Cisco Wireless LAN Controller Configuration Guide, Release 7.4
Configuring DHCP Option 82
Downloads: This chapterpdf (PDF - 1.19MB) The complete bookPDF (PDF - 17.76MB) | The complete bookePub (ePub - 4.37MB) | Feedback

Configuring DHCP Option 82

Configuring DHCP Option 82

Information About DHCP Option 82

DHCP option 82 provides additional security when DHCP is used to allocate network addresses. It enables the controller to act as a DHCP relay agent to prevent DHCP client requests from untrusted sources. You can configure the controller to add option 82 information to DHCP requests from clients before forwarding the requests to the DHCP server.

Figure 1. DHCP Option 82

The access point forwards all DHCP requests from a client to the controller. The controller adds the DHCP option 82 payload and forwards the request to the DHCP server. The payload can contain the MAC address or the MAC address and SSID of the access point, depending on how you configure this option.


Note


Any DHCP packets that already include a relay agent option are dropped at the controller.


For DHCP option 82 to operate correctly, DHCP proxy must be enabled.

Restrictions for DHCP Option 82

  • DHCP option 82 is not supported for use with auto-anchor mobility.

Configuring DHCP Option 82 (GUI)


    Step 1   Choose Controller > Advanced > DHCP to open the DHCP Parameters page.
    Step 2   Select the Enable DHCP Proxy check box to enable DHCP proxy.
    Step 3   Choose a DHCP Option 82 Remote ID field format from the drop-down list to specify the format of the DHCP option 82 payload.

    For more information about the options available, see the Controller Online Help.

    Step 4   Enter the DHCP Timeout. The timeout value is globally applicable.
    Step 5   Click Apply.
    Step 6   Click Save Configuration .

    What to Do Next

    On the controller CLI, you can enable DHCP option 82 on the dynamic interface to which the WLAN is associated by entering this command:

    config interface dhcp dynamic-interface interface-name option-82 enable

    Configuring DHCP Option 82 (CLI)

    • Configure the format of the DHCP option 82 payload by entering one of these commands:

      • config dhcp opt-82 remote-id ap_mac—Adds the MAC address of the access point to the DHCP option 82 payload.
      • config dhcp opt-82 remote-id ap_mac:ssid—Adds the MAC address and SSID of the access point to the DHCP option 82 payload.
      • config dhcp opt-82 remote-id ap-ethmac—Adds the Ethernet MAC address of the access point to the DHCP option 82 payload.
      • config dhcp opt-82 remote-id apname:ssid—Adds the AP name and SSID of the access point to the DHCP option 82 payload.
      • config dhcp opt-82 remote-id ap-group-name—Adds the AP group name to the DHCP option 82 payload.
      • config dhcp opt-82 remote-id flex-group-name—Adds the FlexConnect group name to the DHCP option 82 payload.
      • config dhcp opt-82 remote-id ap-location—Adds the AP location to the DHCP option 82 payload.
      • config dhcp opt-82 remote-id apmac-vlan-id—Adds the MAC address of the access point and the VLAN ID to the DHCP option 82 payload.
      • config dhcp opt-82 remote-id apname-vlan-id—Adds the AP name and its VLAN ID to the DHCP option 82 payload.
      • config dhcp opt-82 remote-id ap-ethmac-ssid—Adds the Ethernet MAC address of the access point and the SSID to the DHCP option 82 payload.

    • Enable DHCP Option 82 on the dynamic interface to which the WLAN is associated by entering this command:

      config interface dhcp dynamic-interface interface-name option-82 enable

    • See the status of DHCP option 82 on the dynamic interface by entering the show interface detailed dynamic-interface-namecommand.