Infoblox’s global team of threat hunters uncovers a DNS operation with the ability to bypass traditional security measures and control the Great Firewall of China. Read about “Muddling Meerkat” and the many other threat actors discovered by Infoblox Threat Intel here.



Cisco AP DHCP Option 43 with Infoblox

New Member
Posts: 5
5378     0


We trying to achieve assigning dhcp option 43 based on VCI

Rules are simple

If the VCI is "ciscopnp" then it is a switch and we need to return the DNAC IP address
option 43 ACSII value "5A1N;B2;K4;I10.93.4.40;J80"

If the VCI contains something else (or if the VCI starts with "Cisco AP") then it is a wifi AP and we need to return the IP address of the wireless controller option 43 value hex: f1:08:0a:5d:04:14:0a:dd:04:14

If we setup the DHCP options inidvidually - without the logic filters it works correctly for both AP and Switches. Switches works OK also with the logic filter But when we setup logic filters for AP some 2b0a prefix appears in the string value which result in failed onboarding of AP to WLC. Visible on the left image of wireshark dumps.

Im trying to find out origin of the 2b0a prefix does any have some tips?
Thank you in advance



including the logic filters




Re: Cisco AP DHCP Option 43 with Infoblox

Posts: 188
5379     0

Ok I think you are attacking this from the wrong direction - option spaces will do what you want, have a read of this article:


Paul Roberts
PCN (UK) Ltd

All opinions expressed are my own and not representative of PCN Inc./PCN (UK) Ltd. E&OE

Re: Cisco AP DHCP Option 43 with Infoblox

New Member
Posts: 5
5379     0


thank you for reply. Actually im using option filters i only didnt post it sry for that.

But what i want to try is to use the option 60 VCI as EQUAL - for each individual cisco ap model and second i try to option 241 instead of 43. Because I think our problem is the prefix 2b0a - due to this the onboarding is not working.


Re: Cisco AP DHCP Option 43 with Infoblox

New Member
Posts: 5
5379     0


so to confirm i used the option 241 with decimal format and it is working now!


whats interesting that in packet capture is visible the hex

Thank you



Showing results for 
Search instead for 
Did you mean: 

Recommended for You

NIOS 8.6.3 – What’s New in DDI