cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2895
Views
25
Helpful
3
Replies

WLC 9800 CL Client Exclusion Issue

buhawi
Beginner
Beginner

We have spoke sites on Flex mode, each site are all treated separately, has its own DHCP server to serve wireless clients. The DHCP scope is the same for all sites. Now with WPS IP Theft or IP Reuse enabled it seems that when Site A client is served with an IP address and Site B is served with the same IP address, it seems that Site B client gets excluded, am I missing something? The sites were migrated from AireOS, same topology and same WPS feature IP Theft or IP Reuse enabled and clients are able use same IP in different sites.  

1 Accepted Solution

Accepted Solutions

I hope you have enabled "overlapping client IP Address" feature enabled. It came up with 17.4.x release.

https://www.cisco.com/c/en/us/td/docs/wireless/controller/9800/17-4/config-guide/b_wl_17_4_cg/m_vewlc_flex_connect.html 

"In flex deployments, you can use cookie cutter configuration across sites and branches which also includes local DHCP servers configured with the same subnet. In this toplogy, controllers detect multiple client sessions with the same IP as IP THEFT and clients are blacklisted.

The Overlapping Client IP Address in Flex Deployment feature offers overlapping IP address across various flex sites and provides all the functionalities that are supported in flex deployments."

Step 1

Choose Configuration > Tags & Profiles > Flex and click Add.

Step 2

On the Add Flex Profile window and General tab.

Step 3

Check the IP Overlap check box to enable overlapping client IP Address in Flex deployment.

Step 4

Click Apply to Device.

HTH
Rasika
*** Pls rate all useful responses ***

View solution in original post

3 Replies 3

I hope you have enabled "overlapping client IP Address" feature enabled. It came up with 17.4.x release.

https://www.cisco.com/c/en/us/td/docs/wireless/controller/9800/17-4/config-guide/b_wl_17_4_cg/m_vewlc_flex_connect.html 

"In flex deployments, you can use cookie cutter configuration across sites and branches which also includes local DHCP servers configured with the same subnet. In this toplogy, controllers detect multiple client sessions with the same IP as IP THEFT and clients are blacklisted.

The Overlapping Client IP Address in Flex Deployment feature offers overlapping IP address across various flex sites and provides all the functionalities that are supported in flex deployments."

Step 1

Choose Configuration > Tags & Profiles > Flex and click Add.

Step 2

On the Add Flex Profile window and General tab.

Step 3

Check the IP Overlap check box to enable overlapping client IP Address in Flex deployment.

Step 4

Click Apply to Device.

HTH
Rasika
*** Pls rate all useful responses ***

@Rasika Nayanajith Thank you for the response, I'm running on cisco recommended version 17.3.5b and I see this option in flex configuration, let me turn this on and see how it goes.

Rich R
VIP
VIP

You should also go through Catalyst 9800 Series Configuration Best Practices https://www.cisco.com/c/en/us/products/collateral/wireless/catalyst-9800-series-wireless-controllers/guide-c07-743627.html for other tips.

And check your config with https://cway.cisco.com/wireless-config-analyzer/ using the output of "show tech wireless"

Also see https://www.cisco.com/c/en/us/support/docs/wireless/catalyst-9800-series-wireless-controllers/214749-tac-recommended-ios-xe-builds-for-wirele.html for TAC recommended software versions to use.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: