Managed to get the Guest LAN up and running for wired clients and all's working well. Users are sat behind a proxy and if I force the use of a appropriate wpad file I can get the WLC auth to happen and then push off to the proxy.
I'm trying to use option 252 in DHCP to present the WPAD url. Only issue that happens is that while the DHCP server on the egress interface is handing out addresses to clients on the ingress interface correctly, the WLC doesn't appear to be handing through the option 252 I have set in DHCP. I've used network monitor to see what the dhcp request process is dishing out in terms of options, and all look good if I'm not behind the WLC.
Anyone know if theres a limitation on the WLC that prevents DHCP options being passed through to the guest LAN?
DHCP is configured on Windows 2008 R2 server and the wired clients do get the correct option 252 as soon as the browser sends out the DHCP inform packet. WLAN clients do net receive that info at all (wireshark tells this).
When configured as a DHCP server, some of the firewalls do not support DHCP requests from a relay agent. The WLC is a relay agent for the client. The firewall configured as a DHCP server ignores these requests. Clients must be directly connected to the firewall and cannot send requests through another relay agent or router. The firewall can work as a simple DHCP server for internal hosts that are directly connected to it. This allows the firewall to maintain its table based on the MAC addresses that are directly connected and that it can see. This is why an attempt to assign addresses from a DHCP relay are not available and the packets are discarded. PIX Firewall has this limitation.
Transferring Crash file from standby:
Login to the Active WLC in HA.
(Cisco Controller) >transfer upload datatype crash
(Cisco Controller) >transfer upload filename <Desired filename>
(Cisco Controller) >transfer up...
This is the start of a display filter cross reference between Wireshark and OmniPeek.
The 1st installment is a table of advanced filters. More filters will be added as time allows.
It is a living doc, so check back for changes every so often
Please feel ...
I have created a Powershell script to automatically add a Wireless Guest User on Cisco WLCs. (tested on 2500 Series)
The script should be completely self explanatory.
Powershell SNMP Module (Install-Module -Name SNMP)
SNMP Write Access to...