cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
684
Views
0
Helpful
2
Replies

wlc 2504 + ap 2702 in flex mode. Problem with dhcp "leaking"

Peter Handke
Level 1
Level 1

Hi,  We have 2x wlc2504 (8.1.102.0) in flex mode with 16 Access Points (ios 15.3, soft 8.1). Configuration according to this how to: https://supportforums.cisco.com/document/98646/wireless-lan-flexconnect-configuration-example

I noticed that  some users ( ca half) get ip addresses from incorrect vlan. They get ip from mgmt native vlan instad of normal tagged vlan 100. In users details i see correct vlan but address is from bad vlan (mgmt, native) which is used by AP and controllers only. After  change a lot options i see difference  only when i changed vlan mappings from wlan specific to ap-specific for all vlans i configured . In this moment i'm not sure that helps ( no one in office ) but i can't find good explanation what is difference between this two options. Documentation is quite poor about this. Big thanks for any help or explanation

thanks

Peter

1 Accepted Solution

Accepted Solutions

Freerk Terpstra
Level 7
Level 7

Hi Peter,

There are three different ways for the FlexConnect AP to learn about the VLAN mappings:
1. AP specific
2. Group specific
3. WLAN specific

The AP specific settings (1) are remembered by the access-point but will be reset when the access-point joins a controller where the "local switching" option has been turned off (for example a back-up controller). The FlexConnect group specific settings (2) are pushed every time the access-point joins the controller. The access-point does not know about which FlexConnect group he belongs, so you need to configure all of your controllers manually with the MAC addresses of the FlexConnect access-points. If options 1 and 2 are not configured, the access-point is going to use the VLAN ID which is being used on the interface of the WLAN on the controller (3). If that interface does not have VLAN ID associated with it, it will use the native VLAN ID of the access-point.

My advice is that you go with option 2 and configure a FlexConnect group with the correct VLAN mappings in it.

Please rate useful posts... :-)

View solution in original post

2 Replies 2

Freerk Terpstra
Level 7
Level 7

Hi Peter,

There are three different ways for the FlexConnect AP to learn about the VLAN mappings:
1. AP specific
2. Group specific
3. WLAN specific

The AP specific settings (1) are remembered by the access-point but will be reset when the access-point joins a controller where the "local switching" option has been turned off (for example a back-up controller). The FlexConnect group specific settings (2) are pushed every time the access-point joins the controller. The access-point does not know about which FlexConnect group he belongs, so you need to configure all of your controllers manually with the MAC addresses of the FlexConnect access-points. If options 1 and 2 are not configured, the access-point is going to use the VLAN ID which is being used on the interface of the WLAN on the controller (3). If that interface does not have VLAN ID associated with it, it will use the native VLAN ID of the access-point.

My advice is that you go with option 2 and configure a FlexConnect group with the correct VLAN mappings in it.

Please rate useful posts... :-)

Hi,

Thanks for help and  great explanation. Now all AP i have in AP specific mode and dhcp is working in correct vlan.

I have 2 question about wha You suggest.

All APs work with the same config, one group, the same building with 2 controllers ( n+1). Is there  sense to use flexconnect group ? I use also LDAP/AD authorization

Question about WLAN specific: On APs i have native vlan (10) and tagged production vlans (100,101,102) On controllers all vlans are tagged, including 10. I understand that in WLAN specific mode AP use native vlan on his port ?

 

Review Cisco Networking for a $25 gift card