I have a 3750 that has a few different DHCP pools setup on it, 1 of the pools is for a guest wireless vlan that seems to be giving us issues. Wifi is running on Meraki APs, the APs are configured as trunk with all vlans allowed. Our internal wifi is bridged to vlan 1, those clients get DHCP leases with no issues but clients on Guest Wifi often can't connect and get "unable to obtain IP address" message on their phones. We use the same config at approximately 20 other sites with no issues.
Meraki has went though the config on their side and verified no issues, our networks are all cloned as well so I didn't assume any config issue in the Meraki cloud was the problem. The switches show DHCP bindings to the guest wifi vlan but we still continue to have widespread issues out of this particular DHCP pool.
You have routing enabled on at least 3 devices of which two of these are the switches, not sure what the 3rd device will be but its seems to reside in vlan 100?
The Dhcp server on switch 1 for vlan 1, 993,999 ( but dual dhcp pools for vlan 999)
Lastly , These switches has VRRP for vlan 1 with a vip of 192.168.7.254 however you then have dhcp relay for 10.10.10.254 applied one of these switches for this vlan 1 (sw2 ) and this ip address looks like it isn’t even local to ether switch , so where does this ip address reside?
Suggest at least remove the dual dhcp scope for vlan 999 and also the dhcp relay from vlan 1
On a side note pertaining to the meraki wifi
II assume the guest vlan being tagged correctly?
Do you have 802.11r or 802.11w enabled?
What WPA encryption/association are you using?
What does the connection log and wifi health report for the guest ssid show?
Thank you Paul.
I've Disabled IP routing on all switches except the main switch (as it's needed there), removed VRRP, everything related to 10.10.10, removed the IP helper for VLAN and removed the second vlan 999 DHCP pool.
Meraki Portal is tagging Guest SSID with VLAN 999, 802.11r and w are both disabled, encryption is WPA2 only. The meraki logs don't show anything other than DHCP failures.