cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1335
Views
0
Helpful
5
Replies

vWLC issue with guest vlan

marstoyanoff
Level 1
Level 1

Hi Team,

I installed Cisco vWLC for the first time. Everything works fine except my guest vlan doesnt get IP address from the designated dmz network. I was wondering if I am missing something. Currently Flexconnect it configured on the wlans with LOCAL mode. I've alredy tried to go under each AP and perform vlan mapping but ... no luck so far.

Please get back to me if you have any ideas.

Respectfully,

Marty-

1 Accepted Solution

Accepted Solutions

Abhishek Abhishek
Cisco Employee
Cisco Employee

Hello Marty,

As per your query i can suggest you the following solution-

Guest vlan doesnt get IP address from the designated dmz network.So please apply the appropriate native vlan to the Flexconnect configured in the local mode.Also make sure to do vlan mapping in order to match Physial switch Vlan matching. Finally configure trunk on the Access-Point port with the corresponding native Vlan.

For more information please refer to the link-

http://www.cisco.com/en/US/tech/tk722/tk809/technologies_configuration_example09186a008070ba8f.shtml

Hope this will help

View solution in original post

5 Replies 5

Scott Fella
Hall of Fame
Hall of Fame

I'm guessing that you want the guest traffic to be tunneled back to the vWLC and placed on a DMZ network in the vSwitch? If so, you want to centrally switch that WLAN. So in the WLAN, you need to make sure that you don't have FlexConnect Local Switching enabled.

If you are using FlexConnect Local switching and placing guest users locally and your DMZ is back at HQ or another location besides where the AP is at, you need to use a VRF or GRE tunnel to get the traffic back unless you are routing that traffic back.

To test is everything is working on the wired side, place a laptop on the guest vlan on the switch and see if that laptop gets an ip.

Sent from Cisco Technical Support iPhone App

-Scott
*** Please rate helpful posts ***

Hi Scott,

Thank you for your quick reply! The vWLC is located in the Data Center. I haven't deployed anything to the branches yet. So I didn't find an option to enable central auth-central switching and I guess I will need to disable the Local option.

I find the vWLC acting somehow differently than the other WLCs

Respectfully,

Marty-

It is very differnt due to the fact that you have to use a vSwitch.

Thanks,

Scott

Help out other by using the rating system and marking answered questions as "Answered"

-Scott
*** Please rate helpful posts ***

Here is the solution!

First of all, if you configured Flexconnect in local mode then make sure to apply the appropriate native vlan, and vlan mapping in order to match vSwitch and the Physical switch VLAN mapping.

Next, make sure to enable trunking on the AP port with the corresponding native vlan.

DONE!

Marty

Abhishek Abhishek
Cisco Employee
Cisco Employee

Hello Marty,

As per your query i can suggest you the following solution-

Guest vlan doesnt get IP address from the designated dmz network.So please apply the appropriate native vlan to the Flexconnect configured in the local mode.Also make sure to do vlan mapping in order to match Physial switch Vlan matching. Finally configure trunk on the Access-Point port with the corresponding native Vlan.

For more information please refer to the link-

http://www.cisco.com/en/US/tech/tk722/tk809/technologies_configuration_example09186a008070ba8f.shtml

Hope this will help

Review Cisco Networking for a $25 gift card