WLC 5508, vlan select, reserved address in external DHCP server
Hi guys,
I have a deploy with a WLC 5508 version 7.0.116.0, APs mode local and vlan select feature enable. The issue is that the reserved IP address in external DHCP server not work. The DHCP contains a reserved IP address associates with mac address, but the assignement of IP is not match with de policies in DHCP. All others services operate normally.
This reserved assignment operate previusly to modificate the WLAN to vlan select feature. Help me to improve this situation.
Thanks.-
Best regards
Hello Abhishek, thanks for you quick answer....
the link was a document used for the deploy, but not especifict nothing about the reserved IP address for particular host. In other words, the reserved IP address (through MAC address) in external DHCP server not work when "vlan select" its enable.
Similar Messages
-
DHCP lease issue for PPPoA sessions when using external DHCP server
We used to use the Cisco 7206VXR's DHCP server to hand out leases, and when we lost several hundred customers on a link, the router was able to get them up and connected with an IP address within minutes.
We switched over to using an external DHCP server so we could have more control over some extended DHCP options, as well as to aggregate all our DHCP traffic. Now, if we lose 100 DSL customers all at once, it takes 90 minutes for them to come up again. They come in a few at at time, until all 100 are back.
We see waves of RADIUS auth's in our RADIUS log (RADIUS has always been handled externally, so nothing changed there), and continuous streams of DHCP requests come in and DHCP offers go out. What seems to be happening is that a whole bunch of modems auth with RADIUS, request IP addresses, but for whatever reason, timeout when they don't all get their lease, drop the connection, and retry the whole process all over again. We purchased a dedicated DHCP server, thinking that was the bottleneck, but performance is about identical.
Here's our config:
interface Virtual-Template1
ip unnumbered Loopback11
ip helper-address a.b.c.d
peer default ip address dhcp
ppp authentication pap
ppp ipcp dns a.b.c.d e.f.g.h
ppp ipcp unique-address
My questions are:
- is there any performance issue with using an external DHCP server and PPPoA
- is there anything in our config that would cause such delays
FrankGP:
No, the DHCP server is not across a WAN link; there is only a 10/100 switch in between the router and the DHCP server. There are no dropped packets on the interface.
I ended up opening a case with TAC about this issue. While I had the helper address configured in the template, TAC recommeneded that I specify the actual DHCP server with the command "ip dhcp-server x.x.x.x". This eliminates the DHCPBROADCAST (which I've verified). Perhaps the DHCP relay portion of the Cisco router is performed serially, instead of in parallel. By that, I mean, the next DHCPBROADCAST won't go out until there is the response for the first DHCPBROADCAST.
I'll know in a few days when we test again.
Frank -
Wlc 5508 invalid ipad mac address
Hello,
Help me pls,
While configuring mac address filter on a WLC 5508 there is problem with mac address beginning with 77:....
I cant add it to WLC mac filter.
Thanks in advanceIf you are using dot1x then no, the mac address is sent since the client does not receive an ip address till authetication succeeds.
Sent from Cisco Technical Support Android App -
WLC 5508 and Client IP addresses
we have installed our first 5508 in a small remote office. I setup a DHCP range on the 5508 to give the AP's a IP address. After that I changed the AP's to have static IP address. I wish for the wireless clients to use our DHCP servers here at the home office, so I shut down the DHCP service on the 5508. Now the Clients will not get an IP address. So now I re-enable the scope and the clients get an IP address. How do I configure the 5508 so that the wireless clients will get an IP address from our DHCP servers and not the 5508?
Go to WLAN > click the SSID of your choice > Advanced tab > click on "DHCP Server" and enter the DHCP Server.
-
Mac Lion won't accept IP address sent from DHCP server
Upgraded to Lion a few days ago. Everything worked for a couple days. Plug in the ethernet cable today and I never get an ip address with DHCP from my router. I have 2 other devices plugged into the router and they get ip addresses normally. Captured the DHCP communication to see if I was getting a valid DHCP offer and I am...it is included. The Lion firewall is disabled. For some reason Lion isn't accepting the DHCP offer. Could this be a bug or maybe something in a cache needs to cleaned out. I connect to several different networks daily and they all work except for this one.
The line in Bold type shows the ip address being offered that never gets accepted by lion.
No. Time Source Destination Protocol Info
26 21.993141 10.19.39.97 255.255.255.255 DHCP DHCP Offer - Transaction ID 0x4e299603
Frame 26 (353 bytes on wire, 353 bytes captured)
Arrival Time: Aug 5, 2011 19:30:01.105566000
[Time delta from previous captured frame: 0.001086000 seconds]
[Time delta from previous displayed frame: 0.001086000 seconds]
[Time since reference or first frame: 21.993141000 seconds]
Frame Number: 26
Frame Length: 353 bytes
Capture Length: 353 bytes
[Frame is marked: False]
[Protocols in frame: eth:ip:udp:bootp]
[Coloring Rule Name: UDP]
[Coloring Rule String: udp]
Ethernet II, Src: e8:b7:48:e6:ab:5c (e8:b7:48:e6:ab:5c), Dst: Broadcast (ff:ff:ff:ff:ff:ff)
Destination: Broadcast (ff:ff:ff:ff:ff:ff)
Address: Broadcast (ff:ff:ff:ff:ff:ff)
.... ...1 .... .... .... .... = IG bit: Group address (multicast/broadcast)
.... ..1. .... .... .... .... = LG bit: Locally administered address (this is NOT the factory default)
Source: e8:b7:48:e6:ab:5c (e8:b7:48:e6:ab:5c)
Address: e8:b7:48:e6:ab:5c (e8:b7:48:e6:ab:5c)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
.... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
Type: IP (0x0800)
Internet Protocol, Src: 10.19.39.97 (10.19.39.97), Dst: 255.255.255.255 (255.255.255.255)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
0000 00.. = Differentiated Services Codepoint: Default (0x00)
.... ..0. = ECN-Capable Transport (ECT): 0
.... ...0 = ECN-CE: 0
Total Length: 339
Identification: 0x00fa (250)
Flags: 0x00
0.. = Reserved bit: Not Set
.0. = Don't fragment: Not Set
..0 = More fragments: Not Set
Fragment offset: 0
Time to live: 255
Protocol: UDP (0x11)
Header checksum: 0x882c [correct]
[Good: True]
[Bad : False]
Source: 10.19.39.97 (10.19.39.97)
Destination: 255.255.255.255 (255.255.255.255)
User Datagram Protocol, Src Port: bootps (67), Dst Port: bootpc (68)
Source port: bootps (67)
Destination port: bootpc (68)
Length: 319
Checksum: 0x038d [validation disabled]
[Good Checksum: False]
[Bad Checksum: False]
Bootstrap Protocol
Message type: Boot Reply (2)
Hardware type: Ethernet
Hardware address length: 6
Hops: 0
Transaction ID: 0x4e299603
Seconds elapsed: 0
Bootp flags: 0x8000 (Broadcast)
1... .... .... .... = Broadcast flag: Broadcast
.000 0000 0000 0000 = Reserved flags: 0x0000
Client IP address: 0.0.0.0 (0.0.0.0)
Your (client) IP address: 10.19.39.98 (10.19.39.98)
Next server IP address: 0.0.0.0 (0.0.0.0)
Relay agent IP address: 0.0.0.0 (0.0.0.0)
Client MAC address: Apple_17:fd:5d (c4:2c:03:17:fd:5d)
Client hardware address padding: 00000000000000000000
Server host name not given
Boot file name not given
Magic cookie: (OK)
Option: (t=53,l=1) DHCP Message Type = DHCP Offer
Option: (53) DHCP Message Type
Length: 1
Value: 02
Option: (t=54,l=4) DHCP Server Identifier = 10.19.39.97
Option: (54) DHCP Server Identifier
Length: 4
Value: 0A132761
Option: (t=51,l=4) IP Address Lease Time = 1 day, 23 hours, 39 minutes, 50 seconds
Option: (51) IP Address Lease Time
Length: 4
Value: 00029E46
Option: (t=58,l=4) Renewal Time Value = 23 hours, 49 minutes, 55 seconds
Option: (58) Renewal Time Value
Length: 4
Value: 00014F23
Option: (t=59,l=4) Rebinding Time Value = 1 day, 17 hours, 42 minutes, 16 seconds
Option: (59) Rebinding Time Value
Length: 4
Value: 00024A78
Option: (t=1,l=4) Subnet Mask = 255.255.255.240
Option: (1) Subnet Mask
Length: 4
Value: FFFFFFF0
Option: (t=6,l=8) Domain Name Server
Option: (6) Domain Name Server
Length: 8
Value: AB44E278AB46A8B7
IP Address: 171.68.226.120
IP Address: 171.70.168.183
Option: (t=44,l=8) NetBIOS over TCP/IP Name Server
Option: (44) NetBIOS over TCP/IP Name Server
Length: 8
Value: AB443935AD2573BF
IP Address: 171.68.57.53
IP Address: 173.37.115.191
Option: (t=3,l=4) Router = 10.19.39.97
Option: (3) Router
Length: 4
Value: 0A132761
End OptionI have seen the same issue with my iOS and Mac OS devices (iPhone and MacBook Pro). I have written my own DHCP server (http://notebook.kulchenko.com/embedded/dhcp-and-dns-servers-with-arduino) and have had troubles getting my devices to connect (Windows Vista and Ubuntu devices connect fine). I suspect that this problem happens because the DHCP Offer message is sent to a broadcast address, even though (at least in my case) the broadcast flag is off in the DHCP Discover message I see.
Unfortunately you didn't include the Discover message, so I can't tell for sure, but if it indeed has the broadcast flag set to 0, then the server should send the response message using unicast as per DHCP spec (http://www.ietf.org/rfc/rfc2131.txt, section 4.1):
If the broadcast bit is not set and 'giaddr' is zero and
'ciaddr' is zero, then the server unicasts DHCPOFFER and DHCPACK
messages to the client's hardware address and 'yiaddr' address.
So, it seems like in this case the server may be at fault, even though it would be nice for Mac OS to accept broadcast responses (and would solve my problem too).
Can someone confirm that Mac OS does not accept broadcast responses to DHCP Discover and DHCP Request messages? Thanks.
Paul. -
Ip helper-address with two dhcp server
I have two dhcp server running on vlan1, which serving our workstation on vlan2. 10.10.10.51 is our primary and 10.10.10.52 is secondary server.
My question is:
- Which server would my workstation get the dhcp from?
- If the primary server is down, could I reach the second dhcp server? and if the primary server back online.. Which server would be serving our dhcp client?
interface Vlan1
ip address 10.10.10.1 255.255.255.0
no ip redirects
ip directed-broadcast
interface Vlan2
ip address 10.10.20.1 255.255.255.0
ip helper-address 10.10.10.51
ip helper-address 10.10.10.52
no ip redirects
ip directed-broadcastHi,
I don't agree.
AFAIK, using two ip helper-address entries in a router config will cause the dhcp request being sent to BOTH dhcp servers.
So both the primary and secondary dhcp server will send a dhcp offer to the workstation. The workstation will choose one of the offers and confirm it to the server.
So ip helper-address command will not help you to choose if dhcp server is primary or secondary.
You can either use different dynamic address pools on primary and secondary dhcp server (and the same static entries) or to arrange some kind of dhcp server failover:
See
http://www.microsoft.com/windows2000/en/server/help/default.asp?url=/windows2000/en/server/help/sag_DHCP_imp_ClusteringSupport.htm
There is also RFC 2131 describing DHCP Failover Protocol.
Regards,
Milan -
I have three WinServer 2012 R2 domain controllers that also act as DNS and DHCP servers.
I have a guest wireless network that has its own subnect, 10.121.176.0/20
We have our DHCP scopes split this way across the three domain controllers with a DHCP lease time of 1 day
Domain controller 1, 10.121.176.11 - 10.121.181.255 for a total of 1,525 addresses
Domain controller 2, 10.121.182.0 - 10.121.186.255 for a total of 1,280 addresses
Domain controller 3, 10.121.187.0 - 10.121.191.254 for a total of 1,279 addresses
This gives us a total of 4,084 addresses to hand out on our guest wireless network which is plenty. I just looked at each servers stats and this is what I see
Domain controller 1 - 717 addresses in use, 808 available
Domain controller 2 - 900 addresses in use, 380 available
Domain controller 3 - 1280 address in use, 0 available
On domain controller 3 I am seeing lots of DHCP events
Event ID 1063 - There are no IP addresses available for lease in the scope or superscope "GuestWireless-176
Event ID 20287 - DHCP client request from 28E14CE87EFB was dropped since the applicable IP address ranges in scope/superscope GuestWireless-176 are out of available IP addresses
Two questions:
Once Domain Controller 3 rejects the DHCP request since it is out of addresses, will this request be fulfilled by one of my other two domain controllers?
Is there any way to even out the leases on these DHCP servers? Not sure the mechanism behind a client choosing one DHCP server over another1 yes, the dhcp server who's scope is full will not do a dhcp
'offer'
2 dhcp that answers fastest with a 'offer' will win. A delay is configurable (but changes nothing
about the root scenario were the fastest will win)
Note that if the scopes overlap on the servers, they might not lease out all the addresses in the scope.
I would enlarge the scope as you will want to fence against unavailability of one of the servers (or a network connection for that matter). you currently have more addresses leased out than any set of two of your servers can offer.
MCP/MCSA/MCTS/MCITP -
ISE and WLC 5508 IP and MAc address
Hi!
Is it possible that we recibe IP address and Mac address Client at the same time in ISE ?
The wlc permits choose radius Call station ip type MAC or IP, but not both.
Thanks you,If you are using dot1x then no, the mac address is sent since the client does not receive an ip address till authetication succeeds.
Sent from Cisco Technical Support Android App -
WLC with ISE as radius and also external web server
Hi friends,
I am biulding a wireless network with 5508 WLC and trying to use ISE as radius server and also to redirect the web-login to it.
I was trying to understand that to achieve the external web-login, do i need to use the raduius-nac option under advanced on the guest wireless where i am trying this out. and if not, where do i actually use it?
So far what i have understood that i do need to have preauth ACL on the Layer 3 security, but the issue is there is no hit reaching the ISE.
any suggestions would be higly appreciated guys!
Regards,
MohitHi mohit,
Please make sure the below steps for guest auth thru ISE,
1)Add the WLC in your ISE as netork devices.
2)In Guest SSID you need to choose the pre authentication acl.That acl should allow the below traffic
a. any to ISE
b.ISE to any
c.any to dns server
d.dns to any
3)The external redirect url will be
https://ip address:8443/guestportal/Login.action
4)AAA server for that SSId would be your ISE ip with port number 1812.
5)In advanced tab please choose the AAA override. No need of radius nac.
6)Create appropriate authorization profile in ISE for guest.Example is below , -
Cisco vlan setup w a windows 2003 dhcp server help
Can anyone give me some tips or point me to some documentation on setting up a catalyst 4500 series w vlans and a windows 2003 server w associated dhcp scopes? Just for curiosity, what is a good vlan design for a college. I was thinking a student, a staff, a faculty, and a guest and or mgmt vlan. Also, on the guest vlan how would I setup an outbound acl to only allow port 80 traffic? Thanks in advance.
Hi
Try to limit the number of users per vlan to no more than a class C subnet if you can. We use half a class C /25 network in our offices.
If you can break up the vlans to match the different type of users then that would be a good start. It means you can further down the line apply different security policies to the different vlans which in your situation you may well want to do. Don't worry if for example you need to use 2 or 3 vlans for students it's not a problem.
Attached is a link for 4500 configuration. You need to look at the following chapters primarily
1) Configuring VLAN's VTP & VMPS.
2) Configuring Layer 3 interfaces. Look at the section on logical layer 3 SVI's.
http://www.cisco.com/en/US/docs/switches/lan/catalyst4500/12.2/31sg/configuration/guide/conf.html
On the guest vlan you would need something like (assuming guest vlan subnet range is 192.168.1.0/24
access-list 120 permit tcp 192.168.1.0 255.255.255.0 any eq www
access-list 120 deny ip 192.168.1.0 255.255.255.0 any
and apply it on the inbound vlan interface. ie. if your vlan for guest users is vlan 20
switch(config)# vlan 20
switch(config-if)# ip access-group 120 in
As for the W2003 server, not done much with windows. You will need DHCP manager which should be under admin tools. Make sure you exclude the addresses for each subnet that you allocate to the 4500 layer 3 interfaces ie
switch(config)# vlan 20
switch(config-t)# ip address 192.168.1.1 255.255.255.0
In your DHCP scope 192.168.1.1 will be the default gateway for your clients and you should exclude this from the scope.
Hope this is enough to get you started
Jon -
WdsClient: An error occurred while obtaining an IP address from the DHCP server
Trying to create and deploy a Windows 7 pro image for Dell optiplex 390s. Getting the dreaded error above when trying to connect to the DHCP. After a couple days of research I've tried injecting drivers, different version of drivers, injecting drivers into
a different boot image, changing the name and/or deleting the setup.exe file from the image, verified that spanning-tree portfast was enabled on the switch, and edited \windows\system32\startnet.cmd. Everything i've tried results in the error still showing.
When running ipconfig it looks like the NIC is not even initializing which leads me to believe it's a driver issue still. I'm out of ideas on this one. Anyone else have any?Hi,
Does the issue occur on other computers? Try to enable the spanning-tree portfast on the Cisco switch.
Please check out this post:
http://social.technet.microsoft.com/Forums/en-US/itprovistadeployment/thread/d70a8258-9dd3-4868-9e06-d25de427f3cc
Tracy Cai
TechNet Community Support -
WLC 5508 , AP client dhcp address different from WLAN interface VLAN subnet?
Hope the title makes sense, here's my situation: I have multiple businesses on 1 WLC 5508, there's a LAG to my core switch with seperate interfaces for each, broken up by vlans.
My question is: if i have a WLAN setup to use interface "Company A" which is vlan 10 with an ip of 10.0.1.5 which then points to 10.0.1.10 for dhcp.
Can the WLAN client connecting to the Company A WLAN use an IP in a different IP range?(192.168.1.10?) can the wlc route? from the perspective of the DHCP server where doers the request come from? (10.0.1.5?)
Can the DHCP server 10.0.10.10 on vlan 10 respond back with and ip on a different subnet to assign to the client to use and still be fully fonctioning? would the default gateway for the client need to be 10.0.1.5? So the clients ip would be 192.168.1.10 /24 with a gateway of 10.0.1.5 (ip adress fo vlan10 interface on WLC) And if multiple clients on the same subnet wanted to talk to each other woudl the WLC know how to route them to each other without passing through the default gateway?
Sorry if this is confusing I'm having a bit of a hard time explaining it in works, i can try and draw somethign up if it makes more sense.
thanks
EricI think if you want these clients to stick to a WLAN configured on a VLAN that has a different IP addressing you could configure your VLAN with the normal IP addressing then add on the SVI the 2nd IP_Class_default_gateway.
E.G.
Vlan 10
interface vlan 10
ip address 10.0.10.1 255.255.255.0
ip address 192.168.1.1 255.255.255.0 secondary
Clients that receive IP address from 192.168.1.0/24 network will be able to reach 192.168.1.1 and all traffic will pass right. -
VLAN Select - Interface dirty - Index based on Mac Address
Hello Experts,
we are testing the VLAN Select Feature with a 5508 controller, version 7.0.230 and two /23 DHCP Scopes on an external dhcp server. Our cookbook is following document:
http://www.cisco.com/en/US/products/ps10315/products_tech_note09186a0080bb4900.shtml
Now i have a few questions
1 - Is there any chance to see the calculated index based on the Mac Address to which the interface is assigned to the client. I try "debug client MAC-ADDRESS" and "debug dhcp", Maybe i overlook it, but i can't find any information to that index.
2 - Is there a cli command to delete the index? It would be great for testing purposes and troubleshooting.
3 - Is there a cli command to look, if the interface is "dirty"?
4 - Our DHCP Server has a lease time of 5 Minutes. Is it possible to set the interface dirty time to a value less than 30 minutes?
Best Regards,
MichaelI know this is an old post - but I ran across it trying to find an answer to the same questions.
Did you ever find any answers? I did find an answer to question 3, show interface group detailed.
But I haven't found a way to delete the indexes short of rebooting all the controllers, and apparently you would have to reboot them all at the same time. -
WLC 5508 Internal DHCP server issues
Hi,
I am hoping to get your feedback around the dhcp issues I am facing with Two Centrally Switched Wireless LANs. I have tried to explain the setup and the problems below and would appreciate it if anyone can suggest a solution for the problems I am facing:
The setup is as follows:
- I have a WLC 5508 which has been configured with 4 SSIDs, out of which 2 are using Central Authentication and Switching.
- I have an LWAP connected to the WLC in HREAP mode.
- WLC is configured as the DHCP server for clients connecting to the SSID 'Guest'. For the rest, I am using external dhcp server.
- Only one scope for Guest Interface is setup on the WLC.
Problems:
1. As far as I know, for WLC to act as internal dhcp server, it is mandatory to have the proxy enabled, but the Clients connecting to SSID 'Internet' are
unable to get an ip address from the external dhcp server, if dhcp proxy is enabled on the WLC. If i disable the proxy, it all works fine.
2. DHCP does not release the ip addresses assigned to clients even after they are logged out.
3. If a machine which was earlier connected to 'Guest' SSID connects to the 'Internet' SSID, it requests the same ip it was assigned by the WLC which it was assigned under 'Guest', but gets tagged with the Vlan configured on the management interface.
************Output from the Controller********************
(Cisco Controller) >show sysinfo
Manufacturer's Name.............................. Cisco Systems Inc.
Product Name..................................... Cisco Controller
Product Version.................................. 7.0.116.0
Bootloader Version............................... 1.0.1
Field Recovery Image Version..................... 6.0.182.0
Firmware Version................................. FPGA 1.3, Env 1.6, USB console 1.27
Build Type....................................... DATA + WPS + LDPE
(Cisco Controller) >show interface summary
Interface Name Port Vlan Id IP Address Type Ap Mgr Gu
est
guest 1 301 10.255.255.30 Dynamic No No
management 1 100 172.17.1.30 Static Yes No
service-port N/A N/A 192.168.0.1 Static No No
virtual N/A N/A 10.0.0.1 Static No No
(Cisco Controller) >show wlan summary
Number of WLANs.................................. 4
WLAN ID WLAN Profile Name / SSID Status Interface Name
1 LAN Enabled management
2 Internet Enabled management
3 Managment Assets Enabled management
4 Guest Enabled guest
(Cisco Controller) >show dhcp detailed guest
Scope: guest
Enabled.......................................... Yes
Lease Time....................................... 86400 (1 day )
Pool Start....................................... 10.255.255.31
Pool End......................................... 10.255.255.254
Network.......................................... 10.255.255.0
Netmask.......................................... 255.255.255.0
Default Routers.................................. 10.255.255.1 0.0.0.0 0.0.0.0
DNS Domain.......................................
DNS.............................................. 8.8.8.8 8.8.4.4 0.0.0.0
Netbios Name Servers............................. 0.0.0.0 0.0.0.0 0.0.0.0
(Cisco Controller) >show interface detailed management
Interface Name................................... management
MAC Address...................................... e8:b7:48:9b:84:20
IP Address....................................... 172.17.1.30
IP Netmask....................................... 255.255.255.0
IP Gateway....................................... 172.17.1.1
External NAT IP State............................ Disabled
External NAT IP Address.......................... 0.0.0.0
VLAN............................................. 100
Quarantine-vlan.................................. 0
Active Physical Port............................. 1
Primary Physical Port............................ 1
Backup Physical Port............................. Unconfigured
Primary DHCP Server.............................. 172.30.50.1
Secondary DHCP Server............................ Unconfigured
DHCP Option 82................................... Disabled
ACL.............................................. Unconfigured
AP Manager....................................... Yes
Guest Interface.................................. No
L2 Multicast..................................... Enabled
(Cisco Controller) >show interface detailed guest
Interface Name................................... guest
MAC Address...................................... e8:b7:48:9b:84:24
IP Address....................................... 10.255.255.30
IP Netmask....................................... 255.255.255.0
IP Gateway....................................... 10.255.255.1
External NAT IP State............................ Disabled
External NAT IP Address.......................... 0.0.0.0
VLAN............................................. 301
Quarantine-vlan.................................. 0
Active Physical Port............................. 1
Primary Physical Port............................ 1
Backup Physical Port............................. Unconfigured
Primary DHCP Server.............................. Unconfigured
Secondary DHCP Server............................ Unconfigured
DHCP Option 82................................... Disabled
ACL.............................................. Unconfigured
AP Manager....................................... No
Guest Interface.................................. No
L2 Multicast..................................... Enabled
(Cisco Controller) >show dhcp leases
MAC IP Lease Time Remaining
00:21:6a:9c:03:04 10.255.255.46 23 hours 52 minutes 42 seconds <<<<<<< lease remains even when the client is disconnected.
*********Example of Client connected to the right Vlan with an ip address from the incorrect interface. *************
(Cisco Controller) >show client detail 00:21:6a:9c:03:04
Client MAC Address............................... 00:21:6a:9c:03:04
Client Username ................................. N/A
AP MAC Address................................... a0:cf:5b:00:49:c0
AP Name.......................................... mel
Client State..................................... Associated
Client NAC OOB State............................. Access
Wireless LAN Id.................................. 2 <<<<<<<< 'Internet' SSID
BSSID............................................ a0:cf:5b:00:49:ce
Connected For ................................... 319 secs
Channel.......................................... 36
IP Address....................................... 10.255.255.46 <<<<<<< IP address assigned from the 'Guest' Interface or dhcp scope on the WLC
Association Id................................... 1
Authentication Algorithm......................... Open System
Reason Code...................................... 1
Status Code...................................... 0
Session Timeout.................................. 1800
Client CCX version............................... 4
Client E2E version............................... 1
QoS Level........................................ Silver
802.1P Priority Tag.............................. disabled
WMM Support...................................... Enabled
Power Save....................................... OFF
Mobility State................................... Local
Mobility Move Count.............................. 0
Security Policy Completed........................ Yes
Policy Manager State............................. RUN
Policy Manager Rule Created...................... Yes
ACL Name......................................... none
ACL Applied Status............................... Unavailable
Policy Type...................................... N/A
Encryption Cipher................................ None
Management Frame Protection...................... No
EAP Type......................................... Unknown
H-REAP Data Switching............................ Central <<<<<<<<<
H-REAP Authentication............................ Central <<<<<<<<<<
Interface........................................ management
VLAN............................................. 100 <<<<<<<<<<< right Vlan
Quarantine VLAN.................................. 0
Access VLAN...................................... 100Hi All,
I have a similar issue where Wireless clients are not receiving automatic addressing from an internal DHCP server. I have multiple interfaces configured on the WLC which are connected to separate VLANS. The manually specified DHCP primary server entry is the same on all interfaces. Some clients are able to authenticate and receive automatic IP configuration but some clients are failing the address assignment process. I have checked connectivity between the WLC and DHCP server, this is confirmed as working. When I carry out a "debug dhcp packet enable", I get the following outputs which seems as if the DHCP discover request from the client is skipped. Your thoughts and inputs on this are appreciated.
DHCP Socket Task: Nov 07 11:16:09.174: 00:22:fb:7b:37:32 DHCP option len (including the magic cookie) 76
*DHCP Socket Task: Nov 07 11:16:09.174: 00:22:fb:7b:37:32 DHCP option: message type = DHCP DISCOVER
*DHCP Socket Task: Nov 07 11:16:09.174: 00:22:fb:7b:37:32 DHCP option: 116 (len 1) - skipping
*DHCP Socket Task: Nov 07 11:16:09.174: 00:22:fb:7b:37:32 DHCP option: 61 (len 7) - skipping
*DHCP Socket Task: Nov 07 11:16:09.174: 00:22:fb:7b:37:32 DHCP option: requested ip = 169.254.223.5
*DHCP Socket Task: Nov 07 11:16:09.174: 00:22:fb:7b:37:32 DHCP option: 12 (len 13) - skipping
*DHCP Socket Task: Nov 07 11:16:09.174: 00:22:fb:7b:37:32 DHCP option: vendor class id = MSFT 5.0 (len 8)
*DHCP Socket Task: Nov 07 11:16:09.174: 00:22:fb:7b:37:32 DHCP option: 55 (len 11) - skipping
*DHCP Socket Task: Nov 07 11:16:09.174: 00:22:fb:7b:37:32 DHCP option: 43 (len 2) - skipping
*DHCP Socket Task: Nov 07 11:16:09.174: 00:22:fb:7b:37:32 DHCP options end, len 76, actual 68
*DHCP Socket Task: Nov 07 11:16:09.174: 00:22:fb:7b:37:32 DHCP Forwarding DHCP packet (332 octets) packet DHCP Socket Task: Nov 07 11:16:09.174: 00:22:fb:7b:37:32 DHCP option len (including the magic cookie) 76
Thanks,
Raj Sandhu -
Hello everyone!
I have a controller of the 5508 series and Ap 1602.
Ap manage to obtain IP addresses from the DHCP server that is the 5508 controller.
but the Rev fail to register, please I really vesoin help.
Below are some show:
1. AP: sh version
AP0006.f6d5.ea9c#sh version
Cisco IOS Software, C1600 Software (AP1G2-RCVK9W8-M), Version 15.2(2)JB, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2012 by Cisco Systems, Inc.
Compiled Tue 11-Dec-12 04:52 by prod_rel_team
ROM: Bootstrap program is C1600 boot loader
BOOTLDR: C1600 Boot Loader (AP1G2-BOOT-M) LoaderVersion 15.2(2)JAX, RELEASE SOFTWARE (fc1)
AP0006.f6d5.ea9c uptime is 38 minutes
System returned to ROM by power-on
System image file is "flash:/ap1g2-rcvk9w8-mx/ap1g2-rcvk9w8-mx"
Last reload reason:
This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.
A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html
If you require further assistance please contact us by sending email to
[email protected].
cisco AIR-CAP1602E-E-K9 (PowerPC) processor (revision A0) with 98294K/32768K bytes of memory.
Processor board ID FGL1709Z6PC
PowerPC CPU at 533Mhz, revision number 0x2151
Last reset from power-on
LWAPP image version 7.4.1.37
1 Gigabit Ethernet interface
32K bytes of flash-simulated non-volatile configuration memory.
Base ethernet MAC Address: 00:06:F6:D5:EA:9C
Part Number : 73-14508-04
PCA Assembly Number : 000-00000-00
PCA Revision Number :
PCB Serial Number : FOC17020MTR
Top Assembly Part Number : 800-38553-01
Top Assembly Serial Number : FGL1709Z6PC
Top Revision Number : A0
Product/Model Number : AIR-CAP1602E-E-K9
Configuration register is 0xF
2. AP: sh ip interface brief
Interface IP-Address OK? Method Status Protocol
BVI1 unassigned YES DHCP up up
GigabitEthernet0 unassigned NO unset up up
GigabitEthernet0.1 unassigned YES unset up up
3. AP: sh inventory
---nothing---
4. WLC: sh sysinfo
(Cisco Controller) >show sysinfo
Manufacturer's Name.............................. Cisco Systems Inc.
Product Name..................................... Cisco Controller
Product Version.................................. 7.3.101.0
Bootloader Version............................... 1.0.1
Field Recovery Image Version..................... 6.0.182.0
Firmware Version................................. FPGA 1.3, Env 1.6, USB console 1.27
Build Type....................................... DATA + WPS
System Name...................................... WLC-EEML
System Location..................................
System Contact...................................
System ObjectID.................................. 1.3.6.1.4.1.9.1.1069
Redundancy Mode.................................. Disabled
IP Address....................................... 10.10.10.1
Last Reset....................................... Software reset
System Up Time................................... 1 days 1 hrs 13 mins 37 secs
System Timezone Location.........................
Configured Country............................... US - United States
Operating Environment............................ Commercial (0 to 40 C)
Internal Temp Alarm Limits....................... 0 to 65 C
Internal Temperature............................. +39 C
--More-- or (q)uit
External Temperature............................. +25 C
Fan Status....................................... OK
State of 802.11b Network......................... Enabled
State of 802.11a Network......................... Enabled
Number of WLANs.................................. 1
Number of Active Clients......................... 0
Burned-in MAC Address............................ E0:2F:6D:5D:7D:C0
Power Supply 1................................... Present, OK
Power Supply 2................................... Absent
Maximum number of APs supported.................. 25
5. WLC: sh time
Time............................................. Fri Jan 3 12:21:37 2014
Timezone delta................................... 0:0
Timezone location................................
NTP Servers
NTP Polling Interval......................... 86400
Index NTP Key Index NTP Server NTP Msg Auth Status
also, I'm in africa but
I can not change the country or the time zone
thank you in advance for your helpHi,
By CLI:
Before change the country code on wlc , You must disable
WLC > config 802.11a disable network
WLC >config 802.11b disable network
WLC >config country SA (...or wtever country u are in)
And then enable both network again.
WLC >config 802.11a enable network
WLC >config 802.11b enable network
By GUI:
First disable both network 802.11a and 802.11b
Follow these steps to disable the 802.11a and 802.11b/g networks as follows:
a. Choose Wireless> 802.11a/n > Network.
b. Unselect the 802.11a Network Status check box.
c. Click Apply to commit your changes.
d. Choose Wireless > 802.11b/g/n > Network.
e. Unselect the 802.11b/g Network Status check box.
f. Click Apply to commit your changes.
Change country code on WLC now:
Choose Wireless > Country
after changing the country code please enable both networks(802.11a and 802.11b)
Hope it helps.
Regards
Dont forget to rate helpful posts.
Maybe you are looking for
-
The device, an Ocean Optics spectrometer in columns of about 9000 cells.I'm saving this as a lvm file using the "write to measurement file.vi". But it doesn't give me the flexibility as far as I can tell. I need to move the column by the index of the
-
How do I fix my screen display? It scrolls vertically and horizontally
The screen on my 21.5 inch imac scrolls up and down and side to side instead of a static resolution. The display resolution is set to 1920 X 1080 on my imac. This glitch is really annoying but I don't know what to do. Help!
-
KDE4 ignores font hinting settings [solved: qt bug, fixed in 4.5]
Full hinting enabled in Gnome and KDE: Slight hinting enabled in Gnome and KDE: KDE seems to ignore the hinting settings. It's present in ~/.fonts.conf, also Qt3 apps work fine. I would like to use slight hinting everywhere, but KDE4 defaults to full
-
VF11 success or failure?
Hi Folks, Can anyone here please let me know how to check whether the VF11 transaction is success or not? It is not generating any error message and all the messages are like Billing block blocked,already invoiced which infact doesn't sound like an
-
IFrame Transperancy over PDF in HTML
I have a requirement to set transperancy to the modal popup over pdf. Now every thing works well in Google Chrome but as Internet Explorer is widely used Browser all the over the world, I wanna make it work in IE as well. As you can see in the screen