Cisco WLC in High Availability over WAN

Similar Messages

• Cisco Unity with Microsoft Exchange over WAN Question

  /* Style Definitions */
  table.MsoNormalTable
  {mso-style-name:"Table Normal";
  mso-tstyle-rowband-size:0;
  mso-tstyle-colband-size:0;
  mso-style-noshow:yes;
  mso-style-priority:99;
  mso-style-qformat:yes;
  mso-style-parent:"";
  mso-padding-alt:0in 5.4pt 0in 5.4pt;
  mso-para-margin:0in;
  mso-para-margin-bottom:.0001pt;
  mso-pagination:widow-orphan;
  font-size:11.0pt;
  font-family:"Calibri","sans-serif";
  mso-ascii-font-family:Calibri;
  mso-ascii-theme-font:minor-latin;
  mso-fareast-font-family:"Times New Roman";
  mso-fareast-theme-font:minor-fareast;
  mso-hansi-font-family:Calibri;
  mso-hansi-theme-font:minor-latin;
  mso-bidi-font-family:"Times New Roman";
  mso-bidi-theme-font:minor-bidi;}
  A customer has several offices. Each office has a separate Exchange Server. The partner was considering a single Unity deployment connected to all of the exchange servers over the WAN, but has decided against that because the latency of the WAN is too high to do this. They are looking for a best practice way of deploying Unity for these multiple Exchange servers at multiple sites. This might mean a separate Unity server for each exchange server at each site .
                  However, we’re wondering if there is a better way to do this. With multiple unity servers we’ll likely have different prefixes for each unity server at each location . This is something that the customer would like to avoid. We’re wondering if there any best practices for a deployment like this that we can offer as options for the customer.
  /* Style Definitions */
  table.MsoNormalTable
  {mso-style-name:"Table Normal";
  mso-tstyle-rowband-size:0;
  mso-tstyle-colband-size:0;
  mso-style-noshow:yes;
  mso-style-priority:99;
  mso-style-qformat:yes;
  mso-style-parent:"";
  mso-padding-alt:0in 5.4pt 0in 5.4pt;
  mso-para-margin:0in;
  mso-para-margin-bottom:.0001pt;
  mso-pagination:widow-orphan;
  font-size:11.0pt;
  font-family:"Calibri","sans-serif";
  mso-ascii-font-family:Calibri;
  mso-ascii-theme-font:minor-latin;
  mso-fareast-font-family:"Times New Roman";
  mso-fareast-theme-font:minor-fareast;
  mso-hansi-font-family:Calibri;
  mso-hansi-theme-font:minor-latin;
  mso-bidi-font-family:"Times New Roman";
  mso-bidi-theme-font:minor-bidi;}
  I have found some related information but really customer is altogether looking for an option away from Exchange networking over WAN.
  I found:
  “Multi-Site WAN with Distributed Messaging”
  http://www.cisco.com/en/US/docs/voice_ip_comm/unity/5x/design/guide/5xcudg040.html#wp1077309
  “Networking Options Requirements for Cisco Unity”
  http://www.cisco.com/en/US/products/sw/voicesw/ps2237/prod_installation_guides_list.html
  Design Guide for Cisco Unity also talk as much is there in the first URL.
  Please Help!

  This may be counter to your customer's desire or requirements but I must ask the question.  Has the customer considered Unity Connection vs. Unity?  Granted, Unity Connection provides integrated messaging whereas Unity is the unified messaging application; however, CUC has become Cisco's flagship messaging product over the last couple of years and I only see this expanding to be honest.  So, for new installs - I push hard on Unity Connection.  Sometimes, it's a sell but sometimes the customer has a hard requirement for UM and thus you have to go with UM.  In your scenario, your customer could potentially save a LARGE amount of money as CUC is not dependent upon Exchange at all; however, you still have the option to tie into Exchange 2003/2007 as an external service where users can access messages in a 3rd-party message store and also access calendar data and so forth.  The platform is very feature rich.  Many of my current Unity customers are migrating off of the platform to the more "agnostic" CUC platform to avoid issues caused by such dependence on AD/Exchange.  In addition, as Microsoft continues to develop and push it's own UM solution - integration for Unity is being forced to change (ex: changes to MAPI in 2010 caused problems for Cisco and required them to rework a bit of the underpinning integration points between Unity and Exchange).  With CUC, you also have the flexibility to implment a dial plan within voicemail system itself...not to mention it is extremely scalable.
  Hailey
  Please rate helpful posts!

• WLC 5508 - High Availability

  I am upgrading the Wireless Infrastructure with two 5508 WLC.
  I am setting up High Availability, but I think is not quite working.
  Primary Controller = WLC1
  Secondary Controller = WLC2
  LAP = LAP1
  LAP1 has WLC2 as the primary controller for HA
  LAP1 has WLC1 as the secondary controller for HA
  While connected to LAP1, I shutdown WLC2. After ~ 20 seconds, LAP1 move to WLC1.
  I lost connection from LAP1
  Don't LAP1 should move with all its clients to WLC1?
  Am I missing something in my configuration?
  Thanks for all your help in advance

  Hello,
  Let me clarify high availability/failover here. As previously mentioned, you can set the heartbeat times to reduce WLC failure detection time. Once an AP determines it has lost the connection to it's controller, it will perform the discovery/join process to the configured Secondary WLC. During this process, the AP will need to verify configuration from the secondary WLC and the Radios will get reset.
  So, you will not experience a perfectly seamless transition when an AP moves from WLC1 to WLC2. Detection time with defaults is 30 second heartbeat, so I would expect anywhere from 15-45 second outage on a WLC failure scenario. The network will then be operational again and clients should be able to connect.
  Thanks,
  -Patrick Croak
  Wireless TAC

• Cisco ISE in High Availability mode

  Hello
  Need some help, I have hardware cisco ISE 3315, want to go for high availability now, my question is that;
  1. Is Cisco ISE available on Hyper V ?
  2. Is it possible to configure 1 hardware , and other virtual (VMware / HyperV {If available}) in high availability mode ?
  Thank you very much.

  While ISE may run in Hyper-V, it will definitely not be supported so I recommend staying away from doing that. The only supported virtual environment is VMware. If you only have Hyper-V then you will have to get another appliance. Do keep in mind that the 3315s are EOL/EOS. The replacement models for those are the 3415.
  As it was already stated above Charles and Karsten, you can mix virtual and physical appliances. So if you do en up going with a supported virtual solution make sure that the resources for the ISE nodes are dedicated/reserved and that thin provisioning is also NOT supported. 
  Hope this helps!
  Thank you for rating helpful posts! 

• Cisco Prime LMS High Availability

  Hi,
  I am trying to setup prime LMS 4.2 with a pair of soft appliance. As I understand that HA is possible with the use of veritas/vmware for windows/solaris; I was wondering what are the possible high availability options available with a pair of prime LMS appliances? Can it form active/secondary with data synchronization/data redundancy of the LMS on top of the traditional backup/restore of the lms?
  Any input is appreciated.
  Thanks

  As iceman said, in VMWare it is not needed to have a pair of host machines to configure HA. Pairs are managed using third party HA services like veritas.
  In VMWare's HA concept all Host machines are pooled into one cluster and in case of host failure the entire cluster is moved to another host. vMotion can also help to move the entire vm to another host.
  This is when the host fails where vm resides. In case of failure of vm itself, the HA can be set for various actions lilke Automatic restart when hardware or OS failure is detected. OR it can restart another backup host in other cluster when failure is detected.
  You need to check availble HA option on VMWare and you can consider HA options via third party applications like veritas as well.
  -Thanks
  Vinod
  **Support Contributors. Rate them. **

• Time Machine "Backup Disk Not Available" over WAN

  I have port forwarded port 46 (TCP and UDP) to port 548 a Mac mini server running Mac OS X 10.6.8, and I have Time Machine backup disk on it set as a share point with Time Machine support enabled. On my Mac Pro running OS X 10.8.5, I am able to connect via AFP to my server with the address "afp://my-ip-address:46" and can read and write on the backup disk share point. I tested that, and it works. When I am on the same LAN as the server, I can use that disk for Time Machine and have been doing so for years. However, I cannot do a Time Machine backup to that share point over the WAN. When I open Time Machine preferences, I can select the share point as my backup disk, but once I start the backup, it says "Backup disk not available" and fails to start. How could I fix this problem?
  In case you're wondering, I forward port 46 to port 548 instead of port 548 to port 548 to minimize hacking attempts. Last time I used a default port, a computer in Taiwan started spamming SSH authentication failures.

  I did find this article via Google
  <http://www.macgurulounge.com/make-time-machine-remotely-back-up-to-your-time-cap sule/>
  Personally, I use CrashPlan (free option using my own disks) to backup over the internet.  It works very well when I'm away from home.  Everything is encrypted.

• Cisco UCS Central High Availability (HA NOT READY)

  I am seeing the following message in UCS Central about HA NOT READY
  Cluster Id: 0x819cae86c88f11e4-0x8fb4d5434d9b9e52
  Start time: Tue Mar 24 12:08:20 2015
  Last election time: Tue Mar 24 12:08:50 2015
  A: UP, PRIMARY
  B: UP, SUBORDINATE
  A: memb state UP, lead state PRIMARY, mgmt services state: UP
  B: memb state UP, lead state SUBORDINATE, mgmt services state: UP
  heartbeat state PRIMARY_OK
  HA NOT READY
  Waiting for response from device.
  Device count, expected: 2, active: 0
  Detailed state of the device selected for HA quorum data:
  Device 1009, serial: 14713e4e-929e-11e3-aa5e-002a6a7fa904, state: inactive
  Device 1008, serial: 7cafb282-b1ed-11e4-a520-8c604f230301, state: inactive
  Quorum data local IO failure:
  14713e4e-929e-11e3-aa5e-002a6a7fa904 READ_FAILED, error: GENERAL, error code: 32767, error count: 1348947
  Quorum data local IO failure:
  7cafb282-b1ed-11e4-a520-8c604f230301 READ_FAILED, error: GENERAL, error code: 32767, error count: 1348947
  Warning: there are pending I/O errors on one or more devices, failover may not complete

  The management services on each node are all running
  show pmon state
  SERVICE NAME STATE RETRY(MAX) CORE
  pmon running N/A N/A
  core-svc_cor_dme running 0(4) no
  service-reg-svc_reg_dme running 0(4) no
  core-svc_cor_secAG running 0(4) no
  operation-mgr-svc_ops_imgMgmtAG running 0(4) no
  resource-mgr-svc_rsrcMgr_dme running 0(4) no
  identifier-mgr-svc_idm_dme running 0(4) no
  central-mgr-svc_centralMgr_dme running 0(4) no
  service-reg-svc_sam_controller running 0(4) no
  policy-mgr-svc_pol_dme running 0(4) no
  sam_cores_mon.sh running 0(4) no
  core-svc_cor_controllerAG running 0(4) no
  operation-mgr-svc_ops_dme running 0(4) no
  service-reg-svc_sam_licenseAG running 0(4) no
  policy-mgr-svc_sam_pkiAG running 0(4) no
  core-httpd.sh running 0(4) no
  stats-mgr-svc_statsMgr_dme running 0(4) no
  core-svc_cor_sessionmgrAG running 0(4) no
  I can ping the two registered domains from both nodes

• UCCX 7.0 High Availability IP Addressing

  Hi,
  I am installing UCCX in HA mode. The servers are on the same site and have a RTT of less than 2 ms.
  I am wondering whether to put them in the same VLAN or in separate VLANs. The design guide does not seem to state a preference.
  Please let me know what approach works for you

  Hello James,
  As you mention HA over IP WAN its just support under UCCX 8.0, for now UCCX 7.0 does not support these. That infomation can be check in the SRND.
  http://www.cisco.com/en/US/docs/voice_ip_comm/cust_contact/contact_center/crs/express_7_0/design/guide/uccx70srnd.pdf
  Page 66 says:
  "Cisco Unified CCX high availability requires that the Cisco Unified CCX Engine and Database components and the CTI Managers with which the Cisco Unified CCX servers communicate be located in the same campus LAN and that the maximum round-trip delay between these servers be less than 2 ms"
  HTH
  Please rate this post if was helpful
  Walter Solano
  CCVP, Cisco UCCX Specialist
  Cisco IP Communications Express Specialist

• IPS 4240 High Availability?

  Hello there,
  Does 4240 work in HA mode?
  Or do I have to look at 4255 if I need them to work in HA mode?
  Kindly help me with this info..thanks in advance.
  Regards,
  Ram

  Just to add a little bit to Bob's response.  It is possible to get HA, but like mentioned above, it's not HA like you would expect from a firewall, and requires significant network planning and is pretty technical in nature.
  The best documentation I have been able to find regarding HA designs is in Chapter 21 - "Deploying Cisco IPS for High Availability and High Performance"  of the CCNP Security IPS 642-627 Official Cert Guide, ISBN: 9780132372107.  It gets pretty detailed and explains a lot of different methods. 
  I was also able to find some information on this site, but it's at a higher level, and doesn't provide as many options.
  https://www.networkworld.com/community/node/18384
  I've had to work HA into some of our environments, and I'm here to tell ya, plan ahead, way ahead, test several methods to find the best one.  We ended up using a method that I couldn't find mentioned anywhere. 

• WLC HA, difference between GLOBAL- and AP- High Availability

  hello everyone,
  I have a question regarding HA and LAP...
  we have two 5508 (sw ver 6.0.199.4), on each specific AP we have an entry for which is his primary and secondary controller
  so far so good, when one controller fails, the AP is connecting to the second controller and goes on doing his business...
  so what I am not sure about is what I should configure globally regarding HA
  first question: do I have to configure anything at all?
  second question: what should I configure best? we are using our WLCs only to control APs that are connected to our (WLAN-dedicated) LAN, we are not controlling any APs at a remote-location.
  finally, let me quote the configuration-guide:
  "Follow these steps to configure primary, secondary, and tertiary controllers for a specific access point and to configure primary and secondary backup controllers for all access points."
  and the question for this:
  what is the difference between a controller and a backup-controller?
  from my point of view: if I configure a primary and a secondary controller, the secondary controller is the backup-controller for the primary controller...
  while I am writing this, I would like to apologize for what I am asking here, because at this time I am totally confused about this and to write those questions down, did not help to calm down...
  thank you very much in advance!
  regards,
  Manuel

  hi Leo,
    I tested this out, but i guess its not working as i thought it would work. I configured the backup primary controller IP and name in the global configuration of the Wireless tab of the WLC and left the AP high availability blank with no settings. I joined the AP to the WLC and show capwap client ha output on the AP shows the backup primary controller name. but if i shut down the primary controller, the AP does not join the back, it just tries to get WLC ip by renewing DHCP forever and stuck in that...   below are the outputs.. any idea why its like this ? I thot if there is no HA configured at the AP level, the global config on the controller level should take effect ?
  LWAP3-1042#sh cap cli ha
  fastHeartbeatTmr(sec)   7 (enabled)
  primaryDiscoverTmr(sec) 30
  primaryBackupWlcIp      0xA0A700A
  primaryBackupWlcName    WLC2-4402-50
  secondaryBackupWlcIp    0x0
  secondaryBackupWlcName  
  DHCP renew try count    0
  Fwd traffic stats get   0
  Fast Heartbeat sent     0
  Discovery attempt      0
  Backup WLC array:
  LWAP3-1042#
  *Apr 30 20:36:21.324: %CAPWAP-3-DHCP_RENEW: Could not discover WLC using DHCP IP. Renewing DHCP IP.
  Not in Bound state.
  *Apr 30 20:36:31.829: %DHCP-6-ADDRESS_ASSIGN: Interface GigabitEthernet0 assigned DHCP address 10.10.114.49, mask 255.255.255.0, hostname LWAP3-1042
  *Apr 30 20:37:17.832: %CAPWAP-3-DHCP_RENEW: Could not discover WLC using DHCP IP. Renewing DHCP IP.
  Not in Bound state.
  *Apr 30 20:37:28.337: %DHCP-6-ADDRESS_ASSIGN: Interface GigabitEthernet0 assigned DHCP address 10.10.114.50, mask 255.255.255.0, hostname LWAP3-1042
  *Apr 30 20:38:14.338: %CAPWAP-3-DHCP_RENEW: Could not discover WLC using DHCP IP. Renewing DHCP IP.
  Not in Bound state.
  *Apr 30 20:38:24.842: %DHCP-6-ADDRESS_ASSIGN: Interface GigabitEthernet0 assigned DHCP address 10.10.114.51, mask 255.255.255.0, hostname LWAP3-1042
  regards
  Joe

• Cisco Prime Infrastructure 2.1 High availability Question

  Hello All,
  I am configuring high availability for two prime infrastructure 2.1 servers. I have configured manual HA between the servers. I need to know what will be the configuration in the devices ( switches,routers etc.) for proper working of the HA. For example
  Should we need to configure both the prime infra servers as snmp hosts in the devices??. If we have to when an event happens the switch well unnecessarily send the traps to the secondary even when the primary is alive??. 
  If anyone has a copy of the configuration of such a set up please share it with me. 
  Thanks and Regards
  Shabeeb

  Hi Shabeeb,
  You are correct on that part that unnecessarily devices will  try to send traps to the secondary server if you specify that in the device's config. I don't think it should be a concern , this is expected.
  otherwise you need to configure them later once the PI server fail over to secondary .
  If you have any other doubt ,kindly ask.
  Thanks-
  Afroz
  ***Ratings Encourages Contributors ***

• High availability on wlc

  I have 2 WLC (5508), i configured the option for enable the high availability, but when the 2 WLC is working the mesh network is unstable, when only wlc is working the mesh is fine.

  Yes, i configured on each map/rap the ip address of primary and secondary controller.
  I configured only on the primary controller the option Master Controller, too into the WLC1 (primary) joined the ip adress of the controller second  in the optinon Back-Up primary controller ip address in the tab High dispobility, and  similary in the second controller (I put the ip address the primary controller).
  The network is unstable only when the both controllersare  in power on, the clients no reachable the server.

• Two WLC 5508 Anchor High Availability

  Hello.
  It's possible use 2 WLC 5508 en ANCHOR MODE in a Active-Active scenario?.
  For example, if one WLC get down of service, the other one keep provide service to the anchor clients?.
  In this moment we have just one WLC 5508 in Anchor Mode. What i need to configure a ANCHOR high Availability.
  Thanks A lot!!!

  This is confusing to me:
  If we install a second Anchor WLC, what you recommend about the DHCP server in a failover event, because this second ANCHOR WLC will have the same configuration of the firts anchor wlc.
  What do you mean the two will have the same configuration?  The hostname and ip should be different.... or are you just stating that the WLAN and DHCP will be the same?  I don't want to tell you something and break your environment, so just trying to clear things up.
  Thanks,
  Scott
  Help out other by using the rating system and marking answered questions as "Answered"

• Cisco WLC AP count over SNMP

  Hi,
  Is it possible to monitore a quantity of AP on Cisco WLC and quantity of wireless clients?
  I was found only list of AP names over snmp...
  Thanks in advance

  Hi, Ralf
  If not late
  I use script directly in monitoring system
  main ()
  VALUE=`snmpwalk -v 2c -c xxxCommunityxxx X.X.X.X 1.3.6.1.4.1.9.9.513.1.1.1.1.2 | wc -l`
  echo "Message: Warning! Number of registed APs decriased."
  echo "Data:Count"
  echo "Count\t$VALUE"
  exit 0
  main $*
  This is shell. but you can use simple only one line
  `snmpwalk -v 2c -c xxxCommunityxxx X.X.X.X 1.3.6.1.4.1.9.9.513.1.1.1.1.2 | wc -l`
  (from linux)

• – Enable high availability and redundancy for Cisco WAAS

  How this is available
  – Enable high availability and redundancy for Cisco WAAS appliances in data centers.
  Thank you.

  Hi,
  You can serially cluster two WAE devices with the Cisco WAE Inline  Network Adapter installed to provide higher availability in the data  center if a device fails. If the current optimizing device fails, the  inline group shuts down, or the device becomes the overloaded, the  second WAE device in the cluster provides the optimization services.  Deploying WAE devices in a serial inline cluster for scaling or load  balancing is not supported.
  More deatils here: Clustering Inline WAEs
  Hope this helps.
  Regards.
  PS: Please mark this as Answered, if this answers your question.