Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1205
Views
0
Helpful
2
Replies

DHCP not getting on Anchor (DMZ) controller

pemasirid
Level 1
Level 1

‎01-14-2009 01:50 PM - edited ‎07-03-2021 04:59 PM

Hi Have Local/Anchor controller deployment with code 5.1.x running.

Anchor controller (in DMZ) is configured for DHCP server and enabled. I have mobility anchor configured and both Data & Controller paths are UP and more over eping/mping work on both devices.

When enabling debug on DHCP I have the attached output. The issue is that users are not able to get IP from DHCP server configured locally on Anchor(DMZ) controller.

Juniper firewall is placed between DMZ and Inside and the required ports have been opened.

Can someone advise me why I'm not able to get IP from DMZ controller ?

Debug output on both local controller and anchor (DMZ) controller are attached.

thanks in advance.

Labels:
Preview file
14 KB
Preview file
9 KB
0 Helpful
2 Replies 2

Stephen Rodriguez
Cisco Employee
Cisco Employee

‎01-14-2009 02:45 PM

can you attach the show run-config? Make sure it's the show run-config and NOT! the show running-config

HTH,
Steve

------------------------------------------------------------------------------------------------
Please remember to rate useful posts, and mark questions as answered
0 Helpful

wesleyterry
Level 3
Level 3

‎01-14-2009 05:02 PM

*Jan 14 00:41:53.509: 00:13:02:43:f9:d3 mmAnchorExportRcv: WLAN QIB_GUEST policy mismatch between controllers, WLAN QIB_GUEST not found, or WLAN disabled. Ignore ExportAnchor mobility msg. Delete client.

I'm assuming this debug is for the client in question.

When I've had problems with my Guest anchoring, it has always come from the configurations on the two controllers not being IDENTICAL. As in, even the slightest mismatch in the two WLANs has caused my problem.

For example, I would make sure that the WLAN on your local controller is configured EXACTLY like the DMZ, from the dhcp options to the encryption options, even the session timeout to exclusion times.

The bottom line is that this debug says the policies don't match (since I am assuming the wlan is configured on both controllers, and that the wlans are no disabled).

As the other user suggested, the run-config from each controller would be nice to see, but the problem may be as simple as one overlooked value not being identical...

(I am speaking from my experience with 4.1 though.... but I bet the same behavior is in 5)

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card