Flexconnect - Local Switching and DHCP Server Location

Similar Messages

• Flexconnect Local Switching Hosts Do Not Receive IP Addresses

  Hello,
  My WLC software version is 7.4.110.0. I have a branch office in my lab. The AP in my branch is configured as flexconnect with native VLAN of 700. The SSID that I have in the branch office is configured to do local switching. The show wlan is added below.
  My tunneled SSID still working and I can still receive IP addresses from it. My issue is last week I have the Flexconnect working with no problem, then this morning I can connect to the SSID, but I'm not receiving IP addresses for my test wireless clients.
  Thanks
  [code]
  WLAN Identifier.................................. 2
  Profile Name..................................... ACS Guest
  Network Name (SSID).............................. RMTGuest
  Status........................................... Enabled
  MAC Filtering.................................... Disabled
  Broadcast SSID................................... Enabled
  AAA Policy Override.............................. Disabled
  Network Admission Control
    Client Profiling Status ....................... Disabled
     DHCP ......................................... Disabled
     HTTP ......................................... Disabled
    Radius-NAC State............................... Disabled
    SNMP-NAC State................................. Disabled
    Quarantine VLAN................................ 0
  Maximum number of Associated Clients............. 0
  Maximum number of Clients per AP Radio........... 200
  Number of Active Clients......................... 0
  Exclusionlist Timeout............................ 60 seconds
  Session Timeout.................................. 1800 seconds
  User Idle Timeout................................ 300 seconds
  --More-- or (q)uit
  User Idle Threshold.............................. 0 Bytes
  NAS-identifier................................... RK2WLC5508-01
  CHD per WLAN..................................... Enabled
  Webauth DHCP exclusion........................... Disabled
  Interface........................................ management
  Multicast Interface.............................. Not Configured
  WLAN IPv4 ACL.................................... unconfigured
  WLAN IPv6 ACL.................................... unconfigured
  mDNS Status...................................... Disabled
  mDNS Profile Name................................ unconfigured
  DHCP Server...................................... 172.28.27.130
  DHCP Address Assignment Required................. Disabled
  Static IP client tunneling....................... Disabled
  PMIPv6 Mobility Type............................. none
  Quality of Service............................... Silver
  Per-SSID Rate Limits............................. Upstream          Downstream
  Average Data Rate................................   0                      0
  Average Realtime Data Rate.......................   0                      0
  Burst Data Rate..................................   0                      0
  Burst Realtime Data Rate.........................   0                      0
  Per-Client Rate Limits........................... Upstream          Downstream
  Average Data Rate................................   0                      0
  Average Realtime Data Rate.......................   0                      0
  --More-- or (q)uit
  Burst Data Rate..................................   0                      0
  Burst Realtime Data Rate.........................   0                      0
  Scan Defer Priority.............................. 4,5,6
  Scan Defer Time.................................. 100 milliseconds
  WMM.............................................. Allowed
  WMM UAPSD Compliant Client Support............... Disabled
  Media Stream Multicast-direct.................... Disabled
  CCX - AironetIe Support.......................... Enabled
  CCX - Gratuitous ProbeResponse (GPR)............. Disabled
  CCX - Diagnostics Channel Capability............. Disabled
  Dot11-Phone Mode (7920).......................... Disabled
  Wired Protocol................................... None
  Passive Client Feature........................... Disabled
  Peer-to-Peer Blocking Action..................... Disabled
  Radio Policy..................................... All
  DTIM period for 802.11a radio.................... 1
  DTIM period for 802.11b radio.................... 1
  Radius Servers
     Authentication................................ Disabled
     Accounting.................................... Disabled
     Dynamic Interface............................. Disabled
     Dynamic Interface Priority.................... wlan
  Local EAP Authentication......................... Disabled
  --More-- or (q)uit
  Security
     802.11 Authentication:........................ Open System
     FT Support.................................... Disabled
     Static WEP Keys............................... Disabled
     802.1X........................................ Disabled
     Wi-Fi Protected Access (WPA/WPA2)............. Enabled
        WPA (SSN IE)............................... Disabled
        WPA2 (RSN IE).............................. Enabled
           TKIP Cipher............................. Disabled
           AES Cipher.............................. Enabled
                                                                 Auth Key Management
           802.1x.................................. Disabled
           PSK..................................... Enabled
           CCKM.................................... Disabled
           FT-1X(802.11r).......................... Disabled
           FT-PSK(802.11r)......................... Disabled
           PMF-1X(802.11w)......................... Disabled
           PMF-PSK(802.11w)........................ Disabled
        FT Reassociation Timeout................... 20
        FT Over-The-DS mode........................ Enabled
        GTK Randomization.......................... Disabled
        SKC Cache Support.......................... Disabled
  --More-- or (q)uit
        CCKM TSF Tolerance......................... 1000
     WAPI.......................................... Disabled
     Wi-Fi Direct policy configured................ Disabled
     EAP-Passthrough............................... Disabled
     CKIP ......................................... Disabled
     Web Based Authentication...................... Disabled
     Web-Passthrough............................... Disabled
     Conditional Web Redirect...................... Disabled
     Splash-Page Web Redirect...................... Disabled
     Auto Anchor................................... Disabled
     FlexConnect Local Switching................... Enabled
     flexconnect Central Dhcp Flag................. Disabled
     flexconnect nat-pat Flag...................... Disabled
     flexconnect Dns Override Flag................. Disabled
     FlexConnect Vlan based Central Switching ..... Disabled
     FlexConnect Local Authentication.............. Disabled
     FlexConnect Learn IP Address.................. Enabled
     Client MFP.................................... Optional
     PMF........................................... Disabled
     PMF Association Comeback Time................. 1
     PMF SA Query RetryTimeout..................... 200
     Tkip MIC Countermeasure Hold-down Timer....... 60
  AVC Visibilty.................................... Disabled
  --More-- or (q)uit
  AVC Profile Name................................. None
  Flow Monitor Name................................ None
  Call Snooping.................................... Disabled
  Roamed Call Re-Anchor Policy..................... Disabled
  SIP CAC Fail Send-486-Busy Policy................ Enabled
  SIP CAC Fail Send Dis-Association Policy......... Disabled
  KTS based CAC Policy............................. Disabled
  Assisted Roaming Prediction Optimization......... Disabled
  802.11k Neighbor List............................ Disabled
  802.11k Neighbor List Dual Band.................. Disabled
  Band Select...................................... Disabled
  Load Balancing................................... Disabled
  Multicast Buffer................................. Disabled
  Mobility Anchor List
  WLAN ID     IP Address            Status
  802.11u........................................ Disabled
  MSAP Services.................................. Disabled
  [/code]

  is the VLAN still mapped on the AP, and allowed across the trunk?
  HTH,
  Steve
  Please remember to rate useful posts, and mark questions as answered

• WebAuth on FlexConnect Local Switched SSID

  Hi All
  I'm working on getting internal WebAuth to work on a FlexConnect local switched SSID. From what I've been reading, it's possible but apparently not very straight forward. 
  FlexConnect AP - if the SSID isn't local switch, WebAuth of course works fine.
  Once I set it to local switching, WebAuth breaks. Any way around that in 7.6?
  Thanks

  Figured it out just now. When using the WLC as a DHCP server(this is just a lab), selecting the Central DHCP Processing for use when in Local Switching also selects a box for NAT-PAT. Unselecting the NAT-PAT box fixed the broken WebAuth. 
  Going to have to figure out what that does.

• Same wlan both locally switched and centrally switched

  Scenario:
  1 virtual wireless controller
  50 access points, some of them some local to the controller (same site), other on remote sites, all in flexconnect mode.
  Is there a way for a wlan to be locally switched for a group of ap's, essentialy those local to the controller, and centrally switched for other groups of ap's, in fact those placed on remote sites?
  I've tried configuring flexconnect groups, and ap groups, but no luck, I've found no way to override the globally configured flag "flexconnec local switching".
  I've also tried to create two identical wlans, one locally switched and the second globally switched, but the wlc refuses to activate the second one since it has the same ssid of the first one.
  Regards,
  Massimo. 

  Since you have vWLC all AP needs to be in FlexConnect mode (If you got a normal WLC you can keep HQ AP in local mode & Remote AP in Flex mode to achieve this)
  I think in your case you have to either choose "Central Switching" or "local switching" for your APs.
  Regards
  Rasika
  **** Pls rate all useful responses ****

• MDNS cannot be configured when FlexConnect Local Switching is enabled

  I am running Cisco Prime Infrastructu tore 1.3 and I am trying to push a template to allow flexconect local switching on a wlan.  However, when I attempt this, I get the message "mDNS cannot be configured when FlexConnect Local Switching is enabled" and I cannot save the template or apply it to controllers.  My controllers are WISM 2s running 7.0.235.3.

  Make sure you uncheck the mDNS option on the advanced tab of the WLAN template. You cannot use mDNS in conjunction with Flexconnect locally switched WLANs.
  Sent from Cisco Technical Support iPhone App

• Etherchannel or Aggregated ports between switch and AIX server

  I have a problem with the configuration of an etherchannel or port aggregation between an 4507 Catalyst switch and a server running AIX 5.2 maintenance level 4. The two ports on the switch are on the same blade.
  I tried configuring etherchannel with the command
  config-if# channel-group XX mode on
  and I tried configuring 802.3ad with the command
  config-if# channel-group XX mode activ
  but in both cases, as soon as I configured the second port, connection went down (I monitored with pings).
  On the AIX, I tried configuring modes "round-robin" and "802.3ad" with both switch configurations, but the result was the same.
  Does anyone has experience with this kind of configuration?
  thanks,
  Antoine

  Hi amaitre
  Could you setting  the etherchannel with the AIX Server?
  I configured in my switch 4510 with a AIX, but the 2 ports with channel-group keep in suspend. This is the configuration
  interface Port-channel2
  description ## LACP AIX ##
  switchport
  switchport access vlan 100
  load-interval 30
  interface GigabitEthernet4/20
  description  ## LACP AIX ##
  switchport access vlan 100
  channel-protocol lacp
  channel-group 2 mode active
  spanning-tree portfast
  interface GigabitEthernet4/21
  description ## LACP AIX ##
  switchport access vlan 100
  channel-protocol lacp
  channel-group 2 mode active
  spanning-tree portfast
  This configuration works with a server Dell with windows 2008.
  The schema is 1 switch 4510 with etherchannel to AIX.
  Thanks!

• SAP NetWeaver 04s SP7  installation and DHCP server

  Hi All,
  I am installing SAP NetWeaver on a machine which I use at work. I am little scared whether this installation might harm my computer or the local corporate network. This machine is connected to the local network (uses DHCP) to get the IP address.
  Are there any precautions which I need to take before I start practicing on this platform ?
  I read this below point in the installation instructions...
  =========================================================
  If no DHCP server is available on your network (which dynamically determines the IP address) or your computer is not connected to any network, you need to install the virtual interface adapter MS Loopback Adapter. This is described in detail within the contents of the download package.
  =========================================================
  Now as my computer is using DHCP (unknown location), if I install SAP NetWeaver 04s SP7, do I need to disconnect my comp from the Network and then install the MS loopback adapter ? or Its ok to ignore the DHCP option as my comp is already using DHCP ?
  Thanks and Best Regards
  Ayub.

  Hi Ayub,
  U dont need to disconnect ur computer from network. Just install a microsoft loopback adapter and assign it a static ip, and assign that ip and hostname on windows\etc\hosts file. it will installs on loopback adapter and ur local network connection will be as it is.
  hope it will help u.
  Regards
  Subhash

• Flexconnect - local-switching - Interface Groups - multiple subnets/vlans

  So I'm trying to setup an "interface-group-like" configuration on some Flexconnect APs with local switching enabled in order to support multiple subnets/VLANs linked to a single SSID.
  Does anyone know if this is possible or have any suggestions?
  I've tried:
  AP Groups - One SSID which would require central switching for it to be of use (I think).
  AP Groups - Creating an additional SSID and then placing the APs in a group per site. This works but is going to be difficult to manage if I have 400+ sites running this sort of setup.
  For reference, my end goal is to have multiple (400+) branch sites with the same WLAN mapped to 3 or 4 different VLANs in order to split the subnets up into smaller chunks (/23s or /24s). These VLANs are all switched locally and are uniform in numbering across all the sites from a layer 2 perspective.
  Thanks,
  Ric

  Interface groups is not an available feature on FlexConnect. FlexConnect doesn't support layer 3 roaming if devices roam from one FlexConnect ap to another and the wlan to vlan mappings are different. This is a limitation to FlexConnect along with a few others listed in the FlexConnect deployment guide.
  -Scott

• IP Address and DHCP Server

  anyone know if there is a way to turn off the dhcp server on the airport. This seems like a basic task to do but i just can't seem to find it. It should be there as even a 5 year old wired linksys router has this option. Along with that, is there any way to change the local ip address of the router to anything but the default .1 at the end of the ip address. This is because I have it routing on 192.168.2.... I also have a ubuntu server up and running that is manning the ip addresses, therefore it is not possible to have both of the the servers up and running at the time. That is why I would prefer the airport to go on 192.168.2.2 and the server be on 192.168.2.1.
  Is any of this possible?

  Hello ecbtln. Welcome to the Apple Discussions!
  anyone know if there is a way to turn off the dhcp server on the airport.
  Yes, the only way to disable the DHCP service is to set Connection Sharing (on the AirPort Utility's Internet tab) to "Off (Bridge Mode)."
  Along with that, is there any way to change the local ip address of the router to anything but the default .1 at the end of the ip address.
  Sorry, but no.
  also have a ubuntu server up and running that is manning the ip addresses, therefore it is not possible to have both of the the servers up and running at the time.
  Reconfiguring the base station as a bridge will "pass thru" the DHCP service from your Ubuntu server.

• Report display is different in report builder, local oc4j and app server

  Hi guys,
  we upgrade reports from sql report writer into report 10g. In the report 10g builder,
  the report format looks fine. but if i use the url as below
  http://applicationserver/reports/rwservlet?report=test.rdf&userid=username/password@service&desformat=pdf&destype=cache
  so the format will be mess up whatever i use this url in my local oc4j or i deployed it into 10g application server. and the format is different in oc4j and application server. Why this issue happend?
  Thanks in advance,
  Appcat

  Hello,
  They are a Fix Pack higher than you which may explain why it's broken on their server.
  Download the Fix Pack for R2 and see if you can duplicate the issue.
  Thank you
  Don

• Making Switch as DHCP server

  We have cisco 2950 switch. can we use it as dhcp server in our network if yes then how ?
  Please give me all commands to make it DHCP server.

  Hi Blue,
  i completely i won't accept the rest of ppl. say that DHCP is not supported on Cisco 2950, infact i am running dhcp server on my cisco 2950T-24 for the past 10 months IOS ver 12.1-22.EA6
  find the commands
  ip dhcp excluded-address 10.1.1.51 10.1.1.60
  ip dhcp pool xyz
  network 10.1.1.0 255.255.255.0
  domain-name abc.org
  dns-server 10.2.1.31
  default-router 10.1.1.252
  ip dhcp-server 10.1.1.250
  hope this helps.
  rate this post if cleared.

• Running vrf-lite and dhcp server see 0.0.0.0 as giaddr

  Im running vrf-lite and our dhcp server see only 0.0.0.0.  Im able to ping vlan10, and see the dhcp request. Running on a 2811.  I have limited access to device.  Do I need to turn on Dhcp-relay?  Verifing ip forward-protocol.  Do i need to add " vrf WISP to my helper-address?  The interface it sends Dhcp request is also within the vrf.  The dhcp scope is part of Vlan10 subnet
  int vlan 10
  ip vrf forward WISP
  ip add x.x.x.x s.s.s.192
  ip helper-address x.x.x.x

  Yes and no.  It uses another interface thats within the same vrf Wisp.  On the other end of the vrf it is forwarded to our global dhcp server.  in bold is where the unicast packet are going using the defaultroute
  int fast0/0.1
  encap dot1q 1
  ip vrf forwarding WISP
  ip add 172.16.6.2 255.255.255.252
  int vlan 10
  ip vrf forward WISP
  ip add 66.223.195.129 255.255.255.192
  ip helper-address 208.138.129.49
  ip route vrf WISP 0.0.0.0 0.0.0.0 172.16.6.1

• Layer2 Local Switching and SpanningTree

  I setup a connection between two Ethernet Subinterfaces, each on a seperate vlan.
  At the other end of the trunk (on a switch), the port goes into BKN (broken) mode as bpdu's from VLANa are now appearing on VLANb (because of the connect statement on the router).
  Is the correct way to fix this to enable bpdufilter on the switch? This fixes the problem and I'm guessing we shouldn't really be using spanning-tree in this sort of SP environment anyway?
  RC

  Hi Peter,
  in general I would agree with you that disabling STP is a call for troubles.
  But in this very specific case we are dealing with Layer 2 local switching feature which requires the use of locally significant dot1q tags on the subinterfaces that you want to inter-connect.
  So the assumption is (as I wrote in my post) that the vlans 80 and 81 have locally significance only and that even if they are carried in the trunk up to the switch (where interface gi0/32 resides) they don't exist anywhere else.
  The assumptiom comes from the other thread opened by RC on the topic (where I suggested to use L2 local switching) > https://supportforums.cisco.com/message/3450564
  From my understanding after the switch we have the 2 carrier circuits with different tags and beyond that point there is no more tag significance.
  If this is true the use of BPDU filter is equivalent to disabling STP for those 2 vlans.
  Of course if the 2 vlans also belong to a switched network it is not safe to disable STP on the switch as the presence of actual redundant links can create lots of troubles.
  In conclusion I don't think I disagree with you as I was just giving my opinion on a very specific scenario
  Riccardo

• Multicast and Flexconnect Local Switching

  Hi All,
  Hope you can help with this -
  I have the following:
  A 5508 in a remote datacentre and several sites with AP's running in flexconnect mode, connected to cisco switches.
  I have an ssid on which I want to run some push to talk "phones" which I believe use multicast.
  What do I need to do to enable multicast for this, I have read many documents but I'm a little confused !
  I need to enable multicast on the controller globally ?
  Enable igmp snooping ?
  Does multicast mode need to be multicast or unicast ?
  Do I need a multicast address in this case ?
  Do i need to configure the switches (2960) for any multicast configuration, there is none at present ?
  The phones that do PTT will only need to talk to other phones locally at each site, but each site will have some phones, does this make any difference to anything ?
  hope someone can help, thanks !

  The guidelines for Flexconnect and Multicast are as follows:
  1. Set the AP Multicate mode on the controller to Unicast (Multicast-Unicast Mode) : The wireless controller replicates the multicast packet and sends it to each Access Point in a Unicast CAPWAP Tunnel
  2. L3 routing isn't required on the wired network
  3. There will be high controller and wired network loading
  4. No multicast address is required in multicast-unicast mode
  5. No multicast configuration required on Layer 2 switches as CGMP is enabled  by default

• FTP and DHCP Server on Windows Server 2012

  Our company recently bought several Dell Wyse R10L Devices from another company. We can use these to make remote connections to a remote server but we have a problem when we use two monitors. The picture stretches across two monitors. On the official Wyse
  Forum I found a way to resolve the problem. The only ist to connect the Wyse device to an FTP Server from where the Wyse can pull its configuration from an ini file. The FTP Server also needs to be connected to a DHCP Sever. I am newby and I don't have much
  experience with servers. Is there a detailed manual for connecting the Wyse device (it uses ThinOS) to a FTP Server.
  Kind regards
  ivicapro1987

  Hi ivicapro1987,
  After some research I found many public article point to DELL SCM –when
   use your device with server mode. You can refer the following DELL official get more detail SCM information:
  Wyse Thin Clients and Software
  http://www.dell.com/us/business/p/cloud-client-computing#!tabId=A57C07DD
  I’m glad to be of help to you!
  Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact [email protected]