Configuring DHCP. Restrictions for Configuring DHCP for WLANs. Information About the Dynamic Host Configuration Protocol. Internal DHCP Servers

Similar documents
Configuring DHCP. Restrictions for Configuring DHCP for WLANs. Information About the Dynamic Host Configuration Protocol. Internal DHCP Servers

DHCP. DHCP Proxy. Information About Configuring DHCP Proxy. Restrictions on Using DHCP Proxy

Configuring DHCP for WLANs

The Wireless LAN Controller (WLC) supports two modes of DHCP operations in case an external DHCP server is used:

Multicast VLAN, page 1 Passive Clients, page 2 Dynamic Anchoring for Clients with Static IP Addresses, page 5

Configuring Client Profiling

Configuring WLANsWireless Device Access

Workgroup Bridges. Cisco WGBs. Information About Cisco Workgroup Bridges. Cisco WGBs, page 1 Third-Party WGBs and Client VMs, page 9

Implementing the Dynamic Host Configuration Protocol

Configuring NAC Out-of-Band Integration

Configuring AP Groups

Using Cisco Workgroup Bridges

Configuring AP Groups

Configuring FlexConnect Groups

Per-WLAN Wireless Settings

Web Authentication Proxy on a Wireless LAN Controller Configuration Example

Configuring FlexConnect Groups

Editing WLAN SSID or Profile Name for WLANs (CLI), page 6

DHCP Relay Server ID Override and Link Selection Option 82 Suboptions

DHCP and DDNS Services

Configuring Proxy Mobile IPv6

Configuring Backup Controllers

Wireless LAN Controller (WLC) Mobility Groups FAQ

Using Access Point Communication Protocols

Configuring OfficeExtend Access Points

Mobility Groups. Information About Mobility

WLC 7.0 and Later: VLAN Select and Multicast Optimization Features Deployment Guide

DHCP and DDNS Services

DHCP and DDNS Services for Threat Defense

FlexConnect. Information About FlexConnect

Configuring Auto-Anchor Mobility

Software-Defined Access Wireless

Client Data Tunneling

Configuring Auto-Anchor Mobility

Cisco Exam Troubleshooting Cisco Wireless Enterprise Networks Version: 7.0 [ Total Questions: 60 ]

Configuring the Switch for Access Point Discovery

Multicast/Broadcast Setup

Country Codes. Information About Configuring Country Codes

Configuring the AP-Manager Interface

Software-Defined Access Wireless

Configuring Hybrid REAP

Managing Rogue Devices

Configuring Client Roaming

Cisco 440X Series Wireless LAN Controllers Deployment Guide

Configuring the Cisco IOS DHCP Relay Agent

Configuring Client Roaming

Configuring the Cisco IOS DHCP Server

Internetwork Expert s CCNP Bootcamp. Wireless LANs. WLANs replace Physical (layer 1) and Data Link (layer 2) transports with wireless

IP Addressing: DHCP Configuration Guide, Cisco IOS XE Release 3S (Cisco ASR 920 Series)

DHCP Server RADIUS Proxy

Lightweight AP (LAP) Registration to a Wireless LAN Controller (WLC)

DHCP Configuration. Page 1 of 14

AP Power and LAN Connections

Configuring the Cisco IOS DHCP Server

WLAN Timeouts. Timeouts. Timeout for Disabled Clients. Session Timeout. Information About Configuring a Timeout for Disabled Clients

AP Power and LAN Connections

Real4Test. Real IT Certification Exam Study materials/braindumps

Managing Rogue Devices

Configuring Layer2 Security

Configuring the Cisco IOS XE DHCP Server

Configuring Application Visibility and Control

DHCP and DDNS Services

CMX Connected Experiences- Social, SMS and Custom Portal Registration Configuration Example

Ports and Interfaces. Ports. Information About Ports. Ports, page 1 Link Aggregation, page 5 Interfaces, page 10

Ensure that you meet these requirements before you attempt this configuration:

Software-Defined Access Wireless

Configuring a Basic Wireless LAN Connection

Finding Feature Information, page 2 Information About DHCP Snooping, page 2 Information About the DHCPv6 Relay Agent, page 8

Implementing the Dynamic Host Configuration Protocol

Configure the Protocol Family on page 40. Configure the Interface Address on page 40

DHCP Client. Finding Feature Information. Restrictions for the DHCP Client

Configure Devices Using Converged Access Deployment Templates for Campus and Branch Networks

WLAN Timeouts. Timeouts. Configuring a Timeout for Disabled Clients. Configuring Session Timeout

Wireless LAN Controller Module Configuration Examples

Test Results Summary for Cisco Unified Wireless LAN Test 7.5 for Japan (Release )

Configuring Link Aggregation

Searching for Access Points

Cisco Air Time Fairness

Configuring DHCP. About DHCP Snooping, page 2 About the DHCPv6 Relay Agent, page 8

Wireless LAN Controller Web Authentication Configuration Example

Configure Site Network Settings

AP Connectivity to Cisco WLC

Configuring DHCP Snooping

CCIE Wireless v3 Workbook Volume 1

Configuring RF Profiles

Deployment Guide for Cisco Guest Access Using the Cisco Wireless LAN Controller, Release 4.1

Cisco 8500 Series Wireless Controller Deployment Guide

Universal Wireless Controller Configuration for Cisco Identity Services Engine. Secure Access How-To Guide Series

Troubleshooting CHAPTER

Configuring Link Aggregation

CUWN 8.1 and 8.2 WLC and FC AP EoGRE Tunnel Gateway Deployment Guide

Configuring Management Frame Protection

Configuring DHCP. Finding Feature Information

Table of Contents 1 DHCP Overview DHCP Server Configuration 2-1

Chapter 7. IP Addressing Services. IP Addressing Services. Part I

Debugging on Cisco Access Points

D-Link DSR Series Router

IP Addressing: DHCP Configuration Guide

With 802.1X port-based authentication, the devices in the network have specific roles.

Troubleshooting Addressing Services

Transcription:

Restrictions for for WLANs, page 1 Information About the Dynamic Host Configuration Protocol, page 1 (GUI), page 3 (CLI), page 4 Debugging DHCP (CLI), page 5 DHCP Client Handling, page 5 Restrictions for for WLANs The controller internal DHCP server does not support Cisco Aironet 600 Series OfficeExtend Access Point. Internal DHCP servers are not supported in Cisco Flex 7500 Series Controllers. As a workaround, you can use External DHCP servers. For WLANs with local switching and central DHCP feature enabled, clients with static IP addresses are not allowed. Enabling central DHCP will internally enable DHCP required option. Information About the Dynamic Host Configuration Protocol You can configure WLANs to use the same or different Dynamic Host Configuration Protocol (DHCP) servers or no DHCP server. Two types of DHCP servers are available: internal and external. Internal DHCP Servers The controllers contain an internal DHCP server. This server is typically used in branch offices that do not already have a DHCP server. The wireless network generally contains a maximum of 10 access points or fewer, with the access points on the same IP subnet as the controller. The internal server provides DHCP addresses to wireless clients, direct-connect access points, and DHCP requests that are relayed from access OL-28744-01 1

External DHCP Servers points. Only lightweight access points are supported. When you want to use the internal DHCP server, you must set the management interface IP address of the controller as the DHCP server IP address. DHCP option 43 is not supported on the internal server. Therefore, the access point must use an alternative method to locate the management interface IP address of the controller, such as local subnet broadcast, Domain Name System (DNS), or priming. An internal DHCP server pool only serves the wireless clients of that controller, not clients of other controllers. Also, an internal DHCP server can serve only wireless clients, not wired clients. When clients use the internal DHCP server of the controller, IP addresses are not preserved across reboots. As a result, multiple clients can be assigned with the same IP address. To resolve any IP address conflicts, clients must release their existing IP address and request a new one. Wired guest clients are always on a Layer 2 network connected to a local or foreign controller. te DHCPv6 is not supported in the internal DHCP servers. External DHCP Servers The operating system is designed to appear as a DHCP Relay to the network and as a DHCP server to clients with industry-standard external DHCP servers that support DHCP Relay, which means that each controller appears as a DHCP Relay agent to the DHCP server and as a DHCP server at the virtual IP address to wireless clients. Because the controller captures the client IP address that is obtained from a DHCP server, it maintains the same IP address for that client during intra controller, inter controller, and inter-subnet client roaming. te External DHCP servers can support DHCPv6. DHCP Assignments You can configure DHCP on a per-interface or per-wlan basis. We recommend that you use the primary DHCP server address that is assigned to a particular interface. You can assign DHCP servers for individual interfaces. You can configure the management interface, AP-manager interface, and dynamic interface for a primary and secondary DHCP server, and you can configure the service-port interface to enable or disable DHCP servers. You can also define a DHCP server on a WLAN. In this case, the server overrides the DHCP server address on the interface assigned to the WLAN. Security Considerations For enhanced security, we recommend that you require all clients to obtain their IP addresses from a DHCP server. To enforce this requirement, you can configure all WLANs with a DHCP Addr. Assignment Required setting, which disallows client static IP addresses. If DHCP Addr. Assignment Required is selected, clients must obtain an IP address via DHCP. Any client with a static IP address is not allowed on the network. The controller monitors DHCP traffic because it acts as a DHCP proxy for the clients. 2 OL-28744-01

(GUI) te WLANs that support management over wireless must allow management (device-servicing) clients to obtain an IP address from a DHCP server. If slightly less security is tolerable, you can create WLANs with DHCP Addr. Assignment Required disabled. Clients then have the option of using a static IP address or obtaining an IP address from a designated DHCP server. te DHCP Addr. Assignment Required is not supported for wired guest LANs. You can create separate WLANs with DHCP Addr. Assignment Required configured as disabled. This is applicable only if DHCP proxy is enabled for the controller. You must not define the primary/secondary configuration DHCP server you should disable the DHCP proxy. These WLANs drop all DHCP requests and force clients to use a static IP address. These WLANs do not support management over wireless connections. (GUI) To configure a primary DHCP server for a management, AP-manager, or dynamic interface, see the Configuring Ports and Interfaces chapter. When you want to use the internal DHCP server, you must set the management interface IP address of the controller as the DHCP server IP address. Step 1 Step 2 Step 3 Step 4 Step 5 Step 6 Step 7 Choose WLANs to open the WLANs page. Click the ID number of the WLAN for which you want to assign an interface. The WLANs > Edit (General) page appears. On the General tab, unselect the Status check box and click Apply to disable the WLAN. Reclick the ID number of the WLAN. On the General tab, choose the interface for which you configured a primary DHCP server to be used with this WLAN from the Interface drop-down list. Choose the Advanced tab to open the WLANs > Edit (Advanced) page. If you want to define a DHCP server on the WLAN that will override the DHCP server address on the interface assigned to the WLAN, select the DHCP Server Override check box and enter the IP address of the desired DHCP server in the DHCP Server IP Addr text box. The default value for the check box is disabled. te The preferred method for configuring DHCP is to use the primary DHCP address assigned to a particular interface instead of the DHCP server override. te te DHCP Server override is applicable only for the default group. If a WLAN has the DHCP server override option enabled and the controller has DHCP proxy enabled, any interface mapped to the WLAN must have a DHCP server IP address or the WLAN must be configured with a DHCP server IP address. OL-28744-01 3

(CLI) Step 8 If you want to require all clients to obtain their IP addresses from a DHCP server, select the DHCP Addr. Assignment Required check box. When this feature is enabled, any client with a static IP address is not allowed on the network. The default value is disabled. te DHCP Addr. Assignment Required is not supported for wired guest LANs. te PMIPv6 supports only DHCP based clients and Static IP address is not supported. Step 9 Step 10 Step 11 Click Apply. On the General tab, select the Status check box and click Apply to reenable the WLAN. Click Save Configuration. (CLI) Step 1 Step 2 Step 3 Step 4 Disable the WLAN by entering this command: config wlan disable wlan-id Specify the interface for which you configured a primary DHCP server to be used with this WLAN by entering this command: config wlan interface wlan-id interface_name If you want to define a DHCP server on the WLAN that will override the DHCP server address on the interface assigned to the WLAN, enter this command: config wlan dhcp_server wlan-id dhcp_server_ip_address te The preferred method for configuring DHCP is to use the primary DHCP address assigned to a particular interface instead of the DHCP server override. If you enable the override, you can use the show wlan command to verify that the DHCP server has been assigned to the WLAN. te If a WLAN has the DHCP server override option enabled and the controller has DHCP proxy enabled, any interface mapped to the WLAN must have a DHCP server IP address or the WLAN must be configured with a DHCP server IP address. te PMIPv6 supports only DHCP based clients and Static IP address is not supported. Reenable the WLAN by entering this command: config wlan enable wlan-id DHCP Release Override on Cisco APs The DHCP Release Override configuration, which is available with Release 8.2, is required if you are using Cisco lightweight APs with Windows Server 2008 R2 or 2012 as the DHCP server. This configuration provides a workaround in cases where the DHCP server (Windows Server 2008 R2 or 2012) is too fast and assigns an IP address that is released by a Cisco AP and is marked as bad address. Configure DHCP release override on Cisco APs by entering this command: 4 OL-28744-01

Debugging DHCP (CLI) config ap dhcp release-override {enable disable} {cisco-ap all} enable Enables DHCP release override and sets number of DHCP releases sent by AP to 1. This is to be used as a workaround for a few DHCP servers that mark the AP's IP address as bad. We recommend that you use this configuration only in highly reliable networks. disable Disables DHCP release override and sets number of DHCP releases sent by AP to 3, which is the default value. This ensures that the DHCP server receives the release message even if one of the packets is lost. Debugging DHCP (CLI) Use these commands to debug DHCP: debug dhcp packet {enable disable} Enables or disables debugging of DHCP packets. debug dhcp message {enable disable} Enables or disables debugging of DHCP error messages. debug dhcp service-port {enable disable} Enables or disables debugging of DHCP packets on the service port. DHCP Client Handling Cisco WLC supports two modes of DHCP operations in case an external DHCP server is used, DHCP proxy mode and DHCP bridging mode. The DHCP proxy mode serves as a DHCP helper function to achieve better security and control over DHCP transaction between the DHCP server and the wireless clients. DHCP bridging mode provides an option to make controller's role in DHCP transaction entirely transparent to the wireless clients. Table 1: Comparison of DHCP Proxy and Bridging Modes Handling Client DHCP Modify giaddr Modify siaddr Modify Packet Content Redundant offers not forwarded Option 82 Support Broadcast to Unicast DHCP Proxy Mode DHCP Bridging Mode OL-28744-01 5

DHCP Client Handling BOOTP support Per WLAN configurable RFC n-compliant Proxy and relay agent are not exactly the same concept. But DHCP bridging mode is recommended for full RFC compliance. Server SUMMARY STEPS 1. To enable client profiling, you must enable the DHCP required flag and disable the local authentication flag. 2. To configure a DHCP timeout value, use the config dhcp timeout command. If you have configured a WLAN to be in DHCP required state, this timer controls how long the WLC will wait for a client to get a DHCP lease through DHCP. DETAILED STEPS Command or Action Purpose Step 1 Step 2 To enable client profiling, you must enable the DHCP required flag and disable the local authentication flag. To configure a DHCP timeout value, use the config dhcp timeout command. If you have configured a WLAN to be in DHCP required state, this timer controls how long the WLC will wait for a client to get a DHCP lease through DHCP. 6 OL-28744-01

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback