Guest LAN and DHCP Options not passing through

Unanswered Question
Feb 24th, 2010

Managed to get the Guest LAN up and running for wired clients and all's working well.  Users are sat behind a proxy and if I force the use of a appropriate wpad file I can get the WLC auth to happen and then push off to the proxy.


I'm trying to use option 252 in DHCP to present the WPAD url.  Only issue that happens is that while the DHCP server on the egress interface is handing out addresses to clients on the ingress interface correctly, the WLC doesn't appear to be handing through the option 252 I have set in DHCP.  I've used network monitor to see what the dhcp request process is dishing out in terms of options, and all look good if I'm not behind the WLC.


Anyone know if theres a limitation on the WLC that prevents DHCP options being passed through to the guest LAN?


TIA

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Flavio Boniforti Thu, 10/24/2013 - 05:18

Hello Nathan.

I'm having the same issue.

DHCP is configured on Windows  2008 R2 server and the wired clients do get the correct option 252 as  soon as the browser sends out the DHCP inform packet. WLAN clients do  net receive that info at all (wireshark tells this).


Any help will be much appreciated!


Thanks,

F.

Abhishek Abhishek Thu, 10/24/2013 - 11:41

When configured as a DHCP server, some of the firewalls do not support DHCP requests from a relay agent. The WLC is a relay agent for the client. The firewall configured as a DHCP server ignores these requests. Clients must be directly connected to the firewall and cannot send requests through another relay agent or router. The firewall can work as a simple DHCP server for internal hosts that are directly connected to it. This allows the firewall to maintain its table based on the MAC addresses that are directly connected and that it can see. This is why an attempt to assign addresses from a DHCP relay are not available and the packets are discarded. PIX Firewall has this limitation.


For more information please refer to the link-http://www.cisco.com/en/US/tech/tk722/tk809/technologies_configuration_example09186a008070ba8f.shtml

Actions

This Discussion

Related Content