cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1450
Views
0
Helpful
4
Replies

No Client DHCP Using ASA 5505 and AIR-AP1041N-A-K9

waynemdwt1
Level 1
Level 1

I have setup hundreds of different routers, switches, and access points from multiple vendors over the years, but have virtually no Cisco experience so please forgive my ignorance.

I need to configure public and private wireless access using an ASA 5505 and an Aironet  AIR-AP1041N-A-K9. I need to be able to do this via ASDM and http if at all possible. I simply do not have the time to learn hundreds of lines of arcane CLI code.  

The Aironet connects to the ASA successfully, and receives an IP. I can then connect to the AP wirelessly, but do not receive an IP. I have setup a second SSID\VLAN on the AP, and can't connect to it at all.

Please point me in the right direction. Thanks!

4 Replies 4

waynemdwt1
Level 1
Level 1

Bump

siddhartham
Level 4
Level 4

ASA drops the unicast DHCP requests. So if the AP is acting as a Proxy for the client DHCP requests, it won't work. Can you post your config of the access point.

Siddhartha

Siddhartha

!

version 12.4

no service pad

service timestamps debug datetime msec

service timestamps log datetime msec

service password-encryption

!

hostname CB

!

logging rate-limit console 9

enable secret 5 $1$82pL$3KLewL/tBDJqMKMqKFm98/

!

no aaa new-model

!

!

dot11 syslog

!

dot11 ssid CBCustomer

   vlan 2

   authentication open

   guest-mode

!

dot11 ssid CBSecure

   vlan 1

   authentication open

!

!

!

username Cisco password 7 072C285F4D06

!

!

bridge irb

!

!

interface Dot11Radio0

no ip address

no ip route-cache

!

encryption vlan 1 key 1 size 128bit 7 DC09DE3C9349E57CDB2E2B52782F transmit-key

encryption vlan 1 mode wep mandatory

!

ssid CBCustomer

!

ssid CBSecure

!

antenna gain 0

station-role root

!

interface Dot11Radio0.1

encapsulation dot1Q 1 native

no ip route-cache

bridge-group 1

bridge-group 1 subscriber-loop-control

bridge-group 1 block-unknown-source

no bridge-group 1 source-learning

no bridge-group 1 unicast-flooding

bridge-group 1 spanning-disabled

!

interface Dot11Radio0.2

encapsulation dot1Q 2

no ip route-cache

bridge-group 2

bridge-group 2 subscriber-loop-control

bridge-group 2 block-unknown-source

no bridge-group 2 source-learning

no bridge-group 2 unicast-flooding

bridge-group 2 spanning-disabled

!

interface GigabitEthernet0

no ip address

no ip route-cache

duplex auto

speed auto

no keepalive

!

interface GigabitEthernet0.1

encapsulation dot1Q 1 native

no ip route-cache

bridge-group 1

no bridge-group 1 source-learning

bridge-group 1 spanning-disabled

!

interface GigabitEthernet0.2

encapsulation dot1Q 2

no ip route-cache

bridge-group 2

no bridge-group 2 source-learning

bridge-group 2 spanning-disabled

!

interface BVI1

ip address dhcp client-id GigabitEthernet0

no ip route-cache

!

ip http server

no ip http secure-server

ip http help-path

http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag

bridge 1 route ip

!

!

!

line con 0

line vty 0 4

login local

!

end

Please add the below command under interface BVI1 and see if that fixes your issue

ip helper-address X.X.X.X (address of your DHCP server)

interface BVI1

ip helper-address X.X.X.X (address of your DHCP server)

Siddhartha