Re: Getting DHCP on a VMWare Virtual Machine via wireless

RaveDave1 · ‎06-04-2008

I have a WLC 2006 running 4.2.130 code with AP1020s.

I also have several users that have VMware machines that run various flavors of Linux, etc Virtual Machines on Windows XP Pro.

The Windows XP works fine on the wireless. It is the VMWare Virtual Machine running the â€œBridgedâ€ ethernet connection that have problems.

The problem is that the Virtual Machine doesn't get a DHCP IP address from the wireless network.

If the user plugs into the wired network all works fine.

I have done some captures that show the DHCP requests going out with the MAC address of the wireless client, but no DHCP replies.

It looks like the WLC is seeing the additional DHCP requests from the MAC address of the wireless adapter and dropping them.

The same DHCP server (different scopes) are used for both wireless and wired clients.

The DHCP server shows NO activity when the Virtual Machine tries to get a DHCP IP address.

The DHCP server is a Cat 6500 running IOS v12.2(33)SXH. DHCP activity was monitored using debug IP dhcp server events/debug IP dhcp server packets.

The VMWare Workstation tried is 6.02-6.04.

Any ideas on this?

Scott Fella · ‎06-05-2008

Check the setting in VM. I had to configure the bridge to use my wireless card and not my ethernet.

-Scott
*** Please rate helpful posts ***

jedson328 · ‎07-23-2008

Scott,

It has less to do with which NIC is being bridged, and more to do with how the WLC views your DHCP request. We have this issue as well. The VMHost a discover and a request, but the WLC acknowldeges your request and sends you your current IP (since its all being sourced via wireless MAC).

The best bet is to either change to NAT, or use shared networking (which sucks imo). NAT seems to work okay, and will get us through until a better solution comes along.

Dmitry Halavin · ‎06-11-2008

We allow only traffic from the client itself. VM uses a different mac address, and the WLC does not know what to do with this traffic. If VM is a necessity for your wireless clients, you must use NAT, or connect laptops to an AP in WGB (workgroup bridge) mode.

timsmith · ‎07-23-2008

The controllers do not support have multiple IP addresses behind a single wireless association. You would need to set your VMWARE to use a NAT'ed connection. Its a current limitation of lwapp controllers.

RaveDave1 · ‎07-30-2008

Will the controllers ever support this?

If so, what release?

Dave

klein425 · ‎08-04-2008

From what I know, this is a security feature of the controller. Since the VM mac address is not an authenticated one, the DHCP requests are dropped.

I worked around this in a couple of cases by setting the access points to H-REAP mode. This allows all traffic on an H-REAP SSID to be local to the switch the access point is attached and not tunnel back to the WLC. This works very nicely. I thought that it might cause issues with 300+ access points but it works very well. If you are using more than 1 controller you NEED to make sure the WLAN ID's are the same on both devices. If they are not, the H-REAP VLAN for each SSID will be reset when the access point registers with another controller (since the configurations are not the same).

TK

bradwilliams · ‎05-12-2010

If this is a security feature, can it be disabled? The reason that I ask is that I have a fairly important client that is using a Macintosh with a VM session of Windows. They experience the same DHCP issue and it's causing some problems. Apparently, this used to not be a problem on a slightly older version of code, so I suspect that it was introduced at a later time.

NATing for this particular client is not an option as the one application that they really need fails to function if it detects that it is NAT'd.

Thanks in Advance!

bobanveljanoski · ‎11-09-2012

Enabling "Passive Client" under SSID Advanced setting worked for me.

Filippo Carzaniga · ‎05-29-2013

the "passive Client" feature is to enable the WLC to let pass ARP without that WLC know the ip of the client.

The DHCP is before this phase.. well the "passive client" is not the solution for DHCP.

I Tried to disable Proxy-proxy without success.

I used this workaroung:

1) NAT in VMware vSwitch

2) static IP address of client VMware.

Have you others solutions?

futher the "passive client" has this Restrictions:

•The passive client feature is not supported with the AP groups and FlexConnect centrally switched WLANs

bobanveljanoski · ‎05-29-2013

Did you try enabling passive client anyway? It worked for me on FlexConnect centrally switched.

Filippo Carzaniga · ‎05-29-2013

yes I did but not work

... I have Virtual WLC 7.3 con Flexconnect AP and Multicast is not supported.

David Watkins · ‎05-29-2013

You may be able to workaround by dsiabling the ip-mac-binding check. This is something that is encountered with multiple clients behind a WGB connecting to a lightweight AP as well.

From the CLI

>config network ip-mac-binding disable

Filippo Carzaniga · ‎05-30-2013

Hi David,

I tried without success.

Has you new idea?

Thanks.

F.

mdreelan · ‎02-27-2014

Depending on the version you are running, "passive client" does work b/c FEATURES where added to support vmware, etc. Try it. Let me know, i'm trying it soon.

Here's the link:

https://supportforums.cisco.com/message/3496984#3496984