Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
619
Views
0
Helpful
3
Replies

WLC with DHCP process

aleopoldie
Level 3
Level 3

‎03-13-2016 12:47 PM - edited ‎07-05-2021 04:46 AM

Hello experts,

I have a question regarding the DHCP process when we have a WLC and a firewall.

Let's say we have this design, and the WLC is not the DHCP server, and it is configured as DHCP proxy disabled :

Client - AP - switch - router - Firewall - switch - WLC

When the client will request an IP address, he will broadcast his request, but on the firewall, about the flow we need to open ? We need to open the DHCP request but from which IP address ? The dynamic interface of the SSID or the management interface ?

Is it ok to configure the WLC in DHCP proxy disabled ? As I understand, that means the WLC will not modify the DHCP packet coming from the client

Thank you in advance,

Alex.

Labels:
0 Helpful
3 Replies 3

Scott Fella
Hall of Fame
Hall of Fame

‎03-13-2016 01:23 PM

It's fine to disable dhcp proxy. It's required if you are using the WLC as a dhcp server. The WLC is layer 2, so with dhcp proxy disabled, the request comes from the client not any interface on the controller.  You can sniff that traffic to verify also.  Typically an ip helper is used, so you would define it just like a wired vlan you have.

-Scott

*** Please rate helpful posts ***

-Scott
*** Please rate helpful posts ***
0 Helpful

mohanak
Cisco Employee
Cisco Employee

‎03-13-2016 06:58 PM

When DHCP proxy is disabled on the controller, those DHCP packets transmitted to and from the clients are bridged by the controller without any modification to the IP portion of the packet. Packets received from the client are removed from the CAPWAP tunnel and transmitted on the upstream VLAN. DHCP packets directed to the client are received on the upstream VLAN, converted to 802.11, and transmitted through a CAPWAP tunnel toward the client. As a result, the internal DHCP server cannot be used when DHCP proxy is disabled.

0 Helpful

aleopoldie
Level 3
Level 3
In response to mohanak

‎03-14-2016 01:33 AM

Hello Mohanak, Scott,

Thank you very much for your answers.

I understand the difference between DHCP Proxy enabled and disabled.

But is the DHCP packet going through the WLC even if it's configured in proxy disabled ?

On the firewall, what do we need to open as a source for the process to work ?

Source : Any ?

Destination : DHCP server IP

Regards,

Alex

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card