Showing results for 
Search instead for 
Did you mean: 

vWLC clients getting DHCP address from management VLAN


We have a strange scenario whereby some wireless employees are obtaining addresses from the management VLAN.

Some details:

  • DHCP managed by MS DHCP 2008 R2 (in remote data centre)
  • Cisco vWLC AIR-CTVM-K9 running v7.6.110.0
  • AP's are a mix of 2602 and 3702 (46 and 2 of each respectively)
  • SSID's are employee, guest, and production devices (all mapped to their own interface with relevant VLAN tag as per normal)
  • AP's all in FlexConnect mode as per vWLC caveats

Some employees are receiving addresses in the wireless management VLAN. This network only has six DHCP addresses available as it is solely for AP's, WLC and HSRP gateway. Obviously this gets exhausted very quickly leaving us with a scenario where clients are not obtaining DHCP addresses.

I understand that with FlexConnect mode, it will assign IP's from the native VLAN. What I don't understand is why most clients receive addresses in the correct VLAN, but a handful do not, and then cannot get an address from DHCP. Obviously the ideal scenario would be to put the AP's into local mode but unless this has changed in a SW release then I don't believe it's possible...

My question is: How do I get ALL the employees to obtain addresses from their interface and not the management VLAN?

Thanks in advance.



I think we need a closer look to your configurarion to eliminate some possibilities:

- What is the WLAN security you choose?

- What is the interface that is configured under the WLAN?

- Does your WLAN have local switching enabled?

- If your security is using RADIUS server, do you have AAA override enabled under the WLAN config?

- If your security is using RADIUS server, do you send any attributes to the users?

- You have eliminate that clients that got management vlan IPs are always on same AP or they can be on any AP.





Rating useful replies is more useful than saying "Thank you"

Hi Amjad,

Many thanks for your reply.

I managed to identify the problem. The cause of the issue was the FlexConnect groups. Most of the AP's were in a FlexConnect group with the WLAN-VLAN mapping in place. Some AP's did not have this mapping and were getting their addresses from the native VLAN which as we know is the default for the FlexConnect mode.

Thanks again, hopefully this article can help people in future who experience the same issue.



Hi Alex.

+5 for sharing the info after you resolve your own issue. :)

surely it will be useufl for others having same issue. but it is better to mark the thread as "answered" to be easier found as an answered question.





Rating useful replies is more useful than saying "Thank you"
Content for Community-Ad