DHCP issue and config example

Publication Date:  2014-12-23 Views:  257 Downloads:  0
Issue Description
There is a POC setup that shows the WLAN ability to customer. Customer wants us to set up one AC and AP and connect them with their switch. Since the AP configuration can’t be manually setup, and currently no DHCP setup in their production, AC acts as a DHCP server and assigns IP to AP so that the WLAN setup works. This is the current setup in AC. Now, AC, AP and the switch are in VLAN 2, and management and service vlan are the same.

Current setup:
interface Vlanif2
ip address 172.18.2.200 255.255.240.0
dhcp select interface
dhcp server dns-list 8.8.8.8
#
ip route-static 0.0.0.0 0.0.0.0 172.18.1.31
#
wlan
wlan ac source interface vlanif2
ap-region id 10
ap-auth-mode no-auth
ap id 0 type-id 36 mac 3400-a3d3-ec00 sn 210235856110E8000371
  region-id 10
ap id 1 type-id 36 mac 3400-a3d3-eb40 sn 210235856110E8000365
  region-id 10
wmm-profile name huawei-ap id 0
traffic-profile name huawei-ap id 0
security-profile name huawei-ap id 0
service-set name huawei-ap id 0
  wlan-ess 0
  ssid huawei-ap
  traffic-profile id 0
  security-profile id 0
  service-vlan 2
radio-profile name huawei-ap id 0
  wmm-profile id 0
ap 0 radio 0
  radio-profile id 0
  service-set id 0 wlan 1
ap 0 radio 1
  radio-profile id 0
  service-set id 0 wlan 1
ap 1 radio 0
  radio-profile id 0
  service-set id 0 wlan 1
ap 1 radio 1
  radio-profile id 0
  service-set id 0 wlan 1
#

Problem occurs. Customer finds that user can get the IP address directly. User wants to restrict the dynamic IP such that only AP can use it.
Handling Process
Finally, the setup changes that the management vlan and service vlan is different in AC. Vlan 4 is added as IP pool for AP that assign to users for WIFI use. Vlan 2 is used for management vlan. Problem is solved.
Solution
New setup in AC:
interface Vlanif2
ip address 172.18.2.200 255.255.240.0
dhcp select interface
dhcp server excluded-ip-address 172.18.0.1 172.18.2.199
dhcp server excluded-ip-address 172.18.2.203 172.18.15.254
dhcp server dns-list 8.8.8.8
#
interface Vlanif4
ip address 192.168.100.1 255.255.255.0
dhcp select interface
dhcp server dns-list 8.8.8.8
#
ip route-static 0.0.0.0 0.0.0.0 172.18.1.31
#
wlan
wlan ac source interface vlanif2
ap-region id 10
ap-auth-mode no-auth
ap id 0 type-id 36 mac 3400-a3d3-ec00 sn 210235856110E8000371
  region-id 10
ap id 1 type-id 36 mac 3400-a3d3-eb40 sn 210235856110E8000365
  region-id 10
wmm-profile name huawei-ap id 0
traffic-profile name huawei-ap id 0
security-profile name huawei-ap id 0
service-set name huawei-ap id 0
  wlan-ess 0
  ssid huawei-ap
  traffic-profile id 0
  security-profile id 0
  service-vlan 4
radio-profile name huawei-ap id 0
  wmm-profile id 0
ap 0 radio 0
  radio-profile id 0
  service-set id 0 wlan 1
ap 0 radio 1
  radio-profile id 0
  service-set id 0 wlan 1
ap 1 radio 0
  radio-profile id 0
  service-set id 0 wlan 1
ap 1 radio 1
  radio-profile id 0
  service-set id 0 wlan 1
#

END