cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
578
Views
5
Helpful
6
Replies

Clients not getting DHCP - WiSM over L3

tekjansen101
Level 1
Level 1

THE SCENARIO

The customer has a controller located in Location A with IP scheme 10.56.X.X/24 There is a LAP located in Location B with IP scheme 10.32.X.X/24. There is a central DHCP server that assigns IP addresses to the customer equipment/clients. The LAP is succesfully registered on the controller and assigned an IP via DHCP.

Clients in Location A are assigned an IP from the DHCP scope defined for that area (10.56.x.x). Likewise clients in Location B are served by the DHCP scope in its own area. There is Layer 3 reachability between the two locations and to the DHCP server.

THE PROBLEM

A client in Location B wants to join over the AP located in its location to the controller present in Location A. However the client wants an IP address from the DHCP scope defined for Location B since it is physically present in that location. Attempts by the client to gain said IP are unsuccessful (client is given a 169.X.X.X address when using a dynamic interface with a VLAN id and IP from location B). The client can however successfully negotiate and get an IP from Location A (client is given a 10.56.X.X using a dynamic interface with VLAN and IP from location A). This behavior is unwanted because we want client IPs to reflect their physical point of presence.

OUR REQUIREMENT

Client in location A gets an IP from DHCP scope defined for location A (irrespective of controller location)

Client in location B gets an IP from DHCP scope defined for location B (irrespective of controller location)

.

.

etc

.

I have my theories on why its probably not working, then again I have just as many saying it should work just fine. Been racking my brains trying to figure out whats wrong ...

Any ideas ?

-Stumped.

1 Accepted Solution

Accepted Solutions

Scott Fella
Hall of Fame
Hall of Fame

You have two sites, SiteA and SiteB. SiteA is where the WLC resides and SiteB is considered a remote site. In order to have users obtain a DHCP form SiteB, you need to configure the LAP's to H-REAP and not local, which you have now.

You have to remember, that in local mode, all the traffic tunnels back to the WLC and egress out the gig ports onto the local LAN is is connected to. So when a user in SiteB associate to an ssid and gets tunneled back, you need to dump them into a vlan on SiteA.... means you hneed to have a dynamic interface on that vlan.... so it is not possible to have the wlc dynamic interface on a subnet that does not rreside in the local network. This is why dhcp is not working.... If you create a subnet on SiteA just for users on SiteB and then create a dynamic interface on that subnet and a DHCP scope, users on SiteB will be able to obtain an IP Address and then would have to route back to SiteB for any local network services they need.

H-REAP allows you to drop off the users locally on SiteB and if they require any central network services, they will just route back just like any wired devices in SiteB.

-Scott
*** Please rate helpful posts ***

View solution in original post

6 Replies 6

SJessulat_2
Level 1
Level 1

Hi,

do you use a separate SSID/VLAN for Location B?

If so, is this VLAN available on the WLC and on the trunk to the WLC.

Because all the Traffic from WLAN-Clients exit on the WLC, resp. its connection to the LAN at Location A (Unless you have HREAPs deployed at Location B, which can let the traffic break out locally).

Could you maybe provide a VLAN-overview of your deployment?

Greets,

Sebastian

Yes! HREAP solved the problem! Thanks for the suggestion! I really should have paid more attention in wireless class...

Leo Laohoo
Hall of Fame
Hall of Fame

Just curious, but why is AP located in site "B" joined to WLC in "A"?

What FW are both WLC running on?

Hello...

There is no firewall. We are the telco and own the WAN links. Plus this is all over inter-city DWDM and we aren't using any external networks thus no FWs.

This is just this telco's whacky design. You should see some of the things they have configured here (ACLs in the backbone !).

Sometimes I want to cry.

Scott Fella
Hall of Fame
Hall of Fame

You have two sites, SiteA and SiteB. SiteA is where the WLC resides and SiteB is considered a remote site. In order to have users obtain a DHCP form SiteB, you need to configure the LAP's to H-REAP and not local, which you have now.

You have to remember, that in local mode, all the traffic tunnels back to the WLC and egress out the gig ports onto the local LAN is is connected to. So when a user in SiteB associate to an ssid and gets tunneled back, you need to dump them into a vlan on SiteA.... means you hneed to have a dynamic interface on that vlan.... so it is not possible to have the wlc dynamic interface on a subnet that does not rreside in the local network. This is why dhcp is not working.... If you create a subnet on SiteA just for users on SiteB and then create a dynamic interface on that subnet and a DHCP scope, users on SiteB will be able to obtain an IP Address and then would have to route back to SiteB for any local network services they need.

H-REAP allows you to drop off the users locally on SiteB and if they require any central network services, they will just route back just like any wired devices in SiteB.

-Scott
*** Please rate helpful posts ***

H-REAP !!!

Perfect! Thats exactly what the doctor called for. The thing with our scenario is that we have the same vlans exist in multiple site (A and B and C so on ...) each configured with their own site IP and theres a lot of other really messed up things going on here which i don't wanna delve into, but H-REAP is exactly what we were looking for (authentication control is tunneled, everything else is switched locally).

Thanks again !

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: