09-20-2013 08:03 PM - edited 07-04-2021 12:54 AM
Hello guys,
I have an ASA 5505 functioning as a router to connect to the Internet. Also, it is my DHCP server for my clients, and APs. When I connect my laptop to the ASA, I get an IP address and able to configure my WLC. The APs also receives an IP address from the ASA. However, when I connect to the AP wirelessly as a wireless client, my laptop is not receiving an IP address from the DHCP which is my ASA.
Here is my topology:
[3602i]--------[ASA5505]--------[WLC2504]
Here is my ASA config for my clients:
!
interface Vlan12
description *** DEFAULT GATEWAY FOR Wi-Fi GUESTS
nameif GUESTS-if
security-level 100
ip address 10.2.12.1 255.255.255.0
!
dhcpd address 10.2.12.100-10.2.12.131 GUESTS-if
dhcpd dns 208.67.222.222 208.67.220.220 interface GUESTS-if
dhcpd lease 1048575 interface GUESTS-if
dhcpd option 3 ip 10.2.12.1 interface GUESTS-if
dhcpd enable GUESTS-if
!
Here is the WLC interface config:
Solved! Go to Solution.
09-20-2013 09:07 PM
So ASAs will not work with DHCP proxy enabled. Disable DHCP proxy and you should get an address.
Controller > Advanced > DHCP
Sent from Cisco Technical Support Android App
09-20-2013 09:07 PM
So ASAs will not work with DHCP proxy enabled. Disable DHCP proxy and you should get an address.
Controller > Advanced > DHCP
Sent from Cisco Technical Support Android App
09-21-2013 08:25 AM
Thanks. That fixed my issue.
Sent from Cisco Technical Support iPhone App
09-22-2013 02:44 PM
Hello jsnyder81,
I have another question. This is still related to the same network.
I am able to connect to the wireless network now, and receiving IP address from the ASA 5505; however, I can only ping my wireless gateway. I also don't have access to the Internet.
When I hard wired my laptop to the ASA's switch port, I am able to browse the Internet, but not via WiFi.
Here is the routing table that I have on the ASA:
Gateway of last resort is 192.168.1.1 to network 0.0.0.0
C 10.2.8.0 255.255.255.0 is directly connected, PRINTERS-if
C 10.2.9.0 255.255.255.0 is directly connected, FIOS-if
C 10.2.10.0 255.255.255.0 is directly connected, IP-CAMERAS-if
C 10.2.11.0 255.255.255.0 is directly connected, WiFi-USERS-if
C 10.2.12.0 255.255.255.0 is directly connected, GUESTS-if
C 10.2.13.0 255.255.255.0 is directly connected, WIRED-if
C 10.2.3.0 255.255.255.0 is directly connected, EXSi-if
C 10.2.4.0 255.255.255.0 is directly connected, AD/NPS/CA-if
C 10.2.5.0 255.255.255.0 is directly connected, inside
C 10.2.6.0 255.255.255.0 is directly connected, WLC-if
C 10.2.7.0 255.255.255.0 is directly connected, AP-if
C 10.2.20.0 255.255.255.0 is directly connected, WIRELESS-PILOT-if
C 10.2.21.0 255.255.255.0 is directly connected, WIRED-PILOT-if
C 10.2.22.0 255.255.255.0 is directly connected, SERVERS-PILOT-if
C 192.168.1.0 255.255.255.0 is directly connected, outside
d* 0.0.0.0 0.0.0.0 [1/0] via 192.168.1.1, outside
I also have this command:
same-security-traffic permit inter-interface
09-22-2013 03:07 PM
Do you have a NAT overload setup to NAT out for the the wireless subnet?
Sent from Cisco Technical Support iPhone App
09-22-2013 03:34 PM
Thanks for the quick reply.
I have NAT enable, but configured wrong IP on my dhcpd option 3. Thanks for pointing it to me. I was able to fix the incorrect IP address.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide