2 min read

802.11ax Cisco APs not getting IP address from the DHCP server

This post is more of a reminder for myself to remember this in the future. With introduction of Cisco AX access points, the requirement is for the APs to be able to resolve gateway IP address sent via DHCP in ARP. If that doesn't work, no IP address for you!

Usually this is not a problem, but I was working with a number of APs (C9105AXI-A) that were connected to our lab bench in L2 environment only and there was no L3 gateway for the isolated network, just a number of switches, a core switch, a WLC and that was about it.

So, even though I'm no longer working extensively with LAN stuff as I try to focus more on security, I still do have some knowledge when it comes to configuring basic stuff such as DHCP.

Well, I was literally going crazy with this. I've set up everything the way I always set it up and to test things out, I statically assigned the IP address on some of the APs and of course everything worked on the same exact switch port. But DHCP - no way Jose.

Well, the documentation was actually somewhat helpful with this. I finally found the following:

💡
NOTE: An 802.11ax Cisco AP will be assigned an IP address from the DHCP server only if a default router (gateway) is configured on the DHCP server (enabling the AP to receive its gateway IP address) AND the gateway ARP is resolved.

Since this is a completely isolated network, there was no way for me to get a gateway in there, and most importantly, I didn't want to do it. This is a lab bench and it should work the way it always did.

To resolve the issue temporarily, the solution is simple - configure the IP address of the gateway stated in the DHCP configuration as gateway to be the secondary IP on the SVI:

!
interface Vlan299
 ip address 10.1.199.1 255.255.255.0 secondary
 ip address 10.1.199.11 255.255.255.0
end

The only thing NOT to forget is to remove the secondary line before the devices are shipped into production!

💡
One important note, not completely related to this issue, is to always remember to do install commit after upgrading C9800 WLCs to newer version, after the first reload. I learned the hard way what happens if you don't do it immediately and wait for more than 6 hours. Hint: It's not good. OK, I won't be coy about it - if you don't do install commit after the upgrade and the first reload, the WLC will automatically revert to the old image after 6 hours!