DHCP Opt 43 & 60 support

Unanswered Question
Jun 27th, 2008

Hello all,

I am trying to provide DHCP services to Cisco 1242AG APs via the PIX firewall.

Does anyone know if the PIX 515 with IOS version 6.3(4) supports the proper syntax for DHCP option 43 and 60.

Although I enter option 43 with dotted notation, the firewall strips out the delimiters.

On option 60 when trying to input "Cisco AP c1240", the firewall does not like quotes or spaces.

Is there a work around to creating these options in the proper syntax?

TIA,

Mike

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Scott Fella Fri, 06/27/2008 - 08:36

I believe the PIX only supports dhcpd option 66 and option 150.

http://www.cisco.com/en/US/docs/security/pix/pix62/command/reference/df.html#wp1025497

You don't need this option if you stage the ap prior. Once the ap's join a wlc, they will know of all the other wlc iconfigured in the mobility group. If you are staging, then either use dns or put the ap's on the same vlan as the WLC. Then you can move then to whatever subnet you wish.

9mmurphy Fri, 06/27/2008 - 14:12

Thanks for the suggestion, but the support requirement is to be able to ship the APs to the remote site unconfigured and have them learn and join the network automatically. That rules out staging them prior to shipment.

The one suggestion that I have received is to allow DHCP to provide everything but the WLC information and use DNS to let them discover the controllers.

My question there is, we will have three or more contollers in the data center, if they are all part of one mobility group, can I enter one WLC IP into DNS and have the mobility group push APs over to another contoller once the license count is full on the first?

TIA

Scott Fella Fri, 06/27/2008 - 15:13

You want to set the primary, secondary and or tertiary wlc on the ap after the device joins a wlc. Even though you have the mobility group set, that doesn't tell the ap to move over to another ap. You want to define what ap's should go where. you want to make sure users aren't doing so much intercontroller roaming. You want all ap's on a floor or building to be on the same controller. If you set dns to one of the wlc's and that wlc is maxed out, that ap will not join any wlc.

dbuttry Fri, 06/27/2008 - 19:40

You say to avoid intercontroller roaming....I was told that I should "salt & pepper" my APs with different controllers so that if one controller goes down or I upgrade code on one, the other APs stay up on the floor. I am starting to roll out 300 APs with 6 4404s and I have it laid out so that no two neighbor APs are on the same controller. What ill effects am I going to experience with this layout? I will be using VOIP. Please point me to any documents describing why I shouldnt do this. Thanks much for the info!!

Scott Fella Fri, 06/27/2008 - 21:23

I hate to say, but that is a bad design. Back around two or three years ago when Cisco just bought Aerospace, that was and option for a design. Now it is best practice to avoid that.... especially with voice. What I have done is break up the floors to a wlc. Like if you had 6 floors, wlc would handle floor 1 & 2, wlc 2 floor 3 & 4, wlc 3 floor 5 & 6. If you don't thinks this is a good idea, try to find a doc now that tells you to do a salt n pepper design. its up to you though, just giving you my opinion.

You should start a new thread just to get more feedback before your rollout. Title it Salt & Pepper design for voice. It is a good topic.

dbuttry Sat, 06/28/2008 - 03:54

Thank you for the feedback. I went to a class last year and this is what the instructor told me to do. Its easy enough to change with WCS and I'm glad I'm hearing this now with only about 20% of my APs deployed. I will start a new topic. Thanks again.

Actions

This Discussion

 

 

Trending Topics: Other Wireless Mobility

client could not be authenticated
Network Analysis Module (NAM) Products
Cisco 6500 nam
reason 440 driver failure
Cisco password cracker
Cisco Wireless mode