (VLAN 2, IP range 10.5.2.x) and turned on DHCP on the WRVS4400N. However, in the Guest Network, it is always picking up a 10.5.1.x IP which is handed out by the DHCP server (10.5.1.5, Win 2003) and still routing all of the traffic to/from our private network.
Here's What I have set:
Wireless>Security Settings>Guest Network (SSID 2)
Setup>LAN>VLAN 1
Setup>LAN>VLAN 2
Setup>Advanced Routing
Any way to solve this would be fine. I just do not want traffic routing through our internal network. Ideally, if I could get the Windows server to hand out 10.5.2.x addresses, that would be perfect, but I'm not sure how to configure it for such.
If anyone has any ideas, that'd be great- thanks!
Matt
Solved! Go to Solution.
03-07-2011 12:30 PM
Yes...here's an answer I got from Cisco's Engineering support:
The issue you reported is a know issue.
Engineering and development are aware of this issue, and have provided the following information:
PROBLEM DESCRIPTION:
If the WRVS4400N is configured with multiple VLANs, and these VLANs are mapped to different SSID, the user cannot use an external DHCP server to provide IP scopes for these VLANs.
Hosts connected to both SSID will obtain IP address from native DHCP server only.
The workaround for this is to use the embedded DHCP server for all VLANs defined on the WRVS4400N.
Note: This is not considered a bug but rather a product limitation. The developer has confirmed the WRVS4400N is functioning as designed.
Regarding a fix:
Due to wireless and trunk switch port using different chip set, it is not possible to provide a fix for this issue.
In future product, Engineering & Dev teams will strive to use the same chip set (same vendor).
This functionality has been targeted for next new Product. No fix will be made on the current hardware.
Note: If this feature/function is mission critical to your deployment, and you would like to recover the cost of the WRVS4400N, please forward the serial number and a copy of the proof of purchase, and we will gladly provide a refund.
Best regards,
Alex Delano
03-02-2011 05:50 AM
Mr. Terwilliger,
Go to the wireless vlan and qos tab under the wireless tab.
There enable wireless vlans, and set the second ssid up in vlan 2.
Then enable dhcp for vlan 2 on the lan for the 10.5.2.0 network.
Then go to the setup/advanced routing tab and make sure inter-vlan routing is disabled.
This will make sure both vlans will not be able to communicate with each other.
Then select the wireless isolation within ssid and you should be set.
Let me know if you run into any further issues with this.
03-02-2011 07:20 PM
These are exactly the settings I have configured, that is why I am confused as to why it is not working.
The server is located on port one (behind an unmanaged switch, if that makes a difference) WRVS<-->Unmanaged<-->Server
I just recently switched over the settings on this port to try and see if that worked any different, but it didn't.
I took a bunch of screenshots, and attached some. More to follow in next message.
03-02-2011 07:23 PM
03-03-2011 06:08 AM
Mr. Terwilliger,
Backup your configurations and reflash the firmware on your wrvs4400n. Then factory reset the device and reload your configs back to it.
Based on your screenshots you have it setup right to draw for the second vlan for that ssid.
03-03-2011 06:46 AM
Already done that twice, still no dice.
Sent from Cisco Technical Support iPhone App
03-04-2011 01:59 PM
Matt,
I think I'm having same issue on my device. Basically DHCP is bleeding over from VLAN1 to VLAN2 somehow.
Let me ask you a question, on LAN 1, what is your "IP Reserved for Internal Usage" set to?
VLAN1 I have 192.168.16.0/24 network, DHCP Disabled (handled by SBS 2003), and my "Ip for internal usage..." is set to 192.168.16.254 (default 192.168.16.2 is in use by SBS server)
03-04-2011 05:31 PM
My ip for internal usage is set to 10.5.1.3, in the primary network vlan. Also note that traffic routes through into the private network, is this the case for you too?
Sent from Cisco Technical Support iPhone App
03-07-2011 12:30 PM
Yes...here's an answer I got from Cisco's Engineering support:
The issue you reported is a know issue.
Engineering and development are aware of this issue, and have provided the following information:
PROBLEM DESCRIPTION:
If the WRVS4400N is configured with multiple VLANs, and these VLANs are mapped to different SSID, the user cannot use an external DHCP server to provide IP scopes for these VLANs.
Hosts connected to both SSID will obtain IP address from native DHCP server only.
The workaround for this is to use the embedded DHCP server for all VLANs defined on the WRVS4400N.
Note: This is not considered a bug but rather a product limitation. The developer has confirmed the WRVS4400N is functioning as designed.
Regarding a fix:
Due to wireless and trunk switch port using different chip set, it is not possible to provide a fix for this issue.
In future product, Engineering & Dev teams will strive to use the same chip set (same vendor).
This functionality has been targeted for next new Product. No fix will be made on the current hardware.
Note: If this feature/function is mission critical to your deployment, and you would like to recover the cost of the WRVS4400N, please forward the serial number and a copy of the proof of purchase, and we will gladly provide a refund.
Best regards,
Alex Delano
03-07-2011 12:38 PM
kind of a bummer but it is what it is...
03-07-2011 12:40 PM
Yea, thats disappointing- anyway, thanks for looking into it!
Sent from Cisco Technical Support iPhone App
03-07-2011 04:47 PM
So, I just got that same message forwarded to me by one of the support reps I was talking to, and they told me that they were going to have an engineer look into the issue further to find a work around, and worse case, they'll offer a refund.
I'll let you know what I hear, when I was talking to him, he had like 3 other engineers giving him ideas about people who are having the same issue...
03-08-2011 07:08 AM
Personally, for me, I'm just going to disable DHCP on my SBS 2003 server and enable DHCP on VLAN1 on the router.
There's only 5 or 6 computers in this environment. I don't think this will be a problem for my situation.
06-20-2012 08:33 AM
Paul,
Consider the affect to your DNS environment. I thought the same and found that rappid connect and disconnects from WLANs do not register PTRs in the Windows DNS and users had problems with file sharing. While this may be an issue with my DNS server configuration, I suspect not due to DHCP and DNS working together inside AD (my zones are AD). I am also running WinSVR 2003/2008 AD environment (not SBS).
I am having a very difficult time with this issue, as are you all. I want my private VLAN to use a Windows DHCP for both WLAN and LAN clients. Currently the LAN clients are seeing the windows DHCP, but the WLAN clients are picking up another VLAN DHCP server (bleeding over). I even setup static mappings to MACs in the LAN and no change. I have tried turning off DHCP in the private LAN (rtr) but requests are not forwarded.
I will read on in hopes someone has figured this out.
Rich
03-23-2011 06:35 AM
I have exact the same problem. But I was thinking: is it possible to solve this by switching the sequence of VLAN's?
At this moment, i have my private network at the default VLAN1 (wired and mapped ssid), and my guest network at VLAN2 (only mapped ssid). In this case, the unwanted relay from VLAN 1 to VLAN 2 occurs. But what would happen if I switch the VLANS, so that the guest network would be on the default VLAN? If I then disable the built-in DHCP on the private VLAN2, would the relaying still occur?
And what would happen when I disable the internal DHCP server on all the VLANS, and set up 2 external DHCP servers, one for each VLAN? Would there then be a mixing between the two networks? Or would this be a workaround?
In other words, what is the reason that the relay occurs? Has it something to do with the special (default) status of VLAN1? Or is it simply impossible to block DCHP broadcast between the networks? Or ...
Many thanks for any input!
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide