H-REAP DHCP issues

Unanswered Question
Mar 5th, 2008

I'm setting up an H-REAP scenario which also uses AP VLAN Groups to map a single SSIDs across a campus to different VLANs at various campus buildings. This will keep the VLANs to a manageable size, as well as keep throttling of uplinks to the rest of the campus to a minimum (80/20 rule). I have three SSIDs with various forms of authentication, namely WPA-PSK on two, and an open guest. Review the attached PNG of my visio layout, and the SSIDs break out in this building as follows:

VLAN 370 - provides IP address to AP and enables L3 back to the controller

VLAN 372 - SSID 1

VLAN 380 - SSID 2

VLAN 392 - SSID 3

All interfaces on the controller go to the DHCP server at on the management VLAN. Here's the problem:

Wireless client on SSID1 - DHCP is OK

Wireless client on SSID2 - DHCP is FAIL

Wireless client on SSID3 - DHCP is FAIL

The DHCP server is Win2k3, and as far as I can tell the scopes are set up properly, no trunks are being pruned, no firewall issues. So how is it that one SSID gets DHCP addresses fine, while the other two on the SAME server don't? To make things easier, I tested by making all SSIDs open authentication with no encryption and it didn't solve the problem. Putting DHCP scopes on the L3-aware 3560 worked.

Any ideas?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Scott Pickles Wed, 03/05/2008 - 11:20

Never mind guys - I found the problem. I've been so heads down with the H-REAP stuff that I forgot something entirely fundamental. I missed configuring the 'ip helper-address' on the two other VLANs.



Hey Scott.

I saw you reply to my post. Thanks.

My query having tried your suggestions and after reading your issue (and reviewing) your diagram is.

Ultimately creating SSIDs on your controller and binding them to interfaces addressed matching the VLANs at site presents issues with using the same SSID at other sites does it not?

I've tried your suggestion and the 802.1x still doesn't appear to work. I can flip my security requirements on my WLANs which proves it is more related to 802.1x and H-reap.

Appreciate if you can provide some details on your controller software and AP's (model/ios version).


Scott Pickles Fri, 03/07/2008 - 10:22


For what I'm doing, since all my APs are in H-REAP mode, I have to go into the WLAN and select H-REAP local switching mode. When you configure the particular AP to map VLANs, any existing centrally switched WLANs are greyed out and cannot be mapped. However, I have read elsewhere that it works in both central and local switching. When I have a minute, I'll track that down for you.




This Discussion



Trending Topics: Other Wireless Mobility

client could not be authenticated
Network Analysis Module (NAM) Products
Cisco 6500 nam
reason 440 driver failure
Cisco password cracker
Cisco Wireless mode