Wireless Access

WHen configuring the 'Corporate DNS Domain' under the AP System Profile under the RAP AP-Group, does this require the RAP to be reprovisioned to learn of the new setting?

 

Also, when configuring a RAP Local DHCP Server in the AP System Profile, is the RAP required to be trunked? On a flat network, I cannot get this option to work due to the requirement of a VLAN ID in the Remote-AP DHCP Server VLAN field. It works fine if I trunk the AP and specify a VLAN ID. This however is not a likely configuration in a users home network. It would be great to have the option to configure DHCP server on the RAP without relying on the users own home DHCP server for client addressing. 

 

Thanks much! 

@airhead1234 wrote:

WHen configuring the 'Corporate DNS Domain' under the AP System Profile under the RAP AP-Group, does this require the RAP to be reprovisioned to learn of the new setting?

 

 

---

Pretty sure it required a reboot to pick this information up.

---

@airhead1234 wrote:

 

Also, when configuring a RAP Local DHCP Server in the AP System Profile, is the RAP required to be trunked? On a flat network, I cannot get this option to work due to the requirement of a VLAN ID in the Remote-AP DHCP Server VLAN field. It works fine if I trunk the AP and specify a VLAN ID. This however is not a likely configuration in a users home network. It would be great to have the option to configure DHCP server on the RAP without relying on the users own home DHCP server for client addressing. 

 

---

What are you trying to achieve here? Can you not use your corporate DHCP server for wireless clients on the RAP?

 

I must have something configured wrong. Even after reboot... and reprovisioining the AP, I cannot get it to recognize the Corporate DNS entry and resolve names using it. Traffic is flowing as I can reach the destinations (including the DNS server) by IP. No ACL blocking DNS. I will figure it out :-)

 

As for the RAP... I am working on a Bridged Scenario so Corporate DHCP is out. I dont really need it working, I am just making sure I understand all the options. 

 

The corporate DNS domain only applies to split-tunneled traffic on a RAP (not tunneled). It is used to decide which DNS server to use if the AP sees a specific domain's traffic needs to be resolved. If you are not using a split tunneled SSID, it will not work.

Also, for the client to be assigned to the pool in the RAP DHCP server, the virtual AP vlan and the RAP local DHCP vlan mist match. If that rap DHCP subnet is not reputable (normally it is not), the clients that attach to the VAP need to have an any any any route src-nat" ACL at the bottom of their user role to pass traffic successfully.

Sorry guys, I should not have mix up my questions.

 

For the Corporate DNS question, I am using RAP with Split-Tunnel. I have ACL for Corporate IP Destinations including the DNS server followed by the any any route src-nat ACL for all other traffic. I get no hits on the corporate DNS server when attempting to resolve names with the domain I have specified (which is the corporate DNS Suffix). I do have the Corporate DNS server (and only that server) being assigned to the client via DHCP server sitting on the VAP assigned VLAN.   

 

For the DHCP server question, understood. It will not work on a flat network. It makes sense, I just wanted to confirm I wasnt missing something here.