Cisco Wireless 1200 DHCP Issues

70 pts.
Aironet 1200
Cisco 1200
Cisco Routers
Ok, I have seen this same issue on several message boards etc. but I have yet to find a good answer so here it goes. I have a network with 12 Cisco 1200 series access points all connecting to 3550PWR switches. The switches are configured with 2 vlans, one for a public wireless LAN and the other as a secure management vlan and staff access. On the wireless VLAN I have a PF-Sense firewall and a windows 2008 server for DHCP. A host connected directly to the switch on the public vlan will get DHCP with no problem and work just fine. Through the wireless network however DHCP broadcasts are not working. If you connect to the wireless network and set a static IP it works with no problem. I think it may have something to do with the DHCP broadcast flag on the DHCP server. If I enable the DHCP server on the firewall it works but it does not support the DHCP broadcast flag and that is unfortunately required by Vista pre service pack 1 clients. I have tried multiple DHCP servers with the DHCP broadcast flag and none of them will work with the wireless network. I have also tried configuring the IP helper command on the switch with no luck. I can only assume that there is a problem with the AP config but I don't know where to look... Please Help...

Answer Wiki

Thanks. We'll let you know when a new response is added.

So if I read this right, you have wireless network, firewall, then DHCP server ?

First question – is the firewall operating as a layer 2 firewall, or layer 3 ?

If it is layer 2 (transparent firewall) then make sure there is a rule to allow the DHCP broadcast packets from the client through to the server, and the replies to come back.

If it is layer 3, then first you need to have a scope on the DHCP server for the wireless subnet, which needs to be a different subnet to the server, obviously as it is the other side of the firewall. Then you need to configure DHCP forwarding on the firewall to pass the broadcasts from the client to the DHCP server. Broadcasts do not pass over a layer 3 device, without some extra configuration. I don’t know this particular firewall, so I cannot comment on whether it has this capability or not, you will need to check in the manual. Look for IP forwarding, IP helper, or something to do with changing a broadcast to a unicast. This needs to be done on the firewall and not on the switch, as it needs to pass through that device.

If my original understanding of your setup is wrong, then please clarify, and either I will, or someone else will, have another go at answering.

Discuss This Question:  

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

Thanks! We'll email you when relevant content is added and updated.


Share this item with your network: