Controller: AIR-WLC4402-25-K9 with SW version 220.127.116.11
I've inherited an environment and am trying to create a new WLAN that will allow the client PCs to use DHCP. I have one port on the 4402 configured that is trunking 3 VLANs:
1 - guest
2 - management
3 - new WLAN
Presently the WAPs are configued on the management VLAN. All of the wireless clients use DHCP to get IP addresses that are also on the management VLAN.
I'm trunking a new VLAN to the 4402 and have configured a DHCP scope on a server on a different VLAN to hand out those addresses. I've configured an IP helper on the router that points to the new DHCP server. The 4402 is in DHCP proxy mode already as that's how the clients on the guest WLAN get their addresses.
When I turn on DHCP debugging on the controller, I see the client requests and the message that the controller will forward them. I never see a response. The same DHCP server is serving up another scope successfully.
One strange thing I've noticed is that from the controller, DHCP requests that are forwarded use the gateway of the management VLAN as their next hop, rather than using the gateway configured for the new VLAN. From the controller, I also can't ping the gateway of the new VLAN, even though the interface is configured properly, has a gateway, and can be pinged from other systems on other VLANs.
On the new interface that you created, did you specify the primary dhcp server there? What will be doing your dhcp now? If you have a wlan that requires dhcp from the wlc, then you need dhcp proxy enabled, other wise you can disable that. Also, make sure that the trunk port the wlc s connected to is passing that new vlan.
To explain more:) DHCP Proxy makes the wlc proxy so that is why you see it coming from the management interface. If you disable dhcp proxy, then that is when you will need your ip helper and it works just like how wired clients would request dhcp. Make sure the vlan is defined on your switches and the dhcp is active and also passing in the trunk ports.
Here's a sample of the debug output, which never gets a response:
-- packet received on direct-connect port requires forwarding to external DHCP server. Next-hop is 10.1.1.1
Mon Mar 26 19:11:45 2012: 00:11:22:33:44:55 dhcp option len, including the magic cookie = 64
Mon Mar 26 19:11:45 2012: 00:11:22:33:44:55 dhcp option: received DHCP DISCOVER msg
Mon Mar 26 19:11:45 2012: 00:11:22:33:44:55 dhcp option: skipping option 61, len 7
Mon Mar 26 19:11:45 2012: 00:11:22:33:44:55 dhcp option: skipping option 12, len 11
Mon Mar 26 19:11:45 2012: 00:11:22:33:44:55 dhcp option: vendor class id = MSFT 5.0 (len 8)
Mon Mar 26 19:11:45 2012: 00:11:22:33:44:55 dhcp option: skipping option 55, len 12
Mon Mar 26 19:11:45 2012: 00:11:22:33:44:55 dhcpParseOptions: options end, len 64, actual 64
Mon Mar 26 19:11:45 2012: 00:11:22:33:44:55 Forwarding DHCP packet (332 octets) from 00:11:22:33:44:55
The gateway of the new WLAN is 10.1.1.1/24
The client MAC is 00:11:22:33:44:55
The IP address of the new WLAN interface is 10.1.1.4/24
I can't ping 10.1.1.1 from 10.1.1.4. I can ping 10.1.1.4 from everything else, including hosts on other subnets. There are no ACLs in the way.
Well form the WLC, you need to be able to ping that gateway especially if your created an interface on the wlc.