The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
When a Cisco workgroup bridge (WGB) is used, the WGB informs the access points of all the clients that it is associated with. The controller is aware of the clients associated with the access point. When non-Cisco WGBs are used, the controller has no information about the IP address of the clients on the wired segment behind the WGB. Without this information, the controller drops the following types of messages:
The controller can accommodate non-Cisco WGBs so that the controller can forward ARP, DHCP, and data traffic to and from the wired clients behind workgroup bridges by enabling the passive client feature. To configure your controller to work with non-Cisco WGBs, you must enable the passive client feature so that all traffic from the wired clients is routed through the WGB to the access point. All traffic from the wired clients is routed through the work group bridge to the access point.
Note | For FlexConnect APs in local switching, non-Cisco workgroup-bridge clients in bridged mode are supported using the config flexconnect group group-name dhcp overridden-interface enable command. |
When a WGB wired client leaves a multicast group, the downstream multicast traffic to other WGB wired clients is interrupted briefly.
If you have clients that use PC virtualization software such as VMware, you must enable this feature.
You must enable the passive client functionality for all non-Cisco workgroup bridges.
You might need to use the following commands to configure DHCP on clients:
Layer 3 security (web authentication) is not support for WGB clients.
Visibility of wired hosts behind a WGB on a controller is not supported because the non-Cisco WGB device performs MAC hiding. Cisco WGB supports IAPP.
ARP poisoning detection does not work on a WLAN when the flag is enabled.
Some third-party WGBs need to operate in non-DHCP relay mode. If problems occur with the DHCP assignment on devices behind the non-Cisco WGB, use the config dhcp proxy disable and config dhcp proxy disable bootp-broadcast disable commands.
The default state is DHCP proxy enabled. The best combination depends on the third-party characteristics and configuration.