Hi, I am setting up a new wireless network using WLC 4402 running in Layer 3 mode, LAP 1242AG and a NAC Appliance running In-band/real ip gateway. My problem is that I cannot get the NAC Appliance to assign a DHCP address to the Wireless clients.
I can get a dhcp address from the controller ok. And If I connect via a wired port I can get a dhcp address from the NAC Server.
I have sniffed the untrust interface of the NAC and when I try to get a DHCP IP using wireless, I can see the DHCP Discover going in and DHCPOFFER coming back out, however it is like the WLC is not passing the offer back to the wireless client. I have configured DHCP Override on the WLC to point to the untrust interface of the NAC but it still does not work. I have a VIP of 188.8.131.52 configured on the WLC.
The WLC is running code 184.108.40.206. If I give the wireless client a static ip address I have no problem connecting out via the NAC.
I'm aware of the bug CSCsi81951 filed with cisco. AS of now the workaround is to configure static ip address. But i would also suggest to remove the override option and try creating a interface. Assign an ip address to the WLC interface from the same subnet you want clients to be assigned and assign the DHCP server as NAC untrust interface. Then Map the WLAN to this interface. Refer Create a VLAN interface and WLAN section of the following link http://www.cisco.com/en/US/tech/tk722/tk809/technologies_configuration_example09186a008067489f.shtml#vlan.
Thanks for the reply Gabriel. I did have it setup as you suggested but it didn't work. I have since found out I don't need to setup mobility groups, so I am going to have the one WLC dish out the DHCP address's instead.
Just found this nugget of information, am going to give it a try tomorrow:
Cisco 2200/4400 Wireless LAN Controllers (Airespace WLCs) and DHCP
Due to changes in DHCP server operation with Cisco NAC Appliance release 4.0(2) and above, networks with Cisco 2200/4400 Wireless LAN Controllers (also known as Airespace WLCs) which relay requests to the Clean Access Server (operating as a DHCP server) may have issues. Client machines may be unable to obtain DHCP addresses.
If you have DHCP issues with Airespace controllers after installing/upgrading to release 4.0(2), the following will need to be done to restore DHCP functionality:
StepÂ 1 Enable DHCP options on the CAS:
a. Go to Device Management > CCA Servers > Manage [CAS_IP] > Network > DHCP > Global Options
b. Click the Enable button (User-Specified DHCP Options).
StepÂ 2 Create a new custom Global DHCP option with option number "54" and option type "IP-Address":
a. Click the New Option link for the Root Global Option List.
b. Type 54 in the ID field.
c. Select IP-Address from the Type dropdown menu.
d. Click the Create Custom Option button.
StepÂ 3 Set the value of this option to the CAS eth1 IP address (or eth1 Service IP if CAS is in HA mode):
a. Type the CAS eth1 IP address in the text field.
b. Click Update.
StepÂ 4 This should restore DHCP capability with Airespace controllers.
Transferring Crash file from standby: Login to the Active WLC in HA.
From CLI: (Cisco Controller) >transfer upload datatype crash (Cisco
Controller) >transfer upload filename (Cisco
Controller) >transfer upload mode tftp (Cisco Controller) >transfer
This is the start of a display filter cross reference between Wireshark
and OmniPeek. The 1st installment is a table of advanced filters. More
filters will be added as time allows. It is a living doc, so check back
for changes every so often Please feel f...