How to Configure WS5100 to Use External DHCP Server for VPN Client IP Addressing?

Article ID: 38048635

Question

How to configure VPN between two WS5100 VPN switches?

Answer

Clients are not getting a VPN IP address when using an external DHCP server.

RONNIC is not set to Ethernet 1 and IP pool is not configured properly.
Configure the RONNIC to be Ethernet 1. Also configure DHCP server address to be that of your network DHCP server.
  1. Log into CLI of switch.
  2. Type the following commands to create an Ethernet policy that sets the RONNIC to Ethernet 1 and also creates a VLAN that is applied to your WLA
    • WS5100.> config
      WS5100.(Cfg)> etherpolicy
      WS5100.(Cfg).EtherPolicy> add YourEtherPolicy
      WS5100.(Cfg).EtherPolicy.[YourEtherPolicy]>add YourVlan
      WS5100.(Cfg).EtherPolicy.[YourEtherPolicy].Vlan.[YourVlan]>set wlan YourWlan
      WS5100.(Cfg).EtherPolicy.[YourEtherPolicy].Vlan.[YourVlan]>set ports 2
      WS5100.(Cfg).EtherPolicy.[YourEtherPolicy].Vlan.[YourVlan]> ..
      WS5100.(Cfg).EtherPolicy.[YourEtherPolicy]>set ronnic 1
      WS5100.(Cfg).EtherPolicy.[YourEtherPolicy]> exit
  3. Apply the above Ethernet policy to your wireless switch policy
    • WS5100.> config
      WS5000.(Cfg).spolicy
      WS5000.(Cfg).SPolicy.[YourSwitchPolicy]> set etherpolicy YourEtherPolicy
  4. Go to wvpn.ip_pools and set the IP pool range for WVPN.
    • WS5100.> config
      WS5100.(Cfg)> wvpn ip_pools
      WS5100.(Cfg).wvpn.ip_pools> add pool default beginIP endIP
      WS5100.(Cfg).wvpn.ip_pools> default
      WS5100.(Cfg).wvpn.ip_pools.[default]> set dhcpServer dhcpIPaddress
      WS5100.(Cfg).wvpn.ip_pools.[default]> set defaultGateway gatewayIPaddress
      WS5100.(Cfg).wvpn.ip_pools.[default]> set dns dnsIPaddress
      WS5000.(Cfg).wvpn.ip_pools.[default]>..
      WS5000.(Cfg).wvpn.ip_pools> set useDHCPgateway yes