cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
4805
Views
5
Helpful
14
Replies

WLC /w External DHCP > Client Won't Receive DHCP Information

10267800147590
Level 1
Level 1

Hi,

 

I have an assignment as a part of Cisco certified training with my University. I have setup a WLC /w DHCP information to hand out and my wireless PC gains the DHCP information, however, it is not able to communicate with the rest of the network including its own subnet.

I have attached my packet tracer file. Note I am using both an External and internal WLC DHCP server as the WLC was not working with the external DHCP server. (Please help me fix this, as this would be the best way to implement a WLC).

 

Things I've tried: (I have spent nearly five hours on this)
Changing my ports to trunk ports,

have a external +/ internal dhcp server.

viewing the WLC config like a billions times :'(

 

 

I'm not sure how to link the configs to the WLC as its in a GUI thru packet tracer....

 

 

Kind regards,

 

 

 

102678001 

 

 

 

 

==========================================================================================

UPDATE: Upon the previous reply, I made all links trunk links as I found that was the Packet Tracer configuration after trying the 

13.4.5 TroubleShooting LAN Issues | CCNA Bridging Course

I sent a simulation packet and my packet gets to the DHCP server, but it seems the DHCP server does not forward it back to the wireless client...

 

Switch Config:

Access Switch.PNGSwitch Acc 2.PNG

 

 

DHCP Config:

DHCP.PNG

 

Router Config:

Capture7.PNG

 

WLC Config:

Capture5.PNGCapture6.PNG

 

 

Network Setup:

Capture1.PNG

 

 

Packet Tracer Download (7.3 PK file) : https://drive.google.com/file/d/1tMcpdVwJWk2ahv_1ThGu_B-w5u7VEEpo/view?usp=sharing

 

NOTES:

 

DHCP Proxy is enabled. // wouldn't let me disable it (I believe it should be disabled for DHCP bridging, correct me if wrong)

>> Want to Use External DHCP Server. 

>> When using a Internal DHCP pool and linking that with the Interface (the own WLC IP), the Wireless device gets the desired DHCP information but cannot connect with the rest of the network (including pinging its default gateway)....

 

>> Devices on VLAN 99 can get the DHCP information (wired) when connected, so the DHCP server is working

>> DHCP server allocates Management IP addresses (for WAP) so it works.

 

 

Below are my sniffing trails:

sniff sniff 1.PNGsniff sniff 2.PNGsniff sniff 3.PNG

 

As you can see by the packets, the DHCPOffer comes to the WAP, and the Client Hardware Address assigned is to the laptop, however, no information is actually given from the WLC to the WAP. Which is weird, as it should be piggy backing from the DHCP Server. DHCP Proxy is enabled as the previous Packet Tracer CCNA Wireless troubleshooting PK file had DHCP Proxy enabled and it worked just fine...

the DHCPOffer packet comes through and is addressed to the correct Client Hardware Address. DHCP Proxy cannot be disabled on the WLC (cause of packet tracer i assumed). When an internal DHCP Scope is created on the WLC, the CAPWAP tunnel sends the DHCPOffer as a Unicast with the designated DHCP information BUT the PC cannot communicate with the Network. Other the other hand, IF it is using an external DHCP server, the DHCPOffer contains NO DHCP information

 

 

I am truly stumbled. This is my 8th hour trying to figure this out.

I am in major need of assistance (least I'm learning to sniff packets ;3 wuhahahahahah)

14 Replies 14

Hi,

When you created your WLAN, you had to attach it to some WLC interface. How did you configure this interface? Did you put a vlan number in it? If so, i think, you have to put your switch interfaces in trunk mode, with something like this:

 

to WLC:

switchport trunk allowed vlan 55
switchport mode trunk

 

to router:

switchport trunk allowed vlan 20,55,77,88,99
switchport mode trunk

 

How do you connect to your wlc? Over the network?

 

Sorry, but I'm unable to open your file. Could you send it as pcap file?

After doing a bit of research,

I cant enable a CAPWAP tunnel on the WLC in Packet Tracer.

Nor access the WLC CLI.

 

The link is currently an access link because when trunking, it looks connectivity between Switch and WLC

=========================================================================================

UPDATE:

 

I edited the post to show you how far I got, I viewed a CCNA Wireless course to see how they setup the WLC. I set both ends to trunks with the native VLAN of the management IP. The connections remain with connectivity for my Wireless management devices, however, my wireless PC cannot get the DHCP information even though the WLC forwards the DHCP packet to the DHCP server.

 

Note, I swapped out the internal DHCP server inside the WLC to be external to point to the DHCP server as I had originally intended. It is forwarding but it seems the Wireless PC is not accepting the packet... for some odd reason.....

Hi @10267800147590 

Well, you need to use just one DHCP server, I strongly suggest external. Now, two basic questions, since your dynamic interface and management interface can you reach the DCHP server? The trunk port configurations only must be applied on the port´s switch that connects to the WLC. The AP port configuration must be as access to management vlan and be sure to configures spanning tree portfast command.

 

Just another comment, I saw your security profile is 802.1x, when you use 802.1X the client will get a valid IP only if he passes the complete authentication process, are they doing it?

Try with other WLAN and PSK with WPA or WPA2, maybe it is a security issue and that can be the reason why is not working. If you need it I have a kind of guide for deployments, it is in Spanish but you can check only the configurations.

 

Sorry for my bad English.

Espero que la información haya sido útil y si no tienes más preguntas recuerda cerrar el topic, seleccionando la respuesta como "Respuesta correcta"
**Please rate the answer if this information was useful***
**Por favor si la información fue util marca esta respuesta como correcta**

I assume your first question was a statement,

I configured the WLC to use the external DHCP server (67.64.7.164)

and changed the AP - Switch link to be an Access port to the management VLAN.

 

As per your question, with Packet Tracer, the wireless device will only connect to the AP if the authentication process works.  I tried with a PSK and had the same result.

 

I did a bit of research about DHCP Proxy, people suggest turning it off when using an external DHCP server, as some people have issues with it. However, Packet Tracer 

 

1. Won't let me disable it.

2. Another packet tracer file that worked (in their course) did work... with it enabled...

 

Can you please send your configuration guide. However, is it catered for Packet Tracer? 

 

 

This is mi Switch CORE configuration:

ip dhcp pool MGMT-WLAN
network 192.168.99.0 255.255.255.0 
default-router 192.168.99.254
!
ip dhcp pool WLAN-EMPLOYEES
network 192.168.30.0 255.255.255.0 
default-router 192.168.30.254
!
interfaz Vlan99
description MGMT-WLAN
ip address 192.168.99.254 255.255.255.0
!
interfaz Vlan30
description WLAN-EMPLOYEES
ip address 192.168.30 254 255.255.255.0
!
vlan 10
!
vlan 30
!
interface GigabitEthernet1/0/2 
description CONECTION TO WLC
switchport trunk encapsulation dot1q 
switchport trunk allowed vlan 99,30 
switchport mode trunk
!
interface GigabitEthernet1/0/3 
description CONECTION TO AP
switchport mode access 
switchport access vlan 99 
spanning-tree portfast speed 100
duplex full
no shutdown
!

Then my WLC on its management interface has this configuration:

ip adress 192.168.99.253

mask 255.255.255.0

vlan 99

DG 192.168.99.254

DHC SERVER 192.168.99.254

 

After that I created a dynamic interface with this configuration:

 

ip adress 192.168.30.253

mask 255.255.255.0

vlan 30

DG 192.168.30.254

DHC SERVER 192.168.30.254

 

When I created my ssid in choose the dynamic interface 30 and my clients can get an IP address from that VLAN.

 

 

 

Espero que la información haya sido útil y si no tienes más preguntas recuerda cerrar el topic, seleccionando la respuesta como "Respuesta correcta"
**Please rate the answer if this information was useful***
**Por favor si la información fue util marca esta respuesta como correcta**

Hi,

 

Thanks for your  config, can you try editing my packet tracer file that I attached in the post?

Only thing that i believe could stop it is the DHCP Proxy...

Other then that, Im still a bit confused

Hi how do i make a PCAP file??? sorry

Hi,

Do you have an idea why on your DHCP pools screenshot, wlc address is set to 0.0.0.0 for this network?

Did you try to ping your DHCP server from the wlc?

Could you remind me on which switch interface is connected your wlc (Gi0/1 or Gi0/2)?

Did you check your external DHCP server logs?

I can ping from the DHCP server to the WLC and vice versa.

I was messing around with the DHCP information to see if it made a difference, the DHCP pool currently has the WLC address configured (still no luck with connectivity)

I can also ping to the Wireless Point successfully... 

The Wireless PC is solely having issues, and i dunno why.

 

The Switch to WLC is G0/2

I cant view DHCP logs from Packet Tracer for some reason (please show me how if there is)

 

 

Just to be sure:
Do you ping 67.64.6.42 <-> 67.64.7.164 ?

BTW, a stupid question… don't you need to have your DHCP server on the same network that the wireless client??? DHCP proxying is there just in order to forward DHCP broadcast requests through unicast.

You could download a packet sniffer to your wireless PC: https://www.wireshark.org/#download . Don't forget to start it with "run as administrator". Then choose the right interface on it and start sniffing your wireless interface.

I don't use Packet Tracer, so no idea what it is able to do with.

I cant ping the logical interface of 67.64.6.242 cause my Packet Tracer crashes....  I was trying that before.

Really weird tbh,

 

The DHCP server can be reachable from 'ip helper-address ' set o the default gateway. So the traffic is reachable.

 

Ive been trying a packet sniffer, they are images of the actual packets in the post. But i am unsure on how to fix them from the pictures 

 

ty

 

OK, as I can see from your wlc snapshot, you can directly connect to its web interface. So you can start your ping to the DHCP server from there (upper right corner).

My concern about the DHCP server on another network segment is much more related to an eventual filtering of your requests if they don't come on the DHCP server interface that is configured to send addresses for this pool. When you test it from the wired network, your client is in the same subnet as the DHCP server, right?

My hosts don't need to be on the same subnet as the dhcp client due to the IP helper command placed on the interface. I can ping from the WLC to the dhcp 

I think you should really find a way to check your DHCP server logs.
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: