• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1053
  • Last Modified:

WLC - wireless clients can't get dhcp

I  am trying to set up a wireless network using WLC 4404 and various access points. We need two wireless networks, one for our corporate users and one for guest. I have the corporate one up and running correctly, however, I am having problems with guest network.

 
Right now, we have various stand alone access points through out the network. They all have two networks, one for corporate and one for guest. I have set up my wireless networks authentication like the stand alone APs, the corporate users authenticate via RADIUS and guest just by wp2 psk. DHCP is being handed out by our Windows DHCP server. At this time, all is good with the stand alone APs. We are however, in the process of going completely lwap and want to convert all the APs so they are managed via the WLC.

 
Right now when a guest access the lan, they put in the shared password, then they get a dhpc address from our DHCP server that gives them a private ip address but it sets their dns server to an external public dns server. Once the guest connects and gets the proper DHCP parameters our 6509 router ( which the wlc is connected to) has a policy route map that points the traffic out of our ASA. So when a guest connects they get pushed out from the 6509 to our ASA then the outside world. This makes it so tha that guest users cant access our internal lan.

 
This works great on our stand alone APs, however, the weirdness starts when I try to use the same route map on the new Guest lan. On the new guest lan I can't seem to get an ip address, if i remove the route map, it works fine, but we need that. In addition, if i connect to the current guest lan and then connect to the new guest lan, it works. I guess the pc is caching the dhcp info. I need to be able to keep the route map and get dhcp to work.

 
Both the new and current guest lans are configured with the same authenticaton parameters, but only the current guest can get dhcp.

 
Config on the 6509

 
interface vlan222

description Guest Wireless VLAN
ip address 10.10.10.1 255.255.255.0
ip helper-address 50.50.10.110 - (dhcp server
ip policy route-map INTERNET_ONLY

 
rout policy map

 
route-map INTERNET_ONLY permit 10
match ip address 12 (acl 2 permit ip any)
set ip next-hop 50.10.10.3 (asa)

 
Any help would be appriciated. Thanks.

 
Moises

ccnp security
0
moibeats
Asked:
moibeats
1 Solution
 
moibeatsAuthor Commented:
The answer was to disable dhcp relay on the WLC.
0

Featured Post

Will You Be GDPR Compliant by 5/28/2018?

GDPR? That's a regulation for the European Union. But, if you collect data from customers or employees within the EU, then you need to know about GDPR and make sure your organization is compliant by May 2018. Check out our preparation checklist to make sure you're on track today!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now