Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
446
Views
1
Helpful
3
Replies

Wireless Clients Can't Access Internet – DHCP from WLC, LAN OK

phuocntlk135
Level 1
Level 1

‎05-24-2025 06:35 AM

Hi everyone,

I’ve recently deployed a wireless lab using a vWLC 9800-CL, and I need some help troubleshooting Internet access for wireless clients.

Here’s a quick summary of my setup:

  • WLC 9800-CL connected via trunk port to a Cisco 3750 L3 switch.

  • VLANs:

    • VLAN 10 – Management

    • VLAN 20 – SSID 1

    • VLAN 30 – SSID 2

  • DHCP for clients is configured directly on the WLC.

  • Trunk from the switch goes to an ASA firewall that’s connected to the Internet.

  • LAN clients (wired) can access the Internet without any issue.

  • Wireless clients (connected via SSID 1 or SSID 2) get the correct IP address from DHCP, but can’t access the Internet.

I’ve already:

  • Verified VLAN tagging and trunk configuration on all switchports.

  • Ensured ASA has NAT and routing properly configured.

  • Tested connectivity from LAN clients to Internet (works fine).

IOS.jpg 

My question: What additional steps should I check to allow wireless clients to reach the Internet? Is there a common issue with routing or NAT from WLC subnets that I might be missing?

Any advice or tips are appreciated. Thanks in advance!

0 Helpful
3 Replies 3

marce1000
Hall of Fame
Hall of Fame

‎05-24-2025 06:48 AM

 

  - Start with a sanity check of the vWLC 9800-CL configuration using the CLI command
     show tech wireless and feed the output from that into Wireless Config Analyzer
     Use the command mentioned in green, do not use a show tech-support for the above procedure,

   For DHCP follow these guidelines with an external  DHCP service preferred :
          https://www.cisco.com/c/en/us/td/docs/wireless/controller/9800/technical-reference/c9800-best-practices.html#DHCPbridgingandDHCPrelay

   M.



-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
    When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '
0 Helpful

Scott Fella
Hall of Fame
Hall of Fame

‎05-24-2025 08:32 AM - edited ‎05-24-2025 08:32 AM

@phuocntlk135 Again, you might never get this to work with an unsupported hypervisor.  DHCP from the controller is not recommended and you should do that from a dhcp server or your L3.  DHCP from the controller will not work if you have dhcp proxy enabled and you have a firewall.  Most firewalls don't like dhcp proxy.

-Scott
*** Please rate helpful posts ***

Saikat Nandy
Cisco Employee
Cisco Employee

‎05-24-2025 07:31 PM

Can I have a 'show tech wireless' from controller please

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card