For a couple of months i've been playing around trying to get our Cisco WLC2504 and Cisco 3500 series LAPs to work correctly over multiple sites. I have come up against a bit of an issue, which the tech support people for Cisco don't know how to fix, and say it's probably down to the configuration on our HP Procurves!
To put it simply, we have 3 sites; the main site has the WLC and 2 access points, the second site has 2 access points, and 3rd has just one access point.
I have configured the system so there are two SSIDs available across all the sites - a Staff SSID and a Guest SSID. The Staff SSID picks up an address from the internal network (Native VLAN 1), whilst the Guest WLAN is tagged VLAN 500, and picks up an IP address from the DHCP server on our firewall, which we have created a new port with VLAN 500 tag just for this traffic. This is configured the same at all sites (we have local internet breakouts with firewalls at each office).
the wireless hardware is configured to run on a separate VLAN of 200 and a different subnet to the main network. The issue we have is the LAPs fail to use the static IP addresses on VLAN 200 and fail back to the main network IP addresses. This still allows clients to authenticate for both staff and guest - but isn't what we wanted to happen! I have untagged the ports that the LAPs connect to for VLAN 200 and they now use the correct IP addresses. However, whilst the Guest WLAN successfully works, the Staff network fails to pick up an IP address or connect to the native VLAN at all.
The only way I have managed to get them to work is to create another VLAN 300 with a new IP range and a new DHCP Scope on the server for this VLAN and setup the WLAN for staff to tag this traffic VLAN 300.
Ideally, I wanted to make the staff wireless clients have an internal IP address to simplify things, but i can't works out if/how to do this! Anyone give me a clue?