cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1706
Views
0
Helpful
6
Replies

Issues with DHCP via new vWLC

chappers69
Level 1
Level 1

I'm hoping someone can help me here, as I've been banging my head against a brick wall for well over a week on this now!

 

A bit of background...

 

We have an old vWLC in VMware and are moving across to a new vWLC in Hyper-V

Old deployment: 7.6.100.0

New deployment: 8.5.151.0

 

On the old deployment, we have a CORP WLAN on vlan 26 and Guest WLAN on vlan 113

New deployment has CORP WLAN on vlan 2257 and Guest on vlan 2256

(May be worth mentioning here that new deployment is inside an ISP's IaaS platform, so there is vlan rewrite occuring (2257 => 26, 2256 => 113).

Interface IPs are on the same subnet for each interface (i.e. management on both vWLCs are on same subnet, as are corp and guest interface IPs).

New controller can ping gateways of all interfaces OK.

 

Old controller is working OK.  CORP users are authenticated against 802.1x, get an IP address via DHCP and placed on vlan26, guest users are authenticated with PSK, and get an IP address via DHCP and placed on vlan 113.

 

New controller is partly working.  CORP users are working as per above, but guest users are passing auth, and not getting an IP address.  Looking at a Wireshark capture, it appears DHCP discovers are going out, but no responses.

 

I have an AP dedicated to the new vWLC, this is connected to the same switch as the other 6 APs we have which are working OK on the old controller, and has identical switch config.  ip helpers are configured the same on all vlans.  I've tried using 2 different APs BTW and both exhibit the same issue, so I don't think the AP itself is at fault...it is running newer IOS however.

I've tried multiple clients, all with the same issue.

Also worth mentioning I took a backup of the old controller and restored onto the new controller, with IP address changes etc.

 

Attached is a capture of the vWLC debug for my iPhone trying to connect.

Any assistance would be much appreciated.

I suspect there is an issue around the vlans somewhere, but can't seem to nail it.  Can anyone offer any suggestions please?

 

 

1 Accepted Solution

Accepted Solutions

OK, looks like I've worked out what is required here.

The issue, as suspected, was due to the VLAN changes due to migrating to a new IaaS platform.

I created a new guest SSID, and made this FlexConnect locally switched.

Then went into FlexConnect Groups => WLAN VLAN mapping

I enabled VLAN Support and I'm now able to add a mapping for the new VLAN to the old VLAN for the guest network (weirdly, the CORP network was already listed, even though it didn't need it on the old implementation, and VLAN support was turned off!). 

All now appears to be functioning as required.  Thanks for your help all.

 

View solution in original post

6 Replies 6

chappers69
Level 1
Level 1

I've also tried turning on DHCP Proxy Mode on the Guest interface, the debug on the vWLC shows an IP addresses coming back from the DHCP server, but it never gets to the wireless client...I find this even weirder! :s

vWLC can only run in Flexconnect mode, the clients are dropped off locally at the switch port that the AP is connected.

The DHCP server needs to be seen from that VLAN. The SVI might need an IP helper address.

The VLAN also needs to be available at the AP trunk port on the switch.

So unless you have re-VLAN the access layer switches they will use the same VLAN ID as before the migration of the vWLC

*****Help out other by using the rating system and marking answered questions as "Answered"*****
*** Please rate helpful posts ***

Thanks for your reply.

 

The new vWLC is running along side the old vWLC, with APs on both controllers connected to the same access switch, with identical port config.  Upstream L3 switch has ip helpers configured.

 

vWLCs are configured the same (apart from IP addresses, interfaces are on the same subnets as the old controller).

 

Seems strange how one SSID works fine, but the guest SSID can't obtain DHCP addresses.

What version is the new vWLC?

Have you tried deleting the WLAN and re-creating? Had an issue where clients got stuck in DHCP_REQ after doing a similar thing.

*****Help out other by using the rating system and marking answered questions as "Answered"*****
*** Please rate helpful posts ***

Just given it a shot, unfortunately, no change...

OK, looks like I've worked out what is required here.

The issue, as suspected, was due to the VLAN changes due to migrating to a new IaaS platform.

I created a new guest SSID, and made this FlexConnect locally switched.

Then went into FlexConnect Groups => WLAN VLAN mapping

I enabled VLAN Support and I'm now able to add a mapping for the new VLAN to the old VLAN for the guest network (weirdly, the CORP network was already listed, even though it didn't need it on the old implementation, and VLAN support was turned off!). 

All now appears to be functioning as required.  Thanks for your help all.

 

Review Cisco Networking for a $25 gift card