Solved: WLC guest WLAN 'override' DHCP server?

the-lebowski · ‎05-24-2013

Hi

I have (2) WLANs, one for employee's and one for guests. Right now the employee WLAN uses an external DHCP server with IP 10.10.10.10 and has DHCP override checked with 10.10.10.10 specified as the IP.

The guest WLAN was simply using the WLC as DHCP. I want to change DHCP on the guest WLAN to differnet external server. First I tried to do it via WLANS> Edit > Guest > Advanced and ticked "DHCP Server" overrirde, entered 10.10.20.253 and hit apply. It tells me "the following errors occurred while updating the WLAN: Please specify a valid DHCP Server IP Address." If I enter 10.10.10.10 (identical to employee WLAN) it allows me to save it.

In the end I added 10.10.20.253 as the DHCP server on the guest interface as well as well as added an ip helper-address 10.10.20.253 to the guest VLAN on the router itself. I cannot test this as this WLC is remote but just wanted to know if I could point WLANs at different external DHCP servers and what purpose the DHCP override servers?

David Watkins · ‎05-24-2013

If DHCP Proxy is still enabled (since you "were" offering DHCP from the internal DHCP server on the WLC), it's possible the WLAN config is only letting you override with a DHCP server defined on one of the interfaces. That's not my understanding of how it should work, but it doesn't make sense that you can add the other DHCP server but not the external you want to use for Guest. My only other thought is that the address you're adding conflicts with a dynamic interface address on the WLC.

If you're not using DHCP internally on the WLC, i would suggest you disable DHCP proxy. Before doing so, you want to make sure you have ip helper-address pointing to your DHCP server on all the L3 interfaces for each WLC dynamic interface.

With proxy disabled, you do not need DHCP servers defined on your interface or override defined on the WLAN. It will simply bridge the DHCP traffic to the respective VLAN the interface is configured to talk on.

Based on what you've described by adding the DHCP server to the interface, and the idea you probably have DHCP proxy still enabled from offering DHCP internally on the WLC prior, this should work just fine. You wouldn't even need the ip-helper on the guest l3 interface, as proxy will unicast to the defined DHCP server on the guest interface of the WLC.

View solution in original post

David Watkins · ‎05-24-2013

If DHCP Proxy is still enabled (since you "were" offering DHCP from the internal DHCP server on the WLC), it's possible the WLAN config is only letting you override with a DHCP server defined on one of the interfaces. That's not my understanding of how it should work, but it doesn't make sense that you can add the other DHCP server but not the external you want to use for Guest. My only other thought is that the address you're adding conflicts with a dynamic interface address on the WLC.

If you're not using DHCP internally on the WLC, i would suggest you disable DHCP proxy. Before doing so, you want to make sure you have ip helper-address pointing to your DHCP server on all the L3 interfaces for each WLC dynamic interface.

With proxy disabled, you do not need DHCP servers defined on your interface or override defined on the WLAN. It will simply bridge the DHCP traffic to the respective VLAN the interface is configured to talk on.

Based on what you've described by adding the DHCP server to the interface, and the idea you probably have DHCP proxy still enabled from offering DHCP internally on the WLC prior, this should work just fine. You wouldn't even need the ip-helper on the guest l3 interface, as proxy will unicast to the defined DHCP server on the guest interface of the WLC.

the-lebowski · ‎05-24-2013

RIght now the employee WLAN gets DHCP externally with override checked. The guest WLAN and the ap get it from the WLC itself. I would think I would could override the guest WLAN with a differenent external DHCP server but it appears that I cannot.

Will have a user test and see if it works.

Thanks man.

the-lebowski · ‎05-28-2013

Confirmed that this works, although I wasn't able to check DHCP overrirde simply pointing DHCP via the interface to an external DHCP server (and using IP helper-address) allowed this to work. DHCP proxy is still enabled.

Thanks for your help.