Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
12869
Views
25
Helpful
10
Replies

Client made a request to the DHCP server, but it did not respond

CRUZPEREZ518
Level 1
Level 1

‎10-12-2022 09:49 AM

Hello,
I have a wireless network with MERAKI model MR42, MR52 and MR56 equipment, I have different SSIDS, all with external DHCP, all the dhcp pools are created in my L3 switch, later I assign each vlan to each SSID depending on the department.
I also have the splash page enabled and the clients log in with their AD user, the connectivity tests work correctly and even most of the clients can connect, but some get the following messages:

Client made a request to the DHCP server, but it did not respond. vlan_id='240' request_ip='unknown' request_server='unknown' details='no_dhcp_ack' radio='1' vap='2' channel='149' rssi='10'

Client made a request to the DHCP server, but the DHCP server rejected the client's request. server_ip='192.168.255.254' vlan_id='240' request_server='unknown' details='dhcp_nack' radio='0' vap='6' channel='11' rssi='37'

The ports where the MERAKI APs connect are configured as follows:

switchport trunk native vlan 502
switchport trunk allowed vlan 1,60,80,100,502
switchport mode trunk
Where VLAN 502 is for the administration of the MERAKI and all the others are from the dhcp pools

Any help I appreciate

Cheers!

0 Helpful
10 Replies 10

Dustin Anderson
VIP
VIP

‎10-12-2022 01:37 PM

One question is it states vlan 240, but it's not allowed on the trunk?

CRUZPEREZ518
Level 1
Level 1
In response to Dustin Anderson

‎10-12-2022 03:29 PM

Hello,
An apology, if I have assigned the vlan 240 in the trunk port I forgot to comment it but if it is added.

switchport trunk native vlan 502
switchport trunk permitido vlan 1,60,80,100,240,502
switchport mode trunk

0 Helpful

Haydn Andrews
VIP Alumni
VIP Alumni

‎10-12-2022 02:40 PM

The SSID looks mapped to VLAN 240 based on the output that its trying to get IP in that range. Either you have AAA override changing the VLAN or the SSID is statically mapped to VLAN 240. 

As Dustin says you need the client VLAN on the trunk port. Meraki only uses the AP management VLAN for management traffic. Client traffic like DHCP needs the VLAN of the SSID or the AAA override VLAN that the user is being assigned to allowed on the switch port

*****Help out other by using the rating system and marking answered questions as "Answered"*****
*** Please rate helpful posts ***

Philip D'Ath
VIP Alumni
VIP Alumni

‎10-12-2022 05:17 PM

If you put a switch port into VLAN240 and connector a computer - can it DHCP an address?

CRUZPEREZ518
Level 1
Level 1
In response to Philip D'Ath

‎10-13-2022 07:53 AM

If I connect a PC via ethernet cable to a port with vlan240, it works, even if some clients can connect to the SSID via Wi-Fi.
But sometimes it only gets the ip address and when it gets it it says no internet access or it just doesn't get the ip address.
When I check the MERAKI console, I find these types of messages very constant in the logs and I can't identify the problem.

0 Helpful

Rich R
VIP
VIP

‎10-13-2022 10:45 AM

details='dhcp_nack' - the DHCP server has refused the request for an IP

- Is the DHCP pool large enough?
- Are your lease times too long so that the entire pool gets reserved for long periods leaving no free IPs?
- Have you disabled DHCP conflict logging which can result in large number of IPs getting blocked out and unavailable?
"no ip dhcp conflict logging".  You can clear any conflicts temporarily with "clear ip dhcp conflict *" check with "show ip dhcp conflict"

------------------------------
Please click Helpful if this post helped you and Select as Solution (drop down menu at top right of this reply) if this answered your query.
------------------------------
TAC recommended codes for AireOS WLC's   and   TAC recommended codes for 9800 WLC's
Best Practices for AireOS WLC's,   Best Practices for 9800 WLC's   and   Cisco Wireless compatibility matrix
Check your 9800 WLC config with Wireless Config Analyzer using "show tech wireless" output or "config paging disable" then "show run-config" output on AireOS and use Wireless Debug Analyzer to analyze your WLC client debugs
Field Notice: FN63942 APs and WLCs Fail to Create CAPWAP Connections Due to Certificate Expiration
Field Notice: FN72424 Later Versions of WiFi 6 APs Fail to Join WLC - Software Upgrade Required
Field Notice: FN72524 IOS APs stuck in downloading state after 4 Dec 2022 due to Certificate Expired
- Fixed in 8.10.196.0, latest 9800 releases, 8.5.182.12 (8.5.182.13 for 3504) and 8.5.182.109 (IRCM, 8.5.182.111 for 3504)
Field Notice: FN70479 AP Fails to Join or Joins with 1 Radio due to Country Mismatch, RMA needed
How to avoid boot loop due to corrupted image on Wave 2 and Catalyst 11ax Access Points (CSCvx32806)
Field Notice: FN74035 - Wave2 APs DFS May Not Detect Radar After Channel Availability Check Time
Leo's list of bugs affecting 2800/3800/4800/1560 APs
Default AP console baud rate from 17.12.x is 115200 - introduced by CSCwe88390

CRUZPEREZ518
Level 1
Level 1
In response to Rich R

‎10-13-2022 01:40 PM

This is my dhcp pool configuration

ip dhcp pool WiFi
network 192.168.240.0 255.255.240.0
default-router 192.168.255.254
dns-server 172.16.1.1 8.8.8.8
lease 0 0 30

0 Helpful

Rich R
VIP
VIP

‎10-13-2022 04:05 PM

"show ver"
"show ip dhcp pool WiFi"
show run | inc conflict
"sh ip dhcp conflict"
show run | inc excluded

------------------------------
Please click Helpful if this post helped you and Select as Solution (drop down menu at top right of this reply) if this answered your query.
------------------------------
TAC recommended codes for AireOS WLC's   and   TAC recommended codes for 9800 WLC's
Best Practices for AireOS WLC's,   Best Practices for 9800 WLC's   and   Cisco Wireless compatibility matrix
Check your 9800 WLC config with Wireless Config Analyzer using "show tech wireless" output or "config paging disable" then "show run-config" output on AireOS and use Wireless Debug Analyzer to analyze your WLC client debugs
Field Notice: FN63942 APs and WLCs Fail to Create CAPWAP Connections Due to Certificate Expiration
Field Notice: FN72424 Later Versions of WiFi 6 APs Fail to Join WLC - Software Upgrade Required
Field Notice: FN72524 IOS APs stuck in downloading state after 4 Dec 2022 due to Certificate Expired
- Fixed in 8.10.196.0, latest 9800 releases, 8.5.182.12 (8.5.182.13 for 3504) and 8.5.182.109 (IRCM, 8.5.182.111 for 3504)
Field Notice: FN70479 AP Fails to Join or Joins with 1 Radio due to Country Mismatch, RMA needed
How to avoid boot loop due to corrupted image on Wave 2 and Catalyst 11ax Access Points (CSCvx32806)
Field Notice: FN74035 - Wave2 APs DFS May Not Detect Radar After Channel Availability Check Time
Leo's list of bugs affecting 2800/3800/4800/1560 APs
Default AP console baud rate from 17.12.x is 115200 - introduced by CSCwe88390
0 Helpful

CRUZPEREZ518
Level 1
Level 1

‎10-14-2022 01:44 PM

#show ver

Switch Ports Model SW Version SW Image Mode
------ ----- ----- ---------- ---------- ----
* 1 56 WS-C3650-12X48UR 16.12.07 CAT3K_CAA-UNIVERSALK9 INSTALL

#show ip dhcp pool WiFi

Pool WiFi:
Utilization mark (high/low) : 100 / 0
Subnet size (first/next) : 0 / 0
Total addresses : 4094
Leased addresses : 1267
Excluded addresses : 1
Pending event : none
1 subnet is currently in the pool :
Current index IP address range Leased/Excluded/Total
192.168.245.202 192.168.240.1 - 192.168.255.254 1267 / 1 / 4094

#sh ip dhcp conflict
IP address Detection method Detection time VRF
192.168.245.27 Gratuitous ARP Oct 14 2022 01:41 PM

the other commands do not display any information.

0 Helpful

Rich R
VIP
VIP

‎10-15-2022 04:50 AM

IOS 16.12.7 is fairly up to date (16.12.8 is available) and it's the current recommended release so that's good.  You seem to have plenty of IPs so that's good.

You have conflict logging enabled (I've seen it cause exactly this type of problem) so you should DISABLE it - it's only recommended for use with external DHCP database.
https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/ipaddr/command/ipaddr-cr-book/ipaddr-i1.html#wp4082782944
"If a DHCP server database agent is not used, specify the no ip dhcp conflict logging command to disable the recording of address conflicts."

If you still get problems after that then you'll need to debug and get packet captures to understand what the problem is.  If you're not able to do that yourself then you'll need to contact Cisco TAC so they can help you to do it.

------------------------------
Please click Helpful if this post helped you and Select as Solution (drop down menu at top right of this reply) if this answered your query.
------------------------------
TAC recommended codes for AireOS WLC's   and   TAC recommended codes for 9800 WLC's
Best Practices for AireOS WLC's,   Best Practices for 9800 WLC's   and   Cisco Wireless compatibility matrix
Check your 9800 WLC config with Wireless Config Analyzer using "show tech wireless" output or "config paging disable" then "show run-config" output on AireOS and use Wireless Debug Analyzer to analyze your WLC client debugs
Field Notice: FN63942 APs and WLCs Fail to Create CAPWAP Connections Due to Certificate Expiration
Field Notice: FN72424 Later Versions of WiFi 6 APs Fail to Join WLC - Software Upgrade Required
Field Notice: FN72524 IOS APs stuck in downloading state after 4 Dec 2022 due to Certificate Expired
- Fixed in 8.10.196.0, latest 9800 releases, 8.5.182.12 (8.5.182.13 for 3504) and 8.5.182.109 (IRCM, 8.5.182.111 for 3504)
Field Notice: FN70479 AP Fails to Join or Joins with 1 Radio due to Country Mismatch, RMA needed
How to avoid boot loop due to corrupted image on Wave 2 and Catalyst 11ax Access Points (CSCvx32806)
Field Notice: FN74035 - Wave2 APs DFS May Not Detect Radar After Channel Availability Check Time
Leo's list of bugs affecting 2800/3800/4800/1560 APs
Default AP console baud rate from 17.12.x is 115200 - introduced by CSCwe88390
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card