WLC 2100 and DHCP strange issue.

Answered Question
Jan 13th, 2012


   i have this scenario: 1 WLC 2100 and two LW AP 3500 connected. If the access points are connected via external switch evrything works well - AP and Clients get IP address from external DHCP and this is ok but when im connecting AP 3500 directly to one of ports on WLC i need to chceck in controller web Controller -> Advanced -> DHCP -> Enable DHCP proxy - after that AP get IP addres and clients get too but ip is assigned from external dhcp but the gateway is set as controller IP address (!!!) so clients not works. I want to configure access points connected directly do WLC.

I have small setup and i have configured all in the one vlan - management dla users are in the same vlan.

And the second is - for what usage is internal DHCP server - and how to use it?

Correct Answer by Scott Fella about 5 years 1 month ago

Just to add to Stephen's post. Here is a good doc that explians not to use the ports on the back of the 2106.



  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Stephen Rodriguez Sat, 01/14/2012 - 04:30


There are issues with the arp code in the 2106/2504 that make plugging an AP into the ports on the back of these devices a bad idea.

The DHCP server in the WLC is for clients to get an ip address. And yes it does work but you only have limited configuration you can do on its DHCP config. Only network, gw, and DNA no advanced options.

For the last point. You're saying that when the AP is connected to the back of the WLC, the client gets an address from your externalmdhcp server, but the gw is the WLC? That's not one I've seen before. The server should be listed as the virtual IP, but I've never seen the WLC change the gw in the dhcp request.


Sent from Cisco Technical Support iPad App

adam.rybak Sat, 01/14/2012 - 06:37

When "Enable DHCP Proxy" is not enabled tha LW AP 3500 cannot get IP address if it is connected directly to LWC... when i add this option then on both LW AP 3500 - one connected to WLC and second directly to switch give me DHCP address from external DHCP but gateway sets as LWC management IP.

I made test - connected client witout "Enable DHCP Proxy":

Client IP (correct in dhcp server logs), default GW (correct gateway for this DHCP) correct dnses and in windws ipconfig i see "Server DHCP" all is correct.

Disconnected client and clicked "Enable DHCP Proxy":

Client IP (correct in dhcp server logs), default GW incorrect gateway - ip of WLC management interface) correct dnses and in windws  ipconfig i see "Server DHCP" that shows that WLC modified DHCP packets... but what it try to set default GW as WLC?

WLC data:

Software Version7.0.98.0

I can attach screenshots and any other configutation if you need.

Stephen Rodriguez Sat, 01/14/2012 - 06:41

the proxy behavior you are seeing is correct. For the ap to get dhcp when it is connected to the WLC or for a client to get DHCP from the WLC proxy needs to be enabled.

If you can I'd leave the AP on the switch instead of the back of the WLC. If you do that you can disable proxy and put an ip helper at the SVI if needed. Then DHCP flows As a broadcast

Sent from Cisco Technical Support iPhone App

adam.rybak Sat, 01/14/2012 - 08:20

Thanks, i was reading this when i was trying to find my answers before post...

It is strange behavior that all traffic will go tru one 100mbit port from two access points...

Is the sense for runing Local HREAP mode on local network enviroment for bypassing traffic from controller?

Scott Fella Sat, 01/14/2012 - 08:37

Some people will do it that way to utilize the AP gigabit port if the AP has a gigabit port. It depends on your traffic though. For small installs you can still tunnel traffic back to the wlc. Just monitor the switch port and make sure the utilization isn't peaking.


Scott Fella

Sent from my iPhone

adam.rybak Sat, 01/14/2012 - 08:57

Many thanks for your help. I will monitor port and well see if there is LOCAL HREAP needed.

Assigning WLC management ip as getaway is bug on dhcp proxy on internal ports - yes?

Scott Fella Sat, 01/14/2012 - 08:59

Never use the wlc management ip as the gateway. The gateway is always your L3 interface.

adam.rybak Sat, 01/14/2012 - 12:31

Missunderstanding from you. i dont use. There is a bug in DHCP PROXY mode - WLC gives as gateway WLC management ip rather than  GATEWAY IP associated from external DHCP.

Scott Fella Sat, 01/14/2012 - 12:37

Sorry.... I didn't read that part:)

Sent from Cisco Technical Support iPhone App

Stephen Rodriguez Sat, 01/14/2012 - 14:24

It could be a bug, but not one I've heard of. I've never seen the WLC change Thacker that came from an external deco server before. If you think think that is happening you should open a TAC case so they can file a defect to correct this behavior.


Sent from Cisco Technical Support iPad App


This Discussion

Related Content