11-14-2007 01:05 PM - edited 07-03-2021 02:56 PM
Not sure wether to put this here or in Firewalling. May do both if no one minds.
Basically in effort to setup guest access off of the WLC, I want to put a pix on the dsl line to protect my network. I've set this up as a DHCP server for the guest net and it works fine, as long as the DHCP request is not coming from the controller. I'm guessing this due to the WLC being a DHCP Relay agent and the PIX rejecting it. Does anyone have any thoughts on how to resolve this problem? I've tested with a simple linksys dsl router and it will respond to DHCP requests from the WLC like a champ, but I will need to use the 501 for security compliance. I could always put the pix in between the linksys and the dsl modem, but i would like to consolidate if possible. Curious how others have resolved the DHCPRelay agent issue with various software packages and hardware such as the 501. thanks
11-15-2007 08:40 AM
You are correct, the PIX will not respond to DHCP Relay requests from the WLC. I've ran into this before and ended up configuring the Public wireless DHCP scope on the WLC, it works great.
11-15-2007 09:15 AM
How does this work on the WLC? Does it only give out IP's for an interface in that network? I don't want it giving out ips to my other wlans?
11-15-2007 09:50 AM
It's all based around the VLAN, the WLC's DHCP Scope will only hand out DHCP addresses for devices connecting to the SSID, the SSID should be tied to a VLAN with an IP address, the DHCP scope will be in the subnet of the VLAN.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide