09-20-2013 08:03 PM - edited 07-04-2021 12:54 AM
Hello guys,
I have an ASA 5505 functioning as a router to connect to the Internet. Also, it is my DHCP server for my clients, and APs. When I connect my laptop to the ASA, I get an IP address and able to configure my WLC. The APs also receives an IP address from the ASA. However, when I connect to the AP wirelessly as a wireless client, my laptop is not receiving an IP address from the DHCP which is my ASA.
Here is my topology:
[3602i]--------[ASA5505]--------[WLC2504]
Here is my ASA config for my clients:
!
interface Vlan12
description *** DEFAULT GATEWAY FOR Wi-Fi GUESTS
nameif GUESTS-if
security-level 100
ip address 10.2.12.1 255.255.255.0
!
dhcpd address 10.2.12.100-10.2.12.131 GUESTS-if
dhcpd dns 208.67.222.222 208.67.220.220 interface GUESTS-if
dhcpd lease 1048575 interface GUESTS-if
dhcpd option 3 ip 10.2.12.1 interface GUESTS-if
dhcpd enable GUESTS-if
!
Here is the WLC interface config:
Solved! Go to Solution.
09-20-2013 09:07 PM
So ASAs will not work with DHCP proxy enabled. Disable DHCP proxy and you should get an address.
Controller > Advanced > DHCP
Sent from Cisco Technical Support Android App
09-20-2013 09:07 PM
So ASAs will not work with DHCP proxy enabled. Disable DHCP proxy and you should get an address.
Controller > Advanced > DHCP
Sent from Cisco Technical Support Android App
09-21-2013 08:25 AM
Thanks. That fixed my issue.
Sent from Cisco Technical Support iPhone App
09-22-2013 02:44 PM
Hello jsnyder81,
I have another question. This is still related to the same network.
I am able to connect to the wireless network now, and receiving IP address from the ASA 5505; however, I can only ping my wireless gateway. I also don't have access to the Internet.
When I hard wired my laptop to the ASA's switch port, I am able to browse the Internet, but not via WiFi.
Here is the routing table that I have on the ASA:
Gateway of last resort is 192.168.1.1 to network 0.0.0.0
C 10.2.8.0 255.255.255.0 is directly connected, PRINTERS-if
C 10.2.9.0 255.255.255.0 is directly connected, FIOS-if
C 10.2.10.0 255.255.255.0 is directly connected, IP-CAMERAS-if
C 10.2.11.0 255.255.255.0 is directly connected, WiFi-USERS-if
C 10.2.12.0 255.255.255.0 is directly connected, GUESTS-if
C 10.2.13.0 255.255.255.0 is directly connected, WIRED-if
C 10.2.3.0 255.255.255.0 is directly connected, EXSi-if
C 10.2.4.0 255.255.255.0 is directly connected, AD/NPS/CA-if
C 10.2.5.0 255.255.255.0 is directly connected, inside
C 10.2.6.0 255.255.255.0 is directly connected, WLC-if
C 10.2.7.0 255.255.255.0 is directly connected, AP-if
C 10.2.20.0 255.255.255.0 is directly connected, WIRELESS-PILOT-if
C 10.2.21.0 255.255.255.0 is directly connected, WIRED-PILOT-if
C 10.2.22.0 255.255.255.0 is directly connected, SERVERS-PILOT-if
C 192.168.1.0 255.255.255.0 is directly connected, outside
d* 0.0.0.0 0.0.0.0 [1/0] via 192.168.1.1, outside
I also have this command:
same-security-traffic permit inter-interface
09-22-2013 03:07 PM
Do you have a NAT overload setup to NAT out for the the wireless subnet?
Sent from Cisco Technical Support iPhone App
09-22-2013 03:34 PM
Thanks for the quick reply.
I have NAT enable, but configured wrong IP on my dhcpd option 3. Thanks for pointing it to me. I was able to fix the incorrect IP address.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: