Wireless Guest Users DHCP issue

Unanswered Question
Apr 22nd, 2010

Dear all

We have 2 wism as well as Anchor controller

Guest users are getting ip address from anchor controller.

We had created DHCP scope on anchor controller itself.

We had opened particular ports to communicate between guest controller and inside controller for EOIP tunneling to take place.

Issue is that some times user is getting IP address in the range of AP management vlan.

Do we require to open ports for bootpc and bootps as well or do we need to create dhcp scope in the switch.

If any one has faced the above issue pls reply me at the earliest.



I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
George Stefanick Thu, 04/22/2010 - 23:00

On your main controllers, your guest SSID is mapped to what wired interface, your managment interface?

George Stefanick Fri, 04/23/2010 - 09:54

Just a guess... if your anchor tunnel goes down and your SSID is tied to your managment interface i would suspect this is why you may get some users on your managment .. just a guess...

weterry Sat, 04/24/2010 - 22:10

If the anchor goes down, or mobility fails, the user should never egress from the Foreign WLC (in my opinion). However, if you are saying that the user gets an IP from the MGMT Interface of the Foreign WLC (not the Anchor), then it is doing exactly what it shouldn't.

What version of code is this?

I've seen a lot of deployments implement a "dummy interface" on the Foreign WLC.  So a fake vlan/subnet is created on the WLC and mapped as the default interface for the Foreign's Guest WLAN.   In the event anchoring does fail and the client sticks to the foreign WLC this dummy interface would actually prevent the user from having network access.

Are you seeing this often?

danishahammed015 Sun, 04/25/2010 - 08:38

Dear Wettery

As you told this is the only option i am seeing.

I will create a dummy interface and map this to guest ssid.

I think this will solve the issue.

Since i have managment vlan and accesspoint vlan on same subnet users may have a chance to get dhcp from acesspoint vlan.

I will update you the status once its done.Also i have latest code 6.0



George Stefanick Sun, 04/25/2010 - 08:45

Yea, i suspect this could be the issue. Right, i mean how else would a client get a management interface ...

danishahammed015 Mon, 04/26/2010 - 01:30

Dear All

I had configured the dummy inteface and i had mapped the Guest ssid with that interface.

But some users are not able to connect sometimes and Sometime they are able to connect.

It will show limited connectivity.

I checked mping and eping its working fine.

The tunnel is not down at all.



danishahammed015 Tue, 04/27/2010 - 07:20

Dear Wettery

I had done this one.I had created a dummy vlan and mapped the guest ssid to this vlan.But now the issue is like sometimes users are not getting ip address.We have 4 internal controllers and one guest controller.We have wireless voice as well.So inorder to take place roaming all the controllers are added each in mobility groups.

now i removed all and added only guest controller in the mobility.

Strange thing is that all the laptops get connected succesfully.Now i need to know wireless phones will have any issue or not.


This Discussion



Trending Topics: Other Wireless Mobility

client could not be authenticated
Network Analysis Module (NAM) Products
Cisco 6500 nam
reason 440 driver failure
Cisco password cracker
Cisco Wireless mode