When a Cisco workgroup bridge
(WGB) is used, the WGB informs the access points of all the clients that it is
associated with. The controller is aware of the clients associated with the
access point. When non-Cisco WGBs are used, the controller has no information
about the IP address of the clients on the wired segment behind the WGB.
Without this information, the controller drops the following types of messages:
ARP REQ from the distribution
system for the WGB client
ARP RPLY from the WGB client
DHCP REQ from the WGB client
DHCP RPLY for the WGB client
The following are
some guidelines for non-Cisco workgroup bridges:
can accommodate non-Cisco WGBs so that the controller can forward ARP, DHCP,
and data traffic to and from the wired clients behind workgroup bridges by
enabling the passive client feature. To configure your controller to work with
non-Cisco WGBs, you must enable the passive client feature so that all traffic
from the wired clients is routed through the WGB to the access point. All
traffic from the wired clients is routed through the work group bridge to the
FlexConnect APs in local switching, non-Cisco workgroup-bridge clients in
bridged mode are supported using the
When a WGB wired
client leaves a multicast group, the downstream multicast traffic to other WGB
wired clients is interrupted briefly.
If you have clients that use
PC virtualization software such as VMware, you must enable this feature.
We have tested multiple
third-party devices for compatibility but cannot ensure that all non-Cisco
devices work. Support for any interaction or configuration details on the
third-party device should be discussed with the device manufacturer.
You must enable
the passive client functionality for all non-Cisco workgroup bridges.
You might need to use the
following commands to configure DHCP on clients:
Disable DHCP proxy by using
config dhcp proxy
Enable DHCP boot broadcast by
config dhcp proxy disable
Restrictions for Non-Cisco Workgroup Bridges
Only Layer 2 roaming is supported for WGB devices.
Layer 3 security (web authentication) is not support for WGB clients.
Visibility of wired hosts behind a WGB on a controller is not supported because the non-Cisco WGB device performs MAC hiding. Cisco WGB supports IAPP.
ARP poisoning detection does not work on a WLAN when the flag is enabled.
VLAN select is not supported for WGB clients.
Some third-party WGBs need to operate in non-DHCP relay mode. If problems occur with the DHCP assignment on devices behind the non-Cisco WGB, use the config dhcp proxy disable and config dhcp proxy disable bootp-broadcast disable commands.
The default state is DHCP proxy enabled. The best combination depends on the third-party characteristics and configuration.