Cisco AP remote site where should wireless get DHCP locally or from controller site

Hello EE,
We have a small site with APs and a single DHCP server.  The DC and Controller are at corporate.  When users at this branch connect to wireless where should they get DHCP address from?  Currently they are getting it from Corporate where the controller is.
operationsITAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

 
JohnBusiness Consultant (Owner)Commented:
If the access point is connected to the company network, then they should get DHCP from the company server (as is happening now).

If you do not want this, you need to put the access point on its own connection or on a separate VLAN.
0
 
operationsITAuthor Commented:
Yes AP is connected to company network on an independent vlan for Wireless than all other network.  

My question is that branch has DHCP so clients get DHCP locally.  When they connect to wireless they get DHCP from corporate where controller resides.  Is this by design or should they get DHCP from local server on Wireless defined VLAN?  I'm unclear
0
 
JohnBusiness Consultant (Owner)Commented:
If you connect the access point to the local DHCP server (probably router in a branch), then give the access point a static IP address in the branch. It appears someone gave the access point an IP address at the company site.

Where the access point gets DHCP depends on where it is connected.
0
Improve Your Query Performance Tuning

In this FREE six-day email course, you'll learn from Janis Griffin, Database Performance Evangelist. She'll teach 12 steps that you can use to optimize your queries as much as possible and see measurable results in your work. Get started today!

 
Craig BeckCommented:
It depends on how your traffic flows.  With FlexConnect you can have traffic terminate either at the WLC or at the local site.  If the traffic terminates at the WLC it makes more sense for DHCP to come from a central location rather than a local site (makes routing and firewalling less of an issue).
0
 
Craig BeckCommented:
^^^ I should add, that I assumed you use FlexConnect (or it's old name, H-REAP).

If you don't use FlexConnect (so the AP was simply plugged in at the remote site with no further config) the traffic will always go back to the corporate site.  When Lightweight Cisco APs are deployed like this it's usually because there are no services at the local site (so everything goes back to Corporate anyway).

If you go to the WLC's GUI and click the Wireless tab, then find the AP at the branch and click on it's name (or MAC address depending on whether it's been renamed or not), then see what AP Mode the AP is configured to use.  It will say either "Local" or "FlexConnect" (or "H-REAP").
0

Experts Exchange Solution brought to you by ConnectWise

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
 
operationsITAuthor Commented:
Hello,

I typed this out but guess it never was submitted.  Craig thank you SO much for the details.  I was able to go in and find it says "Local".  Is this bad?  I feel that with a DHCP server onsite it should get DHCP locally not from the corporate site where the controller is, but I'm unsure best practice
0
 
Craig BeckCommented:
It's not bad, but if your services for that site are local to that site you should convert the APs from Local mode to FlexConnect mode so that the traffic doesn't go across the WAN.

That will require planning though!

To do this you must reconfigure the WLANs that you want to use at the branch office to use FlexConnect Local Switching (don't confuse AP Local with FlexConnect Local).  You must also convert the switchport where the AP connects to a trunk (if not already), and map the WLANs to the VLAN ID at the branch.

The way it works (AP Local mode vs Flexconnect) is this:

AP Local Mode: All client traffic passes from the AP to the WLC (meaning that all client traffic goes up to the WLC).  The WLC decides which interface or VLAN to put traffic on and then it breaks out onto the wired network.

FlexConnect Mode: All client traffic passes from the AP straight to the local switch.  You map WLANs to VLANs at the WLC then the AP puts each WLAN's traffic on the appropriate VLAN at the switch.

It's a bit of work to get it done, but if you do have services at the local site that would be better served by not traversing the WAN, go ahead and convert the APs to FlexConnect mode.  If you need help with that, just ask on here and I'll help you out.
0
 
operationsITAuthor Commented:
Currently my APs are
interface GigabitEthernet1/0/11
 description Patch AP3
 switchport access vlan 505

They are getting DHCP from the local site, it is just the users that connect to the APs at the branch that end up getting DHCP from corporate v.s. the local site.  I am not familiar with Flexconnect so any guidance would be great.

I have an interface setup for each branch on a VLAN ID 505 so I think this maybe the right start?
0
 
Craig BeckCommented:
As you say, all traffic will be getting DHCP from the local site via the central site.

FlexConnect needs planning.  You could convert that single AP to FlexConnect mode and it would put all traffic on VLAN 505 at the local site, but that would also affect the other APs.
0
 
operationsITAuthor Commented:
Great information
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.