Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
10354
Views
2
Helpful
6
Replies

DHCP Issue - Meraki

Go to solution
WaseemD
Level 1
Level 1

‎11-21-2022 03:14 AM - edited ‎11-21-2022 03:15 AM

Hello,
I am experiencing a problem that has been existing for a while so far,
Well, the issue is that 1~10% of the endpoints when attempt to connect to the SSID, it fails obtain IP address, and it shows on Meraki dashboard (DHCP server did not response), while DHCP server is responding and able to provide IPs for any other end point around and attempts to connect.

I have done multiple captures from the machine/Meraki/switch trunk port
and discovered the following:
- Machine sends discovery packets (machine captures)
- Meraki receives the discovery packets (Meraki dashboard captures)
- Meraki does not forward the discovery packets to the upstream switch, therefor not reaching the DHCP server in LAN. (AP's trunk port in the Catalyst switch captures).

workaround to obtain IP, roam to another AP, and it directly provides an IP address. and machine go back to initial AP that failed to provide IP and stay connected, even if disconnected and reconnects the issue is solved for that machine.
note that this issue is hitting all the APs, when ever one cannot provide IP, roam to any other one and the endpoint will obtain one.
It's happening randomly and on many different machines.

PS: I have different environment with different setup and different DHCP solution and is also facing same issue, only Meraki APs is in common.
any advise? 

thanks a lot!

 

 





Labels:
Preview file
23 KB
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
WaseemD
Level 1
Level 1
In response to mattethington

‎01-27-2025 02:23 PM - edited ‎01-27-2025 02:30 PM

Hi Mattethington,
The issue was related to the ACL/Group Policy in Meraki, which was blocking DHCP traffic.

For your reference, here’s a screenshot of the specific rules I added to my group policies. These rules are not "allow-any-any," as I’m using Cisco ISE for posturing and Group Policy/Airspace assignment.

To summarize: If you're using dot1x with posturing and leveraging Group Policy/Airspace in Meraki, ensure that DHCP ports (67 and 68) and the DHCP server are allowed in the policy. This is crucial because clients are typically assigned to a group policy before posturing occurs.

In my case, adding rules to allow DHCP ports 67 and 68 for traffic to and from any host immediately resolved the issue.

Let me know if this helps! 

WaseemD_1-1738016985618.png

 



View solution in original post

6 Replies 6

Go to solution
Gary25Bell
Level 1
Level 1

‎11-21-2022 03:21 AM - edited ‎11-21-2022 09:18 PM

According to:
https://documentation.meraki.com/MR/Wireless_Troubleshooting/Wireless_Issue_Resolution_Guide#SSIDs_i.../Wellcare Medicare Advantage

Traffic will not flow. I do not know why 70% of the clients could connect and 30% couldn't, but as soon as I removed the VLAN from the SSID, the problems went away.

Thanks,

0 Helpful

Go to solution
WaseemD
Level 1
Level 1
In response to Gary25Bell

‎11-21-2022 03:38 AM - edited ‎11-21-2022 03:39 AM

Thank you @Gary25Bell for your reply!
I actually went through this ticket you mentioned but actually we are not using VLAN tagging in the SSID
Also DHCP troubleshooting did not help, went through every single point to confirm.
The issue actually appeared with no changes, we did have this setup for a quite long time ago, appeared just few months ago

WaseemD_0-1669030674943.png

 

0 Helpful

Go to solution
JPavonM
VIP
VIP

‎11-21-2022 04:22 AM

Are you using Cisco APs? If so try to disable arp-caching on APs. I've faced similar issues using Meraki and Cisco APs.

For C9800 under the Flex Profile.

For AireOS use "config flexconnect arp-caching disable"

0 Helpful

Go to solution
eastoscar
Level 1
Level 1

‎03-22-2023 05:55 AM

Have similar problem with Meraki APs, did you get a solution?
What Firmware version do you have an the MR APs?? MR29.x.x 

0 Helpful

Go to solution
mattethington
Level 1
Level 1

‎01-14-2025 06:13 AM

Hello, Waseem! 

I understand that this is an issue that happened a while ago for you, however, I am experiencing the same issue within my network right now. Were you able to pinpoint the cause of the issue? Thanks! 

0 Helpful

Go to solution
WaseemD
Level 1
Level 1
In response to mattethington

‎01-27-2025 02:23 PM - edited ‎01-27-2025 02:30 PM

Hi Mattethington,
The issue was related to the ACL/Group Policy in Meraki, which was blocking DHCP traffic.

For your reference, here’s a screenshot of the specific rules I added to my group policies. These rules are not "allow-any-any," as I’m using Cisco ISE for posturing and Group Policy/Airspace assignment.

To summarize: If you're using dot1x with posturing and leveraging Group Policy/Airspace in Meraki, ensure that DHCP ports (67 and 68) and the DHCP server are allowed in the policy. This is crucial because clients are typically assigned to a group policy before posturing occurs.

In my case, adding rules to allow DHCP ports 67 and 68 for traffic to and from any host immediately resolved the issue.

Let me know if this helps! 

WaseemD_1-1738016985618.png

 



Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card