Guest vlan dhcp not working from anchor controller

Hi All
I have set up my foreign and anchor WLC, however for some reason im not getting any DHCP addresses from my anchor controller even though the scope is setup etc.
any ideas why not ?
cheers
Carl

Carl
Keep things simple - as always.
Set up the foreign controller with the Guest SSID.
Point this SSID to the management interface.
Create a mobility group and add the anchor controller to the group.
On the SSID - set it to point to the anchor controller.
On the anchor controller set up an interface for the Guest SSID.
Point the interface to a DHCP server, be it external or the controller itself.
Set up the Guest SSID and point it at the interface.
Create the mobility group and add the foreign controller to the group.
Make sure the data and control paths come up.
Set your DHCP scope.
Point the anchor controller guest SSID to be 'local' (On the WLAN page - far right drop down arrow).
It should work - no need for an interface on the foreign. Everything is tunnelled via the management interface to the anchor. Any problems - email me!

Similar Messages

  • Guest VLAN unable to get DHCP IP address from Anchor Controller

    Hello everybody,
    In our test set up, we have two WLC 5508 Controllers connected via Checkpoint UTM-1 firewall Inside and DMZ Interfaces. Both the WLC controllers are connected to the firewall via Cisco 3750 switch. On the Local (Inside) Controller, guest SSID is enabled and attached to the wireless management Interface. On the remote anchor controller, guest SSID is enabled and attached to the Management Interface as well. The following configs are replicated on both the Controllers.
    SSID Name - guest
    Interface - Management ( VLAN 10 on Local and VLAN 20 on remote) -
    Mobility Group: Same configs at both ends
    SSID Anchor : Anchor SSID on local and local SSID on Anchor.
    AP: CAPWAP 3502 Management Subnet
    SSID Security etc all defaults and matching on  both ends
    Checkpoint Firewall Rules: Allowed 16666-7, IP 97 etc on the firewall
    Checkpoint Inside/DMZ to Outside(Internet) is NAT enabled.
    EoIP Tunnel Status: Up, UP - Both ends
    Mping - OK
    eping - OK
    WLC Sofware Version on Local - 7.0.98.0
    WLC Sofware Version on Local - 7.0.116.0
    DHCP Scope: Definitions on Anchor Controller and Guest Anchor SSID points to the Anchor management IP as the Primary DHCP server.
    Management IP Subnet on Local: 10.x.x.x
    Management IP Subnet on Anchor: 172.x.x.x
    The problem definition as follows:
    When guest SSID associates to the local AP, the guest SSID never gets a DHCP address assigned from the Anchor Controller and the following debugs are obtained.
    1. WLAN ID 1 (for Guest SSID Number) delete message appears in the Controller message logs, but the SSID does not DHCP from the local Management Subnet and i can see DHCP request via the tunnel to the Anchor WLC as follows:
    DHCP Socket Task: Feb 24 17:20:46.612: 64:b9:e8:33:2d:13 DHCP received op BOOTREQUEST (1) (len 308,vlan 0, port 13, encap 0xec03)
    *DHCP Socket Task: Feb 24 17:20:46.612: 64:b9:e8:33:2d:13 DHCP processing DHCP DISCOVER (1)
    *DHCP Socket Task: Feb 24 17:20:46.612: 64:b9:e8:33:2d:13 DHCP   op: BOOTREQUEST, htype: Ethernet, hlen: 6, hops: 0
    *DHCP Socket Task: Feb 24 17:20:46.612: 64:b9:e8:33:2d:13 DHCP   xid: 0x49c54774 (1237665652), secs: 42, flags: 0
    *DHCP Socket Task: Feb 24 17:20:46.612: 64:b9:e8:33:2d:13 DHCP   chaddr: 64:b9:e8:33:2d:13
    *DHCP Socket Task: Feb 24 17:20:46.612: 64:b9:e8:33:2d:13 DHCP   ciaddr: 0.0.0.0,  yiaddr: 0.0.0.0
    *DHCP Socket Task: Feb 24 17:20:46.612: 64:b9:e8:33:2d:13 DHCP   siaddr: 0.0.0.0,  giaddr: 0.0.0.0
    *DHCP Socket Task: Feb 24 17:20:46.612: 64:b9:e8:33:2d:13 DHCP successfully bridged packet to EoIP tunnel
    2. Similar debugs on the Anchor controller yields the following results;
    Cisco Controller) >*DHCP Socket Task: Feb 25 04:30:25.488: 64:b9:e8:33:2d:13 DHCP options end, len 72, actual 64
    *DHCP Socket Task: Feb 25 04:36:44.246: 64:b9:e8:33:2d:13 DHCP received op BOOTREQUEST (1) (len 308,vlan 20, port 1, encap 0xec05)
    *DHCP Socket Task: Feb 25 04:36:44.246: 64:b9:e8:33:2d:13 DHCP processing DHCP DISCOVER (1)
    *DHCP Socket Task: Feb 25 04:36:44.246: 64:b9:e8:33:2d:13 DHCP   op: BOOTREQUEST, htype: Ethernet, hlen: 6, hops: 0
    *DHCP Socket Task: Feb 25 04:36:44.246: 64:b9:e8:33:2d:13 DHCP   xid: 0x49c54778 (1237665656), secs: 52, flags: 0
    *DHCP Socket Task: Feb 25 04:36:44.246: 64:b9:e8:33:2d:13 DHCP   chaddr: 64:b9:e8:33:2d:13
    *DHCP Socket Task: Feb 25 04:36:44.246: 64:b9:e8:33:2d:13 DHCP   ciaddr: 0.0.0.0,  yiaddr: 0.0.0.0
    *DHCP Socket Task: Feb 25 04:36:44.246: 64:b9:e8:33:2d:13 DHCP   siaddr: 0.0.0.0,  giaddr: 0.0.0.0
    *DHCP Socket Task: Feb 25 04:36:44.246: 64:b9:e8:33:2d:13 DHCP successfully bridged packet to DS
    *DHCP Socket Task: Feb 25 04:36:53.208: 64:b9:e8:33:2d:13 DHCP received op BOOTREQUEST (1) (len 308,vlan 20, port 1, encap 0xec05)
    *DHCP Socket Task: Feb 25 04:36:53.208: 64:b9:e8:33:2d:13 DHCP processing DHCP DISCOVER (1)
    *DHCP Socket Task: Feb 25 04:36:53.208: 64:b9:e8:33:2d:13 DHCP   op: BOOTREQUEST, htype: Ethernet, hlen: 6, hops: 0
    *DHCP Socket Task: Feb 25 04:36:53.208: 64:b9:e8:33:2d:13 DHCP   xid: 0x49c54778 (1237665656), secs: 61, flags: 0
    *DHCP Socket Task: Feb 25 04:36:53.208: 64:b9:e8:33:2d:13 DHCP   chaddr: 64:b9:e8:33:2d:13
    *DHCP Socket Task: Feb 25 04:36:53.208: 64:b9:e8:33:2d:13 DHCP   ciaddr: 0.0.0.0,  yiaddr: 0.0.0.0
    *DHCP Socket Task: Feb 25 04:36:53.208: 64:b9:e8:33:2d:13 DHCP   siaddr: 0.0.0.0,  giaddr: 0.0.0.0
    *DHCP Socket Task: Feb 25 04:36:53.208: 64:b9:e8:33:2d:13 DHCP successfully bridged packet to DS
    *apfOrphanSocketTask: Feb 25 04:37:49.931: 34:51:c9:59:b1:c7 Invalid MSCB state: ipAddr=169.254.254.148, regType=2, Dhcp required!
    Is there any thing missing in the wireless configs and or the firewall rules as i could not see DHCP request back from the Anchor Controller. Also, after DHCP is obtained, the web authentication request will be redirected to an Amigopod device for authentication. In this case is the redirect URL congiguration to be performed only on the Anchor Controller or is this to be replicated on both the Local and Anchor Controllers.
    Thanks and Regards.

    The DHCP issue is resolved if external DHCP server is configured on a 3750 switch connected to the WLC and the default gateway for DHCP points to the Firewall, which is in the data path between the Inside and Anchor Controllers. DHCP is essentially bridged (no Proxy setting now) from the EoIP tunnel to the Distribution system network. We will test this solution on pilot production and then consider upgrading to 7.0.116.0, as there are about six offices running 7.0.98.0, which will need to be upgraded. 
    For L3 security,  configuration is set up on both the controllers for external captive portal redirection.I will try this only on the Anchor and revert.
    Thanks again very much for all your help.

  • Why is Web Page Auth on MAC Filter Failure not working on Anchor Controller?

    Hi,
    I have implemented a Guest WLAN solution as per the recommended design from Cisco. We have two internal WiSM2 controllers providing services for Internal secure SSIDs. Both these controllers are members of a Mobility and RF management group.
    Two 5508 controllers have been installed in our DMZ for resilience and have been placed into a separate Mobility group. All controllers (internal and external) have been linked together as mobility neighbours in a full mesh and a new SSID for Web Guest traffic has been anchored to the controllers in the DMZ.
    Web page authentication works perfectly fine, but I cannot for the life of me get the MAC filtering override to work, i.e. if a MAC address is present, do not redirect to the splash page for web auth.
    I can get MAC auth working by iteself, but not with the Layer 3 option selected for web page auth on mac filter failure.
    I know I can get around this by just creating two separate SSIDs. But the business is used to just having the one SSID for all guest traffic.
    Is this a known limitation when anchoring SSIDs to controllers in the DMZ ?

    Hi Nicolas,
    I guess they changed their mind to add this fix in 7.0MR3. Now the fix will be in 7.2 release planned to be release in FEB.
    There is a documentation bug opened to add this to configuration guide :
    CSCtw48727    Document CSCts54424. Limitations webauth on mac filter fail for anchor
    Regards..Salil
    CSCtw48727    Document CSCts54424. Limitations  webauth on mac filter fail for anchor

  • So my airport extreme recently had some nat/dns issue and in the airport utility displayed a warning about it and to correct it. I wasn't sure what to do so i pressed the resolve icon and now my guest network is not working.

    So my airport extreme recently had some nat/dns issue and in the airport utility displayed a warning about it and to correct it. I wasn't sure what to do so i pressed the resolve icon and now my guest network is not working.

    Anytime you change networking hardware, it is always a good idea to perform a complete power recycle of your networking components.
    I would recommend that you do the following as a minimum:
    Power-down the modem, AirPort base station, and computer(s).
    Disconnect the AirPort base station from the Internet broadband modem.
    While all of the devices are powered-down, perform a "factory default" reset on the base station. This will get it back to its "out-of-the-box" configuration and make setting it up much easier, especially if you use the "Assist me" process within the AirPort Utility. (ref: Resetting an AirPort Base Station or Time Capsule)
    After the base station resets, go ahead and power it back down.
    Reconnect the AirPort base station to the Internet broadband modem. For the Extreme and Time Capsule, be sure to connect the cable to the base station's WAN (circle-of-dots) port.
    Power-up the modem; wait at least 10-15 minutes to allow it adequate time to initialize.
    Power-up the AirPort base station; wait at least 5-10 minutes. Note: The AirPort's status light may continue to flash amber after it has intialized. That is because, there may be some additional configuration items necessary, like setting up wireless security, before the overall setup is completed to get a green status.
    Power-up your computer(s).
    In this basic configuration, the AirPort base station will broadcast an unsecured wireless network with a Network Name (SSID) of Apple Network NNNNNN. Network clients, connected to the base station either by wire or wireless, should now be able to access the Internet through the ISP's modem. Once Internet connectivity has been verified, you can use the AirPort Utility to configure the base station for wireless security and any other desired options. Please post back your results.

  • Dashboard link is not working from BI Publisher

    Dashboard link is not working from BI Publisher. Please let me know How to fix this problem.

    Please somebody guide me.
    Dashboard link is working fine from the Apps Server Machine. But the link is not working from other machines. Do I need to setup machine.domain:<port_number> any where.
    Thanks,
    Vara

  • My mail is not working from my ipod i looked it up it says it trouble shooting but its not giving me anything to fix it can someone help me?

    My mail is not working from my iPod touch. I looked it up and it says it trouble shooting? But they are not giving me anything to fix it. I restored my iPod touch to see if that worked and it didnt. Can anyone help me?

    Can you access the account from another device?
    Without you telling use the email provider and type of account we can't really help you.

  • HP Pavilion dv6-6181TX. System Recovery is not working From HP Recovery Manager.

    HP Pavilion dv6-6181TX
    Product No. A3U49PA
    Genuine Windows 7 Home Premium 64
    (but i upgraded it to windows 7 ultimate)
    System Recovery is not working From HP Recovery Manager. so i cant restore my laptop to its original factory condition. (Genuine Windows 7 Home Premium).
    so when i restart my computer and press Esc and then choose F11 i get this message :
    "Windows failed to start. A recent hardware or software change might be the
    cause. To fix the problem:
    1. Insert your Windows installation disc and restart your computer.
    2. Choose your language settings, and then click "Next."
    3. Click "Repair your computer."
    If you do not have this disc, contact your system administrator or computer
    manufacturer for assistance.
    File: \Boot\BCD
    Status: 0xc0000225
    Info: An error occured while attempting to read the boot configuration data."
    i saw this from the forum
    http://h30434.www3.hp.com/t5/Notebook-Recovery/Hp-recovery-manager-problems/m-p/2395473/highlight/tr...
    Had the C partition been split/shrunk to form a new partition previously?
    Does disk management show the HDD as basic or dynamic? (Start>Right-click Computer>Manage>disk management on the left).
    If it has been switched to dynamic (Windows does this automatically when more than 4 partitions are present on the disk), then the F11 recovery partition won't function until it is restored to basic, but I would like to confirm that is the scenario before providing those steps.
    The Disk management shows that my HDD as Dynamic, what should i do then if this is the case and the possible solution to my problem?
    please help me & Thank you for your time,
    This question was solved.
    View Solution.

    If you have more than 4 partitions you will need to delete the extra partition/partitions, then convert the hdd back to Basic.
    Older versions of Partiton Wizard Free work: 
    http://www.sevenforums.com/tutorials/26829-convert-dynamic-disk-basic-disk.html
    ******Clicking the Thumbs-Up button is a way to say -Thanks!.******
    **Click Accept as Solution on a Reply that solves your issue to help others**

  • The file to download the app for Android is not working from my phone--it says that the file isn't there. However it does see the one for the Iphone (even though it can't use it). I'm very computer literate and am pretty sure the problem is on your end.

    The file to download the app for Android is not working from my phone--it says that the file isn't there. However it does see the one for the Iphone (even though it can't use it). I've tried it multiple times and continue to get the same message: "NOT FOUND The requested item could not be found". I also tried through the Market application on the phone but ended-up with the same result.
    I'm very computer literate and am pretty sure the problem is on your end. If this is the case then no one can download the app. I considered that perhaps because it's still in Beta that it was removed due to some other type of software issue. I would really like to use Firefox on my new Droid (2.0); when with this be available?

    Firefox will not appear in the Market for most phones with incompatible hardware. You can check if your phone is supported here:
    https://wiki.mozilla.org/Mobile/Platforms/Android
    Even on some supported devices, a bug in the Market software prevents Firefox from showing up. This may be related to the fairly recent Android Market app update. If you go to Settings/Applications/Market and choose "Uninstall" you can uninstall the update, and then search for and install Firefox from the marketplace.
    Or, if you have a supported phone, you can download the app directly by typing this address into your phone's browser: http://bit.ly/fxbeta3
    (Note: To download the app directly for an AT&T phone, you will have to search for instructions on "sideloading" the APK file, since AT&T disables the option to install from non-Market sources.)

  • File- Print not working from SQL Developer 1.2.1 Build MAIN-32.13

    File->Print not working from SQL Developer 1.2.1 Build MAIN-32.13.
    I downloaded sqldeveloper-1.2.1.3213.ZIP and extract to a local directory. From the extracted directory I ran ..\sqldeveloper\sqldeveloper.exe from Windows XP sp2. The program itself seems to run just fine but File-Print doesn't do anything. In Help-About, Java Platform is reported as 1.5.0_06 and Oracle IDE is 1.2.1.3213. I'm not sure where to look for what is causing the problem.
    Thanks

    I hadn't tried CTRL-P before but I did today. On the first attempt, I saw a small jump in the memory usage for sqldeveloper.exe as reported in Windows Task Manager. Otherwise, there was no change. A second CTRL-P in the same session produced a further bump but subsequent attempts in the same session produced no further change in CPU or Memory Usage.
    Using Task Manager to monitor this further, I tried File->Print again and saw that sqldeveloper would periodically climb to 1 or 2 percent CPU and consume a little more memory. After a minute or so, though, all activity stops again.
    I do not get a print dialog box from SQLDeveloper using either CTRL-P or File->Print

  • In 5s, personal hot spot does not work from time to time. Not detected

    In 5s, personal hot spot does not work from time to time. Iphone does not get detected on Wi-fi or bluetooth. Restarting or rebooting does not help.  

    Settings, general, reset and reset network settings. Clear out your network settings and set personal hotspot again.
    also avoid special characters making a password. hashtags or open brackets for example doesn't work too good.

  • File sharing is not working from pc to imac os x 10.9.2

    file sharing is not working from pc to imac os x 10.9.2

    Hello there Karen,
    It sounds like you are having to power cycle your modem to get internet back every single day. We can start by troubleshooting your Airport Express to help isolate the issue. I would first perform a Soft Reset, then test the issue again. If needed as a last resort I would then perform a Hard Reset:
    Soft reset
    Connect the device to power and wait for it to complete its start up process. To learn more about the start up process, please see All about Wi-Fi base station Status Lights (LED).
    Press and hold the reset button with a pen, pencil, or straightened paperclip for 1 full second, then release it. The light (LED) will begin flashing amber, indicating that the device is in soft reset mode.
    From the AirPort menu bar item, choose the network created by the device (the network name does not change).
    Open AirPort Utility from Applications > Utilities.
    Select the base station, then click Edit (The Edit window will indicate that the base station is in Soft Reset mode).
    Move through the tabs to make changes to your passwords or other settings as needed, and click Update and Continue as required
    Quit AirPort Utility.
    Hard reset
    Press and hold the reset button with a pen, pencil, or straightened paperclip until you see the status light (LED) start to flash amber rapidly, which should occur after about five seconds.
    Release the button and the device will reset.
    Wait about a minute for the base station to finish restarting, then open AirPort Utility from Applications > Utilities.
    Select the base station from Other Wi-Fi Devices, then click Edit.
    Select the Other Options button.
    Select "Restore previous settings" and click Next until you get to the final window.
    AirPort Utility will indicate that Setup is complete. Click Done.
    Quit AirPort Utility.
    Resetting an AirPort base station FAQ
    http://support.apple.com/kb/ht3728
    Thank you for using Apple Support Communities.
    Cheers,
    Sterling

  • Asm link not working from kolkata

    hi
    http://www.oracle.com/technology/tech/linux/asmlib/install.html
    this link is not working from india / kolkata.
    what to do?

    javadev991 wrote:
    Now working.
    What?
    Just cross check certain things
    - The servlet you specified in Form Action is correct
    - The Form Method must be POST not GET
    - The query string param you are specifying in URL which is classifiedsearchtype, You are trying to get the same param in the servlet. It is case sensitive.

  • Some attachment buttons not working from external networks

    Hi guys,
    We have an eSourcing system that we access internally from server.internal.com . We also make this eSourcing system available to external vendors through www.external.com .
    The external access is done using a Citrix AGEE system (reverse proxy, etc.). As part of this, the AGEE has the ability to change the hostname in the URL so the real server is hidden from external vendors. For example, when eSourcing generates a webpage, the AGEE searches through and replaces all http://server.internal.com references to http://www.external.com , and vice-versa for incoming calls.
    This works for about 95% of the content, but there are a fer places where the links are not re-written correctly. One example is the File Attachment buttons when replying to a question. However, other file attachment buttons work correctly.
    1. Does anyone else have a similar situation, using a Citrix or other product for external vendors?
    2. Does anyone have a similar problem where certain links/buttons are not working from external networks?
    3. Does anyone have any suggestions as to how to fix this problem?
    4. Are there any settings that are specific to external access that may need to be set?
    Thanks guys for any help/insight.
    Michael.

    SAP has re-written some of their code to help rectify the problem. We have also been working with Citrix to provide additional fixes. If anyone else has these problems, apply the latest patch of eSourcing and contact Citrix support to get the AGEE changes needed to make it work.
    Michael

  • My iPhoto dose not work from 0:00 Sunday. I was deleting and downloaded again but dosn't work! Why?

    My iPhoto '11 dose not work from 0:00 Sunday. I was deleting and downloaded againg but the problem is same.

    Sorry but we need more to go on thatn it does not work
    what happens? what does not happen? what error messages to you get? if it crashes post the first 50 lines of the carash report
    LN

  • Hey mine avg link scanner is not working from the day i installed firefox 4 ....how to fix it plz help ?

    hey mine avg link scanner(add-on) is not working from the day i installed firefox 4 ....how to fix it plz help ?
    it was working fine with firefox's previous version ? but i like the interface & looks of firefox 4.......so i didnt want to swicth to 3.6 help me ?

    if i reinstall that avg antivirus then is this will fix my problem

Maybe you are looking for

  • How do I change the default font for foot/end notes in Pages 09?

    The fonts for notes in Pages seems fixed to Helvetica, even when the font for the body has been changed. I've been able to save the font for the body by saving it as a tempate, but it doesn't seem to work for the notes. Any help?

  • Cant add music to my ZEN V plus HE

    i have this problem. when ever i jet in my USB to my computer, a window that say view files/play music/bah bah bah? does not pop out... meaning i cant open my vplus to add music... i only have this problem with my this com... wheres another computer

  • How to get rid of an unwanted grey bar in preview mode

    Hi, I am trying to create a mobile site for a client, but when I preview how it looks I get an unwanted grey bar (see image) I started out with the default size and got the problem, so I tried increasing the width but it hasn't worked. Thanks for any

  • Anyone know what this "Console" reading is indicting?

    I have been having issues with my external drives mounting. They mount, unmount, mount, unmount, etc. I opened Console just for the heck of it (I have no idea what it is btw) and it just keeps running this notice over and over. I thought maybe it had

  • MB51 - Add a field in output list

    We changed the layout of MB51 to add, in the output screen (ALV list), the fields: MSEG-ANLN1 (main asset number), MSEG-ANLN2 (asset subnumber). The customer also wants to have the field ANLA-MCOA1 (asset description). How do we add? Maybe there are