Wireless dot1x authenticated but no IPv4 DHCP assignment
Hi all, facing some issue on wireless not getting IP from the external DHCP server.
01. Problem statement
After authentication success, client PC cannot get IP from DHCP server.
This is the error log found at the WLC
*RRM-MGR-2_4-GRP: May 21 15:23:02.643: #LOG-3-Q_IND: dhcp_proxy.c:3944 Received a DHCP packet sent by the controller itself possible network loop![...It occurred 3 times.!]
*DHCP Socket Task: May 21 15:23:02.171: #DHCP-3-DHCP_PKT_LOOPED: dhcp_proxy.c:3944 Received a DHCP packet sent by the controller itself possible network loop!
*DHCP Socket Task: May 21 15:22:47.140: #DHCP-3-DHCP_PKT_LOOPED: dhcp_proxy.c:3944 Received a DHCP packet sent by the controller itself possible network loop!
*DHCP Socket Task: May 21 15:22:43.009: #DHCP-3-DHCP_PKT_LOOPED: dhcp_proxy.c:3944 Received a DHCP packet sent by the controller itself possible network loop!
*RRM-MGR-5_0-GRP: May 21 15:22:04.188: #LOG-3-Q_IND: acl.c:371 Unable to find an ACL by name ""
02. Troubleshooting effort and finding
There's 2 SSID create on the WLC, with different VLAN on each.
When connecting to the first SSID, it's successfully authenticate and able to get IP from the DHCP
When disconnect the client PC from first SSID, and connecting to the second SSID, from the client detail it is showing the connection is associated, no IP assigned, and policy manager state is "DHCP_REQD"
There is no IP lease at DHCP server (using window server 2008 as external DHCP, because virtual WLC is not support hosting internal DHCP server)
03. Existing Cisco device config and infrastructure setup
Most possible cause behind the issue is , dhcp timeout during dot1x process.
You can check the dot1x timeout , reduce the default values so that dhcp will not fail during dot1x process.
Hope this helps.
1. As per my understanding you have not properly configure the DHCP proxy, recheck you configuration and commands.
2. DHCP option 82 is a king of enhancement specifically employed for distributed DHCP/relay enviornments, using this option relays insert specific information to the request, for to get an idea of clients physical point of attachment or first interaction to the network.
For understanding DHCP option 82 check the below blog.
Transferring Crash file from standby:
Login to the Active WLC in HA.
(Cisco Controller) >transfer upload datatype crash
(Cisco Controller) >transfer upload filename <Desired filename>
(Cisco Controller) >transfer up...
This is the start of a display filter cross reference between Wireshark and OmniPeek.
The 1st installment is a table of advanced filters. More filters will be added as time allows.
It is a living doc, so check back for changes every so often
Please feel ...
I have created a Powershell script to automatically add a Wireless Guest User on Cisco WLCs. (tested on 2500 Series)
The script should be completely self explanatory.
Powershell SNMP Module (Install-Module -Name SNMP)
SNMP Write Access to...