cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
5101
Views
5
Helpful
17
Replies

WRVS4400Nv2 DHCP Relay on 2nd VLAN

Hi,

Here's what I'm trying to figure out:

My network is set up such that I have a Wireless Network in VLAN 1, which is the primary network that we use.  The subnet is 10.5.1.x.

My goal is to set up a completely isolated Guest Wireless Network, however it would work best.  What I am trying to do now is I created a seperate VLAN (VLAN 2, IP range 10.5.2.x) and turned on DHCP on the WRVS4400N.  However, in the Guest Network, it is always picking up a 10.5.1.x IP which is handed out by the DHCP server (10.5.1.5, Win 2003) and still routing all of the traffic to/from our private network.

Here's What I have set:

Wireless>Security Settings>Guest Network (SSID 2)

  • Wireless Isolation (between SSID w/o VLAN): Enabled
  • Wireless Isolation (within SSID): Enabled

Setup>LAN>VLAN 1

  • Router IP 10.5.1.1, WLAN IP 10.5.1.3
  • DHCP Relay for 10.5.1.5

Setup>LAN>VLAN 2

  • Router IP 10.5.2.1
  • DHCP Enabled for 10.5.2.x subnet
  • DHCP Relay option is grayed out (not sure why)

Setup>Advanced Routing

  • Inter-VLAN Routing: Disabled

Any way to solve this would be fine.  I just do not want traffic routing through our internal network.  Ideally, if I could get the Windows server to hand out 10.5.2.x addresses, that would be perfect, but I'm not sure how to configure it for such. 

If anyone has any ideas, that'd be great- thanks!

Matt

1 Accepted Solution

Accepted Solutions

Yes...here's an answer I got from Cisco's Engineering support:

The issue you reported is a know issue.
Engineering and development are aware of this issue, and have provided  the following information:

PROBLEM DESCRIPTION:
If the WRVS4400N is configured with multiple VLANs, and these VLANs are  mapped to different SSID, the user cannot use an external DHCP server to  provide IP scopes for these VLANs.
Hosts connected to both SSID will obtain IP address from native DHCP  server only.
The workaround for this is to use the embedded DHCP server for all VLANs  defined on the WRVS4400N.

Note: This is not considered a bug but rather a product limitation. The  developer has confirmed the WRVS4400N is functioning as designed.

Regarding a fix:
Due to wireless and trunk switch port using different chip set, it is  not possible to provide a fix for this issue.
In future product, Engineering & Dev teams will strive to use the  same chip set (same vendor). 
This functionality has been targeted for next new Product.  No fix will  be made on the current hardware. 

Note: If this feature/function is mission critical to your deployment,  and you would like to recover the cost of the WRVS4400N, please forward  the serial number and a copy of the proof of purchase, and we will  gladly provide a refund.

Best regards,

Alex Delano

View solution in original post

17 Replies 17

David Carr
Level 6
Level 6

Mr. Terwilliger,


Go to the wireless vlan and qos tab under the wireless tab.


There enable wireless vlans, and set the second ssid up in vlan 2.


Then enable dhcp for vlan 2 on the lan for the 10.5.2.0 network.


Then go to the setup/advanced routing tab and make sure inter-vlan routing is disabled. 


This will make sure both vlans will not be able to communicate with each other. 


Then select the wireless isolation within ssid and you should be set.


Let me know if you run into any further issues with this.

These are exactly the settings I have configured, that is why I am confused as to why it is not working.

The server is located on port one (behind an unmanaged switch, if that makes a difference) WRVS<-->Unmanaged<-->Server

I just recently switched over the settings on this port to try and see if that worked any different, but it didn't.

I took a bunch of screenshots, and attached some.  More to follow in next message.

More screenshots.

Mr. Terwilliger,


Backup your configurations and reflash the firmware on your wrvs4400n.  Then factory reset the device and reload your configs back to it.


Based on your screenshots you have it setup right to draw for the second vlan for that ssid. 

Already done that twice, still no dice.

Sent from Cisco Technical Support iPhone App

Matt,

I think I'm having same issue on my device. Basically DHCP is bleeding over from VLAN1 to VLAN2 somehow.

Let me ask you a question, on LAN 1, what is your "IP Reserved for Internal Usage" set to?

VLAN1 I have 192.168.16.0/24 network, DHCP Disabled (handled by SBS 2003), and my "Ip for internal usage..." is set to 192.168.16.254 (default 192.168.16.2 is in use by SBS server)

My ip for internal usage is set to 10.5.1.3, in the primary network vlan. Also note that traffic routes through into the private network, is this the case for you too?

Sent from Cisco Technical Support iPhone App

Yes...here's an answer I got from Cisco's Engineering support:

The issue you reported is a know issue.
Engineering and development are aware of this issue, and have provided  the following information:

PROBLEM DESCRIPTION:
If the WRVS4400N is configured with multiple VLANs, and these VLANs are  mapped to different SSID, the user cannot use an external DHCP server to  provide IP scopes for these VLANs.
Hosts connected to both SSID will obtain IP address from native DHCP  server only.
The workaround for this is to use the embedded DHCP server for all VLANs  defined on the WRVS4400N.

Note: This is not considered a bug but rather a product limitation. The  developer has confirmed the WRVS4400N is functioning as designed.

Regarding a fix:
Due to wireless and trunk switch port using different chip set, it is  not possible to provide a fix for this issue.
In future product, Engineering & Dev teams will strive to use the  same chip set (same vendor). 
This functionality has been targeted for next new Product.  No fix will  be made on the current hardware. 

Note: If this feature/function is mission critical to your deployment,  and you would like to recover the cost of the WRVS4400N, please forward  the serial number and a copy of the proof of purchase, and we will  gladly provide a refund.

Best regards,

Alex Delano

kind of a bummer but it is what it is...

Yea, thats disappointing- anyway, thanks for looking into it!

Sent from Cisco Technical Support iPhone App

So, I just got that same message forwarded to me by one of the support reps I was talking to, and they told me that they were going to have an engineer look into the issue further to find a work around, and worse case, they'll offer a refund. 

I'll let you know what I hear, when I was talking to him, he had like 3 other engineers giving him ideas about people who are having the same issue...

Personally, for me, I'm just going to disable DHCP on my SBS 2003 server and enable DHCP on VLAN1 on the router.

There's only 5 or 6 computers in this environment. I don't think this will be a problem for my situation.

Paul,

Consider the affect to your DNS environment.  I thought the same and found that rappid connect and disconnects from WLANs do not register PTRs in the Windows DNS and users had problems with file sharing.  While this may be an issue with my DNS server configuration, I suspect not due to DHCP and DNS working together inside AD (my zones are AD).  I am also running WinSVR 2003/2008 AD environment (not SBS).

I am having a very difficult time with this issue, as are you all.  I want my private VLAN to use a Windows DHCP for both WLAN and LAN clients.  Currently the LAN clients are seeing the windows DHCP, but the WLAN clients are picking up another VLAN DHCP server (bleeding over).  I even setup static mappings to MACs in the LAN and no change.  I have tried turning off DHCP in the private LAN (rtr) but requests are not forwarded.

I will read on in hopes someone has figured this out.

Rich

I have exact the same problem. But I was thinking: is it possible to solve this by switching the sequence of VLAN's?

At this moment, i have my private network at the default VLAN1 (wired and mapped ssid),  and my guest network at VLAN2 (only mapped ssid). In this case, the unwanted relay from VLAN 1 to VLAN 2 occurs. But what would happen if I switch the VLANS, so that the guest network would be on the default VLAN? If I then disable the built-in DHCP on the private VLAN2, would the relaying still occur?

And what would happen when I disable the internal DHCP server on all the VLANS, and set up 2 external DHCP servers, one for each VLAN? Would there then be a mixing between the two networks? Or would this be a workaround?

In other words, what is the reason that the relay occurs? Has it something to do with the special (default) status of VLAN1? Or is it simply impossible to block DCHP broadcast between the networks? Or ...

Many thanks for any input!