Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

External DHCP on WLC 5508 on both remote site (flexconnect) and local AP's

Dear Experts,

I will be  implementing the design as per the attached diagram. The two sites are around 500 meters apart and are connected through an access port ( not trunk). They cannot be put in trunk as the client will not allow us to.They are routed through EIGRP. Please refer to the diagram attached.

I thought of doing internal DHCP for both remote AP's (flexconnect) and local AP's but I read that internal DHCP servers are not supported when using HA AP SSO on the wlc 5508. Since I'll be using that, there is no point using internal DHCP's.

Now since I'm new to external DHCP connected to controllers, can you please advise me where and how to put the external dhcp's with their respective vlans for both flexconnect site(vlan 235) and local site (vlan203)? Please refer to the diagram to have a clear picture.

Also what configuration will I need to do on the WLC Controller GUI.

You help and assistance would be greatly appreciated.

Please do not hesitate to ask questions for clarification.

Everyone's tags (3)
2 ACCEPTED SOLUTIONS

Accepted Solutions
Cisco Employee

basiclly on the WLC you will

basiclly on the WLC you will have an dedicated interface for network B , in this itnterface you should configured the gateway ip address for the network B.

 

i hope i understand you correctly.

Cisco Employee

first :the option 43 is only

first :the option 43 is only to let the AP to discover the WLC , if you configured the WLC ip manually on the AP or if the AP joined the WLC then no need for opetion 43.

 

second: if the AP is in local mode then how it goes to stand alon mode, this is only happen for flex APs, can you send #show ap config general Cisco_AP ?

 

having the AP and the WLC management interface in different subnets should not make any trouble , but you should have connectivity between them(AP and management interface).

 

can you check on the WLC msglog , if the AP is sending a discovery request to a non-mangement interface ? this could be happen if you isolate the WLC interfaces physicly (assiagn a dedicated interface for a dedicate port on the WLC)

28 REPLIES
Hall of Fame Super Silver

On the WLC interface that the

On the WLC interface that the users will be placed on for local mode, there is a spot to confiure the primary and secondary dhcp servers.  On the remote site, you would use ip helpers on the subnet that wireless clients will be placed on, just like your wired side.  You can disable dhcp proxy on the wlc and use ip helpers also, which I normally would define anyways.  Look at it this way... you define it the same as the wired side:)

-Scott
*** Please rate helpful posts ***
New Member

Currently there is no dhcp

Currently there is no dhcp server. Where should I put the dhcp server? In the acess switches ? What commands will I have to put there apart from dhcp pool and default gateway. Regards Rookie
New Member

As per my understanding since

As per my understanding since we dont have a dhcp server, we can make one on the access switch connecting to the core switch. The core being connected to the WLC. Whats the role of option 42 and 60 ? do i have to put it in the access switch ? and how to get the hex values? Thanks

ip dhcp pool my pool

network 10.1.1.0 /24

default-gateway 10.1.1.1 255.255.255.0

option 43

option 60

 

Hall of Fame Super Silver

The only switch that can be a

The only switch that can be a dhcp server is the switch that has your svi's/layer 3 interface.  This would be your core switch.  Option 43/60 is for access point to discover the WLC.  This is not required for dhcp for wireless clients.  Option 60 is optional and doesn't need to be required.  If your looking at using option 43 for access points, then look at this guide:

http://www.cisco.com/c/en/us/support/docs/wireless-mobility/wireless-lan-wlan/97066-dhcp-option-43.html

-Scott
*** Please rate helpful posts ***
New Member

ok great so ill make a dhcp

ok great so ill make a dhcp server on the switch without the option 43 and 60 since all the clients will be wirelessly connected to the AP. So basically the AP will be connected to the access switch as an access port and will be trunk to the core switch which will have the SVI's. The core will be connected to the WLC.

AP's should get the ip address form the pool defined. Also on the WLC gui side, should i make an interface with the vlan defined for the AP with the default gateway of the SVI on the core right ?

New Member

What about for the AP's

What about for the AP's connected to the remote site via flexconnect? the DHCP server will be on the remote site with the SVI's ? which will then be routed accross the vlan to the WLAN.

Hall of Fame Super Silver

You should have a DHCP server

You should have a DHCP server... what about the wired devices on your network?

-Scott
*** Please rate helpful posts ***
New Member

Well my client doesnt have a

Well my client doesnt have a dhcp server, all static IP's. Whats the best bet if he doesnt have a dhcp server ? make it on the switch connected to the AP ?

Cisco Employee

is the WLAN(s) locally

is the WLAN(s) locally switched or centraly switched ?

 

--locally switched: the client will brodcast the DHCP messages on the local network and obatin ip address from the local DHCP server (wiether it a server or configured on an interface of switch/router) as any other wired client.

 

--centrally switched: the clients DHCP messages will be forworded to the WLC , and the WLC will forwad these DHCP messages to the DHCP server (configured on the WLC interface as scott mentioned), will also to disable the DHCP proxy on that interface.

 

--also you can have a locally switch WLAN and the DHCP messages of the client will be forwarded to the WLC , by enabling the "flexconnect central DHCP processing on the WLAN "

New Member

I have not configured the

I have not configured the WLAN yet as first I wanna design a good configuration solution.

As shown in the diagram, the WLC's are in Network A and the clients will be in vlan 203. The remote clients will be in Vlan 235 in Network B. I will configure a dhcp server for vlan 203 on the core switch in network A. And i will configure another dhcp server for vlan 235 in Network B.

I haven't configured the WLC as of now, but wanna make sure before i go there and implement it. On the remote site will the configuration be any different than the one on vlan 203 as far as dhcp configuration on the switch is concerned ? what about the WLC WLAN for the two vlans?

 

thanks

 

Cisco Employee

sorry but i did not get your

sorry but i did not get your question , can you repet it with more details ?

New Member

sorry about that, Ill try to

sorry about that, Ill try to explain step by step what i want to achieve.

I will have 2 diff networks on which I will have my wireless clients. These 2 diff networks are connected together via access port and can ping each other by EIGRP routing.

In the first Network with Vlan 203, I want to make an External DHCP server, which I will make on the Core layer 3 Switch where my Vlan is defined.

For my second network with vlan 235, I also want to make an external DHCP server for that vlan 235. The second network has a Core switch where the vlan 235 is defined.

Both WLC's are located in the First Network. The second Network has no WLC.

 

My questions are:

For the vlan 235 (flexconnect) How should i define the DHCP server? What will be the default-router for it ?

 

For a better clearer picture you can refer to the diagram.

Cisco Employee

ok i understand it now,

ok i understand it now,

 

simply as you have two VLAN then you will have two interfaces on the WLC , each interface will be configured with DHCP ip server, this in case the WLAN(s) are centrally switched.

 

if the WLAN(s) are locally switched , then the clients in vlan 235  will get thier ips from the DHCP pool like any other wired device in that network.

New Member

Ok as far as the physical

Ok as far as the physical connectivity is concerned, the Core switch in the Network A vlan 203 will be connected to the 2 WLC on port 1 and 2.

The Network B vlan 235 will be connected via fiber to Network A's Core switch.

Now for the WLAN interfaces configured in the WLC, one interface will be defined for Remote vlan 235 and the other for vlan 203. The DHCP server defined on the WLAN will be the SVI ip address of the vlans right ?

 

Correct me where I'm wrong. both in physical connection or Controller WLAN.

 

Thank you

New Member

The remote sites should get

The remote sites should get the ip address from the dhcp pool vlan 235 defined on the core switch on the remote site, which will then communicate with the WLC ( which is in a different network connected accross an access port)

Cisco Employee

yeah you are totaly right. 

yeah you are totaly right. 

New Member

so i define the WLAN

so i define the WLAN interface in the WLC. give it a name, port number 1 ( which is the same as management port).

Vlan Identifier ( 203 for one wlan and 235 for the remote wlan).

Ip address of the Wlan and netmask.

Gateway ( this should be IP address of the specific managment SVI defined on the core right ?, Management vlan is vlan 200 and the WLC's are also in the 200 vlan )

Primary DHCP Server ( This should be the IP address of the vlan 203 or 235 depending which WLAN being used?)

Sorry for being a complete newbie :D

 

Cisco Employee

you right, the gateway ip

you right,

 

the gateway ip address on the interface(of the remote site clients) should be the gateway ip of the clients in 235 .

New Member

Meaning I should define in

Meaning I should define in WLAN the default gateway to be the Managament vlans IP address in Network B ?

Cisco Employee

basiclly on the WLC you will

basiclly on the WLC you will have an dedicated interface for network B , in this itnterface you should configured the gateway ip address for the network B.

 

i hope i understand you correctly.

New Member

Thanks will try all this on a

Thanks will try all this on a few days on the site and will update :)
New Member

Hi there,I tried to configure

Hi there,

I tried to configure all this but i encountered a weird problem. When I setup the DHCP pool on the core switch, The AP is getting the IP addresses from the pool but after a minute or so it disconnects and renews its ip address with a different one. The AP keeps doing that. HOwerver i have noticed if i attach a laptop or any other device like a temperuture monitoring system device, it gets the DHCP address and DOESN'T drop it and renew it again. It stays stable.

 

What could be the problem? is it option 60 or 43 problem? i tried them both and they didnt work. When i log into the AP through the console port i get the following log error messages:

 

CAPWAP-3-DHCP_Renew: could not discover WLC using DHCP IP. Renewing DHCP IP

CAPWAP-3-ErrorLog: invalid event 38 & state 2 combination.

 

Let me attach the screen shot

 

New Member

BTW just for your info, the

BTW just for your info, the AP and the access switch are connected through an access port, the access switch and Core through a trunk port. The core switch and WLC also through a trunk port.

Cisco Employee

When a FlexConnect access

When a FlexConnect access point enters into a standalone mode, the following occurs:

  • The access point checks whether it is able to reach the default gateway via ARP. If so, it will continue to try and reach the controller.

If the access point fails to establish the ARP, the following occurs:

  • The access point attempts to discover for five times and if it still cannot find the controller, it tries to renew the DHCP on the ethernet interface to get a new DHCP IP.
  • The access point will retry for five times, and if that fails, the access point will renew the IP address of the interface again, this will happen for three attempts.
  • If the three attempts fail, the access point will fall back to the static IP and will reboot (only if the access point is configured with a static IP).
  • Reboot is done to remove the possibility of any unknown error the access point configuration.

Once the access point reestablishes a connection with the controller, it disassociates all clients, applies new configuration information from the controller, and allows client connectivity again.

 

 

http://www.cisco.com/c/en/us/td/docs/wireless/controller/7-3/configuration/guide/b_cg73/b_wlc-cg_chapter_01110.html

New Member

I'm talking about local AP's.

I'm talking about local AP's not flexconnect remote AP's. The management vlan (vlan 1) and the vlan for AP's(vlan203) are in different vlans though.

what could be the problem here? I suspecting option 43? what do you think?

Cisco Employee

first :the option 43 is only

first :the option 43 is only to let the AP to discover the WLC , if you configured the WLC ip manually on the AP or if the AP joined the WLC then no need for opetion 43.

 

second: if the AP is in local mode then how it goes to stand alon mode, this is only happen for flex APs, can you send #show ap config general Cisco_AP ?

 

having the AP and the WLC management interface in different subnets should not make any trouble , but you should have connectivity between them(AP and management interface).

 

can you check on the WLC msglog , if the AP is sending a discovery request to a non-mangement interface ? this could be happen if you isolate the WLC interfaces physicly (assiagn a dedicated interface for a dedicate port on the WLC)

New Member

first: how do i configure the

first: how do i configure the the WLC ip manually on the AP, I'll try that as well instead of option 43.

 

Second: I can send you the config tomorrow, The WLC is connected to port 1 which is also the mangement interface.

Maybe the option 43 is not working since WLC 5508 also has a 5508 HA with it on which i still havent configured the redundancy port.

Ill try a bunch of things tomorrow and will let you know.

Thanks

Cisco Employee

--use these commands on the

--use these commands on the AP:

 -debug capwap console cli

-conf t

config capwap ap controller ip address <controller ip address>

 

--ok i will check the config if i have time for that.

 

thank you

 

 

1762
Views
5
Helpful
28
Replies