Passive clients are wireless devices, such as scales & printers that are configured with static IP address. These clients do not transmit any IP information such as IP address, mask, gateway information when they associate with an AP. As a result when passive clients are used, the WLC never knows the IP address unless they use DHCP.

WLC normally act as proxy for ARP request. Upon receiving an ARP request, WLC responds with an ARP response instead of passing the request directly to the client. This has two advantages.

1. The upstream device that send out ARP request does not know where the client is located (as WLC proxied).
2. Preserved the battery life of wireless devices as they do not have to respond every ARP request.

Since WLC does not have any IP related information about passive clients, it cannot respond to any ARP request. Current behavior does not allow transfer of ARP request to passive clients. Any application that tries to access passive client will fail.

“Passive Client” feature  enables the ARP requests & responses to be exchanged between wired  & wireless clients. When this feature enabled, WLC allow to pass ARP request from wired to wireless clients until the desired wireless clients gets to the RUN states.

When configuring this feature following needs to be remember.

1. Passive clients is supported on 5500 & 2100 series (as per 7.0.116 config guide, may be there all the new controller)
2. Passive client is NOT supported with AP Groups & H-REAP centrally switched WLANs
3. Passive client feature works on multicast-multicast mode of multicast operation.

By using GUI you can do this in “WLAN -> Advanced” section, First you have to enable Multicast on your controller as well (see below)

You can do the same using CLI

config network multicast global {enable|disable}
config network multicast mode multicast <mcast-group-address>
config network multicast igmp snooping {enable|disable}
config network multicast igmp timeout <timeout-vaule>
config network multicast igmp query interval < interval-value>
config wlan passive-client {enable|disable} <wlan-id>

You can verify this by “show wlan <wlan-id>” command output.

(BUN-PW00-WC01) >show wlan 5

WLAN Identifier.................................. 5
Profile Name..................................... LTUVoice
Network Name (SSID).............................. LTUVoice
Status........................................... Enabled
MAC Filtering.................................... Disabled
Broadcast SSID................................... Disabled
AAA Policy Override.............................. Disabled
Network Admission Control
  Client Profiling Status ....................... Disabled
   DHCP ......................................... Disabled
   HTTP ......................................... Disabled
  Radius-NAC State............................... Disabled
  SNMP-NAC State................................. Disabled
  Quarantine VLAN................................ 0
Maximum number of Associated Clients............. 0
Maximum number of Clients per AP Radio........... 200
Number of Active Clients......................... 0
Exclusionlist Timeout............................ 60 seconds
Session Timeout.................................. 1800 seconds
User Idle Timeout................................ 300 seconds
.
.
.
WMM.............................................. Required
WMM UAPSD Compliant Client Support............... Disabled
Media Stream Multicast-direct.................... Enabled
CCX - AironetIe Support.......................... Enabled
CCX - Gratuitous ProbeResponse (GPR)............. Disabled
CCX - Diagnostics Channel Capability............. Disabled
Dot11-Phone Mode (7920).......................... Disabled
Wired Protocol................................... 802.1P (Tag=6)
Passive Client Feature........................... Enabled
Peer-to-Peer Blocking Action..................... Disabled
Radio Policy..................................... All
DTIM period for 802.11a radio.................... 2
DTIM period for 802.11b radio.................... 2

.