problems with new wlan in controller

chinpohpang851 · ‎11-26-2018

we're using WLC 5500 (7.0.98.0) currently running 3 existing WLAN A, B, C are working fine. Now I created a new WLAN follow exactly the config in Interface and WLAN(with correct vlan id and new interface), I can also see the broadcast SSID but I cannot ping the WLC from CoreSW or via versa. Trunk port to CoreSW allowed for all VLANs, currently WLAN are working fine so I'm not sure what's missing.

Leo Laohoo · ‎11-27-2018

If you've created a new WLAN, did you also create a new Dynamic Interface?

chinpohpang851 · ‎11-27-2018

Yes. Created under Controller>Interfaces. I follow exactly the current WLAN setup. Maybe I need to open access for dhcp service(in other vlan) in my ACL? But my LAN is working.

chinpohpang851 · ‎11-27-2018

I found one of the problem which is my ACL is blocking from ping from controller to CoreSW, now I made some changes and I can ping the WLAN interface now. But I still not getting IP from DHCP server(192.168.50.1) using WLAN, LAN is ok.

This is the ACL i applied on vlan215, for LAN(working fine) and WLAN(not getting IP from dhcp).
Extended IP access list 140
9 permit ip any 192.168.215.0 0.0.0.255 (5 estimate matches)
10 deny ip any 192.168.0.0 0.0.255.255 (276 estimate matches)
20 permit ip any any (31216 matches)

chinpohpang851 · ‎11-27-2018

I solved the problem by adding one more line in ACL.
access-list 110 permit udp 192.168.215.0 0.0.0.255 host 192.168.50.1 eq bootps
But why we need to add this for WLAN not LAN?