DHCP not getting on Anchor (DMZ) controller

Unanswered Question
Jan 14th, 2009
User Badges:

Hi Have Local/Anchor controller deployment with code 5.1.x running.

Anchor controller (in DMZ) is configured for DHCP server and enabled. I have mobility anchor configured and both Data & Controller paths are UP and more over eping/mping work on both devices.

When enabling debug on DHCP I have the attached output. The issue is that users are not able to get IP from DHCP server configured locally on Anchor(DMZ) controller.

Juniper firewall is placed between DMZ and Inside and the required ports have been opened.

Can someone advise me why I'm not able to get IP from DMZ controller ?

Debug output on both local controller and anchor (DMZ) controller are attached.

thanks in advance.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Stephen Rodriguez Wed, 01/14/2009 - 14:45
User Badges:
  • Purple, 4500 points or more

can you attach the show run-config? Make sure it's the show run-config and NOT! the show running-config

wesleyterry Wed, 01/14/2009 - 17:02
User Badges:
  • Bronze, 100 points or more

*Jan 14 00:41:53.509: 00:13:02:43:f9:d3 mmAnchorExportRcv: WLAN QIB_GUEST policy mismatch between controllers, WLAN QIB_GUEST not found, or WLAN disabled. Ignore ExportAnchor mobility msg. Delete client.

I'm assuming this debug is for the client in question.

When I've had problems with my Guest anchoring, it has always come from the configurations on the two controllers not being IDENTICAL. As in, even the slightest mismatch in the two WLANs has caused my problem.

For example, I would make sure that the WLAN on your local controller is configured EXACTLY like the DMZ, from the dhcp options to the encryption options, even the session timeout to exclusion times.

The bottom line is that this debug says the policies don't match (since I am assuming the wlan is configured on both controllers, and that the wlans are no disabled).

As the other user suggested, the run-config from each controller would be nice to see, but the problem may be as simple as one overlooked value not being identical...

(I am speaking from my experience with 4.1 though.... but I bet the same behavior is in 5)


This Discussion



Trending Topics: Other Wireless Mobility

client could not be authenticated
Network Analysis Module (NAM) Products
Cisco 6500 nam
reason 440 driver failure
Cisco password cracker
Cisco Wireless mode