cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
309
Views
7
Helpful
6
Replies

flexconnect wifi clients get IP scope from another SSID

Andrey128
Level 1
Level 1

access point Cisco_AIR-AP2802I (Cisco AP Software, ap3g3-k9w8 Version: 17.9.5.205) is configured to offer two flexconnect SSID , e.g. "Office" (VALN10) and "Factory" (VLAN20).  On VLAN20 ACLs have been applied which is currently filtering DHCP traffic, so somehow clients connecting towards SSID "Factory" get IP from SSID "Office" VLAN10. Is this a bug or feature ...

 

 

1 Accepted Solution

Accepted Solutions

JPavonM
VIP
VIP

Check the VLAN assignment under the Flexprofile, and also check the VLAN assignment under the policy profile that the SSID "Factory" uses.

View solution in original post

6 Replies 6

JPavonM
VIP
VIP

Check the VLAN assignment under the Flexprofile, and also check the VLAN assignment under the policy profile that the SSID "Factory" uses.

marce1000
VIP
VIP

 

  - Besides what has been mentioned ; also have a checkup of the 9800 controller's configuration with the CLI command show tech wireless and feed the output from that into Wireless Config Analyzer
   Use the full command above , do not use a simple show tech for this procedure

 M.



-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
    When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '

Simon Blomqvist
Level 1
Level 1

Could potentially be that the client just retains the IP from VLAN 10 if you're jumping between SSIDs. Make sure that the VLAN exist on the trunk to the AP. And what do you mean with an ACL that filters DHCP traffic? Do you mean that you're allowing DCHP traffic through? Make sure that you have an ACL entry for both directions since it's stateless.

Are the non correct vlan is native vlan?

Are this vlan is ap vlan?

MHM

Rich R
VIP
VIP

Is this a bug or feature

It's not a bug and it's not a feature.  It simply means you have misconfigured the WLAN/AP/switch.
Flexconnect local switching simply tags the client traffic with the configured 802.1q VLAN tag which gets handled by the local AP switch trunk port.

Further to what @JPavonM said: if you use VLAN name assignment but haven't defined that name in the flex profile then the AP won't know what VLAN ID that name is.  So either use VLAN number/ID or make sure the VLAN name(s) are defined in the flex profile assigned to the AP. 

Andrey128
Level 1
Level 1

flexconnect profile name was wrongly written in config, which caused such problem.

standard guide for flexconnect https://www.cisco.com/c/en/us/support/docs/wireless/catalyst-9800-series-wireless-controllers/213945-understand-flexconnect-on-9800-wireless.html describes well config steps.

Review Cisco Networking for a $25 gift card