Hi:
Hope you guys/gals are doing fine. I'm here to seek some ideas from you... here is the situation:
Simplified network diagram - Note: I omitted a lot of other switches/aps/clients that are irrelevant for this question.
Notes: All APs are broadcasting all VLANs(except voice). SonicWALL is doing the routing.
Problem:
Devices trying to connect wirelessly (through the APs) to any network that is not the native one, do not get a DHCP lease (DHCP handshake not happening)
This happens on AP1, AP2, AP3, and AP5. AP4 is fine. AP6 is fine.
Tests:
1)Switch 1 -> Wireless devices connect successfully to Corp VLAN, but not to the rest. Changed switchport to MM VLAN, then used AP1 to connect a wireless device to all VLANs being broadcasted. Connection happened successful. Of course, I was getting IPs within the MM VLAN range(since the switchport was set to MM VLAN only for testing purposes). Here I'm thinking OK, the MM VLAN is reachable.
Repeated the same process, but changed the switchport to Volunteer VLAN only. Wireless devices connect successfully but get IP from within the Volunteer subnet. This is OK since I set the port to that particular subnet.
Conclusion: Maybe this is a problem with the trunk? - Checked switch configuration and was OK. All relevant ports where set on trunk.
2)Switch 1-> Remove the AP from interface X4, and connected a laptop using cat cable. Everything works fine, no matter what VLAN I set the switchport to (trunk or non trunk). I can reach all devices no matter on which VLAN they reside, which makes sense since the SonicWALL is routing my requests.
3)Switch 1-> Setup an unused port as trunk, then connected AP1 to that port. Wireless devices are able to connect to ANY VLANs. This is the behavior that I'm expecting. I'm thinking that maybe the previous switchport was not behaving correctly.
4)Switch 1-> Setup another unused port as trunk, then connected AP1 to that port. Same issue. Wireless devices can only connect to Corp VLAN. All other broadcasted VLANs cant get the DHCP handshake finished.
5)Took AP1 to SW3. Opened a port as trunk. Everything works fine.
All the APs on SW3 work fine, no problem.
AP4 let devices that want to connect to the MM VLAN get an IP address. Only difference is that the switchport that AP4 is connecting is set to MM, not to trunk.
The rest of my conclusions:
1) SW4 works OK. If it would not be working OK, or there is a problem with the trunk, why does test number 3 worked fine?
2)Not an issue of the APs, since I tested them plugged into SW3 and they work OK.
While using AP1 for running tests, I captured some traffic with Wireshark. Seems like when I try to connect a wireless device to any broadcasted network other than Corp, I only get DHCP discover messages.
DHCP handshake failure - Wireshark
If I run the same test, but this time connecting to the Corp network. I get the DHCP discover, request, and acknowledge. Thus, I get an IP address and everything works fine. In this test, I first tried to connect to the MM, then to the Corp, back and forth. That is why you see lots of discovers, then offers, then discovers again, etc.
I apologize if I was not clear enough. Feel free to ask any questions. All switches are Unifi (I HATE them). APs are Unifi too.
I would appreciate any guidance you can give!
No comments:
Post a Comment