09-21-2023 12:34 PM
Hello Professionals,
Client can't get DHCP IP from DHCP server through the WLC9800, and here is my network.
- When Client connects to SSID:SVI-60, able to get DHCP IP from Core switch. : works!
- When Client connects to SSID:SVR-100, Not get DHCP IP from DHCP Server(Firepower).
WLANs, SVI, setting relay IP configuration in WLC9800 are all same, but I couldn't get IP address from firepower.
When I google it, it looks like bug#CSCvr86538. (https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvr86358)
The solution of this bug is :
- Delete SVI IP address and Make L2 bridging
What does that mean 'making L2 bridge'. Does it mean that I put no ip address for SVI?
Current score is no luck..
DHCP Relay Statistics
---------------------
DHCP Server IP : 192.168.100.1
Message Count
--------------------------
DHCPDISCOVER : 188
BOOTP FORWARD : 188
BOOTP REPLY : 0
DHCPOFFER : 0
DHCPREQUEST : 0
DHCPACK : 0
DHCPNAK : 0
DHCPDECLINE : 0
DHCPRELEASE : 0
DHCPINFORM : 0
Tx/Rx Time :
------------
LastTxTime : 14:30:05
LastRxTime : 18:00:00
Should I enable one physical port and provide access vlan 100 (and match with switch port to be access vlan 100) seperately?
or even if I configure new physical port, is it still communicating with wireless-mgmt VLAN50?
Thank you so much for providing your time.
Solved! Go to Solution.
09-21-2023 02:43 PM
SVI-60 only need to be on your core switch.
On your 9800, you need to have VLAN 60 (just L2 vlan defined on 9800) & trunk to your core switch. No SVI-60 on 9800
Is that the configuration you got ?
HTH
Rasika
*** Pls rate all useful responses ***
09-21-2023 01:03 PM
You only require management SVI (vlan 50) on your 9800 controller. Remove all other client SVIs from 9800 & check it.
HTH
Rasika
*** Pls rate all useful responses ***
09-21-2023 01:33 PM - edited 09-21-2023 01:41 PM
Hello Sir,
When I just remove all SVIs except managemet (VLAN50), I failed to access SVI-60.
Is there any steps that I deeply look into it?
Thank you.
09-21-2023 02:43 PM
SVI-60 only need to be on your core switch.
On your 9800, you need to have VLAN 60 (just L2 vlan defined on 9800) & trunk to your core switch. No SVI-60 on 9800
Is that the configuration you got ?
HTH
Rasika
*** Pls rate all useful responses ***
10-06-2023 06:17 AM
Hello Rasika,
Thank you so much!!! Client finally got the DHCP IP from the firewall for Guest network.
I made one more Ethernet port for guest VLAN and made L2, then it works.
I appreciate your comment..!
09-22-2023 12:07 AM
- Look at best practices for DHCP setup(s) here : https://www.cisco.com/c/en/us/products/collateral/wireless/catalyst-9800-series-wireless-controllers/guide-c07-743627.html#DHCPbridgingandDHCPrelay
Have a checkup of the WLC9800 configuration too ; with the CLI command show tech wireless ; feed the output into :
https://cway.cisco.com/wireless-config-analyzer/
This procedure is strongly adviced
M.
10-05-2023 06:38 PM
And refer to the 9800 Best Practice guide - link below.
As Rasika has said already - there is no need to configure SVI on the 9800 for client VLANs.
You've also not mentioned what version of IOS-XE you're using - refer to TAC recommended releases (below) - currently 17.9.4 (which also fixes the bug you referenced which is quite old).
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide