AP Vlan & DHCP configuration

Hi all,
I try to set up multiple Vlan but my issue is to associate them ip subneting.
This is the example:
I want to make some Vlans:
- 1 for Data
- 1 for Voice
so I make the ssid
dot11 ssid data
vlan 100
authentication ...
dot11 ssid voice
vlan 200
authentication open
authentication key-management wpa
wpa-psk ascii ...
interface Dot11Radio0.100
encapsulation dot1Q 100 native
no ip route-cache
bridge-group 1
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
bridge-group 1 spanning-disabled
interface Dot11Radio0.200
encapsulation dot1Q 200
no ip route-cache
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
bridge-group 1 spanning-disabled
interface FastEthernet0.100
encapsulation dot1Q 100 native
no ip route-cache
bridge-group 1
no bridge-group 1 source-learning
bridge-group 1 spanning-disabled
interface FastEthernet0.200
encapsulation dot1Q 200
no ip route-cache
bridge-group 1
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
bridge-group 1 spanning-disabled
and the BVI
interface BVI1
description Basic Virtual Interface
ip address A.B.C.D /24
no ip route-cache
the BVI interface is in the native Vlan of Data. My issue is that I want to have on subnet 192.168.1.0/24 for Data and another 192.168.2.0/24 for the voice
but the problem is that I always get dhcp info from the subnet where the BVI is.
Can anybody help me on that ?
I assume that the DHCP request is ?ade by the IP of the BVI (when helper activated) so this is why I always get an IP from the data pool where the BIV is into.
I started to think to some solution like create a BVI2 but this is a lost of IP
or directly assign ip from sub ethernet int and activate the helper.
What is the best and what do you think of that ?
Thanks in advance
Matt

Your problem is all your interfaces are using bridge group 1. change the bridge group number to match the corresponding VLAN and things should improve as long as the switch port is configured for trunking/.1Q support.
Suggestion initially configure the VLAN's using the WEB interface and then check the config and see the result.
Bill

Similar Messages

Vlans dhcp status are not received

Hello,
I am configuring vlan on sg300-20 in dhcp mode.
One vlan that is directed connected to the adsl router get ip address and when I connect host to the ports in this vlan they also receive ip address and can go on internet.
The other four vlans dhcp status are not received.
Kindly help me check this. Thanks
Below is the config log:
switch4ba497#sh running-config
config-file-header
switch4ba497
v1.2.9.44 / R750_NIK_1_2_584_002
CLI v1.0
file SSD indicator encrypted
ssd-control-start
ssd config
ssd file passphrase control unrestricted
no ssd file integrity control
ssd-control-end cb0a3fdb1f3a1af4e4430033719968c0
vlan database
vlan 5,10,20,30,40
exit
voice vlan oui-table add 0001e3 Siemens_AG_phone________
voice vlan oui-table add 00036b Cisco_phone_____________
voice vlan oui-table add 00096e Avaya___________________
voice vlan oui-table add 000fe2 H3C_Aolynk______________
voice vlan oui-table add 0060b9 Philips_and_NEC_AG_phone
voice vlan oui-table add 00d01e Pingtel_phone___________
voice vlan oui-table add 00e075 Polycom/Veritel_phone___
voice vlan oui-table add 00e0bb 3Com_phone______________
ip dhcp relay address 192.168.3.1
ip dhcp information option
no boot host auto-config
bonjour interface range vlan 1
hostname switch4ba497
line telnet
exec-timeout 0
exit
no passwords complexity enable
username cisco password encrypted 7af78c911d5b48bea1dc2449d9d89513abeb4be5 privilege
15
ip http timeout-policy 0 http-only
ip name-server 192.168.1.1 192.168.3.1
ip telnet server
interface vlan 1
ip address 192.168.2.254 255.255.255.0
no ip address dhcp
interface vlan 5
name WAN
ip address dhcp
interface vlan 10
name Studio
ip address dhcp
interface vlan 20
name Service
ip address dhcp
interface vlan 30
name Admin
ip address dhcp
interface vlan 40
name Data
ip address dhcp
interface gigabitethernet1
switchport mode access
interface gigabitethernet2
switchport mode access
switchport access vlan 10
interface gigabitethernet3
switchport mode access
switchport access vlan 10
interface gigabitethernet4
switchport mode access
switchport access vlan 10
interface gigabitethernet5
switchport mode access
switchport access vlan 10
interface gigabitethernet6
switchport mode access
switchport access vlan 10
interface gigabitethernet7
switchport mode access
switchport access vlan 10
interface gigabitethernet8
switchport mode access
interface gigabitethernet9
switchport mode access
switchport access vlan 20
interface gigabitethernet10
switchport mode access
switchport access vlan 20
interface gigabitethernet11
switchport mode access
switchport access vlan 20
interface gigabitethernet12
switchport mode access
switchport access vlan 20
interface gigabitethernet13
switchport mode access
switchport access vlan 30
interface gigabitethernet14
switchport mode access
switchport access vlan 30
interface gigabitethernet15
switchport mode access
switchport access vlan 30
interface gigabitethernet16
switchport mode access
switchport access vlan 30
interface gigabitethernet17
switchport mode access
interface gigabitethernet18
switchport trunk native vlan 40
interface gigabitethernet19
switchport mode access
switchport access vlan 5
interface gigabitethernet20
switchport trunk native vlan 5
switch4ba497#sh ip int
    IP Address         I/F       Type     Directed   Precedence   Status
                                          Broadcast
0.0.0.0/32          vlan 10   DHCP        disable    No         Not
                                                                received
0.0.0.0/32          vlan 20   DHCP        disable    No         Not
                                                                received
0.0.0.0/32          vlan 30   DHCP        disable    No         Not
                                                                received
0.0.0.0/32          vlan 40   DHCP        disable    No         Not
                                                                received
192.168.2.254/24    vlan 1    Static      disable    No         Valid
192.168.3.102/24    vlan 5    DHCP        disable    No         Valid
switch4ba497#
Also i do not understand why the ip address is 0.0.0.0/32 because the dhcp server ip address is 192.168.3.1

Dear Customer,
Thank you for reaching Small Business Support Community.
In Layer 2 system mode, only the management VLAN can be configured with a static or dynamic IP address. In Layer 3 system mode, all the interface types (ports,LAGs, and/or VLANs) on the device can be configured with a static or dynamic IP. Configuring the device to work in either mode is performed in the Administration >System Settings page
When a DCHP Client starts a discovery process, it assigns a dummy IP address 0.0.0.0 before the real address is obtained. This dummy address has the status of “Not Received”.
Pretty much your problem should be solved by changing to Layer3 system mode. Please let me know if anything comes up and/or if there is any further assistance I may help you with.
Kind regards,
Jeffrey Rodriguez S. .:|:.:|:.
Cisco Customer Support Engineer
*Please rate the Post so other will know when an answer has been found.

Anchor Guest controller and DHCP configuration

I checked the cisco documentation about the DHCP configuration but I´m not 100%sure which DHCP server address I must use.
I used as example the scope 10.240.97.0/24 for our Guest Users. In this range are the DHCP scope and the Guest interface configured. For the management I used as example the range 10.240.96.0/24.Now I configured our Guest WLC and I insert on the Guest interface as Primary DHCP address the Guest interface address. After I applied I got the message I can´t use this DHCP address. Now I checked the cisco and found following description:
“If DHCP services are to be implemented locally on the anchor controller, populate the primary DHCP server field with the management IP address of the controller"
Means it now I must insert as the IP for the Primary DHCP Server on the Guest interface the IP from the management
Interface and the controller will then forward the traffic to the internal DHCP scope on the Guest subnet and wil sent it back ?
( DHCP proxy is on the Guest WLC enabled ) .
Thanks
Al

For Anchor you can use either internal or external dhcp server.
Means it now I must insert as the IP for the Primary DHCP Server on the Guest interface the IP from the management
Interface and the controller will then forward the traffic to the internal DHCP scope on the Guest subnet and wil sent it back ?
Yes. WLC forwards the unicast dhcp req to management ip for guest interface. All cpu generated traffic by default uses management interface as source address i.e., snmp, radius, ping...
Is your question whether you need routing between guest and management interface.
No, routing is not required in this case bcoz the interface residing on WLC's management. Also for proxy it uses the virtual ip address for dhcp instead of actual dhcp ip. And only wireless client can get ip from WLC's internal dhcp server.
If you're using dhcp proxy on wlc and having external dhcp server on different vlan then yes you need routing between the two vlans.

WiSM having trouble getting the IP from service-vlan DHCP

WiSM WLAN Service Module WS-SVC-WISM-1-K9 in 6509e running VSS IOs s72033-ipservicesk9_wan-mz.122-33.SXI2a.bin having trouble to get the IP from service-vlan DHCP.
The pertinent config is as follows.
vlan 300
name WiSM_Service_Vlan
interface Vlan300
description *** WiSM Service-Vlan
ip address 192.168.200.1 255.255.255.0
ip dhcp excluded-address 192.168.200.1
ip dhcp pool WiSM_Service-Vlan_300
   network 192.168.200.0 255.255.255.0
   default-router 192.168.200.1
wism service-vlan 300
vlan 183
name WiSM_Management
interface Vlan183
description *** WiSM Management Vlan ***
ip address 10.39.139.254 255.255.255.0
wism switch 1 module 4 controller 1 allowed-vlan 125,126,183,300
wism switch 1 module 4 controller 2 allowed-vlan 125,126,183,300
wism switch 2 module 4 controller 1 allowed-vlan 125,126,183,300
wism switch 2 module 4 controller 2 allowed-vlan 125,126,183,300
wism switch 1 module 4 controller 1 native-vlan 183
wism switch 1 module 4 controller 2 native-vlan 183
wism switch 2 module 4 controller 1 native-vlan 183
wism switch 2 module 4 controller 2 native-vlan 183
HO2NET0001#sh wism status
Service Vlan : 300, Service IP Subnet : 192.168.200.1/255.255.255.0
      WLAN
Slot Controller Service IP       Management IP    SW Version Status
----+-----------+----------------+----------------+-----------+---------------
20    1           0.0.0.0          0.0.0.0                      Service Port Up
20    2           0.0.0.0          0.0.0.0                      Service Port Up
HO2NET0001#sh module
Mod Ports Card Type                              Model              Serial No.
1    8 CEF720 8 port 10GE with DFC            WS-X6708-10GE      SAL13442Q5N
2    8 CEF720 8 port 10GE with DFC            WS-X6708-10GE      SAL13442GAL
3   48 CEF720 48 port 10/100/1000mb Ethernet WS-X6748-GE-TX     SAL13410N8P
4   10 WiSM WLAN Service Module               WS-SVC-WISM-1-K9   SAD133101UY
5    5 Supervisor Engine 720 10GE (Active)    VS-S720-10G        SAL13442JE4
Mod MAC addresses                       Hw    Fw           Sw           Status
1 0025.84f1.55b8 to 0025.84f1.55bf   2.1   12.2(18r)S1 12.2(33)SXI2 Ok
2 0025.84f1.4e58 to 0025.84f1.4e5f   2.1   12.2(18r)S1 12.2(33)SXI2 Ok
3 0027.0da7.c240 to 0027.0da7.c26f   3.2   12.2(18r)S1 12.2(33)SXI2 Ok
4 0023.5e25.7168 to 0023.5e25.7177   2.3   12.2(14r)S5 12.2(33)SXI2 Ok
5 001f.9e2a.2608 to 001f.9e2a.260f   3.1   8.5(3)       12.2(33)SXI2 Ok
Mod Sub-Module                  Model              Serial       Hw     Status
1 Distributed Forwarding Card WS-F6700-DFC3C     SAL13442EG9 1.4    Ok
2 Distributed Forwarding Card WS-F6700-DFC3C     SAL13442H9T 1.4    Ok
3 Centralized Forwarding Card WS-F6700-CFC       SAL13442HU9 4.1    Ok
4 Centralized Forwarding Card WS-SVC-WISM-1-K9-D SAD133200D6 2.1    Ok
5 Policy Feature Card 3       VS-F6K-PFC3C       SAL13442E5S 1.1    Ok
5 MSFC3 Daughterboard         VS-F6K-MSFC3       SAL13421AJZ 2.0    Ok
Mod Online Diag Status
1 Pass
2 Pass
3 Pass
4 Pass
5 Pass
HO2NET0001#sh vlan
300 WiSM_Service_Vlan                active    Gi1/4/9, Gi1/4/10
The service IP is supposed to have been populated with an address from the dhcp pool. I am also unable to connect to it by doing a session switch 1 slot 4 processor 1. I get the following upon attempting to do so:
HO2NET0001##session switch 1 slot 4 proc 1
The default escape character is Ctrl-^, then x. You can also type 'exit' at the remote prompt to end the session Trying 0.0.0.0 ...
Any assistance or ideas offered will be greatly appreciated.
Thanks,

wired client is working & able to get IP from vlan 300 DHCP pool.
Here is the complete configuration.
Core-Switch6509#sh run
Building configuration...
Current configuration : 21462 bytes
upgrade fpd auto
version 12.2
service timestamps debug datetime msec
service timestamps log datetime msec
service counters max age 5
hostname
boot-start-marker
boot system flash sup-bootdisk:
boot-end-marker
security passwords min-length 1
logging buffered 8192
no aaa new-model
ip subnet-zero
ip dhcp excluded-address 192.168.200.1 192.168.200.2
ip dhcp pool wism-service-port
   network 192.168.200.0 255.255.255.0
   default-router 192.168.200.1
ip dhcp pool voiceFLR1
   network 10.39.103.128 255.255.255.128
   default-router 10.39.103.254
   option 150 ip 10.39.139.240 10.39.139.241
ip dhcp pool voiceFLR2
   network 10.39.104.128 255.255.255.128
   default-router 10.39.104.254
   option 150 ip 10.39.139.240 10.39.139.241
ip dhcp pool voiceFLR3
   network 10.39.105.128 255.255.255.128
   default-router 10.39.105.254
   option 150 ip 10.39.139.240 10.39.139.241
no ip domain-lookup
vtp domain
vtp mode transparent
switch virtual domain 100
switch mode virtual
mls netflow interface
mls cef error action reset
spanning-tree mode pvst
spanning-tree extend system-id
wism service-vlan 300
wism switch 1 module 4 controller 1 allowed-vlan 125,126,183,300
wism switch 1 module 4 controller 2 allowed-vlan 125,126,183,300
wism switch 2 module 4 controller 1 allowed-vlan 125,126,183,300
wism switch 2 module 4 controller 2 allowed-vlan 125,126,183,300
wism switch 1 module 4 controller 1 native-vlan 183
wism switch 1 module 4 controller 2 native-vlan 183
wism switch 2 module 4 controller 1 native-vlan 183
wism switch 2 module 4 controller 2 native-vlan 183
diagnostic bootup level minimal
redundancy
main-cpu
auto-sync running-config
mode sso
vlan internal allocation policy ascending
vlan dot1q tag native
vlan access-log ratelimit 2000
vlan 101
name Grd_FLR_Data_Vlan
vlan 102
name Grd_FLR_Voice_Vlan
vlan 103
name MZ_FLR_Data_Vlan
vlan 104
name MZ_FLR_Voice_Vlan
vlan 105
name 1st_FLR_Data_Vlan
vlan 106
name 1st_FLR_Voice_Vlan
vlan 107
name 2nd_FLR_Data_Vlan
vlan 108
name 2nd_FLR_Voice_Vlan
vlan 109
name 3rd_FLR_Data_Vlan
vlan 110
name 3rd_FLR_Voice_Vlan
vlan 111
name 4th_FLR_Data_Vlan
vlan 112
name 4th_FLR_Voice_Vlan
vlan 113
name 5th_FLR_Data_Vlan
vlan 114
name 5th_FLR_Voice_Vlan
vlan 115
name 6th_FLR_Data_Vlan
vlan 116
name 6th_FLR_Voice_Vlan
vlan 117
name 7th_FLR_Data_Vlan
vlan 118
name 7th_FLR_Voice_Vlan
vlan 119
name 8th_FLR_Data_Vlan
vlan 120
name 8th_FLR_Voice_Vlan
vlan 121
name 9th_FLR_Data_Vlan
vlan 122
name 9th_FLR_Voice_Vlan
vlan 123
name 10th_FLR_Data_Vlan
vlan 124
name 10th_FLR_Voice_Vlan
vlan 125
name Wireless_Users
vlan 126
name Wireless_Guest
vlan 150
name Printer
vlan 151
name v151
vlan 152
name v152
vlan 153
name v153
vlan 154
name v154
vlan 155
name v155
vlan 183
name Network_Management
vlan 300
name WiSM_Service_Vlan
interface Port-channel1
description *** For 1st Floor ***
switchport
switchport trunk encapsulation dot1q
switchport mode trunk
interface Port-channel2
description *** For 2nd Floor ***
switchport
switchport trunk encapsulation dot1q
switchport mode trunk
interface Port-channel3
description *** For 3rd Floor ***
switchport
switchport trunk encapsulation dot1q
switchport mode trunk
interface Port-channel4
description *** For 4th Floor ***
switchport
switchport trunk encapsulation dot1q
switchport mode trunk
interface Port-channel5
description *** For 5th Floor ***
switchport
switchport trunk encapsulation dot1q
switchport mode trunk
interface Port-channel6
description *** For 6th Floor ***
switchport
switchport trunk encapsulation dot1q
switchport mode trunk
interface Port-channel7
description *** For 7th Floor ***
switchport
switchport trunk encapsulation dot1q
switchport mode trunk
interface Port-channel8
description *** For 8th Floor ***
switchport
switchport trunk encapsulation dot1q
switchport mode trunk
interface Port-channel9
description *** For 9th Floor ***
switchport
switchport trunk encapsulation dot1q
switchport mode trunk
interface Port-channel10
no switchport
no ip address
switch virtual link 1
mls qos trust cos
no mls qos channel-consistency
interface Port-channel11
description *** For 10th Floor ***
switchport
switchport trunk encapsulation dot1q
switchport mode trunk
interface Port-channel12
description *** For Ground Floor ***
switchport
switchport trunk encapsulation dot1q
switchport mode trunk
interface Port-channel13
description *** For MZ Floor ***
switchport
switchport trunk encapsulation dot1q
switchport mode trunk
interface Port-channel20
no switchport
no ip address
switch virtual link 2
mls qos trust cos
no mls qos channel-consistency
interface TenGigabitEthernet1/1/1
switchport
switchport trunk encapsulation dot1q
switchport mode trunk
shutdown
interface TenGigabitEthernet1/1/2
switchport
switchport trunk encapsulation dot1q
switchport mode trunk
shutdown
interface TenGigabitEthernet1/1/3
switchport
switchport trunk encapsulation dot1q
switchport mode trunk
channel-group 1 mode on
interface TenGigabitEthernet1/1/4
switchport
switchport trunk encapsulation dot1q
switchport mode trunk
channel-group 2 mode on
interface TenGigabitEthernet1/1/5
switchport
switchport trunk encapsulation dot1q
switchport mode trunk
channel-group 3 mode on
interface TenGigabitEthernet1/1/6
switchport
switchport trunk encapsulation dot1q
switchport mode trunk
channel-group 4 mode on
interface TenGigabitEthernet1/1/7
switchport
switchport trunk encapsulation dot1q
switchport mode trunk
channel-group 5 mode on
interface TenGigabitEthernet1/1/8
switchport
switchport trunk encapsulation dot1q
switchport mode trunk
channel-group 6 mode on
interface TenGigabitEthernet1/2/1
switchport
switchport trunk encapsulation dot1q
switchport mode trunk
channel-group 7 mode on
interface TenGigabitEthernet1/2/2
switchport
switchport trunk encapsulation dot1q
switchport mode trunk
channel-group 8 mode on
interface TenGigabitEthernet1/2/3
switchport
switchport trunk encapsulation dot1q
switchport mode trunk
channel-group 9 mode on
interface TenGigabitEthernet1/2/4
switchport
switchport trunk encapsulation dot1q
switchport mode trunk
channel-group 11 mode on
interface TenGigabitEthernet1/2/5
description *** Connected to Juniper Port Ten 0 Inside ***
switchport
switchport trunk encapsulation dot1q
switchport mode trunk
switchport nonegotiate
interface TenGigabitEthernet1/2/6
no switchport
no ip address
interface TenGigabitEthernet1/2/7
no switchport
no ip address
interface TenGigabitEthernet1/2/8
no switchport
no ip address
interface GigabitEthernet1/3/1
switchport
switchport access vlan 183
switchport mode access
interface GigabitEthernet1/3/2
switchport
switchport access vlan 183
switchport mode access
interface GigabitEthernet1/3/3
switchport
switchport access vlan 183
switchport mode access
interface GigabitEthernet1/3/4
switchport
switchport access vlan 183
switchport mode access
interface GigabitEthernet1/3/5
switchport
switchport access vlan 154
interface GigabitEthernet1/3/6
switchport
switchport access vlan 154
interface GigabitEthernet1/3/7
switchport
switchport access vlan 154
interface GigabitEthernet1/3/8
switchport
switchport access vlan 154
interface GigabitEthernet1/3/9
no switchport
no ip address
shutdown
interface GigabitEthernet1/3/10
no switchport
no ip address
shutdown
interface GigabitEthernet1/3/11
no switchport
no ip address
shutdown
interface GigabitEthernet1/3/12
no switchport
no ip address
shutdown
interface GigabitEthernet1/3/13
no switchport
no ip address
shutdown
interface GigabitEthernet1/3/14
no switchport
no ip address
shutdown
interface GigabitEthernet1/3/15
no switchport
no ip address
shutdown
interface GigabitEthernet1/3/16
no switchport
no ip address
shutdown
interface GigabitEthernet1/3/17
no switchport
no ip address
shutdown
interface GigabitEthernet1/3/18
no switchport
no ip address
shutdown
interface GigabitEthernet1/3/19
no switchport
no ip address
shutdown
interface GigabitEthernet1/3/20
no switchport
no ip address
shutdown
interface GigabitEthernet1/3/21
no switchport
no ip address
shutdown
interface GigabitEthernet1/3/22
no switchport
no ip address
shutdown
interface GigabitEthernet1/3/23
no switchport
no ip address
shutdown
interface GigabitEthernet1/3/24
no switchport
no ip address
shutdown
interface GigabitEthernet1/3/25
no switchport
no ip address
shutdown
interface GigabitEthernet1/3/26
no switchport
no ip address
shutdown
interface GigabitEthernet1/3/27
no switchport
no ip address
shutdown
interface GigabitEthernet1/3/28
no switchport
no ip address
shutdown
interface GigabitEthernet1/3/29
no switchport
no ip address
shutdown
interface GigabitEthernet1/3/30
no switchport
no ip address
shutdown
interface GigabitEthernet1/3/31
no switchport
no ip address
shutdown
interface GigabitEthernet1/3/32
no switchport
no ip address
shutdown
interface GigabitEthernet1/3/33
no switchport
no ip address
shutdown
interface GigabitEthernet1/3/34
no switchport
no ip address
shutdown
interface GigabitEthernet1/3/35
no switchport
no ip address
shutdown
interface GigabitEthernet1/3/36
no switchport
no ip address
shutdown
interface GigabitEthernet1/3/37
no switchport
no ip address
shutdown
interface GigabitEthernet1/3/38
no switchport
no ip address
shutdown
interface GigabitEthernet1/3/39
no switchport
no ip address
shutdown
interface GigabitEthernet1/3/40
no switchport
no ip address
shutdown
interface GigabitEthernet1/3/41
no switchport
no ip address
shutdown
interface GigabitEthernet1/3/42
no switchport
no ip address
shutdown
interface GigabitEthernet1/3/43
no switchport
no ip address
shutdown
interface GigabitEthernet1/3/44
no switchport
no ip address
shutdown
interface GigabitEthernet1/3/45
no switchport
no ip address
shutdown
interface GigabitEthernet1/3/46
no switchport
no ip address
shutdown
interface GigabitEthernet1/3/47
switchport
switchport access vlan 107
switchport mode access
spanning-tree portfast edge
interface GigabitEthernet1/3/48
switchport
switchport access vlan 152
switchport mode access
interface GigabitEthernet1/5/1
no switchport
no ip address
shutdown
interface GigabitEthernet1/5/2
no switchport
no ip address
shutdown
interface GigabitEthernet1/5/3
no switchport
no ip address
shutdown
interface TenGigabitEthernet1/5/4
description *** Connected to CS-2 Port Ten 2/5/4 ***
no switchport
no ip address
mls qos trust cos
channel-group 10 mode on
interface TenGigabitEthernet1/5/5
description *** Connected to CS-2 Port Ten 2/5/5 ***
no switchport
no ip address
mls qos trust cos
channel-group 10 mode on
interface TenGigabitEthernet2/1/1
switchport
switchport trunk encapsulation dot1q
switchport mode trunk
shutdown
interface TenGigabitEthernet2/1/2
switchport
switchport trunk encapsulation dot1q
switchport mode trunk
shutdown
interface TenGigabitEthernet2/1/3
switchport
switchport trunk encapsulation dot1q
switchport mode trunk
channel-group 1 mode on
interface TenGigabitEthernet2/1/4
switchport
switchport trunk encapsulation dot1q
switchport mode trunk
channel-group 2 mode on
interface TenGigabitEthernet2/1/5
switchport
switchport trunk encapsulation dot1q
switchport mode trunk
channel-group 3 mode on
interface TenGigabitEthernet2/1/6
switchport
switchport trunk encapsulation dot1q
switchport mode trunk
channel-group 4 mode on
interface TenGigabitEthernet2/1/7
switchport
switchport trunk encapsulation dot1q
switchport mode trunk
channel-group 5 mode on
interface TenGigabitEthernet2/1/8
switchport
switchport trunk encapsulation dot1q
switchport mode trunk
channel-group 6 mode on
interface TenGigabitEthernet2/2/1
switchport
switchport trunk encapsulation dot1q
switchport mode trunk
channel-group 7 mode on
interface TenGigabitEthernet2/2/2
switchport
switchport trunk encapsulation dot1q
switchport mode trunk
channel-group 8 mode on
interface TenGigabitEthernet2/2/3
switchport
switchport trunk encapsulation dot1q
switchport mode trunk
channel-group 9 mode on
interface TenGigabitEthernet2/2/4
switchport
switchport trunk encapsulation dot1q
switchport mode trunk
channel-group 11 mode on
interface TenGigabitEthernet2/2/5
switchport
switchport trunk encapsulation dot1q
switchport mode trunk
interface TenGigabitEthernet2/2/6
switchport
switchport trunk encapsulation dot1q
switchport mode trunk
interface TenGigabitEthernet2/2/7
switchport
switchport trunk encapsulation dot1q
switchport mode trunk
interface TenGigabitEthernet2/2/8
switchport
switchport trunk encapsulation dot1q
switchport mode trunk
interface GigabitEthernet2/3/1
switchport
switchport access vlan 183
switchport mode access
interface GigabitEthernet2/3/2
switchport
switchport access vlan 183
switchport mode access
interface GigabitEthernet2/3/3
switchport
switchport access vlan 183
switchport mode access
interface GigabitEthernet2/3/4
switchport
switchport access vlan 183
switchport mode access
interface GigabitEthernet2/3/5
no switchport
no ip address
shutdown
interface GigabitEthernet2/3/6
no switchport
no ip address
shutdown
interface GigabitEthernet2/3/7
no switchport
no ip address
shutdown
interface GigabitEthernet2/3/8
no switchport
no ip address
shutdown
interface GigabitEthernet2/3/9
no switchport
no ip address
shutdown
interface GigabitEthernet2/3/10
no switchport
no ip address
shutdown
interface GigabitEthernet2/3/11
no switchport
no ip address
shutdown
interface GigabitEthernet2/3/12
no switchport
no ip address
shutdown
interface GigabitEthernet2/3/13
no switchport
no ip address
shutdown
interface GigabitEthernet2/3/14
no switchport
no ip address
shutdown
interface GigabitEthernet2/3/15
no switchport
no ip address
shutdown
interface GigabitEthernet2/3/16
no switchport
no ip address
shutdown
interface GigabitEthernet2/3/17
no switchport
no ip address
shutdown
interface GigabitEthernet2/3/18
no switchport
no ip address
shutdown
interface GigabitEthernet2/3/19
no switchport
no ip address
shutdown
interface GigabitEthernet2/3/20
no switchport
no ip address
shutdown
interface GigabitEthernet2/3/21
no switchport
no ip address
shutdown
interface GigabitEthernet2/3/22
no switchport
no ip address
shutdown
interface GigabitEthernet2/3/23
no switchport
no ip address
shutdown
interface GigabitEthernet2/3/24
no switchport
no ip address
shutdown
interface GigabitEthernet2/3/25
no switchport
no ip address
shutdown
interface GigabitEthernet2/3/26
no switchport
no ip address
shutdown
interface GigabitEthernet2/3/27
no switchport
no ip address
shutdown
interface GigabitEthernet2/3/28
no switchport
no ip address
shutdown
interface GigabitEthernet2/3/29
no switchport
no ip address
shutdown
interface GigabitEthernet2/3/30
no switchport
no ip address
shutdown
interface GigabitEthernet2/3/31
no switchport
no ip address
shutdown
interface GigabitEthernet2/3/32
no switchport
no ip address
shutdown
interface GigabitEthernet2/3/33
no switchport
no ip address
shutdown
interface GigabitEthernet2/3/34
no switchport
no ip address
shutdown
interface GigabitEthernet2/3/35
no switchport
no ip address
shutdown
interface GigabitEthernet2/3/36
no switchport
no ip address
shutdown
interface GigabitEthernet2/3/37
no switchport
no ip address
shutdown
interface GigabitEthernet2/3/38
no switchport
no ip address
shutdown
interface GigabitEthernet2/3/39
no switchport
no ip address
shutdown
interface GigabitEthernet2/3/40
no switchport
no ip address
shutdown
interface GigabitEthernet2/3/41
no switchport
no ip address
shutdown
interface GigabitEthernet2/3/42
no switchport
no ip address
shutdown
interface GigabitEthernet2/3/43
no switchport
no ip address
shutdown
interface GigabitEthernet2/3/44
no switchport
no ip address
shutdown
interface GigabitEthernet2/3/45
no switchport
no ip address
shutdown
interface GigabitEthernet2/3/46
no switchport
no ip address
shutdown
interface GigabitEthernet2/3/47
no switchport
no ip address
shutdown
interface GigabitEthernet2/3/48
no switchport
no ip address
shutdown
interface GigabitEthernet2/5/1
no switchport
no ip address
shutdown
interface GigabitEthernet2/5/2
no switchport
no ip address
shutdown
interface GigabitEthernet2/5/3
no switchport
no ip address
shutdown
interface TenGigabitEthernet2/5/4
description *** Connected to CS-1 Port Ten 1/5/4 ***
no switchport
no ip address
mls qos trust cos
channel-group 20 mode on
interface TenGigabitEthernet2/5/5
description *** Connected to CS-1 Port Ten 1/5/5 ***
no switchport
no ip address
mls qos trust cos
channel-group 20 mode on
interface Vlan1
no ip address
interface Vlan101
description *** Grd Floor Data Vlan ***
ip address 10.39.101.126 255.255.255.128
interface Vlan102
description *** Grd Floor Voice Vlan ***
ip address 10.39.101.254 255.255.255.128
interface Vlan103
description *** MZ Floor Data Vlan ***
ip address 10.39.102.126 255.255.255.128
interface Vlan104
description *** MZ Floor Voice Vlan ***
ip address 10.39.102.254 255.255.255.128
interface Vlan105
description *** 1st Floor Data Vlan ***
ip address 10.39.103.126 255.255.255.128
interface Vlan106
description *** 1st Floor Voice Vlan ***
ip address 10.39.103.254 255.255.255.128
interface Vlan107
description *** 2nd Floor Data Vlan ***
ip address 10.39.104.126 255.255.255.128
interface Vlan108
description *** 2nd Floor Voice Vlan ***
ip address 10.39.104.254 255.255.255.128
interface Vlan109
description *** 3rd Floor Data Vlan ***
ip address 10.39.105.126 255.255.255.128
interface Vlan110
description *** 3rd Floor Voice Vlan ***
ip address 10.39.105.254 255.255.255.128
interface Vlan111
description *** 4th Floor Data Vlan ***
ip address 10.39.106.126 255.255.255.128
interface Vlan112
description *** 4th Floor Voice Vlan ***
ip address 10.39.106.254 255.255.255.128
interface Vlan113
description *** 5th Floor Data Vlan ***
ip address 10.39.107.126 255.255.255.128
interface Vlan114
description *** 5th Floor Voice Vlan ***
ip address 10.39.107.254 255.255.255.128
interface Vlan115
description *** 6th Floor Data Vlan ***
ip address 10.39.108.126 255.255.255.128
interface Vlan116
description *** 6th Floor Voice Vlan ***
ip address 10.39.108.254 255.255.255.128
interface Vlan117
description *** 7th Floor Data Vlan ***
ip address 10.39.109.126 255.255.255.128
interface Vlan118
description *** 7th Floor Voice Vlan ***
ip address 10.39.109.254 255.255.255.128
interface Vlan119
description *** 8th Floor Data Vlan ***
ip address 10.39.110.126 255.255.255.128
interface Vlan120
description *** 8th Floor Voice Vlan ***
ip address 10.39.110.254 255.255.255.128
interface Vlan121
description *** 9th Floor Voice Vlan ***
ip address 10.39.111.126 255.255.255.128
interface Vlan122
description *** 9th Floor Voice Vlan ***
ip address 10.39.111.254 255.255.255.128
interface Vlan123
description *** 10th Floor Voice Vlan ***
ip address 10.39.112.126 255.255.255.128
interface Vlan124
description *** 10th Floor Voice Vlan ***
ip address 10.39.112.254 255.255.255.128
interface Vlan150
description *** Printer Vlan ***
ip address 10.39.120.254 255.255.255.0
interface Vlan151
description *** Connected to Juniper FW Port Ten 0 ***
ip address 10.39.121.1 255.255.255.240
interface Vlan183
description *** Network Management Vlan ***
ip address 10.39.139.254 255.255.255.0
interface Vlan300
ip address 192.168.200.1 255.255.255.0
ip classless
ip route 0.0.0.0 0.0.0.0 10.39.140.169
ip route 0.0.0.0 0.0.0.0 10.39.121.14
no ip http server
no ip http secure-server
control-plane
dial-peer cor custom
line con 0
login local
line vty 0 4
login local
line vty 5 15
login local
mac-address-table aging-time 480
no event manager policy Mandatory.go_switchbus.tcl type system
module provision switch 1
slot 1 slot-type 227 port-type 60 number 8 virtual-slot 17
slot 2 slot-type 227 port-type 60 number 8 virtual-slot 18
slot 3 slot-type 147 port-type 61 number 48 virtual-slot 19
slot 4 slot-type 242 port-type 31 number 10 virtual-slot 20
slot 5 slot-type 254 port-type 31 number 2 port-type 61 number 1 port-type 60 number 2 virtual-slot 21
module provision switch 2
slot 1 slot-type 227 port-type 60 number 8 virtual-slot 33
slot 2 slot-type 227 port-type 60 number 8 virtual-slot 34
slot 3 slot-type 147 port-type 61 number 48 virtual-slot 35
slot 4 slot-type 242 port-type 31 number 10 virtual-slot 36
slot 5 slot-type 254 port-type 31 number 2 port-type 61 number 1 port-type 60 number 2 virtual-slot 37
end
Thanks & Awaiting for response.

Catalyst 4503 VLAN & DHCP

Hi, I have configured a few VLANs for my 4503. Is it possible to have DHCP server turn on for each VLAN? If yes, can anyone share some light on how? I tried but failed.

fong.. you can have the same dhcp server for all vlans.. configure "ip helper-address x.x.x.x" on the incoming vlan interfaces.. x.x.x.x -> dhcp server...
was this your query ? do let us know
Raj

VLAN DHCP Release not assigns dhcp ip for the first attempt

Hello,
I have a configured ISE with CWA enabled.
I have a DHCP Server provides auto ip from (vlan-2) to connect to my ISE and access to the Guest-Portal (that is a range from 192.168.2.0)
I have another DHCP Server which provides auto ip from another range (192.168.110.0) which is my Guest-VLAN
The issue we have is, while a guest user first connects to wifi, he gets an ip from my first-dhcp server (vlan-2) and is redirected to the Guest-Portal, but as soon as he enters his user-credintials he is connected to the Guest-VLAN as shown on my ISE and WLC reports,   but the User does not get Guest-VLAN-IP from dhcp server. unless he disconnects from the wifi and reconnect .
What can be the issue, why my users has to connect to the wifi twice to gets the guest vlan ip ?    althrough vlan dhcp replase option on my ise is correctly configured

Hi,
Can u check time and time zones on your switches are correctly configured? Are there any NTP Server?
And pls send "show version" printout...

How can I use Powershell to "Complete dhcp configuration" ?

I installed the DHCP Server feature with Powershell and now I'm wondering how to "Complete dhcp configuration" also with Powershell?
Here's what I did (example):
Install-WindowsFeature DHCP -IncludeManagementTools
Add-DhcpServerv4Scope -name "Corpnet" -StartRange 10.0.0.100 -EndRange 10.0.0.200
-SubnetMask 255.255.255.0
Set-DhcpServerv4OptionValue -DnsDomain corp.contoso.com -DnsServer 10.0.0.1
Add-DhcpServerInDC -DnsName dc1.corp.contoso.com
"Server Manager |> DHCP" now informs me that "Configuration required for DHCP Server at DC1" and by selecting "More" I can "Complete dhcp configuration". So, how do I complete the task with Powershell?
Thanks!

I installed the DHCP Server feature with Powershell and now I'm wondering how to "Complete dhcp configuration" also with Powershell?
Here's what I did (example):
Install-WindowsFeature DHCP -IncludeManagementTools
Add-DhcpServerv4Scope -name "Corpnet" -StartRange 10.0.0.100 -EndRange
10.0.0.200 -SubnetMask 255.255.255.0
Set-DhcpServerv4OptionValue -DnsDomain corp.contoso.com -DnsServer 10.0.0.1
Add-DhcpServerInDC -DnsName dc1.corp.contoso.com
"Server Manager |> DHCP" now informs me that "Configuration required for DHCP Server at DC1" and by selecting "More" I can "Complete dhcp configuration". So, how do I complete the task with Powershell?
Thanks!
For a very belated answer, you need to set a registry value to tell it that the configuration has been completed.
Set-ItemProperty -Path HKLM:\SOFTWARE\Microsoft\ServerManager\Roles\12 -Name ConfigurationState -Value 2;
Restart-Service DHCPServer;

Windows 2008 DNS & DHCP configuration steps for 11gR2 GI install with GNS

Hi,
I have windows 2008 R2 server with DNS & DHCP services installed. I am planning to install 2 node RAC with GNS option.
The problem is i could not find any document to setup the windows 2008 DNS server for the below steps.
a. Configure GNS VIP : add a name resolution entry in a DNS for the GNS virtual IP address in the forward Lookup file.
gns-server IN A <virtual_IP>
where gns-server is the GNS virtual IP address given during grid installation.
b. Configure the GNS sub-domain delegation: add an entry in the DNS to establish DNS Lookup that directs the DNS resolution of a GNS subdomain to the cluster.
clusterdomain.example.com. NS gns-server.example.com.
where clusterdomain.example.com is the GNS subdomain (provided during grid installation) that you
delegate and gns-server.clustername.com resolves to GNS virtual IP address.
I am aware that this configuration steps has to be taken care by the System administrator. Here is what he tried and the results.
My SA was able to Configure GNS VIP in the DNS and the Nslookup works fine for this.
When he Configures the GNS sub-domain delegation the nslookup fails when trying to resolve the SCAN name.
Any step by step tutorial for this windows 2008 DNS & DHCP configuration for Oracle GNS setup would be highly appreciated.
Thanks,
Ashok Kumar.G

Hi Guys,
Any help on this request will be very helpful.
Thanks,
Ashok Kumar.G

DHCP configuration options

Can anyone tell me how to change the DHCP configuration options - the same information found in dhclient.conf in linux/unix - under OSX? A corporate client of mine provides wireless internet at all their facilities, but no one with a Mac has ever been able to connect. The wireless connection comes up and is stable, but the Mac never receives an IP address. I am fairly certain they forward DHCP requests to a centralized server that handles multiple LAN segments. I suspect something in the format of the DHCP packet, perhaps one of the many options, is causing their router to drop the Mac's DHCP request packet. I have captured DHCP requests from OSX and Win2K using Ethereal, so I have some idea what options to try changing, but I need to know how to go about it. I've tried adding a dhclient.conf file, but OSX seems to ignore this.
Needless to say, this is not a simple question and I realize I'll be fiddling at low levels. However, I've tried everything there is to try with the control panel, command lines, etc. I generally have no problems getting WiFi to work across Mac and windoze whether at home, in hotel rooms, or at corporate locations, but this one really has me stumped. Any help is appreciated.

How are you connecting to the wireless network? Is it a closed network with security, or an open network? There are a lot of different protocols in play with a wireless connection, particularly with Cisco equipment. It's possible Macs don't support one of the protocols where Windows does. There may be extra security such as DHCP client IDs, or using DHCP reservations only. There could be MAC address security setup on the wireless APs.
I would ask one of your PC buddies help you find an unused address. Set that manually and see if everything works. If it does you know you have a DHCP problem. If it doesn't there's a problem with the wireless connection

Add switchports to new VLAN/DHCP pool

Hello community,
Our company recently added a new VLAN/Subnet/DHCP pool to seperate the physical workstations. I updated a few interfaces to the new VLAN...which is fine for testing a few workstations, however what is the best approach and least disruptive way to update a range of ports to the new VLAN/DHCP pool.
Can we update the Interfaces to the new VLAN with the range command.....let the current DHCP lease expire and then they would get an ip from new Pool? Should we lower the lease time on old pool? ...I think it is currenty set to 24hr (default)
Please include IOS commands
Much appreciated!

Hello,
Create the new DHCP pool on your DHCP server, and lower the lease time of old pool, after pcs are get the new ip addresses, create a new vlan and assign the ports to this vlan.
ip dhcp pool OLDPOOL
network 192.168.1.0 255.255.255.0
default-router 192.168.1.1
ip dhcp pool NEWPOOL
network 192.168.2.0 255.255.255.0
default-router 192.168.2.1
interface range f0/1 - 24
switchport mode access
switchport access vlan 1

How to configure netboot across vlans/DHCP when already a windows bootp server in the mix?

Hi All,
We just moved to multiple VLAN's for our Mac's in a mostly WIndows environment. DHCP option 66 points to a Windows Deployment Server & option 67 to the WDS file.
I've tried "sudo bless –netboot –server bsdp://10.2.0.1" on a client but get "Netboot scheme bspd not supported on EFI systems".
I can get changes to the DHCP scopes if needed -except for the boot server, so I was thinking using something like using DHCP Vendor Class Identifier to specify a different bootp server but have no clues how...
Any ideas?
Cheers
Steve

You might check out the "How to boot across subnets" page at <http://afp548.com/mactips/>. It has a bunch of info.

WLC 5508 Flexconnect dhcp request landing on wrong vlan/dhcp pool

Hi,
We've recently setup our 5508 to work with Flexconnect. The 5508's run on 8.0.100, they are setup redundant. On the remote site we've setup a local dhcp pool for the various WLAN's/VLAN's. The AP's have registered with the WLC succesfully.
We then setup the flexconnect groups, added the ap's and configured 1 vlan mapping to it's corresponding wlan id. Alsio setup the wlan, made it so it's using flexconnect, bound it to the interface which will allow it to reach the local dhcp machine.
User can see the SSID, can login using the password, but they are awarded an ip addres from a different dhcp pool, meant for antoher vlan than the bonding in the flexconnect group is indicating.
When I check the local dhcp pool for bindings on the mac address of a machine I can see multiple bindings. At 1 point I had 3 bindings in different pools, 1 on the native vlan for the AP, 1 on the vlan it should have and 1 on another vlan which wasn't configured anywhere in the flexconnect setup.
Does anybody have a clue how and why this is happening?

Just to add to Salma... All your AP's in FlexConnect are most likely connected to a trunk port. Make sure the native Vlan is defined and the vlan's are allowed on the trunk port. Then you need to verify that the AP's native Vlan and WLAN to Vlan mappings are correct. Seems like you might have some AP's that are not defined properly and that's why users that connect to a WLAN is getting in the wrong subnet.
Scott

Cisco 2901 Dual WAN, VRF, Vlan Isolation configuration help

I'm very new to Cisco iOS, so please forgive me. I know what I'm trying to accomplish, but perhaps not best at describing.
I have two ISPs 1) Fiber with Static Range 2) Cable with 1 Static address.
Tasks:
Assign GigE0/0 to Fiber
Assign GigE0/1 to Cable
Create Vlan10 for Fiber connectivity and Static Range (aaa.bbb.ccc.145 - aaa.bbb.ccc.150)
Create Vlan20 for Cable connectivity with ip address 10.10.0.0
Assign GigE0/1/0 - GigE0/1/4 for each static IP address in Fiber range (aaa.bbb.ccc.145 - aaa.bbb.ccc.150) Vlan10
Assign GigE0/1/5 to Cable Vlan20
Expected end result, GigE0/1/0 - 0/1/4 will use Fiber. GigE0/1/5 will use Cable, no failover's.
I have been able to get Fiber connectivity working fine, can ping Vlan and is online. I have been able to get Cable Vlan working fine, but cannot get online. If I ping using a device on a separate network I can hit both Fiber and Cable statically set ip addresses, so WAN config seems to be fine. Internally, Cisco can ping Google from Fiber only, but not from Cable. This is where my i'm new, from my reading it appears as though either PBR or VRF should enable this functionality since the router seems to be unable to redirect traffic for Cable requests. I used this tutorial as my guide (https://learningnetwork.cisco.com/thread/70882), but it's getting lost in translation when trying to actually implement.
Building configuration...
Current configuration : 2905 bytes
! Last configuration change at 06:48:54 UTC Mon Nov 17 2014
version 15.2
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
hostname Cisco2901
boot-start-marker
boot-end-marker
enable secret 5 password
enable password 7 password
no aaa new-model
memory-size iomem 5
ip cef
ip cef load-sharing algorithm original
ip vrf FIBER
ip vrf CABLE
no ip dhcp use vrf connected
ip dhcp pool VLAN10
network aaa.bbb.ccc.144 255.255.255.248
default-router aaa.bbb.ccc.145
dns-server 8.8.8.8 8.8.4.4
class Fiber_Class
address range aaa.bbb.ccc.145 aaa.bbb.ccc.150
ip dhcp pool VLAN20
network 10.10.0.0 255.255.255.0
default-router 10.10.0.1
dns-server 8.8.8.8 8.8.4.4
ip dhcp class Fiber_Class
ip name-server 8.8.8.8
ip name-server 8.8.4.4
no ipv6 cef
multilink bundle-name authenticated
license udi pid CISCO2921/K9 sn FTX1828AKAY
archive
log config
hidekeys
redundancy
interface Embedded-Service-Engine0/0
no ip address
shutdown
interface GigabitEthernet0/0
ip address eee.fff.ggg.58 255.255.255.252
ip nat outside
ip virtual-reassembly in
duplex auto
speed auto
interface GigabitEthernet0/1
ip address hhh.iii.jjj.86 255.255.255.252
ip nat outside
ip virtual-reassembly in
duplex auto
speed auto
interface GigabitEthernet0/2
no ip address
shutdown
duplex auto
speed auto
interface GigabitEthernet0/1/0
switchport access vlan 10
ip vrf forwarding FIBER
no ip address
interface GigabitEthernet0/1/1
switchport access vlan 10
ip vrf forwarding FIBER
no ip address
interface GigabitEthernet0/1/2
switchport access vlan 10
ip vrf forwarding FIBER
no ip address
interface GigabitEthernet0/1/3
switchport access vlan 10
ip vrf forwarding FIBER
no ip address
interface GigabitEthernet0/1/4
switchport access vlan 10
ip vrf forwarding FIBER
no ip address
interface GigabitEthernet0/1/5
switchport access vlan 20
ip vrf forwarding CABLE
no ip address
interface GigabitEthernet0/1/6
no ip address
interface GigabitEthernet0/1/7
no ip address
interface Vlan1
no ip address
interface Vlan10
ip address pool VLAN10
ip nat inside
ip virtual-reassembly in
interface Vlan20
ip address pool VLAN20
ip nat inside
ip virtual-reassembly in
ip forward-protocol nd
no ip http server
no ip http secure-server
ip route 0.0.0.0 0.0.0.0 GigabitEthernet0/0
ip route 0.0.0.0 0.0.0.0 GigabitEthernet0/1
snmp-server community WWM_Cisco2901 RO
snmp-server enable traps entity-sensor threshold
control-plane
line con 0
line aux 0
line 2
no activation-character
no exec
transport preferred none
transport output pad telnet rlogin lapb-ta mop udptn v120 ssh
stopbits 1
line vty 0 4
password 7 password
login
transport input all
scheduler allocate 20000 1000
end

Thanks for your assistance, much appreciated. So I adjusted per your recommendation, and in the process lost Fiber connectivity. Perhaps I misunderstood a suggestion? This is my current (failing) config:
Building configuration...
Current configuration : 2905 bytes
! Last configuration change at 06:48:54 UTC Mon Nov 17 2014
version 15.2
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
hostname Cisco2901
boot-start-marker
boot-end-marker
enable secret 5 password
enable password 7 password
no aaa new-model
memory-size iomem 5
ip cef
ip cef load-sharing algorithm original
ip vrf CABLE
rd 1:20
ip vrf FIBER
rd 1:10
no ip dhcp use vrf connected
ip dhcp excluded-address aaa.bbb.ccc.145
ip dhcp excluded-address 10.10.0.1
ip dhcp pool VLAN10
network aaa.bbb.ccc.144 255.255.255.248
default-router aaa.bbb.ccc.145
dns-server 8.8.8.8 8.8.4.4
class Fiber_Class
address range aaa.bbb.ccc.145 aaa.bbb.ccc.150
ip dhcp pool VLAN20
network 10.10.0.0 255.255.255.0
default-router 10.10.0.1
dns-server 8.8.8.8 8.8.4.4
ip dhcp pool LANUSERS
import all
network aaa.bbb.ccc.0 255.255.255.0
network 10.10.0.0 255.255.255.0 secondary
override default-router 10.10.0.1
default-router aaa.bbb.ccc.145
dns-server 8.8.8.8 8.8.4.4
lease 0 8
ip dhcp class Fiber_Class
ip name-server 8.8.8.8
ip name-server 8.8.4.4
no ipv6 cef
multilink bundle-name authenticated
license udi pid CISCO2921/K9 sn FTX1828AKAY
archive
log config
hidekeys
redundancy
interface Embedded-Service-Engine0/0
no ip address
shutdown
interface GigabitEthernet0/0
ip address eee.fff.ggg.58 255.255.255.252
ip nat outside
ip virtual-reassembly in
duplex auto
speed auto
interface GigabitEthernet0/1
ip address hhh.iii.jjj.86 255.255.255.252
ip nat outside
ip virtual-reassembly in
duplex auto
speed auto
interface GigabitEthernet0/2
no ip address
shutdown
duplex auto
speed auto
interface GigabitEthernet0/1/0
switchport access vlan 10
ip vrf forwarding FIBER
no ip address
interface GigabitEthernet0/1/1
switchport access vlan 10
ip vrf forwarding FIBER
no ip address
interface GigabitEthernet0/1/2
switchport access vlan 10
ip vrf forwarding FIBER
no ip address
interface GigabitEthernet0/1/3
switchport access vlan 10
ip vrf forwarding FIBER
no ip address
interface GigabitEthernet0/1/4
switchport access vlan 10
ip vrf forwarding FIBER
no ip address
interface GigabitEthernet0/1/5
switchport access vlan 20
ip vrf forwarding CABLE
no ip address
interface GigabitEthernet0/1/6
no ip address
interface GigabitEthernet0/1/7
no ip address
interface Vlan1
no ip address
interface Vlan10
ip vrf forwarding FIBER
ip address aaa.bbb.ccc.145 255.255.255.248
ip nat inside
ip virtual-reassembly in
interface Vlan20
ip vrf forwarding CABLE
ip address 10.10.0.0 255.0.0.0
ip nat inside
ip virtual-reassembly in
ip forward-protocol nd
no ip http server
no ip http secure-server
ip nat inside source route-map VLAN10 interface GigabitEthernet0/0 overload
ip nat inside source route-map VLAN20 interface GigabitEthernet0/1 overload
ip route 0.0.0.0 0.0.0.0 aaa.bbb.ccc.145
ip route 10.10.0.0 255.255.255.0 Vlan20
ip route aaa.bbb.ccc.0 255.255.255.0 Vlan10
ip route vrf FIBER aaa.bbb.ccc.0 255.255.255.0 Null0
ip route vrf CABLE 10.10.0.0 255.255.255.0 Null0
access-list 10 permit aaa.bbb.ccc.0 0.0.0.255
access-list 20 permit 10.10.0.0 0.0.0.255
route-map VLAN10 permit 10
match ip address 10
match interface GigabitEthernet0/0
route-map VLAN20 permit 20
match ip address 20
match interface GigabitEthernet0/1
snmp-server community WWM_Cisco2901 RO
snmp-server enable traps entity-sensor threshold
control-plane
line con 0
line aux 0
line 2
no activation-character
no exec
transport preferred none
transport output pad telnet rlogin lapb-ta mop udptn v120 ssh
stopbits 1
line vty 0 4
password 7 password
login
transport input all
scheduler allocate 20000 1000
end

DHCP Configuration

Hi,
Below are the configurations of DHCP Server in 3550, it perfectly works fine & assigning the IP address across multiple VLAN's.now i wanted a setup in such a way that, i should not configure 3550 as DHCP Server, i wanted to make 2950 as DHCP Server, i mean we have got so many 2950 switchez, all switches are in same VLAN, but the PC's in every department are in different VLAN's. so i tried the option mentioned, but it doesn't work? where in do it in individual switch, it works, so how to proceed now. Thanks in advance & Happy New Year.
3550 (Working)
ip routing
ip dhcp pool A
network 10.1.1.0 255.255.255.0
default-router 10.1.1.1
ip dhcp pool B
network 10.2.1.0 255.255.255.0
default-router 10.2.1.1
ip dhcp pool C
network 10.3.1.0 255.255.255.0
default-router 10.3.1.1
ip dhcp-server 10.1.1.1
ip dhcp-server 10.2.1.1
ip dhcp-server 10.3.1.1
ip dhcp snooping
interface gigabitethernet 0/1
description ***Connected to 2950***
switchport trunk encapsulation dot1q
switchport mode trunk
vlan 2
ip address 10.2.1.1 255.255.255.0
vlan 3
ip address 10.3.1.1 255.255.255.0
vlan 4
description ***Switch***
ip address 10.4.1.1 255.255.255.0
2950 (Not Working Configuration)
ip dhcp pool A
network 10.1.1.0 255.255.255.0
default-router 10.1.1.1
ip dhcp-server 10.1.1.1
ip dhcp snooping
interface vlan 4
ip address 10.4.1.1 255.255.255.0
interface fastethernet 0/1
switchport access vlan 2
switchmode access
spanning-tree portfast
interface gigabit 0/1
description ***Connected to 3550***
switchport mode trunk
2950 (Individual working Configuration)
ip dhcp pool A
network 10.1.1.0 255.255.255.0
default-router 10.1.1.1
ip dhcp-server 10.1.1.1
ip dhcp snooping
interface vlan 4
ip address 10.1.1.1 255.255.255.0
interface fastethernet 0/1
switchport access vlan 4
switchmode access
spanning-tree portfast
interface gigabit 0/1
description ***Connected to 3550***
switchport mode trunk

Hi,
in the *not wotking* 2950 example, the 2950 should provide IP addresses to which clients? Why is the DHCP server set to 10.1.1.1, when the Switch IP is 10.4.1.1?
Do you have IP connectivity to all the other switches?
A DHCP request from a PC is sent as a broadcast. When it reaches the DHCP server it will determine the proper pool from the interface it was received. So try to place the 3550 DHCP config completely into one of the 2950 switches. Also make sure not to have duplicate IPs.
In case direct broadcast access to the DHCP server is not possible you will need a DHCP proxy. This can be achieved by "ip helper-address 1.2.3.4".
Hope this helps

Remote APs with multiple vlan / dhcp

On one of our 5508 controllers we have approx 40 APs, about 20 local and 20 flexiconnect. Until now we have only had one vlan on the flexiconnect APs, but our local APs have several SSIDs connecting to different Vlans and assigned different dhcp addresses correctly.
We now have the need to have multiple SSIDs on some sites being assigned different IPs.
I have created the interfaces, with the correct ip and dhcp server, linked with the correct AP group. The SSID is shown and can be connected, but the original ip is being assigned and not the new range.
I have not yet created any security policies so the new range has full access to the entire network and the controller can ping the new remote vlans.
If i hard connect to the switch on the new vlan, I am assigned the correct new IP range, so this is working.
I cannot see why devices connected to the new SSID are not being assigned the correct IP range.

You need to review the FlexConnect configuration guide. You need to trunk the ap port if more than one vlan is required, you also need to enable FlexConnect local switching in the WLAN, you need to also define the WLAN to vlan mapping on each FlexConnect AP.
It varies depending if you want to place traffic locally at the site or tunnel it back.
https://supportforums.cisco.com/docs/DOC-24082
Sent from Cisco Technical Support iPhone App

AP Vlan & DHCP configuration

Similar Messages

Maybe you are looking for