Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
New Member

AP 1200 VLAN


I have 3 Cisco Access Point 1200 Serie and need to implement 2 VLAN.

The routing inter-vlan is make with a Checkpoint Firewall.

The customer say that he cannot configure DHCP Relay on the CheckPoint Firewall.

Is it possible with CISCO to configure the 3 access point with Dhcp Relay Feature.

My DHCP Server is a Windows 2003 Server on a different VLAN than Wireless VLAN. The DHCP is configure with 2 scope.

A wireless client with SSID1 attach to VLAN 1 must have an IP Address from DHCP Server Scope 1

And a wireless client with SSID2 attach to VLAN 2 must have an IP Address from DHCP Server Scope 2

The Questions

Can i tell to my customer : There is no problem this feature (dhcp relay)

can be implemented on the CISCO Access Point

Thanks for your help


Re: AP 1200 VLAN

Dynamic Host Configuration Protocol (DHCP) client/server support has been extended to allow the user to automatically leverage the DNS, WINS and domain name values obtained by the PIX Firewall DHCP client for use by the hosts served by the DHCP server.

dhcpd auto_config [client_ifx_name]

Syntax Description


Enable PIX Firewall to automatically configure DNS, WINS and domain name values from the DHCP client to the DHCP server.


This optional argument supports only the outside interface at this time. When more interfaces are supported, this argument will specify which interface supports the DHCP auto_config feature.


Re: AP 1200 VLAN

The only answer that comes to mind is to add another NIC / Interface to the DHCP-serving computer; one interface on each VLAN.

Security may be an issue, configure the common machine accordingly.

The APs don't need DHCP Relay ... thay act as (at most) a Layer 2 device and, as such, will pass both the broadcast DHCP requests and the responses.

DHCP relay is needed on the Layer 3 devices (router or L3 switch .. Checkpoint Firewall?!?!?!) because DHCP uses broadcasts to make the address requests.

It is a mechanism to convert the broadcast into a Unicast (traffic directed to a specific address - in this case, the DHCP server) so it can pass through the router(s).

Good Luck


CreatePlease to create content