WLC DHCP Proxy Question

Unanswered Question
Nov 12th, 2009
User Badges:

Hi there,


I have a question with respect to DHCP Proxy to an external DHCP server.


Is it possible to force the DHCP proxy to use the Management Interface as the source for all DHCP requests?


My Wireless setup has all the dynamic wireless VLAN's going straight into a "dirty firewall" which then allows internet access etc.


I therefore don't want to place my DHCP server alongside this firewall.


The management interface of the WLC is connected to our internal management network where there is a DHCP server already (behind a L3 router).


How can I setup the WLAN's and Interfaces so that when a client requests a DHCP address the WLC forwards it to the DHCP server on the management network via the management interface?


Thanks

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Scott Fella Fri, 11/13/2009 - 07:13
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    The Hall of Fame designation is a lifetime achievement award based on significant overall achievements in the community. 

  • Cisco Designated VIP,

    2017 Wireless

DHCP Proxy uses the VIP and not the management IP of the WLC. Is one of the WLC ports connected to your internal network and the other port connected to the FW? Again with DHCP Proxy enabled, traffic will flow to your internal DHCP server as long as you have all the dhcp server address configured on the interfaces and have ip helper-address setup on the L3 interfaces.


Here is a doc regarding DHCP Proxy:


http://www.cisco.com/en/US/products/ps6366/products_tech_note09186a0080af5d13.shtml#DHCP-Proxy


Mike Bailey Mon, 11/16/2009 - 02:13
User Badges:

What I have is a WLC 5508 with:


Port 1 facing my "corporate" network

Port 2 facing my "internet" firewall


The Access Points are on the "corporate" network and use CAPWAP to an AP Manager interface defined on Port 1.


Guest WLAN's and non corporate WLAN's exit on a VLAN on port 2 straight into the internet firewall.


I don't therefore want to forward my DHCP packet out the VIP of the VLAN as it hits the Internet firewall and goes no-where. I want to send DHCP packets out of the management interface and back into the Corporate network where there are existing DHCP servers.


Cheers

Actions

This Discussion

 

 

Trending Topics: Other Wireless Mobility

client could not be authenticated
Network Analysis Module (NAM) Products
Cisco 6500 nam
reason 440 driver failure
Cisco password cracker
Cisco Wireless mode