DCHP requests blocked inside VLAN

Damir Reic · ‎07-08-2012

Hi,

i have several cisco 3500XL switches with trunking. I created a VLAN lets say 20 which purpose is for wireless clients. I installed wireless controller with 4 APs and controllers sees all 4 APs. Controller is also DCHP server. When wireless client authenticates it's DCHP requests in not getting to DHCP server (controller). If i connect all equipment in non managed switch everything works. What could be the problem? Thanks!

Reza Sharifi · ‎07-08-2012

Can you post the switch config

Are the APs connected to the switch via trunks?

Damir Reic · ‎07-08-2012

AP's are connected over trunk ports, i am not currently at the locaiton wher switches are but what i did is this:

conf t

interface gigabitethernet 0/12

switchport access vlan 20

spanning-tree portfast

no shut

exit

write memory

Ports are configured like that and vlan is allowed over trunk also. Aside from that i didn't make any other changes. Thx!

cadet alain · ‎07-09-2012

Is the DHCP server in another VLAN ? if so then you'll have to use ip helper-address x.x.x.x under the SVI where x.x.x.x is the ip address of dhcp server.Also make sure dhcp service is enabled for the relay: service dhcp command

Regards.

Alain.

Don't forget to rate helpful posts.

Damir Reic · ‎07-09-2012

DHCP server is inside same VLAN that is what is confusing me why this isn't working.

cadet alain · ‎07-09-2012

Could you post the config from switch where AP is not getting IP as well as a diagram of your network.

Regards.

Alain.

Don't forget to rate helpful posts.

Damir Reic · ‎07-09-2012

AP gets the IP from the wireless controller, but wireless client that authenticates on AP isn't getting IP. Hmm maybe problem lies inside wireless controller since it has ability to have multiple virutal SIDS on it. Could be that they also have their own VLAN that i have to pass over switch imo.

Ganesh Hariharan · ‎07-09-2012

Damir Reic wrote:

AP's are connected over trunk ports, i am not currently at the locaiton wher switches are but what i did is this:

conf t

interface gigabitethernet 0/12

switchport access vlan 20

spanning-tree portfast

no shut

exit

write memory

Ports are configured like that and vlan is allowed over trunk also. Aside from that i didn't make any other changes. Thx!

Hello ,

Is WLC interface is configued with trunk allwoing the AP vla, if not then ishoudl be allowed ...check for WLC interfaces for trunk conguration.

Hope to Help !!

---Ganesh

Damir Reic · ‎07-09-2012

Unfortunatley it's Sonicwall WLC and sonicwall APs , will have to check the configuration on it.

EDIT:

In case someone faces same problem.

http://www.fuzeqna.com/sonicwallkb/consumer/kbdetail.asp?kbid=5133

Damir Reic · ‎07-09-2012

SCC_Sanctuary#sh run

Building configuration...

Current configuration:

!

version 12.0

no service pad

service timestamps debug uptime

service timestamps log uptime

service password-encryption

!

hostname SCC_Sanctuary

!

enable password 7 112A1016141D

!

username global privilege 15 password 7 045C5A560D201D0D2A2D54

username stockdale privilege 15 password 7 113A0D0A14195A5F51

!

ip subnet-zero

!

interface FastEthernet0/1

switchport access vlan 20

spanning-tree portfast

!

interface FastEthernet0/2

!

interface FastEthernet0/3

!

interface FastEthernet0/4

!

interface FastEthernet0/5

!

interface FastEthernet0/6

!

interface FastEthernet0/7

!

interface FastEthernet0/8

!

interface FastEthernet0/9

!

interface FastEthernet0/10

!

interface FastEthernet0/11

switchport trunk encapsulation dot1q

switchport mode trunk

switchport voice vlan 10

!

interface FastEthernet0/12

switchport trunk encapsulation dot1q

switchport mode trunk

switchport voice vlan 10

!

interface FastEthernet0/13

!

interface FastEthernet0/14

!

interface FastEthernet0/15

!

interface FastEthernet0/16

!

interface FastEthernet0/17

!

interface FastEthernet0/18

!

interface FastEthernet0/19

!

interface FastEthernet0/20

!

interface FastEthernet0/21

!

interface FastEthernet0/22

!

interface FastEthernet0/23

!

interface FastEthernet0/24

!

interface GigabitEthernet0/1

switchport trunk encapsulation dot1q

switchport mode trunk

!

interface GigabitEthernet0/2

!

interface VLAN1

ip address 10.0.0.246 255.255.255.0

no ip directed-broadcast

no ip route-cache

!

ip default-gateway 10.0.0.254

snmp-server engineID local 0000000902000007EB81D240

snmp-server community private RW

snmp-server community public RO

!

line con 0

transport input none

stopbits 1

line vty 0 4

login local

line vty 5 15

login local

!

end

SCC_Core# sh run

Building configuration...

Current configuration : 1856 bytes

!

version 12.1

no service pad

service timestamps debug uptime

service timestamps log uptime

service password-encryption

!

hostname SCC_Core

!

enable password 7 0802455D0A16

!

username global privilege 15 password 7 06015E714E4F585A262343

username stockdale privilege 15 password 7 097F5A061A0E46415E

ip subnet-zero

ip routing

!

spanning-tree mode pvst

spanning-tree extend system-id

!

interface GigabitEthernet0/1

switchport trunk encapsulation dot1q

switchport mode trunk

no ip address

!

interface GigabitEthernet0/2

switchport trunk encapsulation dot1q

switchport mode trunk

no ip address

!

interface GigabitEthernet0/3

switchport mode dynamic desirable

no ip address

!

interface GigabitEthernet0/4

switchport trunk encapsulation dot1q

switchport mode trunk

no ip address

!

interface GigabitEthernet0/5

switchport trunk encapsulation dot1q

switchport mode trunk

no ip address

!

interface GigabitEthernet0/6

switchport trunk encapsulation dot1q

switchport mode trunk

no ip address

!

interface GigabitEthernet0/7

switchport trunk encapsulation dot1q

switchport mode trunk

no ip address

!

interface GigabitEthernet0/8

switchport mode dynamic desirable

no ip address

!

interface GigabitEthernet0/9

switchport mode dynamic desirable

no ip address

!

interface GigabitEthernet0/10

switchport mode dynamic desirable

no ip address

!

interface GigabitEthernet0/11

switchport mode dynamic desirable

no ip address

!

interface GigabitEthernet0/12

switchport access vlan 20

switchport mode access

no ip address

!

interface Vlan1

ip address 10.0.0.253 255.255.255.0

!

interface Vlan10

no ip address

ip helper-address 10.0.0.11

!

ip default-gateway 10.0.0.254

ip classless

ip route 0.0.0.0 0.0.0.0 10.0.0.254

ip http server

!

snmp-server community scc RO

!

line con 0

line vty 0 4

login local

line vty 5 15

login local

!

end

WLC is connected to Core, AP is on other switch. VLAN 20 is wireless VLAN.

EDIT: i tried plugging laptop on the port where AP is and it didn't get the IP even though DHCP server is running inside VLAN 20. Now i am confused...

Damir Reic · ‎07-09-2012

This is solution:

http://www.fuzeqna.com/sonicwallkb/consumer/kbdetail.asp?kbid=5133

Looks like sonicwall uses several VLANs..