Skip to main content

5 Messages

 • 

110 Points

Mon, Jun 8, 2015 8:57 AM

DHCP local subnets zone director

I currently have two sites connected by a layer 3 network. At each site L3 switches route the traffic. At the main site i have a ZD setup and APs connected to the same layer 2 network ( Vlan 1 - management) - 192.168.5.X/24 - This is fine the Wireless client connect and obtain IPs in the Vlan 1 network.

At the second site we again have a Vlan (vlan 1 - 192.168.6.X/24) The APs have IPs assigned in this however the Wireless clients get IP addresses assigned from the management vlan at the other site. I need the clients to get IPs from the local DHCP scope not the 192.168.5.X scope.

Note Both sites have DHCP scopes setup on the lcoal L3 switches. Connecting a laptop to the ports get the correct IPs from DHCP. 

I found the following in the setup guide:

NOTE: All DNS, DHCP, ARP, and HTTP traffic from an unauthenticated wireless client will be passed onto ZoneDirector from the AP via the management VLAN. If the client belongs to a particular VLAN, ZoneDirector will add the corresponding VLAN tag before passing traffic to the corresponding wired network. After client authentication is performed, client traffic will directly go to the wired network from the AP, which will add the corresponding VLAN tag. This explains why it is necessary to configure tagged VLANs for all VLAN switch ports connecting to ZoneDirector and APs

I understand this but how can i achive this across the Layer 3 boundaries as both sites use the same VLAN IDs 

Responses

21 Messages

 • 

324 Points

5 years ago

What is the DHCP server address, and what scope is it in ? 

5 Messages

 • 

110 Points

5 years ago

Each subnet has a DHCP scope supplied by the L3 switch at that site. The APs obtain DHCP addresses from the correct DHCP scopes (same if i connect a laptop to the port.) It's only the wireless clients that get an incorrect IP. (from the management Vlan of the ZD)

DHCP server primary site 192.168.5.253
DHCP server secondary site  192.168.6.253

21 Messages

 • 

324 Points

5 years ago

I'm not sure about this answer. Do you need to enable Option 43 ?

5 Messages

 • 

110 Points

5 years ago

No the APs have already joined the ZD. This is specifically an issue with Wireless clients and the DHCP IPs that they are obtaining.
Brand User

Former Employee

 • 

2.6K Messages

 • 

44.8K Points

5 years ago

ZoneDirector and APs consider VLAN 1 to be untagged.  If you could use a tagged VLAN for your clients and route between subnets, you'll eliminate the issues.  Otherwise, the problem is with the different subnets using the same (untagged) VLAN ID.


21 Messages

 • 

324 Points

5 years ago

Guys. If I may inquire, and out of curiosity, what would you be looking for or, if you took a trace with wireshark.

5 Messages

 • 

110 Points

5 years ago

I understand that using tagged VLANs will resolve the issue at the site with the ZD however the remote side will have for instance VLAN 200 but this will not be visible to the ZD as it's at a different site. 

824 Messages

 • 

13.2K Points

Chris, in above example if you create a VLAN200 and tag it to WLAN. this VLAN200 is local to the remote site or configured in L3 switch in remote site. correct?

If yes, as long as L3 switch is correctly configured then devices will correctly pull IP from correct range (192.168.6.X/24)

my 2 cents...

824 Messages

 • 

13.2K Points

5 years ago

chris, i think what you are looking to do is one common SSID & key for both remote and ZD site AP's however users need to get correct IP from respective pools in their own site.

Can't you create a new VLAN (192.168.6.X/24) which you can tag it to ssid broadcasting "only" at remote site AP?

this way you can have devices pick IP from 192.168.6.X/24?

5 Messages

 • 

110 Points

5 years ago

I am going to do some testing in the next few days and i will report the findings. Thanks for the suggestions thus far.