Cisco WLC 2504 - New WLAN-No Internet Connection for mobile devices

James May · ‎07-11-2019

Good afternoon. I have a situation with our current WLC. Everything is currently configured to go through our regular network. The wireless devices get an IP from our network DHCP server and are able to access the internet. However, as we have grown, the scope has reached it's limit. I am now trying to create a separate Guest network for mobile devices. These devices will get an IP from the WLC internal DHCP server. Our primary network is 10.1.20.x

After a little configuring, I have created a new Interface (VLAN-B) and assigned it an address in the new network 10.1.50.x. The DHCP scope was setup with a range of 10.1.50.10 - 10.1.50.254. And the DNS server is using our network DNS on the 10.1.20.x network.

Mobile clients can connect and get a 10.1.50.x address, however, they are not getting out to the internet. On the device it says "Connected but Internet may not be available".

Any help would be greatly appreciated.

Thanks kindly,

James

James May · ‎07-11-2019

Do I need to configure the second network in the router/firewall by chance?

balaji.bandi · ‎07-11-2019

yes this required NAT on the main Router or FW. so you get interface for that IP range.

let us know your network diagram and FW/Router config, so we can help you.

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

James May · ‎07-12-2019

@balaji.bandi wrote:
yes this required NAT on the main Router or FW. so you get interface for that IP range.

let us know your network diagram and FW/Router config, so we can help you.

Firewall is an ASA5505. What info might you need? I'm not very versed in the world of Cisco unfortunately.

patoberli · ‎07-12-2019

You require to configure a new NAT (if the client can ping the router IP but not the internet). Then you probably also need to configure this new ip range on the router (a new virtual interface and/or vlan). Lastly you shouldn't use the WLC as a DHCP server, as this feature is deprecated and is removed in newer hardware versions and maybe even a future software update.

James May · ‎07-12-2019

"Lastly you shouldn't use the WLC as a DHCP server, as this feature is deprecated and is removed in newer hardware versions and maybe even a future software update."

This is interesting and good know. What would be a better solution then to get the mobile devices off of my current network dhcp scope? I figured the using the WLC would be the best option as when the mobile devices connect to that SSID, they will be able to get a separate IP outside of our existing network.

patoberli · ‎07-12-2019

A Cisco router can be a DHCP server. But even better is a real DHCP server solution, running on Windows/Linux Server, where you also have logfiles and better troubleshooting functionality.

I think the DHCP server will not get removed from the 2504, because it's anyway end of life (or soon) and thus will not anymore get feature removing updates. Just if you would switch to a 5520 and I think 3504, then you'd also not anymore have the DHCP feature in the future.

balaji.bandi · ‎07-12-2019

Can you post full configuration of ASA so we can look and suggest you.

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Sandeep Choudhary · ‎07-12-2019

Also allow VLAN-B on switchport where WLC is connected.

Regards

Dont forget to rate helpful posts

craigshawm6 · ‎07-15-2019

As far as guest wireless DHCP, we have used a DMZ subnet on the ASA to act as the DHCP server. That way, keeping the guest segregated from the internal DHCP server.