01-02-2014 04:54 AM - edited 07-04-2021 11:53 PM
Hi All
I'm having issues with wireless clients getting IP addresses from a DHCP server.
I have a Cisco 5760 WLC with 4 VLANs configured in a VLAN Group.
The WLAN is pointing to the VLAN group and for testing is using WPA-2 AES with a PSK.
There are interfaces for each of the VLANs configured with an IP address in the individual subnets and an IP helper address pointing to the DHCP server.
The WLC can ping the interfaces on the firewall for each subnet.
I have debug DHCP client enabled on the 5760.
If I connect a client to the WLAN I never see any DHCP activity on the 5760 and the firewall logs don't see anything either.
Its as if the 5760 is not sending any DHCP requests.
I've removed all IP DHCP Snooping Trusted type statements but have left this one:
ip dhcp snooping wireless bootp-broadcast enable
Any ideas anyone?
Regards
Roger
01-02-2014 06:05 AM
Do you have DHCP required on?
Sent from Cisco Technical Support iPhone App
01-02-2014 06:07 AM
I've tried it with it on and with it off.
My understanding is that DHCP required on the WLAN simply stops you connecting clients with static IP addresses.
The problem seems to be that all the DHCP requests are going down the management VLAN and not the data VLAN.
01-02-2014 06:23 AM
On the switch you have the 5760 connected to, are you allowing the VLANs across the trunk? If you look at the show interface < interface > trunk, are the required VLANs allowed and not being pruned?
HTH,
Steve
------------------------------------------------------------------------------------------------
Please remember to rate useful posts, and mark questions as answered
01-02-2014 06:46 AM
Yes the VLANs are allowed down the trunk and I can ping every gateway on the firewall from the 5760 SVIs.
01-02-2014 08:33 AM
Hi Roger,
Did you test with a specific interface vlan (instead of vlan group) map to this WLAN ? If that works then you know it is a problem with interface group & not on your DHCP or any other configuration.
Check all 4 interfaces individually & makesure clients get IP addresses in that way. Then focus on the vlan group config
HTH
Rasika
**** Pls rate all useful responses ****
01-03-2014 04:04 AM
I already did that with no effect.
I have identified the problem.
The DHCP server is on an external network and therefore all DHCP requests were going out of the 5760 using the default route which points to the gateway for the management VLAN which is on a Checkpoint firewall.
Because anti-spoofing is enabled on the firewall it was dropping all the DHCP packets.
I have had to insert static ARP entries on the 5760 for each default gateway for each of the VLANs I have assigned to the wireless network. Some changes have also been made to the firewall to ensure it allows the packets through.
Everything is now working as it should be.
04-30-2016 11:32 PM
Hi man
I really need your help if you have your problem solved.
I have problem with internal DHCP and while I configured external,Clients have problem.
I have a WLC5760 with more than 500 APs and 5000 users I think we can share a lot about it,how can I access u?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide