i have cisco 4006 switch with MSFC i. I have wireless access-point defined 2 SSID one for guists and one for local users i want to guest users connect to internet and DHCP(to get ip address from their scope). every thing is very good before adding the folowing access list on the VLAN interface for guests
access-list 101 permit ip any host 10.x.x.50 [ DHCP ]
access-list 101 permit ip any host 10.x.x.89 [ proxy]
after adding this access-list guist usres cann't get ip address from DHCP server
It would be helpful if we had some more details about what you have done. In particular it would be helpful to know if this was the entire access list and if this access list was applied inbound or outbound on the VLAN interface.
Assuming that this is the entire access list and that it is applied inbound on the VLAN interface, then I think that I know what the issue is. The client request for DHCP is not sent to the address of the DHCP server but is sent to the broadcast address. Since you do not have any permits for the broadcast address then the request never gets to the DHCP server. You need to add a permit that will allow broadcast traffic to get to the DHCP server. If you do not want to open up all broadcast traffic, then you could make the permit specific for UDP with broadcast destination and with the ports needed for DHCP.
Hi everyone, I would like to thank you in advance for any help you can provide a newcomer like myself!
Im studying the 100-105 book by Odom and am currently on the topic of Port security. I purchased a used 2960 and I'm trying to follow a...
While deploying a number of 18xx/2802/3802 model access points (APs), which run AP-COS as their operating platform. It can be observed on some occasions that while many of their access points were able to join the fabric WLC withou...
I am going to design and build an LAN network under a tunnel underground with long distance between the switches.
I will have 2 Catalyst switches and 8 Industrial IE3000, and they will be connected with fiber.
For now I am planning on use Layer-2 s...