We are replacing a WLC 4402 with a WISM2 we inherited from another department. The WLC 4402 has three interfaces. AP-manager (APs), Guest, and a secure for interior share access. I was successful in setting up the new AP-manager on the WISM2 with it's own VLAN and DHCP scope. I have also setup a new Guest wireless on the WISM2 with its own VLAN and DHCP scope that is completely separate from the production one on the WLC 4402. Our switching gear is HP procurve except the core which is HPE comware. The DHCP is done on a MS server 2016. I have a test Procurve switch setup off my core that has all the proper vlans for the WISM2. Everytime I try to get an IP address through DHCP for the new guest wireless it fails every time. In the DHCP logs I am finding entries with "BAD address". I thought maybe since my phone was on the production guest wireless previously it was rejecting me because it saw a duplicate MAC address (my phone) attaching to another scope. So I tried my notebook which has never used the production Guest wireless and the same result happens. I would think the Guest DHCP was being blocked somehow but the AP-manager DHCP scope for the WISM2 is working fine.
I do not believe the 'system' serves up SSID support on the AP management interface. a SSID attaches to a separate SVI. True one can have multiple SSIDs attaching to a common SVI but that can run out of address space quickly. best to think one SVI for each SSID. sized accordingly.
Thanks for the reply. I am thinking I will be needing to setup an SVI (Service Virtual Interface ?) for the guest wireless SSID. If this is true can you assist?
One of the clues I am getting is my inability to ping the interface IP address I have setup on the WISM2 that does not work. On my production WLC 4402 I am able to ping all the interfaces I have setup. I am able to ping the one AP I have setup on the WISM2 for testing. That is in a different interface of course. It uses the same DHCP server as the interface I cannot ping or get IP addresses from. I can however ping the gateway of the interface that does not work. All of the configuration parameters for these two interfaces are identical except for the subnets they use. I am thinking this is somewhere in the controller but I am out of ideas.
You can ping the interface's gateway from he outside, but did you assign an IP on the wism for each interface?
This is one of my 5508's. The svi ip's mirror the last octet of the (ap) management IP.. in my case the gateways are all .1 and created on the core router the interface segments are shared across all my WLC's which live somewhere on the same management segment. What does your 'sh int sum' report? Interface Name Port Vlan Id IP Address Type Ap Mgr Guest -------------------------------- ---- -------- --------------- ------- ------ ----- gp-countygen LAG 2304 198.16.4.15 Dynamic No No gp-enforce LAG 2310 198.16.10.15 Dynamic No No gp-hhsawifi LAG 2308 198.16.8.15 Dynamic No No gp-private LAG 2302 198.16.2.15 Dynamic No No gp-tcadmin LAG 2305 198.16.5.15 Dynamic No No gp-tcict LAG 2306 198.16.6.15 Dynamic No No gp-tcjustice LAG 2314 198.16.14.15 Dynamic No No gp-visnet LAG 2316 198.16.16.15 Dynamic No No management LAG 10 198.22.10.15 Static Yes No redundancy-management LAG 10 198.22.10.16 Static No No redundancy-port - untagged 169.254.10.16 Static No No remediation LAG 2350 198.16.50.15 Dynamic No No rma-gp LAG 2424 198.16.124.15 Dynamic No No service-port N/A N/A 198.25.161.45 Static No No tcict-s LAG 2444 198.16.144.15 Dynamic No No
Interface Name Port Vlan Id IP Address Type Ap Mgr Gu est -------------------------------- ---- -------- --------------- ------- ------ -- --- ap-manager LAG 15 192.168.50.2 Dynamic No No guest_newton LAG 12 172.29.8.2 Dynamic No No kasuza LAG 40 192.168.80.3 Dynamic No No management LAG untagged 10.61.2.6 Static Yes No redundancy-management LAG untagged 0.0.0.0 Static No No redundancy-port - untagged 0.0.0.0 Static No No service-port N/A N/A 172.6.6.2 DHCP No No virtual N/A N/A 1.1.1.1 Static No No
Yes I can ping the interfaces I setup from within the WISM. I "cannot"ping them in my network. I "can" ping the ap-manager interface just fine from my network. I am thinking a little config discussion may help. We use HP and HPE layer 2 switching. So the vlans are setup different from Cisco VLANs. I have set the ap-manager vlan coming off my core switch to the WISM2 to be untagged, this equals an access port vlan in Cisco world I am fairly certain. The other two vlans that I cannot ping are set as "tagged" vlans. This equals a trunked vlan in the Cisco world. Correct me if I am wrong. I know I can only set one vlan at a time as "untagged" .This vlan configuration currently works fine with our production Cisco WLC 4402.
Just curious, Do I have to create the vlans for the interfaces on the WISM2 that I cannot ping on the 6500 as well? All three are currently not showing up when I do a show vlan on the 6500.
