Re: wlan and dhcp

networksavvy · ‎01-10-2006

I have a 871w router up and running with dhcp on the router for vlan 1 assigning 10.1.5 addresses to cabled clients. I also have the nating working correctly for the outside interface and VPN working correctly as well. I can't get dhcp working on the wlan interface. The clients can see k-wirless ssid, but cannot connect to it. I have gotten them to connect successfully but they are not getting a 10.1.5 address, but a 169 instead. I have also removed the subinterface in this example and tried some other suggestions on this forum so the bridge 1 commands are not the wizard defaults. Any help would be greatly appreciated!

m.singer · ‎01-17-2006

To configure WLANs, activate them, assign the WLANs to a DHCP server, and assign WLANs to VLANs, follow the steps below.

SUMMARY STEPS

1. configure interface create interface_name vlan-id

2. configure interface address ap-manager IP_address netmask gateway

3. configure wlan create wlan_id wlan_name

4. configure wlan interface wlan_id

5. configure dhcp address-pool

6. configure interface dhcp ap-manager server1 [server2] management server1 [server2]

7. configure wlan security 802.1x enable | disable | encryption wlan_id

http://www.cisco.com/univercd/cc/td/doc/product/software/ios124/124newft/124limit/124x/124xa2/boxernm.htm

jdewberr · ‎01-18-2006

Hi,

In looking at your config, you are not bridging the Dot11Radio0 interface to anything w/an ip address.

I had this case earlier in the AM. You would want to make the following configs:

===at global===

bridge irb

bridge 1 route ip

bridge 1 protocol ieee

===interface config changes===

interface vlan1

no ip address

no ip ip nat inside

no ip virtual-reassembly

no ip tcp adjust-mss 1452 address

bridge-group1

!

interface BVI1

ip address 10.1.5.1 255.255.255.0

ip nat inside

ip virtual-reassembly

ip tcp adjust-mss 1452

!

troubleshoot this with

debug ip dhcp server packet

networksavvy · ‎01-24-2006

This sounds like exactly what I need. Only problem is - I have VLAN1 clients that are wired Nat'ing to get internet connection to the WAN interface... as soon as I remove the IP address from VLAN1, they go down :( Any way around this?

Thanks

ssimonss · ‎01-25-2006

Previous posts do suggest the correct action - adding briding to your wireless VLAN. If this does not work

out for you, you could always define your wieless network as a separate routed interface. In this case you might want to add:

!====

!

interface Dot11Radio0

ip address 10.1.6.0 255.255.255.0

ip nat inside !<<< NOTE >>>> need NAT inside here

!

ssid K-Wireless

no vlan 1!!!!!! <<<< NOTE >>>> vlan assign removed

authentication open

guest-mode

!

! ....

!

! ...and a new DHCP pool

!

ip dhcp pool K-wireless-client

network 10.0.6.0 255.255.255.0

default-router 10.0.6.1

domain-name humhum.com

dns-server x.x.x.30 x.x.x.y

!

! ...and optionally an exclude(or two) for DHCP

! to provide some room for the wireless print server

! etc.

!

ip dhcp excluded-address 10.1.5.1 10.1.5.9

ip dhcp excluded-address 10.1.6.1 10.1.6.9

!

=====

With my suggested changes above you would also have to remove any bridging configuration that you have added.

If multiple wired VLANs are required this has implications to the software required(adv sec will not handle multiple VLANs). Multiple Wired Vlans are supported only with the Advanced IP services and Advanced Enterprise services images.

But multiple wireless vlans are supported with base image itself ie Advanced Security image. Wired Vlan (Vlan1) and the wireless Vlans are totally different entities and they are completely unrelated.

Cheers /Sven