cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1072
Views
0
Helpful
10
Replies

DCHP requests blocked inside VLAN

Damir Reic
Level 1
Level 1

Hi,

i have several cisco 3500XL switches with trunking. I created a VLAN lets say 20 which purpose is for wireless clients. I installed wireless controller with 4 APs and controllers sees all 4 APs. Controller is also DCHP server. When wireless client authenticates it's DCHP requests in not getting to DHCP server (controller). If i connect all equipment in non managed switch everything works. What could be the problem? Thanks!

10 Replies 10

Reza Sharifi
Hall of Fame
Hall of Fame

Can you post the switch config

Are the APs connected to the switch via trunks?

AP's are connected over trunk ports, i am not currently at the locaiton wher switches are but what i did is this:

conf t

interface gigabitethernet 0/12

switchport access vlan 20

spanning-tree portfast 

no shut

exit

exit

write memory

Ports are configured like that and vlan is allowed over trunk also. Aside from that i didn't make any other changes. Thx!

Is the DHCP server in another VLAN ? if so then you'll have to use ip helper-address x.x.x.x   under the SVI where x.x.x.x is the ip address of dhcp server.Also make sure dhcp service is enabled for the relay: service dhcp command

Regards.

Alain.

Don't forget to rate helpful posts.

Don't forget to rate helpful posts.

DHCP server is inside same VLAN that is what is confusing me why this isn't working.

Could you post the config from switch where AP is not getting IP as well as a diagram of your network.

Regards.

Alain.

Don't forget to rate helpful posts.

Don't forget to rate helpful posts.

AP gets the IP from the wireless controller, but wireless client that authenticates on AP isn't getting IP. Hmm maybe problem lies inside wireless controller since it has ability to have multiple virutal SIDS on it. Could be that they also have their own VLAN that i have to pass over switch imo.

Damir Reic wrote:

AP's are connected over trunk ports, i am not currently at the locaiton wher switches are but what i did is this:

conf t

interface gigabitethernet 0/12

switchport access vlan 20

spanning-tree portfast 

no shut

exit

exit

write memory

Ports are configured like that and vlan is allowed over trunk also. Aside from that i didn't make any other changes. Thx!


Hello ,

Is WLC interface is configued with trunk allwoing the AP vla, if not then ishoudl be allowed ...check for WLC interfaces for trunk conguration.

Hope to Help !!

---Ganesh

Unfortunatley it's Sonicwall WLC and sonicwall APs , will have to check the configuration on it.

EDIT:

In case someone faces same problem.

http://www.fuzeqna.com/sonicwallkb/consumer/kbdetail.asp?kbid=5133

SCC_Sanctuary#sh run

Building configuration...

Current configuration:

!

version 12.0

no service pad

service timestamps debug uptime

service timestamps log uptime

service password-encryption

!

hostname SCC_Sanctuary

!

enable password 7 112A1016141D

!

username global privilege 15 password 7 045C5A560D201D0D2A2D54

username stockdale privilege 15 password 7 113A0D0A14195A5F51

!

!

!

!

!

ip subnet-zero

!

!

!

interface FastEthernet0/1

switchport access vlan 20

spanning-tree portfast

!

interface FastEthernet0/2

!

interface FastEthernet0/3

!

interface FastEthernet0/4

!

interface FastEthernet0/5

!

interface FastEthernet0/6

!

interface FastEthernet0/7

!

interface FastEthernet0/8

!

interface FastEthernet0/9

!

interface FastEthernet0/10

!

interface FastEthernet0/11

switchport trunk encapsulation dot1q

switchport mode trunk

switchport voice vlan 10

!

interface FastEthernet0/12

switchport trunk encapsulation dot1q

switchport mode trunk

switchport voice vlan 10

!

interface FastEthernet0/13

!

interface FastEthernet0/14

!

interface FastEthernet0/15

!

interface FastEthernet0/16

!

interface FastEthernet0/17

!

interface FastEthernet0/18

!

interface FastEthernet0/19

!

interface FastEthernet0/20

!

interface FastEthernet0/21

!

interface FastEthernet0/22

!

interface FastEthernet0/23

!

interface FastEthernet0/24

!

interface GigabitEthernet0/1

switchport trunk encapsulation dot1q

switchport mode trunk

!

interface GigabitEthernet0/2

!

interface VLAN1

ip address 10.0.0.246 255.255.255.0

no ip directed-broadcast

no ip route-cache

!

ip default-gateway 10.0.0.254

snmp-server engineID local 0000000902000007EB81D240

snmp-server community private RW

snmp-server community public RO

!

line con 0

transport input none

stopbits 1

line vty 0 4

login local

line vty 5 15

login local

!

end

SCC_Core#   sh run

Building configuration...

Current configuration : 1856 bytes

!

version 12.1

no service pad

service timestamps debug uptime

service timestamps log uptime

service password-encryption

!

hostname SCC_Core

!

enable password 7 0802455D0A16

!

username global privilege 15 password 7 06015E714E4F585A262343

username stockdale privilege 15 password 7 097F5A061A0E46415E

ip subnet-zero

ip routing

!

!

spanning-tree mode pvst

spanning-tree extend system-id

!

!

!

interface GigabitEthernet0/1

switchport trunk encapsulation dot1q

switchport mode trunk

no ip address

!

interface GigabitEthernet0/2

switchport trunk encapsulation dot1q

switchport mode trunk

no ip address

!

interface GigabitEthernet0/3

switchport mode dynamic desirable

no ip address

!

interface GigabitEthernet0/4

switchport trunk encapsulation dot1q

switchport mode trunk

no ip address

!

interface GigabitEthernet0/5

switchport trunk encapsulation dot1q

switchport mode trunk

no ip address

!

interface GigabitEthernet0/6

switchport trunk encapsulation dot1q

switchport mode trunk

no ip address

!

interface GigabitEthernet0/7

switchport trunk encapsulation dot1q

switchport mode trunk

no ip address

!

interface GigabitEthernet0/8

switchport mode dynamic desirable

no ip address

!

interface GigabitEthernet0/9

switchport mode dynamic desirable

no ip address

!

interface GigabitEthernet0/10

switchport mode dynamic desirable

no ip address

!

interface GigabitEthernet0/11

switchport mode dynamic desirable

no ip address

!

interface GigabitEthernet0/12

switchport access vlan 20

switchport mode access

no ip address

!

interface Vlan1

ip address 10.0.0.253 255.255.255.0

!

interface Vlan10

no ip address

ip helper-address 10.0.0.11

!

ip default-gateway 10.0.0.254

ip classless

ip route 0.0.0.0 0.0.0.0 10.0.0.254

ip http server

!

!

snmp-server community scc RO

!

line con 0

line vty 0 4

login local

line vty 5 15

login local

!

end

WLC is connected to Core, AP is on other switch. VLAN 20 is wireless VLAN.

EDIT: i tried plugging laptop on the port where AP is and it didn't get the IP even though DHCP server is running inside VLAN 20. Now i am confused...

This is solution:

http://www.fuzeqna.com/sonicwallkb/consumer/kbdetail.asp?kbid=5133

Looks like sonicwall uses several VLANs..

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco