WLC 5508 and Multiple DHCP servers in different sites?

Hi
I work for health authority in our region and we just purchased a Cisco wlc 5508 controller along with 25 3500 AP's. We have multiple sites with different IP subnets in each, all connected by a frame relay (owned by ISP). Each site has its own DHCP server. I have the controller in our main site. So when I take an AP to a remote site, the Ap gets an DHCP address from local DHCP server (which is great) and contacts controller and joins controller. Everything is good. BUT, when a client joins at the remote site, it gets an address from a previous site which will not work because the client is now on a different subnet. We dont use Vlans as they dont transvers the frame relay. I need those clients to obtain DHCP from the local DHCP server from the site they are on. Is that possible??
I have updated the controller to latest version as well.
Thanks
Bryan Yaciuk, CCNA
Parkland Regional Health Authority

We call this as HREAP LOCAL SWITCHING!! but here is the catch.. everytime the AP joins the new site.. we need to configure the VLAN mapping and this wil do it for you!! Here is the link which will resolve ur issue..
http://www.cisco.com/en/US/tech/tk722/tk809/technologies_configuration_example09186a00807cc3b8.shtml#ll
Lemme know if this answered ur question and please dont forget to rate the usefull posts!!
Regards
Surendra

Similar Messages

  • WLC 4400 and multiple authentication servers e.g. RADIUS, ACS

    WLC 4400 and multiple authentication servers e.g. RADIUS, ACS
    Can the WCL 4400 be set up to use multiple RADIUS servers? The user accounts for accessing wireless would use a RADIUS server. The administrative accounts for the WLC would reside on an ACS server.

    Yes, that is correct. You can set acs to use both radius and tacacs.
    For this you need to add WLC twice in acs-->network configuration. But you need to keep host name different.
    eg 1) Host name WLC --->IP x.x.x.x -->Auth using -->radius
    2) Host name WLC1--->IP x.x.x.x --->Auth using -->Tacacs.
    You need to set up tacacs commands on WLC along with radius commands.
    Regards,
    ~JG
    Please rate helpful posts

  • NetBoot and Multiple DHCP Servers

    Hey everyone,
    We have a NetBoot machine running here at my school (where I work). It was working like a champ until a couple of weeks ago when our network got upgraded and there are now 2 DHCP servers on our network. That, for some reason, is totally screwing up our NetBooting process.
    Here's what I think is happening, and maybe someone can tell me if I right or wrong. NetBoot (or BSDP protocol) is a "broadcast" protocol. (That means it's always just floating around out there on the network. ) NetBoot (BSDP) protocol gets injected into the DHCP stream, and any machine that gets DHCP can get BSDP, and essentially NetBoot.
    The problem is with BSDP. BSDP protocol wants to have all of it's "broadcasts" come from the same server. So when we had 1 DHCP server, everything was fine, because client machines would get their whole NetBoot process from one machine... all of the BSDP broadcasts were coming from our 1 DHCP server.
    Now, we have 2 DHCP servers. What happens is, a client will get some of it's BSDP broadcasts from one DHCP server, and some from another... which it does not like at all.
    I recently read somewhere that it is possible to somehow make one of our DHCP servers the "authoritative" server, to which all of the clients will go to get their NetBooting info.
    Does this sound in any way right? Are we on the right track ? Has anyone seen this before? Any help would be greatly appreciated. Thanks a million.
    Mike

    Now, we have 2 DHCP servers. What happens is, a
    a client will get some of it's BSDP broadcasts from
    one DHCP server, and some from another... which it
    does not like at all.
    Not unless your new DHCP server is also a NetBoot server and is set to provide NetBoot services. BSDP and DHCP are not the same thing. If what you were saying were true, it wouldn't be possible to have DHCP and NetBoot offered by different servers.
    It IS possible, however, that the two DHCP servers are causing problems by both servicing DHCP requests for the same clients. If you've got multiple DHCP servers on the same subnet (or your router's configured to pass DHCP requests between subnets), you should make sure that only one of the DHCP servers answers requests from any given client. In our world, our Novell server is the default DHCP server on our subnet, but I keep a list of excluded MAC addresses on that server so that my Macintosh clients don't get addresses from it. On the Mac OS X server, I'm careful to limit my address ranges only to those machines which have static address maps in NetInfo. That way, our servers coexist, but they don't overlap.
    It's not clear from your message whether your previously solitary DHCP server was your Mac OS X server, or whether one of the two DHCP servers is that box. But whatever the servers are, it might be helpful to turn off one of them to see if the same problem occurs (assuming you can, without major network disruptions). If that's not possible, can you talk to your network admins to see if there's some way to isolate your clients and one of the servers--in other words, see if there's some way to keep DHCP servers from responding to the same requests.
    There may be any number of other reasons why this problem has cropped up. You may need to dust off a hub and a copy of Ethereal or EtherPeek to sniff what's happening on the network. You might also try NetBooting in verbose mode, to see where the process craps out. IIRC, there'a decent guide for this kind of troubleshooting over at Bombich's site (www.bombich.com).
    Good luck.
    David Walton

  • WLC Controllers with Multiple DHCP Servers

    Hello All,
    I have a central office with (2) 4402 WLC's and about 25 Branch offices throughout the country. Currently all AP's are static IP'd with IP's from the local Branch office subnets. However the Clients all pull their IP's from a Central DHCP server here at corporate.
    What I would like to do, is have clients get local branch office IP's from the AP located at that site. So rather than using a central DHCP server here at corporate using a single subnet for all wireles clients. Clients would be assigned local IP's by preferably local DHCP servers. I am having trouble finding an answer to this problem within the documentation. Any help or Ideas would be appreciated. 

    were not using any radius type authentication. But I am still a bit hazy on how the hreap thing works, I did read the link and it is very helpful but I was kind of thrown into this one without much wireless background. Right now when I change an Ap to H-reap it somehow disables the a radio. I cant seem to get that back working which im not all that sure is even that big of a deal. The SSID is configured for local switching and central auth.

  • WLC Internal and External DHCP

    I am currently using the Internal DHCP component within my 5508 Controller with software version 7.0.166.0.  This seems to be working fine as the Vlan Routed interface connected to it via the Dynamic Trunk Port is functioning as l have the ip-helper command setup on this specific vlan interface..
    My issue now is that we have a isolated ADSL Network which is configured off our Core 6513 but just as a Layer 2 Vlan so no traffic can be routed to other vlans.
    With our new WIFI environment which consists of the 5508 Controller and numerous 3502 AP's we wont to utilize this ADSL vlan with our new WIFI environment..  This ADSL Vlan has a dedicated Linksys Router which is currently running DHCP and assigning addresses to clients at the moment..
    What l want to do is configure the 5508 controller to use this ADSL vlan aswell but to also keep using the Linksys Router aswell for DHCP..
    I have setup a new dynamic interface and added the ADSL Vlan ID to the Trunk port of the 5508 and also setup its own SSID.  But for some reason l cannot get both the internal and External DHCP servers to work at the same time ?  If l enable DHCP Proxy option on the 5508 the internal DHCP server works and when l disable DHCP Proxy the ADSL Vlan DHCP works through the 5508 but not the internal DHCP Server ??
    Can l get both the internal and external DHCP servers to work in harmony or should l be focusing on using one method over the other ?

    Hey Scott l have just tried configuring another scope for the L2 Vlan but it doesn't seem to be working when l add the ip address of the management interface which is the internal DHCP Server to the dynamic interface of this adsl network l have setup l dont seem to get a ip address within this scope ?
    I am just wandering seeing it is just a L2 vlan without a routed interface would this be the problem and would need to set this up with the "ip helper-address" of the management interface ?
    Cheers SG

  • WLC 5508 and associated AP's

    Hi,
    I have a problem with a poor signal. I have two WLC 5508 and 10 ap's 3502. So, that I have two wlc on the network I decided to divide this 10 ap's.
    WLC 5508 has 7.0.98 software version.
    The 5 first ap was associated to one wlc and the other 5 to second controller.
    Two problems was observed, first that some clients which try connect to AP associated  to second controller have problem to obtain IP address from DHCP pool on first wlc.
    The second problem is that on this two WLC was configured two DHCP pool. One controller assigns address for a dedicated WLAN and the second wlc assigns address for a second WLAN.
    This two WLAN's is broadcast on two wlc.
    Kamil

    Hi Nicolas,
    The APs are 3502I model and now are located on the lower ceiling.
    From Thursday all APs are associated to only one WLC the second one is just only as a backup and from this time there are not any problems with a signal. This information is directly from clients.
    The DHCP pool is located on the first WLC now.
    Also, I considered to use switch or other machine as a DHCP pool but it's problematic to deploy now.
    Kamil

  • WLC 5508 and remote site (DMVPN) Access Points

    Hi All,
    We just purchased a WLC 5508 and would like to know if it will control remote VPN site Access Points.  Here are the details:
    The 5508 will live at our home office.  We have multiple remote sites that are connected via Cisco's DMVPN.  Each site has one Cisco 1131 Access Point hanging off of either a Cisco 1841 or a 2811 that is using DMVPN back to the home office 2811.  Can the 5508 manage the remote Access Points?
    Thanks for your help guys!

    Are you are talking about OfficeExtend?
    Cisco OfficeExtend
    https://www.cisco.com/en/US/solutions/collateral/ns340/ns517/ns430/solution_overview_c22-523307_ns348_Networking_Solution_Solution_Overview.html
    OfficeExtend supports 1130 & 1140 as long as you have the Wireless PLUS (WPLUS) Software.
    OfficeExtend Access Point
    http://www.cisco.com/en/US/docs/wireless/wcs/6.0/configuration/guide/6_0apcfg.html#wp1069890

  • WLC 5508 And Third Party SSL for Web Authenticaiton

    Hello,
    We are using WLC 5508 and currently the authentication process is via Customized WebAuth. As you know that with the WebAuth the authentication process won't work unless you launch Web Browser and you will be redirected to the Authentication Page where you type your username and password. This is a bit fuzzy for most of the users and what I'm thinking is to use different authentication mechanism where the user will automatically be prompted upon connecting to any SSID. I have read that Public/Thrid Party certificate will do this and any client can accept the public certificate.
    Anyone can elaborate on this approach?
    Regards, 

    With machines that are not part of the domain, typicall if you still want to secure them usin 802.1x, you would leverage a radius server and users would be told of the SSID to connect to and enter their AD credentials.  Of course, if you use AD credentials, users will now join all their other devices to that SSID. This is where ISE comes in and you can profile devices. Even though the WLC with v7.6 can profile, it's not a full fledge profiler.  Depending on how well you know radius, you can leverage a portal page also and depending on the AD group a user is a member of, you can out them is a specific Vlan or if you leverage interface groups.  You can do many things, but you need to really know radius and client types to figure out what can and work well in your environment. Radius alone to someone who hasn't played with it, can take days to setup without help. 
    Every client I setup radius for is different and it comes down to how their users are setup in AD, what devices they have and the requirements. 
    Scott

  • Multiple report servers - with different uifont.ali

    Can we have multiple report servers with different NLS_LANG?
    They all should be started as windows service. Also I would like to have them look at different uifont.ali. The reason is that we want to have the same report run with different fonts in different languages. This way I can map the fonts in uifont.ali as I want.
    Is it possible?

    I don't think this is possible with multiple reports servers with one Oracle 9iAS home. You will have to install multiple 9iAS, in different Oracle homes.
    This also means that you have different URL's (port numbers) for the two environments.
    I have used this configuration before to install a test and production environment on one web server. Changing the conf files, variables etc. in the test environment doesn't influence the production environment that way.

  • Wlc 5508 and 40 access point 1141n disturbance in the temp response

    Hello,
    i have a wlc 5508 and 40 access point 1141n
    there are 1500 users connected with this controller 5508.
    but when i ping at my gateway  ,there is a disturbance in the temp response .
    Here below a snapshot:
    Réponse de 172.16.1.1 : octets=32 temps=1 ms TTL=55
    Réponse de 172.16.1.1 : octets=32 temps=5 ms TTL=55
    Réponse de 172.16.1.1 : octets=32 temps=2 ms TTL=55
    Réponse de 172.16.1.1 : octets=32 temps=56 ms TTL=55
    Réponse de 172.16.1.1 : octets=32 temps=105 ms TTL=55
    Réponse de 172.16.1.1 : octets=32 temps=433 ms TTL=55
    Réponse de 172.16.1.1 : octets=32 temps=1 ms TTL=55
    Réponse de 172.16.1.1 : octets=32 temps=100 ms TTL=55
    Réponse de 172.16.1.1 : octets=32 temps=300 ms TTL=55
    Réponse de 172.16.1.1 : octets=32 temps=466 ms TTL=55
    Réponse de 172.16.1.1 : octets=32 temps=711 ms TTL=55
    Réponse de 172.16.1.1 : octets=32 temps=900 ms TTL=55
    Réponse de 172.16.1.1 : octets=32 temps=55 ms TTL=55
    Réponse de 172.16.1.1 : octets=32 temps=52 ms TTL=55
    Réponse de 172.16.1.1 : octets=32 temps=54 ms TTL=55
    Réponse de 172.16.1.1 : octets=32 temps=200 ms TTL=55
    Réponse de 172.16.1.1 : octets=32 temps=57 ms TTL=55
    Réponse de 172.16.1.1: octets=32 temps=800 ms TTL=55
    anyone help me?
    thx

    Looks to be wither a duplicate address issue or a configuration issue.  Try to test with only using the 2.4ghz and then again with only the 5ghz and see if you see a difference.
    Thanks,
    Scott
    Help out other by using the rating system and marking answered questions as "Answered"

  • WLC 5508 AND AP 1141N disturbance in the temp response

    i have a wlc 5508 and 40 access point 1141n
    there are 1500 users connected with this controller 5508.
    but when i ping at my gateway  ,there is a disturbance in the temp response .
    Here below a snapshot:
    Réponse de 172.16.1.1 : octets=32 temps=1 ms TTL=55
    Réponse de 172.16.1.1 : octets=32 temps=5 ms TTL=55
    Réponse de 172.16.1.1 : octets=32 temps=2 ms TTL=55
    Réponse de 172.16.1.1 : octets=32 temps=56 ms TTL=55
    Réponse de 172.16.1.1 : octets=32 temps=105 ms TTL=55
    Réponse de 172.16.1.1 : octets=32 temps=433 ms TTL=55
    Réponse de 172.16.1.1 : octets=32 temps=1 ms TTL=55
    Réponse de 172.16.1.1 : octets=32 temps=100 ms TTL=55
    Réponse de 172.16.1.1 : octets=32 temps=300 ms TTL=55
    Réponse de 172.16.1.1 : octets=32 temps=466 ms TTL=55
    Réponse de 172.16.1.1 : octets=32 temps=711 ms TTL=55
    Réponse de 172.16.1.1 : octets=32 temps=900 ms TTL=55
    Réponse de 172.16.1.1 : octets=32 temps=55 ms TTL=55
    Réponse de 172.16.1.1 : octets=32 temps=52 ms TTL=55
    Réponse de 172.16.1.1 : octets=32 temps=54 ms TTL=55
    Réponse de 172.16.1.1 : octets=32 temps=200 ms TTL=55
    Réponse de 172.16.1.1 : octets=32 temps=57 ms TTL=55
    Réponse de 172.16.1.1: octets=32 temps=800 ms TTL=55
    anyone help me
    THX

    Looks to be wither a duplicate address issue or a configuration issue.  Try to test with only using the 2.4ghz and then again with only the 5ghz and see if you see a difference.
    Thanks,
    Scott
    Help out other by using the rating system and marking answered questions as "Answered"

  • WLC 5508 and LAP1310 - Not syncing up!

    As the title states I have a WLC 5508 and a LAP1310 that will not sync up.
    The error stated in the traps log is "AP with MAC (xxxx.xxxx.xxxx.xxxx) is unknown."
    WLC software release is : 7.2.103.0
    IOS on the AP is : 12.4(18a)JA2
    Upon some investigation I found that the "AP with MAC is unknown" error usually points to one of two things:
    A.  WLC firmware needs to be updated
    B.  AP needs to be updated.
    C. The AP is not compatible with the WLC.
    I am leaning toward solution C and I am looking for a conformation or a correction, if anyone could help out that would be greatly appreciated!
    I've tried reading the compatibility matrix released by Cisco, but I found it mildly confusing as to what is and isn't supported by each software release.
    Sources - http://www.cisco.com/en/US/products/ps6366/products_tech_note09186a00808f8599.shtml#lap1250
    Problem 11: 1250 LAP Not Able to Join WLC
    The setup consists of a 2106 WLC that runs version 4.1.185.0. A Cisco 1250 AP is not able to join the controller.
    The log on the WLC shows this:
    Mon Jun 2 21:19:37 2008 AP with MAC f0:2x:cf:2x:1d:3x (APf02x.cf2x.1d3x) is unknown.
    Mon Jun 2 21:19:37 2008 AP Associated. Base Radio MAC: f0:2x:cf:2x:1d:3x 
    Mon Jun 2 21:19:26 2008 AP Disassociated. Base Radio MAC:f0:2x:cf:2x:1d:3x
    Mon Jun 2 21:19:20 2008 AP with MAC f0:2x:cf:2x:1d:3x (APf02x.cf2x.1d3x) is unknown.
    Mon Jun 2 21:19:20 2008 AP Associated. Base Radio MAC: f0:2x:cf:2x:1d:3x 
    Mon Jun 2 21:19:09 2008 AP Disassociated. Base Radio MAC:f0:2x:cf:2x:1d:3x
    Mon Jun 2 21:19:03 2008 AP with MAC f0:2x:cf:2x:1d:3x (APf02x.cf2x.1d3x) is unknown.
    Solution: This is because the Cisco 1250 series LAP is not supported on version 4.1. The Cisco Aironet 1250 Series AP is supported from controller versions 4.2.61 and later. In order to fix this issue, upgrade the controller software to 4.2.61.0 or later.
    Problem 16: 1000 series LAPs not able to join the Wireless LAN controller, WLC runs version 5.0
    This is because WLC software release 5.0.148.0 or later is not compatible with Cisco Aironet 1000 series APs. If you have a Cisco 1000 series LAP in a network, which runs WLC versions 5.0.48.0, the 1000 series LAP does not join the controller and you see this trap message on the WLC.
    "AP with MAC xx:xx:xx:xx:xx:xx is unkown"

    videoaudiojack
    What version of Premiere Elements are you using and on what computer operating system is it running?
    What are the properties of this .mp4 video import (video and audio compressions, frame size, frame rate, interlaced or progressive, pixel aspect ratio)?
    If you have any information about the video bitrate and audio bitrate of the file, that would be good to know.
    What is the audio - stereo 2 channel or 5.1 channel?
    What are you (manually) or the project automatically setting as the project preset to match the properties of your source video?
    Let us start here and then decide what next.
    Thank you.
    ATR

  • An issue with WLC 5508 and 7921 phone

    Hello all!
    I have a system with WLC 5508 and some 1242 APs. And I use a lot of 7921 phones.
    One of 7921 phones was in trouble. It loses registration, disconnect conversations...
    I installed the trial WLC and run voice diagnostics.
    I  saw some of "Potentially degraded QoS in downlink direction because of  incorrect packet classification" messages and one "Fair upstream packet  loss ratio: 1,2%, which is less than threshold 2.5%"
    As I understand all of 7921 phones in these area are affected.
    what  does it mean? I set up Platinum QoS for voice WLAN. I don't have any qos  configuration string for AP and WLC ports on switches...
    any ideas?
    thanx in advance

    Sergey:
    There is one application called "WLC Config analyzer". You save your "show run-config" from your WLC in a text file and import it by this application. it will analyze the file for you and tell you what recommendations for voice are missing so you improve them.
    When importing a config file you choose what voice clinets you are using, so you need to choose cisco 7921 to it tells you what config improvemetns is needed based on 7921 needs.
    Here is the link to download the application:
    https://supportforums.cisco.com/docs/DOC-1373
    download the latest versoin.
    BTW, how many voice/data clients are connected to one AP in that area? if I remember correctly if you are utilizing voice then the max number of clients connected to one AP should not exceed 17. If you have more than this number per AP try to minimize the number of users concurrently connected to the AP then try again.
    Hope you'll find the config analyzer useful.
    If useful please don't forget to rate.
    Amjad

  • Port channel WLC 5508 and 3750

    Hi All,
    I want to configure Port channel for WLC 5508 and cisco 3750 Stack Switch. What changes I need to make on WLC and where?
    Thanks
    Jagdev

    Thanks Chris,
    LAG is enable on WLC, and Port channel is configured on 3750, Please see the configration and Port channel status below:-
    (Cisco Controller) >show lag summary
    LAG Enabled
    interface Port-channel14
    description Port Channel to WLC001
    switchport trunk encapsulation dot1q
    switchport mode trunk
    end
    sh etherchannel 14 summary
    Flags:  D - down        P - bundled in port-channel
            I - stand-alone s - suspended
            H - Hot-standby (LACP only)
            R - Layer3      S - Layer2
            U - in use      f - failed to allocate aggregator
            M - not in use, minimum links not met
            u - unsuitable for bundling
            w - waiting to be aggregated
            d - default port
    Number of channel-groups in use: 14
    Number of aggregators:           14
    Group  Port-channel  Protocol    Ports
    ------+-------------+-----------+-----------------------------------------------
    14     Po14(SD)        LACP      Gi1/0/22(I) Gi2/0/22(I)
    sh run int g1/0/22
    Building configuration...
    Current configuration : 209 bytes
    interface GigabitEthernet1/0/22
    description Trunk to WLC001 DistPort1
    switchport trunk encapsulation dot1q
    switchport trunk native vlan 254
    switchport mode trunk
    channel-group 14 mode active
    end
    sh run int g2/0/22
    Building configuration...
    Current configuration : 209 bytes
    interface GigabitEthernet2/0/22
    description Trunk to WLC001 DistPort2
    switchport trunk encapsulation dot1q
    switchport trunk native vlan 254
    switchport mode trunk
    channel-group 14 mode active
    end

  • Integration between WLC 5508 and Microsoft NPS 2008

    Hi guys,
    Any of you, have working guidance for WLC 5508 and Microsoft NPS 2008 integration?
    I managed to configure Wireless 802.1x feature (PEAP) but it failed. I'm running software ver. 7.0.116.0.
    Is there any bug related 802.1x on this software version?
    thanks in advance.
    BR
    shendy

    Hi Shendy,
    I am not aware about any bug related to this. I think you better check all configuration and make sure it is fine.
    Logs from NPS and WLC (and possibly from the supplicant) may guide you where the problem resides.
    What does the NPS logs tell about the reason of the authentication failure?
    What does the WLC logs say about the failure (check show msglog and show traplog).
    - Make sure the Radius server added correctly with correct IP and correct shared secret on WLC.
    - Make sure that the radius is configured correctly to allow PEAP-MSCHAPv2.
    - Make sure WLC is added successfully to WLC with correct IP address and correct shared secret.
    - Make sure the clients are correctly configured and the server's (NPS) certificate is trusted on the clients.
    HTH
    Amjad

Maybe you are looking for

  • Bitmap Sheets - tiled or single row - which is better?

    For alot of my animated sprites, I wrote a little program to read in all the bitmap data, crop the images and output a single sprite sheet of all the bitmaps, plus the "array" data needed to find and copy out the specified frame. This has proven to s

  • Accordion Spry Widget default loading behaviour

    Am using the accordion spry widget to display some spring/summer courses and I need all panels closed when the page first loads. I've tried to find the relevant code, but have not been successful in changing it to make this work. If I change the beha

  • Idoc sending

    plz tell me that I am sending an Idoc from SAP R/3 to XI and then it again goes to a different R/3. Now at idx5 I can see the idoc successfully transfer on the outbound and inbound channel. But the problem is that the idoc is going to some other wron

  • Is there any way to change default background from bmp in Captivate 7 recordings?

    Any time I make a recording, be it demo, training etc it always saves the captured background as a bmp in the library. I can manually export, edit, then reimport each of the files as jpgs, which looses no quality but reduces the size of the published

  • Re-opening Color Themes palette?

    Just started using the Color Themes tool and really like it. Is there a way to re-open the palette with an existing saved theme? The functionality of using the eyedropper is great but I can't figure out how to get it back into that state. thanks, And