Lab Minutes Forum
Technical Discussion => Security => Topic started by: adecisco on April 07, 2014, 07:11:28 AM
-
Hi All,
What can go wrong with endpoint to getting dhcp via wlc?
To troubleshoot we remove radius server from ssid so that it can use open authentication.
But when ISE as radius server is configure it authenticate and authorize well but the endpoint will not get ip address.
Any help would be appreciated.
-
Do you have DHCP proxy enabled on the WLC? If yes, make sure you configure DHCP on the interface. If not, make sure you have ip helper address configured on the VLAN SVI.
-
We ensure dhcp proxy is off and IP dhcp helper is configured on the switch vlan.
Where else can one look?
-
Make sure ACL in not blocking. Next step would be packet capture and see if you see DHCP request reaching the wire.
-
A new observation came up as we try to figure out where the problem is. We try to flatten the network by creating of vlan for all the ssid and we were able to make it to work.
DHCP working fine. Has anyone try wireless dot1x with different ssid in different vlan without issues with DHCP?
-
I am pretty sure I have done dot1x on internal SSID on one VLAN and guest on the other without any DHCP issue. So after you made it work, did you put the SSID back to its original VLAN and see if it breaks again?