Clients not getting DHCP - WiSM over L3

Answered Question
Mar 10th, 2009

THE SCENARIO

The customer has a controller located in Location A with IP scheme 10.56.X.X/24 There is a LAP located in Location B with IP scheme 10.32.X.X/24. There is a central DHCP server that assigns IP addresses to the customer equipment/clients. The LAP is succesfully registered on the controller and assigned an IP via DHCP.

Clients in Location A are assigned an IP from the DHCP scope defined for that area (10.56.x.x). Likewise clients in Location B are served by the DHCP scope in its own area. There is Layer 3 reachability between the two locations and to the DHCP server.

THE PROBLEM

A client in Location B wants to join over the AP located in its location to the controller present in Location A. However the client wants an IP address from the DHCP scope defined for Location B since it is physically present in that location. Attempts by the client to gain said IP are unsuccessful (client is given a 169.X.X.X address when using a dynamic interface with a VLAN id and IP from location B). The client can however successfully negotiate and get an IP from Location A (client is given a 10.56.X.X using a dynamic interface with VLAN and IP from location A). This behavior is unwanted because we want client IPs to reflect their physical point of presence.

OUR REQUIREMENT

Client in location A gets an IP from DHCP scope defined for location A (irrespective of controller location)

Client in location B gets an IP from DHCP scope defined for location B (irrespective of controller location)

.

.

etc

.

I have my theories on why its probably not working, then again I have just as many saying it should work just fine. Been racking my brains trying to figure out whats wrong ...

Any ideas ?

-Stumped.

I have this problem too.
0 votes
Correct Answer by Scott Fella about 7 years 8 months ago

You have two sites, SiteA and SiteB. SiteA is where the WLC resides and SiteB is considered a remote site. In order to have users obtain a DHCP form SiteB, you need to configure the LAP's to H-REAP and not local, which you have now.

You have to remember, that in local mode, all the traffic tunnels back to the WLC and egress out the gig ports onto the local LAN is is connected to. So when a user in SiteB associate to an ssid and gets tunneled back, you need to dump them into a vlan on SiteA.... means you hneed to have a dynamic interface on that vlan.... so it is not possible to have the wlc dynamic interface on a subnet that does not rreside in the local network. This is why dhcp is not working.... If you create a subnet on SiteA just for users on SiteB and then create a dynamic interface on that subnet and a DHCP scope, users on SiteB will be able to obtain an IP Address and then would have to route back to SiteB for any local network services they need.

H-REAP allows you to drop off the users locally on SiteB and if they require any central network services, they will just route back just like any wired devices in SiteB.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (2 ratings)
Loading.
SJessulat_2 Wed, 03/11/2009 - 06:21

Hi,

do you use a separate SSID/VLAN for Location B?

If so, is this VLAN available on the WLC and on the trunk to the WLC.

Because all the Traffic from WLAN-Clients exit on the WLC, resp. its connection to the LAN at Location A (Unless you have HREAPs deployed at Location B, which can let the traffic break out locally).

Could you maybe provide a VLAN-overview of your deployment?

Greets,

Sebastian

tekjansen101 Wed, 03/11/2009 - 22:01

Yes! HREAP solved the problem! Thanks for the suggestion! I really should have paid more attention in wireless class...

Leo Laohoo Wed, 03/11/2009 - 15:00

Just curious, but why is AP located in site "B" joined to WLC in "A"?

What FW are both WLC running on?

tekjansen101 Wed, 03/11/2009 - 21:59

Hello...

There is no firewall. We are the telco and own the WAN links. Plus this is all over inter-city DWDM and we aren't using any external networks thus no FWs.

This is just this telco's whacky design. You should see some of the things they have configured here (ACLs in the backbone !).

Sometimes I want to cry.

Correct Answer
Scott Fella Wed, 03/11/2009 - 19:06

You have two sites, SiteA and SiteB. SiteA is where the WLC resides and SiteB is considered a remote site. In order to have users obtain a DHCP form SiteB, you need to configure the LAP's to H-REAP and not local, which you have now.

You have to remember, that in local mode, all the traffic tunnels back to the WLC and egress out the gig ports onto the local LAN is is connected to. So when a user in SiteB associate to an ssid and gets tunneled back, you need to dump them into a vlan on SiteA.... means you hneed to have a dynamic interface on that vlan.... so it is not possible to have the wlc dynamic interface on a subnet that does not rreside in the local network. This is why dhcp is not working.... If you create a subnet on SiteA just for users on SiteB and then create a dynamic interface on that subnet and a DHCP scope, users on SiteB will be able to obtain an IP Address and then would have to route back to SiteB for any local network services they need.

H-REAP allows you to drop off the users locally on SiteB and if they require any central network services, they will just route back just like any wired devices in SiteB.

tekjansen101 Wed, 03/11/2009 - 21:42

H-REAP !!!

Perfect! Thats exactly what the doctor called for. The thing with our scenario is that we have the same vlans exist in multiple site (A and B and C so on ...) each configured with their own site IP and theres a lot of other really messed up things going on here which i don't wanna delve into, but H-REAP is exactly what we were looking for (authentication control is tunneled, everything else is switched locally).

Thanks again !

Actions

This Discussion

 

 

Trending Topics: Other Wireless Mobility

client could not be authenticated
Network Analysis Module (NAM) Products
Cisco 6500 nam
reason 440 driver failure
Cisco password cracker
Cisco Wireless mode