Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
Bookmark
|
Subscribe
|
5161
Views
25
Helpful
3
Replies

WLC 9800 CL Client Exclusion Issue

Go to solution
buhawi
Level 1
Level 1

‎10-07-2022 07:13 AM

We have spoke sites on Flex mode, each site are all treated separately, has its own DHCP server to serve wireless clients. The DHCP scope is the same for all sites. Now with WPS IP Theft or IP Reuse enabled it seems that when Site A client is served with an IP address and Site B is served with the same IP address, it seems that Site B client gets excluded, am I missing something? The sites were migrated from AireOS, same topology and same WPS feature IP Theft or IP Reuse enabled and clients are able use same IP in different sites.  

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Rasika Nayanajith
VIP Alumni
VIP Alumni

‎10-09-2022 12:43 AM

I hope you have enabled "overlapping client IP Address" feature enabled. It came up with 17.4.x release.

https://www.cisco.com/c/en/us/td/docs/wireless/controller/9800/17-4/config-guide/b_wl_17_4_cg/m_vewlc_flex_connect.html 

"In flex deployments, you can use cookie cutter configuration across sites and branches which also includes local DHCP servers configured with the same subnet. In this toplogy, controllers detect multiple client sessions with the same IP as IP THEFT and clients are blacklisted.

The Overlapping Client IP Address in Flex Deployment feature offers overlapping IP address across various flex sites and provides all the functionalities that are supported in flex deployments."

Step 1

Choose Configuration > Tags & Profiles > Flex and click Add.
Step 2

On the Add Flex Profile window and General tab.
Step 3

Check the IP Overlap check box to enable overlapping client IP Address in Flex deployment.
Step 4

Click Apply to Device.

HTH
Rasika
*** Pls rate all useful responses ***

View solution in original post

3 Replies 3

Go to solution
Rasika Nayanajith
VIP Alumni
VIP Alumni

‎10-09-2022 12:43 AM

I hope you have enabled "overlapping client IP Address" feature enabled. It came up with 17.4.x release.

https://www.cisco.com/c/en/us/td/docs/wireless/controller/9800/17-4/config-guide/b_wl_17_4_cg/m_vewlc_flex_connect.html 

"In flex deployments, you can use cookie cutter configuration across sites and branches which also includes local DHCP servers configured with the same subnet. In this toplogy, controllers detect multiple client sessions with the same IP as IP THEFT and clients are blacklisted.

The Overlapping Client IP Address in Flex Deployment feature offers overlapping IP address across various flex sites and provides all the functionalities that are supported in flex deployments."

Step 1

Choose Configuration > Tags & Profiles > Flex and click Add.
Step 2

On the Add Flex Profile window and General tab.
Step 3

Check the IP Overlap check box to enable overlapping client IP Address in Flex deployment.
Step 4

Click Apply to Device.

HTH
Rasika
*** Pls rate all useful responses ***

Go to solution
buhawi
Level 1
Level 1
In response to Rasika Nayanajith

‎10-10-2022 06:24 PM

@Rasika Nayanajith Thank you for the response, I'm running on cisco recommended version 17.3.5b and I see this option in flex configuration, let me turn this on and see how it goes.

0 Helpful

Go to solution
Rich R
VIP
VIP

‎10-09-2022 06:46 AM - edited ‎10-09-2022 06:47 AM

You should also go through Catalyst 9800 Series Configuration Best Practices https://www.cisco.com/c/en/us/products/collateral/wireless/catalyst-9800-series-wireless-controllers/guide-c07-743627.html for other tips.

And check your config with https://cway.cisco.com/wireless-config-analyzer/ using the output of "show tech wireless"

Also see https://www.cisco.com/c/en/us/support/docs/wireless/catalyst-9800-series-wireless-controllers/214749-tac-recommended-ios-xe-builds-for-wirele.html for TAC recommended software versions to use.

------------------------------
Please click Helpful if this post helped you and Select as Solution (drop down menu at top right of this reply) if this answered your query.
------------------------------
TAC recommended codes for AireOS WLC's   and   TAC recommended codes for 9800 WLC's
Best Practices for AireOS WLC's,   Best Practices for 9800 WLC's   and   Cisco Wireless compatibility matrix
Check your 9800 WLC config with Wireless Config Analyzer using "show tech wireless" output or "config paging disable" then "show run-config" output on AireOS and use Wireless Debug Analyzer to analyze your WLC client debugs
Field Notice: FN63942 APs and WLCs Fail to Create CAPWAP Connections Due to Certificate Expiration
Field Notice: FN72424 Later Versions of WiFi 6 APs Fail to Join WLC - Software Upgrade Required
Field Notice: FN72524 IOS APs stuck in downloading state after 4 Dec 2022 due to Certificate Expired
- Fixed in 8.10.196.0, latest 9800 releases, 8.5.182.12 (8.5.182.13 for 3504) and 8.5.182.109 (IRCM, 8.5.182.111 for 3504)
Field Notice: FN70479 AP Fails to Join or Joins with 1 Radio due to Country Mismatch, RMA needed
How to avoid boot loop due to corrupted image on Wave 2 and Catalyst 11ax Access Points (CSCvx32806)
Field Notice: FN74035 - Wave2 APs DFS May Not Detect Radar After Channel Availability Check Time
Leo's list of bugs affecting 2800/3800/4800/1560 APs
Default AP console baud rate from 17.12.x is 115200 - introduced by CSCwe88390
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card
li.common.scroll-to.top