Wireless LAN Controller 2106 DHCP Problem With AP on different subnet

rhianblock · ‎05-15-2008

Hi Guys,

I have a Cisco 2106 wireless LAN controller with two Cisco access points. I have one in our PA office where the 2106 controller is located and the second is in our NY office. Each office is on its own subnet and the offices are connected by a VPN tunnel. I have primed the New York Access Point and it's technically working as it registers within the web interface of the 2106 LAN Controller. But, the problem is that any user who connects to the NY wireless gets a 10.0.100.xx address and 100.xx gateway of the PA subnet instead of the 10.0.107.xx address they should be receiving.

So the question I have is how can I make users who connect to the Cisco AP in NY receive the proper IP address from their local DHCP server. Things work but it's so slow since they are basically routing down to PA. They should get a 10.0.107.xx address and 10.0.107.1 gateway. I don't need to have a second LAN controller in New York do I?

Thanks in advance for any help you can provide me.

dennischolmes · ‎05-15-2008

I would create a different SSID for each office and use AP grouping to push the client onto a different vlan where the proper scope is broadcasted. You could also use identity based networking to drop the users onto a particular vlan.

rhianblock · ‎05-15-2008

Ideally I would like to keep the same SSID for both locations so users who commute between the two can roam without difficulty as they do currently. I really just need the Cisco access point in NY to use the local DHCP server in their location and I would be all set.

I am a bit confused with what you mean by identity based networking with regards to my arrangement.

Thanks

jeromehenry_2 · ‎05-16-2008

In the logic of the controller based solution, users get their IP address from the DHCP server mentionned in the interface you send them to...

In other words, in the WLAN main tab, you see "interface" (management, or another one you created). Check this name and go to Controller > Interfaces. Edit your interface, by the bottom, DHCP server is where your clients are sent to get thei IP address.

To do what you want, that is DHCP server depends on where you are, not which SSID you associate to, you need to create AP group VLANs... that says: if a user associates to the NY AP on XY SSID, they get DHCP server A. If a user associates to the other AP on the same XY SSID, they get DHCP server B.

TO do that, you need to create 2 interfaces (your controller has an IP in each subnet/VLAN), then 2 groups, NY and Other assign each AP to each group, then send each group to the relevant subinterface and DHCP server.

This might help you:

http://www.cisco.com/en/US/tech/tk722/tk809/technologies_configuration_example09186a008073c723.shtml

Ask if it is not clear enough.

hth

Jerome

rhianblock · ‎05-16-2008

Excellent. This seems like it will work just perfectly for my situation. I'm sure this will be helpful for others too!

jeromehenry_2 · ‎05-16-2008

Glad it helps!

Forgot to precise that, in any case, the DHCP request goes from each AP to the controller (may be via the WAN), then back to whichever DHCP server you use, which might imply crossing the WAN again...

Cheers

Jerome

rhianblock · ‎05-16-2008

Understood. Thanks for the help again