[Last Call] Learn about multicloud storage options and how to improve your company's cloud strategy. Register Now

x
?
Solved

WLC - wireless clients can't get dhcp

Posted on 2011-03-16
1
Medium Priority
?
1,019 Views
Last Modified: 2013-11-12
I  am trying to set up a wireless network using WLC 4404 and various access points. We need two wireless networks, one for our corporate users and one for guest. I have the corporate one up and running correctly, however, I am having problems with guest network.

 
Right now, we have various stand alone access points through out the network. They all have two networks, one for corporate and one for guest. I have set up my wireless networks authentication like the stand alone APs, the corporate users authenticate via RADIUS and guest just by wp2 psk. DHCP is being handed out by our Windows DHCP server. At this time, all is good with the stand alone APs. We are however, in the process of going completely lwap and want to convert all the APs so they are managed via the WLC.

 
Right now when a guest access the lan, they put in the shared password, then they get a dhpc address from our DHCP server that gives them a private ip address but it sets their dns server to an external public dns server. Once the guest connects and gets the proper DHCP parameters our 6509 router ( which the wlc is connected to) has a policy route map that points the traffic out of our ASA. So when a guest connects they get pushed out from the 6509 to our ASA then the outside world. This makes it so tha that guest users cant access our internal lan.

 
This works great on our stand alone APs, however, the weirdness starts when I try to use the same route map on the new Guest lan. On the new guest lan I can't seem to get an ip address, if i remove the route map, it works fine, but we need that. In addition, if i connect to the current guest lan and then connect to the new guest lan, it works. I guess the pc is caching the dhcp info. I need to be able to keep the route map and get dhcp to work.

 
Both the new and current guest lans are configured with the same authenticaton parameters, but only the current guest can get dhcp.

 
Config on the 6509

 
interface vlan222

description Guest Wireless VLAN
ip address 10.10.10.1 255.255.255.0
ip helper-address 50.50.10.110 - (dhcp server
ip policy route-map INTERNET_ONLY

 
rout policy map

 
route-map INTERNET_ONLY permit 10
match ip address 12 (acl 2 permit ip any)
set ip next-hop 50.10.10.3 (asa)

 
Any help would be appriciated. Thanks.

 
Moises

ccnp security
0
Comment
Question by:moibeats
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 

Accepted Solution

by:
moibeats earned 0 total points
ID: 35168931
The answer was to disable dhcp relay on the WLC.
0

Featured Post

Learn Veeam advantages over legacy backup

Every day, more and more legacy backup customers switch to Veeam. Technologies designed for the client-server era cannot restore any IT service running in the hybrid cloud within seconds. Learn top Veeam advantages over legacy backup and get Veeam for the price of your renewal

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Working settings for French ISP Orange "Prêt à Surfer" SIM cards for data connections only. Can't be found anywhere else !
In this article we have discussed about the OS X EI Capitan and how to fix Wi-Fi issue in OS X El Capitan. We have explained how to delete system level preferences and create a new Wi-Fi location to resolve Wi-Fi issue.
This Micro Tutorial will show you how to maximize your wireless card to its maximum capability. This will be demonstrated using Intel(R) Centrino(R) Wireless-N 2230 wireless card on Windows 8 operating system.
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…

650 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question