01-30-2012 06:05 AM - edited 07-03-2021 09:28 PM
How to config the DHCP for wireless clients? Just wireless clients. This is standand alone AP. No WLC
Thanks,
01-30-2012 08:44 AM
The Access Point can only provide IP address to clients on the same subnet than his BVI1 interface IP address, this is its native vlan. It cannot provide IP addresses to multiple vlans or other subnet different than its native.
For example, if the BVI1 interface belongs to 172.16.0.0 /24 network, your access point will only be able to provide IP address on that subnet range.
This example shows how to configure the wireless device as a DHCP server, exclude a range of IP address, and assign a default router:
AP# configure terminal
AP(config)# ip dhcp excluded-address 172.16.1.1 172.16.1.20
AP(config)# ip dhcp pool wishbone
AP(dhcp-config)# network 172.16.1.0 255.255.255.0
AP(dhcp-config)# lease 10
AP(dhcp-config)# default-router 172.16.1.1
AP(dhcp-config)# end
You can check the full documentation on this link:
Regards,
01-30-2012 08:56 AM
Carlos,
That is not true, the AP could be a DHCP server for any subnet on the LAN, so long as the ip helper-address points to the BVI of the AP. But I wouldn't configure it that way.
As for DHCP for the wireless clients, are you wanting this just for wireless clients? Are your wired and wireless in the same subnet? IF they are in the same subnet, there is no way to limit what DHCP server a request will hit, as it is a broadcast that each server will respond to.
If you are running a different subnet from the wired, then you should be able to get this to work, with the above example to configure the DHCP server on the AP.
Steve
02-03-2012 10:18 AM
Here is my configuration. The wireless client connected to HFS but unable to get the IP from DHCP.
no aaa new-model
no ip dhcp use vrf connected
ip dhcp excluded-address 10.10.11.200 10.10.11.250
!
ip dhcp pool HFSGUEST
network 10.10.11.0 255.255.255.0
default-router 10.10.11.1
lease 10
!
!
dot11 syslog
dot11 vlan-name WIFIGuest vlan 2
!
dot11 ssid HFS
vlan 1
authentication open
mbssid guest-mode
!
dot11 ssid HFSGUEST
vlan 2
authentication open
authentication key-management wpa
mbssid guest-mode
02-03-2012 11:31 AM
You have two vlans: 1 and 2
Two SSIDs:
dot11 ssid HFS from vlan 1
dot11 ssid HFSGUEST from vlan 2
Under nomal circumstances, if you configure the DHCP server on the Access Point, it will only be able to give IP address on your default VLAN.
For example, if this access point has an IP address from vlan1, it will only be able to give addresses to clients on vlan1.
This DHCP pool is currently configured for network 10.10.11.0.
If your BVI1 interface has a different IP address not on that network, this DHCP server is not going to work.
There are some things we also need to check:
Does this DHCP server on the Acccess Point, is it meant to provide addresses for vlan 1 or vlan 2?
Currently, do you have any DHCP server on your network for vlan 1 or vlan2
However, as Stephen mentioned before, if your intention is to give IP addresses for wireless clients on vlan2 while your BVI 1 interface is on vlan1, you can as a workaround configure a DHCP helper on the default-gateway of vlan 2 pointing to the BVI1 interface.
If you attach the full show run I will be able to understand better all your configuration, and maybe give you some further recommendation changes.
Also please let me know the IP address of your BVI 1 interface.
Regards,
02-03-2012 11:48 AM
I do have multiple subnets that talk to each other. I would like to have the clients to have (IP to VLAN2 or both). I have DHCP server on the Windows 2003 to handle our internal network.
!
version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname ap
!
logging rate-limit console 9
enable secret 5 $1$25yJ$!
no aaa new-model
no ip dhcp use vrf connected
ip dhcp excluded-address 10.10.11.200 10.10.11.250
!
ip dhcp pool HFSGUEST
network 10.10.11.0 255.255.255.0
default-router 10.10.11.1
lease 10
!
!
dot11 syslog
dot11 vlan-name WIFIGuest vlan 2
!
dot11 ssid HFS
vlan 1
authentication open
mbssid guest-mode
!
dot11 ssid HFSGUEST
vlan 2
authentication open
authentication key-management wpa
mbssid guest-mode
wpa-psk ascii 7 00453B!
!
!
username Cisco password 7 123A
username admin password 7 141A18595
!
!
bridge irb
!
!
interface Dot11Radio0
no ip address
no ip route-cache
!
encryption vlan 1 key 1 size 128bit 7 404891512F3F5F transmit-key
encryption vlan 1 mode wep mandatory
!
encryption vlan 2 mode ciphers tkip
!
ssid HFS
!
ssid HFSGUEST
!
antenna gain 0
mbssid
station-role root
!
interface Dot11Radio0.1
encapsulation dot1Q 1 native
no ip route-cache
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
bridge-group 1 spanning-disabled
!
interface Dot11Radio0.2
encapsulation dot1Q 2
no ip route-cache
bridge-group 2
bridge-group 2 subscriber-loop-control
bridge-group 2 block-unknown-source
no bridge-group 2 source-learning
no bridge-group 2 unicast-flooding
bridge-group 2 spanning-disabled
!
interface GigabitEthernet0
no ip address
no ip route-cache
duplex auto
speed auto
no keepalive
!
interface GigabitEthernet0.1
encapsulation dot1Q 1 native
no ip route-cache
bridge-group 1
no bridge-group 1 source-learning
bridge-group 1 spanning-disabled
!
interface GigabitEthernet0.2
encapsulation dot1Q 2
no ip route-cache
bridge-group 2
no bridge-group 2 source-learning
bridge-group 2 spanning-disabled
!
interface BVI1
ip address 10.10.10.201 255.255.255.0
no ip route-cache
!
ip default-gateway 10.10.10.1
ip http server
no ip http secure-server
ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag
bridge 1 route ip
!
!
!
line con 0
line vty 0 4
login local
!
end
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: