×

Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

Wireless client cannot connect to wlan

Answered Question
Feb 24th, 2014
User Badges:

Hi Guys


I'm configuring an WLC 5508 with 3702 APs, but I am not able to connect wireless client to wlan, it seems like DHCP is not working, because the client is not able to get an IP address (I've configured the DHCP server on Cisco Router). I've configured the Dynamic Interface (120) for Guest Users in WLC as follow:


SSID: Guest-Users

Interface Name: Guest-Users

VLAN Identifier: 120

IP Address: 10.1.10.254

Netmask: 255.255.255.0

Gateway: 10.1.10.1


The wlan (Guest-Users) is mapped to VLAN 120 and has no any security policies


This is the Router Configuration for Lab purpose


!

ip dhcp pool Test-Guest-Users

import all

network 10.1.10.0 255.255.255.0

default-router 10.1.10.1

dns-server 10.1.10.1

!

!        

interface GigabitEthernet0/1.100

encapsulation dot1Q 100 native

ip address 10.1.7.1 255.255.255.0

!

interface GigabitEthernet0/1.120

description ### Test Guest Users ###

encapsulation dot1Q 120

ip address 10.1.10.1 255.255.255.0

!


This is the swtich configuration


!

interface GigabitEthernet1/0/46

description ### Link to AP ###

switchport access vlan 100

switchport mode access

!

!

interface GigabitEthernet1/0/47

description ### Link to WLC ###

switchport trunk native vlan 100

switchport trunk allowed vlan 100,110,111,120,130,131,140

switchport mode trunk

!

!

interface GigabitEthernet1/0/48

description ### Link to Router ###

switchport trunk native vlan 100

switchport trunk allowed vlan 100,110,111,120,130,131,140

switchport mode trunk

!


Hope any suggestions

Thanks

Marcelo

Correct Answer by Scott Fella about 3 years 5 months ago

Well if you can use a static and it works, then if you use the WLC as the internal DHCP, then you must have something configured wrong. First when using an internal DHCP, you need to make sure you have DHCP proxy enabled. Second, in the dynamic interface you created, you need to define the primary DHCP server as the WLC management IP.

Give that a try.

Sent from Cisco Technical Support iPhone App

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Scott Fella Mon, 02/24/2014 - 14:26
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    The Hall of Fame designation is a lifetime achievement award based on significant overall achievements in the community. 

  • Cisco Designated VIP,

    2017 Wireless

If you connect a wired machine on the switch assigned to access Vlan 120, does the device get an address? Let's make sure that works first. Connect the laptop to the same switch the WLC is connected to.

Sent from Cisco Technical Support iPhone App

maucapina Mon, 02/24/2014 - 15:21
User Badges:

Hi Scott

I have not done exactly that test, but I tested by assign a static IP address to the laptop and I am able to connect to the wireless network. I also tried by configuring DHCP server locally on WLC, but does not work as well.


What other thing could be the root cause for you?



Thanks,

Marcelo

Correct Answer
Scott Fella Mon, 02/24/2014 - 19:10
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    The Hall of Fame designation is a lifetime achievement award based on significant overall achievements in the community. 

  • Cisco Designated VIP,

    2017 Wireless

Well if you can use a static and it works, then if you use the WLC as the internal DHCP, then you must have something configured wrong. First when using an internal DHCP, you need to make sure you have DHCP proxy enabled. Second, in the dynamic interface you created, you need to define the primary DHCP server as the WLC management IP.

Give that a try.

Sent from Cisco Technical Support iPhone App

maucapina Tue, 02/25/2014 - 20:17
User Badges:

Thanks Scott

DHCP proxy was enabled, but I made an error while I defined the primary DHCP server as the WLC management IP. Also I've configured an external DHCP and does work fine now.


Marcelo

Scott Fella Wed, 02/26/2014 - 04:56
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    The Hall of Fame designation is a lifetime achievement award based on significant overall achievements in the community. 

  • Cisco Designated VIP,

    2017 Wireless

Glad you got it working!

Sent from Cisco Technical Support iPhone App

Leo Laohoo Mon, 02/24/2014 - 19:24
User Badges:
  • Super Gold, 25000 points or more
  • Hall of Fame,

    The Hall of Fame designation is a lifetime achievement award based on significant overall achievements in the community. 

  • Cisco Designated VIP,

    2017 LAN, Wireless

Are you sure you don't have any DHCP starvation?


Your configuration does not have any DHCP IP exclude statements.  Next, your DHCP pool does not have a lease time. 

Florin Barhala Sun, 03/02/2014 - 02:57
User Badges:
  • Bronze, 100 points or more

Hi Leo,


What are the solution when facing a DHCP starvation attack over several Access Points?

I thought of ip dhcp snooping limit but I believe this end up by limiting legitimate requests too.


Simply enabling DHCP Snooping on the affected Vlan should decline additional requests coming with different chaddr values from the same source MAC address of the attacker?


Thanks in advance!

Actions

This Discussion

Related Content

 

 

Trending Topics: Other Wireless Mobility

client could not be authenticated
Network Analysis Module (NAM) Products
Cisco 6500 nam
reason 440 driver failure
Cisco password cracker
Cisco Wireless mode