03-05-2008 10:35 AM - edited 07-03-2021 03:29 PM
I'm setting up an H-REAP scenario which also uses AP VLAN Groups to map a single SSIDs across a campus to different VLANs at various campus buildings. This will keep the VLANs to a manageable size, as well as keep throttling of uplinks to the rest of the campus to a minimum (80/20 rule). I have three SSIDs with various forms of authentication, namely WPA-PSK on two, and an open guest. Review the attached PNG of my visio layout, and the SSIDs break out in this building as follows:
VLAN 370 - provides IP address to AP and enables L3 back to the controller
VLAN 372 - SSID 1
VLAN 380 - SSID 2
VLAN 392 - SSID 3
All interfaces on the controller go to the DHCP server at 172.16.2.6 on the management VLAN. Here's the problem:
Wireless client on SSID1 - DHCP is OK
Wireless client on SSID2 - DHCP is FAIL
Wireless client on SSID3 - DHCP is FAIL
The DHCP server is Win2k3, and as far as I can tell the scopes are set up properly, no trunks are being pruned, no firewall issues. So how is it that one SSID gets DHCP addresses fine, while the other two on the SAME server don't? To make things easier, I tested by making all SSIDs open authentication with no encryption and it didn't solve the problem. Putting DHCP scopes on the L3-aware 3560 worked.
Any ideas?
03-05-2008 11:20 AM
Never mind guys - I found the problem. I've been so heads down with the H-REAP stuff that I forgot something entirely fundamental. I missed configuring the 'ip helper-address' on the two other VLANs.
Regards,
Scott
03-05-2008 07:17 PM
Hey Scott.
I saw you reply to my post. Thanks.
My query having tried your suggestions and after reading your issue (and reviewing) your diagram is.
Ultimately creating SSIDs on your controller and binding them to interfaces addressed matching the VLANs at site presents issues with using the same SSID at other sites does it not?
I've tried your suggestion and the 802.1x still doesn't appear to work. I can flip my security requirements on my WLANs which proves it is more related to 802.1x and H-reap.
Appreciate if you can provide some details on your controller software and AP's (model/ios version).
Tim
03-07-2008 10:22 AM
Tim,
For what I'm doing, since all my APs are in H-REAP mode, I have to go into the WLAN and select H-REAP local switching mode. When you configure the particular AP to map VLANs, any existing centrally switched WLANs are greyed out and cannot be mapped. However, I have read elsewhere that it works in both central and local switching. When I have a minute, I'll track that down for you.
Regards,
Scott
03-30-2008 08:59 PM
Hey scott.
Turns out there is issues with H-REAP and the windows wireless connection manager using Intel wireless adapters.
A new driver version failed to resolve the issue.
The intel wireless connection manager software resolves the issues.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide