I have an assignment as a part of Cisco certified training with my University. I have setup a WLC /w DHCP information to hand out and my wireless PC gains the DHCP information, however, it is not able to communicate with the rest of the network including its own subnet.
I have attached my packet tracer file. Note I am using both an External and internal WLC DHCP server as the WLC was not working with the external DHCP server. (Please help me fix this, as this would be the best way to implement a WLC).
Things I've tried: (I have spent nearly five hours on this)
Changing my ports to trunk ports,
have a external +/ internal dhcp server.
viewing the WLC config like a billions times :'(
I'm not sure how to link the configs to the WLC as its in a GUI thru packet tracer....
UPDATE: Upon the previous reply, I made all links trunk links as I found that was the Packet Tracer configuration after trying the
I sent a simulation packet and my packet gets to the DHCP server, but it seems the DHCP server does not forward it back to the wireless client...
Packet Tracer Download (7.3 PK file) : https://drive.google.com/file/d/1tMcpdVwJWk2ahv_1ThGu_B-w5u7VEEpo/view?usp=sharing
DHCP Proxy is enabled. // wouldn't let me disable it (I believe it should be disabled for DHCP bridging, correct me if wrong)
>> Want to Use External DHCP Server.
>> When using a Internal DHCP pool and linking that with the Interface (the own WLC IP), the Wireless device gets the desired DHCP information but cannot connect with the rest of the network (including pinging its default gateway)....
>> Devices on VLAN 99 can get the DHCP information (wired) when connected, so the DHCP server is working
>> DHCP server allocates Management IP addresses (for WAP) so it works.
Below are my sniffing trails:
As you can see by the packets, the DHCPOffer comes to the WAP, and the Client Hardware Address assigned is to the laptop, however, no information is actually given from the WLC to the WAP. Which is weird, as it should be piggy backing from the DHCP Server. DHCP Proxy is enabled as the previous Packet Tracer CCNA Wireless troubleshooting PK file had DHCP Proxy enabled and it worked just fine...
the DHCPOffer packet comes through and is addressed to the correct Client Hardware Address. DHCP Proxy cannot be disabled on the WLC (cause of packet tracer i assumed). When an internal DHCP Scope is created on the WLC, the CAPWAP tunnel sends the DHCPOffer as a Unicast with the designated DHCP information BUT the PC cannot communicate with the Network. Other the other hand, IF it is using an external DHCP server, the DHCPOffer contains NO DHCP information
I am truly stumbled. This is my 8th hour trying to figure this out.
I am in major need of assistance :) (least I'm learning to sniff packets ;3 wuhahahahahah)
When you created your WLAN, you had to attach it to some WLC interface. How did you configure this interface? Did you put a vlan number in it? If so, i think, you have to put your switch interfaces in trunk mode, with something like this:
switchport trunk allowed vlan 55
switchport mode trunk
switchport trunk allowed vlan 20,55,77,88,99
switchport mode trunk
How do you connect to your wlc? Over the network?
Sorry, but I'm unable to open your file. Could you send it as pcap file?
After doing a bit of research,
I cant enable a CAPWAP tunnel on the WLC in Packet Tracer.
Nor access the WLC CLI.
The link is currently an access link because when trunking, it looks connectivity between Switch and WLC
I edited the post to show you how far I got, I viewed a CCNA Wireless course to see how they setup the WLC. I set both ends to trunks with the native VLAN of the management IP. The connections remain with connectivity for my Wireless management devices, however, my wireless PC cannot get the DHCP information even though the WLC forwards the DHCP packet to the DHCP server.
Note, I swapped out the internal DHCP server inside the WLC to be external to point to the DHCP server as I had originally intended. It is forwarding but it seems the Wireless PC is not accepting the packet... for some odd reason.....
Well, you need to use just one DHCP server, I strongly suggest external. Now, two basic questions, since your dynamic interface and management interface can you reach the DCHP server? The trunk port configurations only must be applied on the port´s switch that connects to the WLC. The AP port configuration must be as access to management vlan and be sure to configures spanning tree portfast command.
Just another comment, I saw your security profile is 802.1x, when you use 802.1X the client will get a valid IP only if he passes the complete authentication process, are they doing it?
Try with other WLAN and PSK with WPA or WPA2, maybe it is a security issue and that can be the reason why is not working. If you need it I have a kind of guide for deployments, it is in Spanish but you can check only the configurations.
Sorry for my bad English.
I assume your first question was a statement,
I configured the WLC to use the external DHCP server (126.96.36.199)
and changed the AP - Switch link to be an Access port to the management VLAN.
As per your question, with Packet Tracer, the wireless device will only connect to the AP if the authentication process works. I tried with a PSK and had the same result.
I did a bit of research about DHCP Proxy, people suggest turning it off when using an external DHCP server, as some people have issues with it. However, Packet Tracer
1. Won't let me disable it.
2. Another packet tracer file that worked (in their course) did work... with it enabled...
Can you please send your configuration guide. However, is it catered for Packet Tracer?
This is mi Switch CORE configuration:
ip dhcp pool MGMT-WLAN network 192.168.99.0 255.255.255.0 default-router 192.168.99.254 ! ip dhcp pool WLAN-EMPLOYEES network 192.168.30.0 255.255.255.0 default-router 192.168.30.254 ! interfaz Vlan99 description MGMT-WLAN ip address 192.168.99.254 255.255.255.0 ! interfaz Vlan30 description WLAN-EMPLOYEES ip address 192.168.30 254 255.255.255.0 ! vlan 10 ! vlan 30 ! interface GigabitEthernet1/0/2 description CONECTION TO WLC switchport trunk encapsulation dot1q switchport trunk allowed vlan 99,30 switchport mode trunk ! interface GigabitEthernet1/0/3 description CONECTION TO AP switchport mode access switchport access vlan 99 spanning-tree portfast speed 100 duplex full no shutdown !
Then my WLC on its management interface has this configuration:
ip adress 192.168.99.253
DHC SERVER 192.168.99.254
After that I created a dynamic interface with this configuration:
ip adress 192.168.30.253
DHC SERVER 192.168.30.254
When I created my ssid in choose the dynamic interface 30 and my clients can get an IP address from that VLAN.
Thanks for your config, can you try editing my packet tracer file that I attached in the post?
Only thing that i believe could stop it is the DHCP Proxy...
Other then that, Im still a bit confused
Do you have an idea why on your DHCP pools screenshot, wlc address is set to 0.0.0.0 for this network?
Did you try to ping your DHCP server from the wlc?
Could you remind me on which switch interface is connected your wlc (Gi0/1 or Gi0/2)?
Did you check your external DHCP server logs?
I can ping from the DHCP server to the WLC and vice versa.
I was messing around with the DHCP information to see if it made a difference, the DHCP pool currently has the WLC address configured (still no luck with connectivity)
I can also ping to the Wireless Point successfully...
The Wireless PC is solely having issues, and i dunno why.
The Switch to WLC is G0/2
I cant view DHCP logs from Packet Tracer for some reason (please show me how if there is)
I cant ping the logical interface of 188.8.131.52 cause my Packet Tracer crashes.... I was trying that before.
Really weird tbh,
The DHCP server can be reachable from 'ip helper-address ' set o the default gateway. So the traffic is reachable.
Ive been trying a packet sniffer, they are images of the actual packets in the post. But i am unsure on how to fix them from the pictures
My hosts don't need to be on the same subnet as the dhcp client due to the IP helper command placed on the interface. I can ping from the WLC to the dhcp