ExtremeWireless (WiNG)

Expand all | Collapse all

wireless clients not getting dhcp

Lorielee Jacinto

Lorielee Jacinto08-02-2018 12:05

Lorielee Jacinto

Lorielee Jacinto08-02-2018 12:21

  • 1.  wireless clients not getting dhcp

    Posted 08-01-2018 18:32
    Clients connect to a Guest SSID which is set to VLAN13. We have another SSID connected to VLAN1. Clients trying to connect to the guest SSID do not get a DHCP address. We have the router serving DHCP addresses. We have VLAN1 set to local and VLAN13 set to tunnel. What are we missing? We tried bridging the two via local and tunnel, but we get the same result. Any help would be appreciated.


  • 2.  RE: wireless clients not getting dhcp

    Posted 08-01-2018 18:40
    Hello Lorilee,
    Is the referenced router our wireless controller or external/3rd party router with DHCP server? If using the wireless controller, you must ensure that the DHCP policy is mapped to the wireless controller. It might be best if you got a support case generated in order that we can review the configuration and topology to better assist you. You can either call 800-872-8440 or use the online method: https://gtacknowledge.extremenetworks.com/articles/How_To/Create-a-Case-via-New-Portal

    The wireless controller and/or APs must be under 90-day warranty period or under entitlement/contract for phone support.


  • 3.  RE: wireless clients not getting dhcp

    Posted 08-01-2018 19:02
    Hello Lorielee,

    what are you working with in terms of equipment, i. e.: Controller, virtual controller, AP, models, firmware version, etc...?

    In general:

    1 - Both VLANs should be created and segregated on corporate router. DHCP should also be configured for same.
    2 - Both WLANs should be local
    3 - Map one wlan to vlan 1 and the other to vlan 13
    4 - Create vlan 13 on controller/AP (vlan 1 should be there by default)
    5 - All connected ports should be switched to trunk ports and allow vlans 1 and 13
    6 - Make sure that both vlans are also allowed on the switchport the equipment is connected to

    Thank you,

    Chris


  • 4.  RE: wireless clients not getting dhcp

    Posted 08-01-2018 19:25
    Basic troubleshooting...

    Does DHCP service even work > configure a port untagged VLAN#13 and connect a wired device > could you get a IP via DHCP

    Connect again via wireless > check the switch MAC table > did the switch learn the client MAC on the correct port and on the correct VLAN.

    The result of this two steps should give you a good idea what is going wrong.


  • 5.  RE: wireless clients not getting dhcp

    Posted 08-02-2018 11:41
    Here's the wireless config I have setup now. We are using (4) 7532 access points. I have (1) AP set as a virtual controller.

    !
    ! Configuration of AP7532 version 5.8.6.5-002R
    !
    !
    version 2.5
    !
    !
    client-identity-group default
    load default-fingerprints
    !
    ip access-list BROADCAST-MULTICAST-CONTROL
    permit tcp any any rule-precedence 10 rule-description "permit all TCP traffic"
    permit udp any eq 67 any eq dhcpc rule-precedence 11 rule-description "permit DHCP replies"
    deny udp any range 137 138 any range 137 138 rule-precedence 20 rule-description "deny windows netbios"
    deny ip any 224.0.0.0/4 rule-precedence 21 rule-description "deny IP multicast"
    deny ip any host 255.255.255.255 rule-precedence 22 rule-description "deny IP local broadcast"
    permit ip any any rule-precedence 100 rule-description "permit all IP traffic"
    !
    mac access-list PERMIT-ARP-AND-IPv4
    permit any any type ip rule-precedence 10 rule-description "permit all IPv4 traffic"
    permit any any type arp rule-precedence 20 rule-description "permit all ARP traffic"
    !
    ip snmp-access-list default
    permit any
    !
    firewall-policy default
    no ip dos smurf
    no ip dos twinge
    no ip dos invalid-protocol
    no ip dos router-advt
    no ip dos router-solicit
    no ip dos option-route
    no ip dos ascend
    no ip dos chargen
    no ip dos fraggle
    no ip dos snork
    no ip dos ftp-bounce
    no ip dos tcp-intercept
    no ip dos broadcast-multicast-icmp
    no ip dos land
    no ip dos tcp-xmas-scan
    no ip dos tcp-null-scan
    no ip dos winnuke
    no ip dos tcp-fin-scan
    no ip dos udp-short-hdr
    no ip dos tcp-post-syn
    no ip dos tcphdrfrag
    no ip dos ip-ttl-zero
    no ip dos ipspoof
    no ip dos tcp-bad-sequence
    no ip dos tcp-sequence-past-window
    no firewall enable
    no ipv6 dos multicast-icmpv6
    no ipv6 dos hop-limit-zero
    no ipv6 dos tcp-intercept-mobility
    no stateful-packet-inspection-l2
    ip tcp adjust-mss 1400
    !
    !
    mint-policy global-default
    !
    meshpoint-qos-policy default
    !
    wlan-qos-policy default
    rate-limit client to-air
    rate-limit client to-air rate 10000
    rate-limit client from-air
    rate-limit client from-air rate 10000
    qos trust dscp
    qos trust wmm
    !
    radio-qos-policy default
    !
    roaming-assist-policy FreshMkt-Guest
    !
    wlan FreshMkt-Guest
    ssid FreshMkt-Guest
    vlan 13
    bridging-mode tunnel
    encryption-type none
    authentication-type none
    no client-client-communication
    no fast-bss-transition over-ds
    use roaming-assist-policy FreshMkt-Guest
    !
    wlan Sirf@0462
    ssid Sirf@0462
    vlan 1
    bridging-mode local
    encryption-type wep128
    authentication-type none
    no broadcast-ssid
    no fast-bss-transition over-ds
    wep128 key 1 hex 0 49734657942ace428ccc2241ca
    !
    smart-rf-policy default
    !
    wips-policy default
    !
    !
    management-policy default
    telnet
    http server
    https server
    ssh
    user admin password 1 d652cd2c3d7e699e292b240722cf8dbbacfca1904aa4c38857e7288daacfc62a role superuser access all
    snmp-server manager v2
    snmp-server community 0 fish4food ro
    snmp-server community 0 hunt4bambe rw
    snmp-server user snmptrap v3 encrypted des auth md5 0 admin123
    snmp-server user snmpmanager v3 encrypted des auth md5 0 admin123
    !
    event-system-policy default
    !
    nsight-policy default
    !
    profile ap7532 default-ap7532
    use enterprise-ui
    autoinstall configuration
    autoinstall firmware
    crypto ikev1 policy ikev1-default
    isakmp-proposal default encryption aes-256 group 2 hash sha
    crypto ikev2 policy ikev2-default
    isakmp-proposal default encryption aes-256 group 2 hash sha
    crypto ipsec transform-set default esp-aes-256 esp-sha-hmac
    crypto ikev1 remote-vpn
    crypto ikev2 remote-vpn
    crypto auto-ipsec-secure
    crypto load-management
    crypto remote-vpn-client
    interface radio1
    wlan Sirf@0462 bss 1 primary
    wlan FreshMkt-Guest bss 2 primary
    interface radio2
    wlan Sirf@0462 bss 1 primary
    wlan FreshMkt-Guest bss 2 primary
    interface ge1
    switchport mode trunk
    switchport trunk native vlan 1
    no switchport trunk native tagged
    switchport trunk allowed vlan 1,13
    interface vlan1
    ip address zeroconf secondary
    ip dhcp client request options all
    interface vlan13
    description Guest
    interface pppoe1
    use event-system-policy default
    use firewall-policy default
    use client-identity-group default
    logging on
    logging syslog informational
    logging host 155.110.1.97
    service pm sys-restart
    router ospf
    !
    rf-domain default
    timezone EST5EDT
    country-code us
    use nsight-policy default
    !
    ap7532 B8-50-01-73-21-70
    use profile default-ap7532
    use rf-domain default
    hostname SN0462-AP02
    location default
    ip default-gateway 10.11.5.1
    ip route 192.168.180.0/24 192.168.180.1
    interface vlan1
    no description
    ip address 10.11.5.249/24
    interface vlan13
    ip address 192.168.180.3/24
    !
    ap7532 B8-50-01-73-21-78
    use profile default-ap7532
    use rf-domain default
    hostname SN0462-AP01
    location default
    no adoption-mode
    bridge vlan 1
    bridging-mode local
    ip default-gateway 10.11.5.1
    ip route 192.168.180.0/24 192.168.180.1
    interface ge1
    switchport mode trunk
    switchport trunk native vlan 1
    no switchport trunk native tagged
    switchport trunk allowed vlan 1,13
    interface vlan1
    no description
    ip address 10.11.5.248/24
    interface vlan13
    ip address 192.168.180.2/24
    ntp server 155.110.249.1
    virtual-controller
    rf-domain-manager capable
    !
    ap7532 B8-50-01-73-21-80
    use profile default-ap7532
    use rf-domain default
    hostname SN0462-AP04
    location default
    ip default-gateway 10.11.5.1
    ip route 192.168.180.0/24 192.168.180.1
    interface vlan1
    no description
    ip address 10.11.5.251/24
    !
    ap7532 B8-50-01-73-2C-B0
    use profile default-ap7532
    use rf-domain default
    hostname SN0462-AP03
    location default
    ip default-gateway 10.11.5.1
    ip route 192.168.180.0/24 192.168.180.1
    interface vlan1
    no description
    ip address 10.11.5.250/24
    !
    !
    end



  • 6.  RE: wireless clients not getting dhcp

    Posted 08-02-2018 11:42
    What happens is I cannot ping the gateway from the ap when I source the ping from vlan13


  • 7.  RE: wireless clients not getting dhcp

    Posted 08-02-2018 11:49
    What about the switch - is the port configured as a trunk.
    As I've mentioned before check the MAC table of the switch to see whether you learn the MAC on the right port in the correct VLAN.


  • 8.  RE: wireless clients not getting dhcp

    Posted 08-02-2018 11:52
    Switch side, it is yes. We have statically setup a device on the VLAN13 and it works, but when we go DHCP devices get a 169 IP.


  • 9.  RE: wireless clients not getting dhcp

    Posted 08-02-2018 11:52
    Sorry but I'm not sure whether I unterstand....

    If you connect a wired device on a port that is configured for VLAN#13 and use DHCP (instead of a static IP) it doesn't get a IP address ?!



  • 10.  RE: wireless clients not getting dhcp

    Posted 08-02-2018 11:52
    We can't pass traffic on VLAN13 at all. Even when we have a set static address. It can talk to itself, but it won't pass traffic.


  • 11.  RE: wireless clients not getting dhcp

    Posted 08-02-2018 11:52
    The story is a little conflicting....

    We have statically setup a device on the VLAN13 and it works....
    We can't pass traffic on VLAN13 at all. Even when we have a set static address.
    So let's go with option#2 = a PC/laptop connected to the switchport with a cable and is configured with a static IP is not able to ping the default gw.

    If that is the case I don't see a AP problem, there is a incorrect setup in the LAN.


  • 12.  RE: wireless clients not getting dhcp

    Posted 08-02-2018 11:52
    I put in a picture that my network guy I'm working with created. I understand it was conflicting info earlier, but things were lost in translation. I was under the impression that it worked statically, but that was incorrect on my part. Below in the pic is the layout.


  • 13.  RE: wireless clients not getting dhcp

    Posted 08-02-2018 12:05
    We are having a Layer 2 issue.



  • 14.  RE: wireless clients not getting dhcp

    Posted 08-02-2018 12:21