I noticed a few discussion about Cisco Wireless bridges not being able to pass DHCP requests from clients.
In my case I have a WET200 successfully associated with a Deliberant DLB2700 access point. When client computers are configured with static IP addresses they can browse the network, connect to e-mail etc. Problem starts when a computer will try to obtain the IP address via DHCP while connected to the wireless bridge. It simply doesn't work.
Is there a newer firmware or a secret settings which will allow me to make it working? I have a quite few of these WET200 units ...
Thanks in advance for any suggestions.
Hi Mr 2,
Please check the following link;
1. http://support.deliberant.com/forums/p/1069/4889.aspx#4889 does this sound familiar ?
But my thoughts are at this stage, sure look like there is a question hanging over the deliberant model number you mentioned, at least that what the deliberant forum might be suggesting.
2. But does a WET200 in place of the deliberant result in DHCP requests being dropped?
(Since you have multiple WET200, it would be interesting to peruse this approach for diagnostic reasons and to confirm this in your mind.)
But, if you can't do step 2 above, and are adventurous, maybe you can capture the DHCP server interaction.
I'm guessing your network may look like the following, excuse the rough network diagram;
| | |
HUB | |------DHCP Server
Beg borrow or steal a 'HUB' and they are hard to find these days, NOT a switch.
Or as an alternative, if connected to a managed switch, mirror the Ethernet switch port that leads to the deliberant AP to a PC running ethereal.
Using ethereal or similar application, just checkout the state of ARP and DHCP packets that egress in and out of the switch port that is connected to the deliberant AP. (I'm guess ARP is working otherwise you would not be getting anywhere from behind the WET200.)
But if you wish to post a ethereal trace, it would be fun to quickly check it out.
If you do this please don't capture megabytes, try to capture just a bit before and after a DHCP request.
The other option is to just keep doing what you are doing and statically define IP addresses.
Your "rough" network diagram is correct.
I will try to sniff the packets coming out of the AP as soon as I get back to site. Unfortunately, this may not happen for the next 2-3 weeks. The site is in a middle of a desert, 600km away.
I have spent all morning today trying to have 2 WET200 talking to eachother as well as one WET200 with switch and all worked for me fine. Few things though to realise. Forgive that I will start with the basics but I have realised today that instructions are not that clear and the results of some settings are not obvious. To enable DHCP for connected devices you need to change 'IP Address Type:' to DHCP under basic settings. In the result of that WET200 will loose its static IP address as well. As you mentioned that the site is quite far, make sure that all the wireless and security settings are correct. Otherwise you will loose connection to WET200.
Another issue might be switchport settings. I am not sure how your network is configured but these settings might stop DHCP working: 'spanning-tree bpdyguard enable' on switchport and lack of 'ip helper-address xx.xx.xx.xx'. Hope that will let you do some other test and eventually sort out the problem.
Can I just ask how your PCs and VoIP phones getting connected to WET200? Do you use vlans at all, like voice and data vlan or both devices work on the same vlan?
I am having exactly this problem. WET200 into AP541 into SG300. DHCP from router connected to SG300. WET200 gets a DHCP fine but locally connected client to WEP only works with hard coded IP details. These locally connected clients (laptop / Cisco IP phone) cannot get an address. Any help much appreciated. All firmware up to date.
Hi Chris et all.
The WET200 is a vlan-able bridge.
I would expect a DHCP broadcast on the other side of the bridge to be propogated back into the SG300 and router network.
IP helper is enabled via the function UDP forwarding in a 300 series switch . You will also note that DHCP relay is also a option for propogating DHCP requests with option 82 enabled to a option 82 vlan-able router or DHCP server.
I have included a screen capture below.
I wish I had a couple of WET200 at hand to check what's actually happening, but i don't. .
I guess your best option is to call the good folk at the Small business Support Center via, or see what others within the community can offer in terms of advice;
I spent another fruitless day on this. In the end with a hard coded IP I found I could get to the WET200 then back to the 541AP then onto the SG300 switch but for some readson could not get to the router (same subnet) at 192.168.0.1 The fact that I cannot get to the router obviously explains the lack of DHCP. The hard coded laptop could also happily access plenty of the other devices on the subnet. When the laptop was connected straight to the AP541 it could of course get a dhcp and access everything as it should. Why every other of the 98 devices on that subnet can see each other and the router but not a device attached to the WEP 200 is beyond me. What a pile of cra* that device is.
I have now chucked the WEP on the scrapheap of useless kit and am using two of those home 200mb plugs to get acess via the electricity wiring straight into the SG300. Everything now of course works perfectly!
Thanks again everyone for the suggestions. Why CISCO feels the need to sell products to small business that do not work in the simplest way possible (dumn hub mode) is beyond me!
Still no further. I can now get it a DHCP address by specifying a dhcp helper address on the sg300 switch. The principal problem remains. The laptop connected to the WET200 cannot get to the router at 192.168.0.1. I can see the routers mac address correct in the laptop's arp database. It can get to every other device on the subnet. Just not the router (hence the need for dhcp helper). Is there anything that can explain why I cannot get to the router when every single other device on the subnet can. I see people complaining about this all over the NET but with no solution.
Also, am I entitled to support given I am just an end user ? The WET200 is brand new though.
Got it - after 1hr with cisco support (who were awesome) we got it down to a IP/MAC binding setting on the router. The WET200 must be doing something nasty as it translates packets back and forth. The router saw it as a security threat and dropped them as it has requests for a single IP address coming from multiple mac addresses.
Turning off the IP to MAC sddress binding allowed the packets through. I wonder if its using some cheap form of NAT or similar ?
Good news, glad you are up and running, those guys and Gals at the Small business Support center are tremendous.
Interesting why have we got one IP address with multiple MAC addresses, don't know.
But I have asked the product manager for a loaner of a couple of WET200's to borrow, just so I can get a feel for the devices.