02-21-2019 11:28 PM - edited 07-05-2021 09:55 AM
Hello Experts -
I have a WLAN controller (2504) at Head office and have APs on the branch end. Users at branch office getting connected with the AP and getting IP address from Head office DHCP server. It is working fine because all of my internet is going via head office. Now I want to give local internet to the branch office and need to have a single SSID that should be broadcasted in headoffice and branch office. AP's needs to be connected with the Head office WLAN controller. My concern is if the User connected to the branch office via AP will get the IP address pool of the headoffice and Internet will remain routed via Head office.Now what I want is to get different IP Pool from head office via same AP that is connected to WLAN controller and on a single SSID which is broadcasted in Headoffice and branch office but branch office should get different IP pool via DHCP and head office get different IP Pool. Please let me know if you guys have any query in the above said statement. Looking forward for the helpful comments.
Solved! Go to Solution.
03-12-2019 05:52 AM
02-22-2019 12:23 AM
- You can easily assign a specific subnet (address-range) to the branch office and or within the central DHCP server. Further routing and or Firewalling setups on your Intranet infrastructure can make sure that this subnet will then use the 'local-path' for Internet access. (the 'global SSID' remains the same)
M.
02-22-2019 01:34 AM
Thank you for your reply. How can branch DHCP request will be recognized that it should assign to another subnet (another then Head office subnet) because each SSID will use the interface on WLAN controller and that interface use a specific Head office IP subnet. If Branch office request for DHCP via this SSID it will be assigned the Headoffice IP subnet. I think you are aware that WLC creates a tunnel with its associated AP's to provide a similar IP to other regions.
02-24-2019 01:37 PM
Two Options I can see:
You could look at making the branch office APs Flexconnect.
Enabling local switching on the WLAN for the Branch office APs to drop off locally and get their IP from a DHCP server attached to that office.
Flexconnect deployment guide:
When you configure an SSID for local switching, it is only applicable if AP in Flexconnnect mode. So as long as your HQ APs are in Local mode then all those users traffic will be central switch for the given SSID. At branch those AP are in Flex mode, they will locally switched.
The other option would be:
If your using 802.1x authentication for the WLAN you could also look at using AAA override to place them into a different interface/ VLAN on the head office controller.
Now I take it the reason you have added a local internet break out is so you can reduce the amount of traffic over the WAN. Due to this using Flexconnect would be the best option, other wise if still using local mode the traffic path would be AP to WLC via WAN, then back to branch office via WAN to route out the local internet link. This would also require routing on the head office to send that traffic to the branch internet link.
02-25-2019 11:45 PM
Thanks thats great. Yes I am using 802.1x at branch offices. can you share any deployment guide for the method 2?
03-11-2019 03:50 AM
Hello Haydn,
I searched on your suggestion. I can use flexconnect in my remote offices but the SSID that has been broadcasting via branch and Headoffice AP's should be same. For Example (SSID: Cisco). I want that when branch office users get connected with the (SSID Cisco) they will get the IP from brach DHCP and when Headoffice users connect to the same (SSID Cisco) they will get the IP address from Headoffice DHCP. In this manner both Headoffice and branch have different IP pools and they will easily route to the internet separately. I appreciate your quick response.
03-11-2019 05:28 AM
03-11-2019 10:12 PM
Sure I will maintain the DHCP release time for users roaming but I want that when branch office users get connected with the (SSID Cisco) they will get the IP from brach DHCP and when Headoffice users connect to the same (SSID Cisco) they will get the IP address from Headoffice DHCP. How can I achieve this by using single SSID on both ends (i.e. Headoffice and Branch). As far as I know when SSID is maintained by the controller then users will connect that SSID and get the IP address from SSID's interface/vlan DHCP pool.
03-12-2019 05:52 AM
03-18-2019 03:37 AM
Thank you Patoberli. I appreciate it.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide