Wireless LAN Controller DHCP Option 82 Configuration Example

Similar documents
Syslog Server Configuration on Wireless LAN Controllers (WLCs)

Web Authentication Proxy on a Wireless LAN Controller Configuration Example

Microsoft Windows 2003 DNS Server for Wireless LAN Controller (WLC) Discovery Configuration Example

Table of Contents. Cisco Wi Fi Protected Access 2 (WPA 2) Configuration Example

Configuring Cisco CallManager IP Phones to Work With IP Phone Agent

D-Link DAP-1360 Repeater Mode Configuration

Database Replication Error in Cisco Unified Communication Manager

Enable SMTP Message Notifications in Cisco Unity Connection 8.x

Unity Error Message: Your voic box is almost full

IOS NAT Load Balancing for Two ISP Connections

Unity Express Voice Mail Transfer Behavior

Fixing Problems with IP Phone Services

Configure Backup Server for Cisco Unified Communications Manager

Installing Windows 95 Drivers and Utilities for the Cisco Aironet 340/350 Series Client Adapters

NETGEAR ProSAFE WC9500 High Capacity Wireless Controller

Configuring Aggressive Load Balancing

Lab Organizing CCENT Objectives by OSI Layer

CRS 4.x: Automatic Work and Wrap up Time Configuration Example

IOS NAT Load Balancing with Optimized Edge Routing for Two Internet Connections

Configuring Static and Dynamic NAT Simultaneously

UCS iscsi Boot Configuration Example

Deploying Cisco Basic Wireless LANs WDBWL v1.1; 3 days, Instructor-led

Use Microsoft Outlook with Cisco Unified CallManager Express

CCT vs. CCENT Skill Set Comparison

FSM73xx GSM73xx GMS72xxR Shared access to the Internet across Multiple routing VLANs using a Prosafe Firewall

Movie Cube. User s Guide to Wireless Function

Configuration Professional: Site to Site IPsec VPN Between Two IOS Routers Configuration Example

Note: This case study utilizes Packet Tracer. Please see the Chapter 5 Packet Tracer file located in Supplemental Materials.

estadium Project Lab 8: Wireless Mesh Network Setup with DD WRT

Configuring Aggressive Load Balancing

How to Configure a BYOD Environment with the DWS-4026

BRI to PRI Connection Using Data Over Voice

VPN 3000 Concentrator Bandwidth Management Configuration Example

Cisco 2500 Series Wireless Controller Deployment Guide

Configuring a Gateway of Last Resort Using IP Commands

Sample Configuration Using the ip nat outside source list C

Configuring DNS on Cisco Routers

AP6511 First Time Configuration Procedure

Lab Configuring LEAP/EAP using Local RADIUS Authentication

Lab Configure Basic AP Security through IOS CLI

Generate CSR for Third Party Certificates and Download Unchained Certificates to the WLC

Cisco Aironet Wireless Bridges FAQ

Catalyst Layer 3 Switch for Wake On LAN Support Across VLANs Configuration Example

Sample Configuration Using the ip nat outside source static

Moving Exchange Message Stores and Transaction Logs to an Alternate Drive

NetLINE Wireless Broadband Gateway

Installing Cable Modem Software Drivers

Microsoft Lync Certification Configuration Guide for WiNG 5.5

CT5760 Controller and Catalyst 3850 Switch Configuration Example

Using Cisco UC320W with Windows Small Business Server

Good MDM Integration with Cisco Identity Service Engine. Secure Access How -To Guides Series

Enabling Multiple Wireless Networks on RV320 VPN Router, WAP321 Wireless-N Access Point, and Sx300 Series Switches

UBIQUITI BRIDGE CONFIGURATION PROCEDURE (PowerStation & NanoStation Units ONLY)

PIX/ASA: Allow Remote Desktop Protocol Connection through the Security Appliance Configuration Example

RAP Installation - Updated

STATIC IP SET UP GUIDE

Table of Contents. Cisco Mapping Outbound VoIP Calls to Specific Digital Voice Ports

UTM10 in multi-ssid, multi-vlan network with WMS5316. Network diagram

Apple Airport Extreme Base Station V4.0.8 Firmware: Version 5.4

Wireless LAN g USB Adapter

Layer 2 / Layer 3 switches and multi-ssid multi-vlan network with traffic separation

Lab Configuring Access Policies and DMZ Settings

: Interconnecting Cisco Networking Devices Part 1 v2.0 (ICND1)

Interconnecting Cisco Network Devices 1 Course, Class Outline

Configuring RADIUS Dial Up with Livingston Server Authentication

SIP Trunking using Optimum Business SIP Trunk Adaptor and the Cisco Call Manager Express Version 8.5

WLAN Outdoor CPE For 2.4G. Quick Installation Guide

Wireless G Broadband quick install

Configuring H.323 over Port Network Address Translation (PNAT) for Avaya IP Endpoints using the Avaya SG200 Security Gateway - Issue 1.

LAN TCP/IP and DHCP Setup

Cisco - Configure the 1721 Router for VLANs Using a Switch Module (WIC-4ESW)

Access Point Configuration

Configuring the Device for Access Point Discovery

Configuring Settings on the Cisco Unified Wireless IP Phone 7925G

Basic IPv6 WAN and LAN Configuration

Integrating a Hitachi IP5000 Wireless IP Phone

Chapter 4 Customizing Your Network Settings

The Purpose and Use of the Configuration Register on All Cisco Routers

CUCM 6.x/7.x/8.x: Bulk Administration Tool (BAT) Errors

Configuring the Cisco Secure PIX Firewall with a Single Intern

UAG4100 Support Notes

Medical Networks and Operating Systems

Cisco Secure PIX Firewall with Two Routers Configuration Example

Deployment Guide: Cisco Guest Access Using the Cisco Wireless LAN Controller

Using Remote Desktop Software with the LAN-Cell

Configuring Routers and Their Settings

P-660HWP-Dx. Quick Start Guide g HomePlug AV ADSL2+ Gateway. Version /2007 Edition 1. Copyright All rights reserved.

BGP Best Path Selection Algorithm

Configuration of Cisco Autonomous Access Point with 802.1x Authentication for Avaya 3631 Wireless Telephone

Locking Users into a VPN 3000 Concentrator Group Using a RADIUS Server

ACS 5.x and later: Integration with Microsoft Active Directory Configuration Example

1. Hardware Installation

INTERCONNECTING CISCO NETWORK DEVICES PART 1 V2.0 (ICND 1)

Understanding Route Aggregation in BGP

Cisco Which VPN Solution is Right for You?

User Manual Network Interface

c. Securely insert the Ethernet cable from your cable or DSL modem into the Internet port (B) on the WGT634U. Broadband modem

UAG Series. Application Note. Unified Access Gateway. Version 4.00 Edition 1, 04/2014. Copyright 2014 ZyXEL Communications Corporation

Interconnecting Cisco Networking Devices, Part 1 (ICND1) v3.0

DHCP Server Port-Based Address Allocation

Transcription:

Wireless LAN Controller DHCP Option 82 Configuration Example Document ID: 113302 Contents Introduction Prerequisites Requirements Components Used Conventions DHCP Option 82 Configure Configure the Wireless LAN Controller for DHCP Option 82 Configure the Cisco IOS DHCP Server Verify Troubleshoot Related Information Introduction DHCP Option 82 is organized as a single DHCP option that contains information known by the relay agent. It provides additional security when DHCP is used to allocate network addresses. It enables the controller to act as a DHCP relay agent to prevent DHCP client requests from untrusted sources. The controller can be configured to add option 82 information to DHCP requests from clients before forwarding the requests to the DHCP server. DHCP servers can then be configured to allocate IP addresses to the wireless client based on the information present in DHCP Option 82. This document provides a configuration example for this scenario. Prerequisites Requirements Cisco recommends that you have knowledge of these topics: Basic knowledge on Cisco Unified Wireless Network (CUWN) Basic knowledge of DHCP Components Used The information in this document is based on these software and hardware versions: 4400 Wireless LAN Controller that runs firmware version 7.0.116.0 1131 Lightweight Access Point 1310 Lightweight Access Point 802.11a/b/g Wireless LAN Client Adapters that run software version 4.0 The information in this document was created from the devices in a specific lab environment. All of the devices used in this document started with a cleared (default) configuration. If your network is live, make sure

that you understand the potential impact of any command. Conventions Refer to the Cisco Technical Tips Conventions for more information on document conventions. DHCP Option 82 DHCP provides a framework for passing configuration information to hosts on a TCP/IP network. Configuration parameters and other control information are carried in tagged data items that are stored in the options field of the DHCP message. The data items themselves are also called options. Option 82 contains information known by the relay agent. The Relay Agent Information option is organized as a single DHCP option that contains one or more sub options that convey information known by the relay agent. Option 82 was designed to allow a DHCP Relay Agent to insert circuit specific information into a request that is being forwarded to a DHCP server. This option works by setting two sub options: Circuit ID Remote ID The Circuit ID suboption includes information specific to the circuit the request came in on. This suboption is an identifier that is specific to the relay agent, so what kind of circuit is described will vary depending on the relay agent. The Remote ID suboption includes information on the remote host end of the circuit. This suboption usually contains information that identifies the relay agent. In a wireless network, this would likely be a unique identifier of the wireless access point. In a Cisco Unified Wireless network, you can configure the controller to append three types of information in the DHCP Option 82. AP MAC AP MAC SSID AP ETHMAC DHCP Option 82 is constructed as follows: sub option 01, Length, Circuit ID, sub option 02, Length, Remote ID Circuit ID is 0 for all WLANs. Length of suboption 2 will change depending on whether AP MAC or AP MAC SSID option is used. For example, if the AP radio MAC address is 001c57437950 and we use the AP MAC option on the WLC, the DHCP Option 82 information that is appended in the DHCP request will be as follows: 0104000000000206001c57437950 Configure In this section, you are presented with the information to configure the features described in this document.

In the setup, two lightweight access points are registered to the Wireless LAN Controller (LAP1 and LAP2). You must configure the WLC as a DHCP relay agent and configure DHCP Option 82 so that the clients receive IP addresses from different ranges based on the AP to which they connect. IP range for clients that connect to LAP1 192.168.1.10 192.168.1.20 IP range for clients that connect to LAP2 192.168.1.30 192.168.1.40 Here are the AP radio MAC addresses of the two LAPs: LAP1 001c57437950 LAP2 001b53b99b00 This example uses a Cisco IOS Router as a DHCP server. In this example, a network scope is configured for the pool and two sub scopes are created using the DHCP class feature. Next, the Cisco IOS DHCP server is configured to allocate IP addresses from the two sub scopes based on the relay agent information (DHCP option 82 information) that DHCP server receives in the DHCP request. Configure the Wireless LAN Controller for DHCP Option 82 Complete these steps in order to configure the wireless LAN controller for DHCP Option 82: 1. From the WLC GUI, navigate to Controller > Advanced > DHCP. The DHCP parameters page appears. 2. On this page, check the Enable DHCP Proxy check box. 3. Choose a DCHP Option 82 remote ID field format from the DHCP Option 82 Remote ID field format drop down list.

As described earlier, the format defines the information that is sent to the DHCP server in Option 82. This example uses the AP MAC option. Therefore, the AP radio MAC address will be sent in the DHCP request from the WLC to the DHCP server. Note: The AP includes two types of MAC addresses. AP MAC Address and Base Radio MAC. The WLC appends the Base Radio MAC in Option 82. The base radio MAC of an AP can be identified from the All APs > Details page for the specific AP. The next step is to configure the Cisco IOS DHCP server. Configure the Cisco IOS DHCP Server Complete these steps in order to configure the Cisco IOS DHCP server: 1. Create a DHCP pool and define a DHCP scope. 2. Create Classes to define multiple ranges within the scope. 3. Configure the DHCP relay agent information. This sample code provides an example of how complete these configuration steps on the Cisco IOS router. This command creates a new DHCP Pool Option 82. ip dhcp pool Option82 This command defines a network scope for the pool. network 192.168.1.0 255.255.255.0 class AA This command defines the address range for Class AA.

address range 192.168.1.10 192.168.1.20 class BB This command defines the address range for Class BB. address range 192.168.1.30 192.168.1.40 ip dhcp class Vendor This command defines a DHCP Class AA and configures relay agent information for the class. ip dhcp class AA relay agent information relay information hex 0104000000000206001c57437950 This command defines a DHCP Class BB and configures relay agent information for the class. ip dhcp class BB relay agent information relay information hex 0104000000000206001b53b99b00 Note: Only the configuration relevant to the DHCP option 82 are shown here. Add other DHCP configurations as required. When the configuration is complete, the Cisco IOS software looks up a pool based on IP address (giaddr or incoming IP address) and then matches the request to a class or classes configured in the pool in the order in which the classes are specified in the DHCP pool configuration. When a DHCP address pool has been configured with one or more DHCP classes, the pool becomes a restricted access pool, which means that no addresses are allocated from the pool unless one or more of the classes in the pool is matched. This design allows DHCP classes to be used for either access control (no default class is configured on the pool) or to provide further address range partitions with the subnet of the pool. Verify In this configuration example, when a client associated to LAP1 sends a DHCP request, the request reaches the WLC. The WLC acts as a DHCP relay agent, adds DHCP Option 82 information to the DHCP request, and then forwards the request to the external DHCP server, which in this case is the Cisco IOS router. The DHCP server looks at the DHCP request, examines Option 82 information, and matches it to Class AA. It then allocates an IP address defined for class A. That is, it assigns an IP address from the range 192.168.1.10 192.168.1.20. Similarly, for clients that are associated to LAP2, the DHCP server will assign IP addresses from the range 192.168.1.30 192.168.1.40 based on Option 82 information. Troubleshoot You can enable the debug ip dhcp server class command on the Cisco IOS router CLI to display the class matching results.

Related Information Cisco Wireless LAN Controller Command Reference, Release 7.0.116.0 Cisco Wireless LAN Controller Configuration Guide, Release 7.0.116.0 Technical Support & Documentation Cisco Systems Contacts & Feedback Help Site Map 2012 2013 Cisco Systems, Inc. All rights reserved. Terms & Conditions Privacy Statement Cookie Policy Trademarks of Cisco Systems, Inc. Updated: Oct 24, 2011 Document ID: 113302

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information