08-29-2018 07:09 AM - edited 07-05-2021 09:03 AM
Hi Experts,
I want to reserve IPs which are got from dhcp server. My dhcp server is configured in cisco WLC-2504.
I can reserve IPs by mac binding in cisco 3850 switch. What is the procedure for WLC-2504. (
I've already issued "config network ip-mac-binding command") what should be the next step? should any task need to do in gui mode on WLC?
Thanks in advance.
08-29-2018 12:39 PM
I do not believe that WLC-2504 as an DHCP Server that support that feature.
but you can have separate DHCP Server like any Windows Server / Linux Server as DHCP can do this job for you.
08-29-2018 05:43 PM
09-10-2018 12:08 AM
Nizam,
Integrated DHCP on the controller doesn't allow much(I dont recommand it). I suggest not using it unless there is a necessity to need. better to use a external DHCP server.
Regards
Dont forget to rate helpful posts
09-11-2018 06:52 AM
Hi Sandeep,
Would you explain about "Integrated DHCP on the controller doesn't allow much" with reason?
Actually the users internet permission is being provided by their IP addresses. As a result if the IP address is changed in dhcp users then need to permission for new IP addresses which is very much cumbersome.
Please give me suggest the best solution.
09-11-2018 07:02 AM
Nizam,
It(WLC internal DHCP) is a very basic DHCP server with no capablilty for reservations or options. so if you want to do this you'd need to use an external DHCP server instead.
Regards
Dont forget to rate helpful posts
09-24-2018 11:30 AM
Even with DHCP proxy enabled, the DHCP request will be sent to the configured server as a unicast, with the source address being that of the respective dynamic interface.
Since this L2 vlan is not routed, then there will be no way to reach an internal DHCP server from the DMZ, if I understand your topology correctly.
So, it sounds like you will need to have a DHCP server present in the DMZ, either the firewall or a local WLC scope.
-Pat
10-22-2018 10:14 PM
From a design perspective, it will be better to link the firewall to a user database such as LDAP or a local database on the firewall. This will allow you to create security policies based on the user's login names and not on their IP addresses. Which will be easier to manage and monitor their activities and avoid the situation you are in now.
If the database option is not possible and you don't have an external server to run DHCP services, using the firewall as a DHCP server will be your other option if you can't use the 3850 anymore. You will, however, need to understand the limitations on your firewall from a resource perspective.
As mentioned in the form running DHCP on the WLC in a production environment is not advisable.
Regards
Jurgens
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide