Buy or Renew
Buy or Renew
Cisco Virtual Engineer generative AI bot now active in Wireless Discussion Forum. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2762
Views
0
Helpful
5
Replies

Guest users not getting IP address

deyster94
Level 5
Level 5

‎03-09-2015 09:31 AM - edited ‎07-05-2021 02:40 AM

I am setting up Cisco wireless along with ISE 1.3 for guest wireless.  The client is going to use the self-registration portal for guest wireless users.  I followed this Cisco doc to configure the self-registration portal:

 

http://www.cisco.com/c/en/us/support/docs/security/identity-services-engine/118742-configure-ise-00.html

I tested this in my home lab and everything works fine.  However, at the client users are not getting IP addresses from the DHCP server.  This is the same DHCP server that is used for corporate wireless and if you connect that SSID, you get an IP address.  I have looked what I configured at home and the client and everything looks the same.  In the back of my mind, I feel something is missing, but I can't figure out what it is.  

Edit: Not sure if this makes a difference or not, but they are using a Nexus 5K for their core switch and it hosts the SVI for this network.  

Let me know what information you need and I will post it.

TIA,

Dan

Labels:
0 Helpful
5 Replies 5

Wellington L
Level 1
Level 1

‎03-10-2015 07:29 AM

Hello,

Some verifications below :

Did you verify if DHCP Proxy is enabled in wlc's wlan interface ? Case DHCP proxy is disabled, did you verify if the ip helper address is enabled in Nexus SVI ?

DHCP Scope is enabled in the DHCP Server or is enabled in the WLC ?

Verify if Trunk in the switch is enabled correctly passing all VLANs to WLANs ?

Verify if ACL to redirect configured in the WLC is allowing DHCP Server and DHCP Client to client receive IP Address and ports 8443 to Cisco ISE and DNS to resolve some address and get access to ISE Portal ?

The scenario is Local Switching or Central Switching ?

Regards

 

 

 

0 Helpful

deyster94
Level 5
Level 5
In response to Wellington L

‎03-10-2015 07:34 AM

We figured out what the issue is, but not how to resolve it (yet).  I did open a TAC case since this is getting more critical to fix since it's crunch time  The TAC engineer tried everything she could, but to no avail.  She suggested putting switchport in the vlan that guest wireless users are in and see if I can get an IP that way.  I did that this morning and I couldn't get one.  So, there is something else going on with that SVI.  It's configured the same way as the one for the corporate wireless, so I am stumped as to why that doesn't work.

0 Helpful

Wellington L
Level 1
Level 1
In response to deyster94

‎03-10-2015 07:53 AM

Ok deyster.

When you solve the problem with TAC, post the problem solution here.

Thanks.

0 Helpful

deyster94
Level 5
Level 5
In response to deyster94

‎03-10-2015 09:00 AM

The issue is fixed.  There was a route pointed to the wrong next hop on their MPLS router.  

0 Helpful

Abhishek Abhishek
Cisco Employee
Cisco Employee

‎03-16-2015 02:37 AM

Please refer to the link for configuring guest access in ISE 1.3-

http://www.cisco.com/c/en/us/td/docs/security/ise/1-3/admin_guide/b_ise_admin_guide_13/b_ise_admin_guide_sample_chapter_01111.html

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card