Mobility group -without layer 3 roaming

Similar Messages

• WiSM redundancy, mobility groups and RF groups

  Hi there
  we would like to implement the following:
  - Support for about 2000 LAP's
  - 1 x Catalyst 6509
  - 1 x Sup 720
  - 7 x WiSM's
  What I'm interesting is are the following points:
  1. I thought that we would build the switch completly redudant, so we have to wlan switches (switch A and B) with 7 WiSM's eatch. So I can garanty a N+N redundancy --> each LAP's has a primary controller on switch A and it's secondary controller on switch B. The LAP's can be splitted on the two switches, but for your understanding there is a 1:1 redundancy. What do you think of this design, is the too much or is this appropriate?
  2. As I know you can build up a mobility group of a maximum of 24 controllers or 12 WiSM's. I would put only these controllers in a mobility group, where Layer 2 roaming can occure.
  3. But what is about the RF groups - there is a maximum of 1000 LAP's, so I can put only 3 WiSM's in one group. But this would not work form me, then I would have 2 WiSM's on switch A and only 1 WiSM on switch B in a RF group (not a 1:1 redundancy). First is it possible to put WiSM-A and WiSM-B into different RF groups, I think so because they are logically splitted, aren't they?
  And what RF group design would be best (just as a reference)? I thought that it would make sense to form a RF group for each of the seven pairs (1 WiSM on switch A and 1 WiSM on switch B) for redundancy? What do you think of that approach?
  4. So I would have 1 mobility group and 7 RF groups. Or do you recommend to form the mobility groups like the RF groups? But what happens with Layer 2 roaming in that case?
  I'm sorry for the long and messy text, but I hope you can see my design questions?
  Thanks a lot in advance.
  Dominic

  It sounds like you already have some good replies. Personally I like N+1 redundancy, but that is a designers choice. One thing I should point out is that the 6500 can only support 5 WiSM cards each. In this case a 4 WiSM x 3 chassis option would give your more spare capacity with only 12 total cards. The lower WiSM cost (12 vs 14) would help offset the cost of the extra chassis. You could also support 2400 APs with 8 WiSM cards even if one switch is down.
  Not too long ago Cisco added the ability to set the priority of APs so your critical ones would join a controller and the less critical ones would go down if a controller failed and there were no redundancy. That is something to keep in mind when designing wireless. You may not need redundancy for all APs and that could affect your design and costs.
  Randy

• Layer 2 & Layer 3 Controllers in Same Mobility Group

  I want to upgrade the existing Layer 2 contollers 4100 and AP 1200 (in the same subnet) to Layer 3 (controller is different subnet from AP). Due to migration in phases, I need to have mix Layer 2 and Layer 3 controllers in short period of time. Any issue if there is mixed Layer 2 and Layer 3 controller in the same mobility group. Additionally, any concern if user roaming between Layer 2 and Layer 3 controllers in the same mobility group? Thank you.

  On the controller page, General, there is a option LWAPP Transparent Mode to select Layer2 or Layer 3 mode of the controller. Not sure why can't convert from L2 to L3.
  Actually I had converted few L2 controllers to L3 in the same mobility group in lab. I concern if there is any problem if mix L2 and L3 controler in the same mobility group. Thanks.

• Layer 3 roaming issue

  Hi all,
  i have two wireless networks with two subnet (see the attached drawing) , all controllers run v4.2 access points type is 1020 .
  the first network in hall 1 have 4 wlc in subnet 172.16.40.X  , the security is WEP key for wireless phone
  the second network in hall two have one WiSM in subnet 172.26.40.Y the security is WEP key for wireless phone also
  all controllers and WiSM in same Mobility group .
  the issue is  ,when   wireless phone roaming from hall one to hall two or from hall two to one it dropped the connection and not working
  please advice

  Examples :
  WLC1 has management as 192.168.1.2
  WLC2 has management as 192.168.1.3
  WLC1 has the SSID "employees" linked to interface "emp_int" which has ip 192.168.50.2
  WLC2 has the SSID "employees" linked to interface "employee_int" which has ip 192.168.80.2
  In this case, we have layer 3 roaming. Meaning that normally the client would need to change its ip from 192.168.50.x to 192.168.80.x but thanks to mobility anchoring mechanism, the WLC2 forwards all traffic back to WLC1 so that the client can keep its ip address in 192.168.50.x
  If the situation was that both employee interfaces were in the 192.168.50.x on both WLCs, then we would have layer 2 roaming. Meaning the client entry is simply moved to WLC2 and WLC2 handles all the traffic. WLC1 has nothing to do anymore with this client.
  conclusion : the ip addresses of the management interfaces don't matter to decide if it's layer 2 or 3 roaming, it's the ip of the dynamic interface of SSID which matters
  Nicolas
  ===
  Don't forget to rate anwers that you find useful

• WLC 5508 and mobility groups

  Hi,
  We are using 2 WLC 5508 running 7.0.98.0 sw (AP's are 1142) at our primary site. They are hosting 3 different WLAN/SSID's, one for guest and the
  other 2 are for corporate access. We have put the WLC's in a mobility group, say "AAAA".
  Now we have the need for our UK peer site to publish a corp WLAN that exists in UK - at our site, and when trying to configure for that (following the c70cg.pdf) - I put the WLC's for UK in a new mobility group, say "BBBB". But i can't add our WLC's into that mobilty group
  (i get a duplicate mac address message).
  What's the correct way of configuring this, does all WLCs need to be in the same mobility group?
  Is there some reason why we can't have 2 mobility groups? Is there any upside/downside to configuring 2 mob. groups?
  Any clearification would be greatly appreciated
  BR
  //Mikael

  I think you are misunderstanding , so far what you did on your local swedish site is correct. Your two swedish WLCs have to be in their own same mobility group so you can give seamless roaming to your wireless users across your swedish area without interruption.
  On a WLC mobility group config page, you can have only one entry  per WLC, this is why you are getting the duplicate error message.
  WEBGUI - CONTROLLER - MOBILITY MANAGEMENT - MOBILITY GROUPS
  If you want to put your 4 WLCs so they exchange mobility messages, the following has to happen on all 4 WLCs.
  xx:xx:xx:xx:xx:xx  192.168.1.1  uk
  yy:yy:yy:yy:yy:yy 192.168.1.2 uk
  zz:zz:zz:zz:zz:zz  172.17.1.1  sweden
  aa:aa:aa:aa:aa:aa  172.17.1.2  sweden
  Note when you add WLC on the mobility section, the WLC start sending messages to each like, hey i have this client and you have that client and so on. But this has nothing to do with what you are trying to achieve.
  With regards to the execs that are coming, yes, replicate the SSID and point it to the Radius Server they have in UK, add your swedish WLC(s) as a NAS on the Radius Server and it should work as if they were in UK. that should be enough and i advise you to do the following for mobility groups config.
  on the two UK WLCs
  xx:xx:xx:xx:xx:xx  192.168.1.1  uk
  yy:yy:yy:yy:yy:yy 192.168.1.2 uk
  on the two Swedish WLCs
  zz:zz:zz:zz:zz:zz  172.17.1.1  sweden
  aa:aa:aa:aa:aa:aa  172.17.1.2  sweden
  hope i cleared it out for you. greeting from cold Belgium tonight :-) and hope the execs will enjoy Sweden!

• Layer 3 Roaming

  Is there a way for a client on one autonomous AP in user vlan A to roam to second autonomous AP in user vlan B whilst retaining IP address without using WDS. So Mobile IP Layer 3 roaming possibly through the switch/router?
  The two APs are connected to a 3560 which is connected to an 877. The vlans are layer 3 on the SVI of the 3560.

  Hello Mat,
  no, it's not possible without WDS. In fact, regular WDS doesn't support Layer 3 roaming, either. You need to do WDS with Cisco's 6500 WLSM module. WLSM was announced end of life in 2006.
  https://www.cisco.com/en/US/prod/collateral/switches/ps5718/ps708/product_data_sheet09186a00802252b7_ps2706_Products_Data_Sheet.html
  Regards,
  Roman

• How do I duplicate layers & groups without automatically adding a "copy", "copy 1", "copy #" at the end of the new group?

  How do I duplicate layers & groups without automatically adding a "copy", "copy 1", "copy #" at the end of the new group?
  It's been pestering me for quite a while now, since I often work with the same elements over and over again. Its frustrating to have to change the name of each layer manually, especially if I'm copying a whole group.
  Is there a setting in Photoshop or perhaps an external script that can help fix this for me?
  Cheers,
  Qiming

  There is no way to defeat this within the program itself. Here's the workaround:
  Duplicate the file (from the Image menu).
  Drag the Group or layers from the Layers list from the duplicate to the image window of the original , while holding down Shift.
  That will make a "copyless" copy and reposition the copyed material in the exact same position it was on the original.

• WLC 5508 * 2 & Mobility Group

  What I am trying to configure is Mobility Groups.
  My understanding is that this will allow AP to successfully register and fail over over seamlessly if any of the WLC had to fail ?
  It could be I am confusing two things into one :( & I am totally confused and not understanding the benefits of mobility group mentioned above.
  Also when a AP starts up and registers with the WLC ......I click on a registered AP > High Availability ( Primary / Sec / Tertiary ) all fields are blank...
  Initially I also thought that once my SSO is all setup and working than those options "AP > High Availability" will get populated automatically but clearly not unless something is not working.
  My current config is as follows:-
  WLC 5508 * 2
  WLC 1 - Primary
  WLC 2 - HA SKU (Secondary )
  Redundancy = SSO (Both AP and Client SSO)
  =============
  (Cisco Controller) >show sysinfo
  Manufacturer's Name.............................. Cisco Systems Inc.
  Product Name..................................... Cisco Controller
  Product Version.................................. 7.6.130.0
  Bootloader Version............................... 1.0.20
  Field Recovery Image Version..................... 7.6.101.1
  Firmware Version................................. FPGA 1.7, Env 1.8, USB console 2.2
  Build Type....................................... DATA + WPS
  System Name...................................... WLC5508
  System Location..................................
  System Contact...................................
  System ObjectID.................................. 1.3.6.1.4.1.9.1.1069
  Redundancy Mode.................................. SSO (Both AP and Client SSO)
  IP Address....................................... 10.31.66.21
  Last Reset....................................... Software reset
  System Up Time................................... 0 days 22 hrs 39 mins 57 secs
  System Timezone Location......................... (GMT) London, Lisbon, Dublin, Edinburgh
  System Stats Realtime Interval................... 5
  System Stats Normal Interval..................... 180
  Configured Country............................... GB  - United Kingdom
  Operating Environment............................ Commercial (0 to 40 C)
  --More-- or (q)uit
  Internal Temp Alarm Limits....................... 0 to 65 C
  Internal Temperature............................. +38 C
  External Temperature............................. +21 C
  Fan Status....................................... OK
  State of 802.11b Network......................... Enabled
  State of 802.11a Network......................... Enabled
  Number of WLANs.................................. 1
  Number of Active Clients......................... 0
  Burned-in MAC Address............................ F8:72:EA:EE:5B:B2
  Power Supply 1................................... Present, OK
  Power Supply 2................................... Absent
  Maximum number of APs supported.................. 500
  ============================================
  TA

  TA,
  Mobility and mobility groups are used for the wireless users roaming. What we know that a wireless users can roam between different APs within the same WLC, but when the SSID is used within multiple WLCs, and the client wanted to roam to an AP joined to another WLC, you would need to configure WLC mobility to maintain seamless roaming. For more info:
  http://www.cisco.com/c/en/us/td/docs/wireless/controller/8-0/configuration-guide/b_cg80/b_cg80_chapter_010001101.html
  Now, I understand that your purpose is to have high availability for your APs. No this is done traditionally from the AP page, under HA tab, where you configure the WLCs names and IPs there. This can be done manually on each AP (you can use CLI to make it easier) or you can push a configuration template using a management server (WCS/NCS/CPI).
  Configuring HA on the AP:
  http://www.cisco.com/c/en/us/td/docs/wireless/controller/8-0/configuration-guide/b_cg80/b_cg80_chapter_01110000.html
  http://www.cisco.com/c/en/us/td/docs/wireless/controller/8-0/configuration-guide/b_cg80/b_cg80_chapter_01110001.html
  Using CPI to push AP configuration templates:
  http://www.cisco.com/c/en/us/td/docs/wireless/prime_infrastructure/2-0/configuration/guide/pi_20_cg/temp.html
  Now mobility may play a role in this, as if you have already configured mobility for your WLCs, then you won't need to configure a "name" for the WLCs when you add them under the HA tab in AP configuration page. That's it.
  BR, Ala

• HA N+1 and Mobility Groups

  Hi all,
  One question, can I have 2 WLC's on different Mobility Groups pointing to the same HA N+1 WLC which is located in one of those Mobility Groups?. I have not seen any note about this on the Cisco documentation I have checked.
  thanks

  From 7.4 onwards AP can fail over to a WLC even they are in different mobility group. So I think this set up should work without any problem.
  http://www.cisco.com/en/US/docs/wireless/controller/7.4/configuration/guides/consolidated/b_cg74_CONSOLIDATED_chapter_01110011.html
  http://www.cisco.com/en/US/docs/wireless/technology/hi_avail/N1_HA_Overview.html
  HTH
  Rasika
  *** Pls rate all useful responses ****

• Mobility Group Requirements for Guest Anchor WLC

  Hello -
  I've alway assumed you can't create a guest tunnel between a local WLC and an anchor WLC that are in different mobility groups.   However, I was told recently (without much detail) that this is possible.  So I have set out to test this.  
  I am trying to point one of my local WLCs guest SSIDs to a guest anchor WLC in a different mobility group.   I have a maintenance window coming up and I am looking to anchor the clients on one campus to the anchor WLC on the other campus so guest service does not go down.   Each campus is it's own mobility group.   In trying to set this up I went to the "mobility anchors" screen for the guest SSID on one of the local WLCs and I am unable to add the anchor WLC from the other campus because it's non in the drop-down menu.  This is because it's not in the same mobility group.   So my question is how do I anchor clients coming through a local WLC in one mobility group to an anchor WLC in another mobility group?
  To me it doesn't seem possible without significant configuration changes.   I don't want to reconfigure/recreate mobility groups. 
  Thanks
  Chuck

  Not only is it possible, I would recommend it. However, you may be confusing some concepts.
  The Mobility Group is different than the Mobility Domain.  I generally refer to the Mobility Group as those WLCs with the same Default Mobility Group Name, and the Mobility Domain as the entire Mobility List (where you can define up to 72 controllers from various mobility groups).
  The point is that if WLCs 1-10 are GroupA, and WLCs 11-20 are GroupB, for anchoring to work you at least need to add the anchor to the mobility list of the foreign wlc, and vice versa.
  If you notice, when you add a mobility entry to the list, it should ask you for mobility group. If you leave it blank, it should default to that of that WLC,  but on GroupA controllers, you could define GroupB controllers (and specific GroupB) and then you should now have mobility established between your controllers and the Anchor configuration will have your anchors in the drop-down....
  Does that make sense?

• Mobility group same ssid multiple WLC

  I have a 4400 and a 5508 WLC in the same location
  We want to be able to roam between ap joined to both the 4400 and the 5508 using only one ssid
  Do I only need to create a mobility group and add both WLC
  then create only one WLAN on one of the controllers and it will be shared across bot WLC.
  Or something else?

  Resolution :
  Yes you are correct. Please follow this link for Mobility groups and Roaming :
  http://www.cisco.com/en/US/docs/wireless/controller/7.2/configuration/guide/cg_mobility.html

• 5508 Mobility Group

  Clients are not able to roam between WCS controllers. Our mobility groups are working but we are not able to pass DHCP addresses between controllers

  When you say mobility is working, what do you mean?  Are you trying to use WLCB to assign a client on WLCA an address?

• WLC Mobility Group Confusion

  Can some please clarify how Mobility groups work and when to use them. I have 2 data centers, each with a WLC, for centralized control. I just want to provide simple redundancy.
  When should I use an Anchor group.
  Thanks for your help.

  To make it simple, any wlc's that will be a primary, secondary or tertiary WLC for lap's will need to be placed in the same mobility group. Now if you have a guest anchor controller for guest, then that will need to be added in the same mobility group. Bottom line, when users roam from AP to AP from WLC to another even getting tunneled (anchor) the WLC's need to be aware of the roaming and that is what mobility group does.
  Anchor is if you want to tunnel users to a specific controller like in a guest wireless situation when the WLC is located in the DMZ. There are other reasons, but this is most likely why.

• WLC Mobility Group problem

  Hi to all,
  we've two internal WLC which belong to the same MG (the default one), and one DMZ WLC which belongs to another MG.
  All are running OS 4.2.61
  After configuring Mobility Group using the "edit all" inserting the WLC IP address and MAC of the MGMT interface and the name of the MG which they belong, I notice a strange behaviour:
  - WLC1 has Data path UP with internal's WLC2 and DMZ WLC...but Control path is down.
  - WLC2 has Data path and Control path UP with DMZ WLC and only Data path UP with WLC1
  - DMZ WLC has Data path and Control path UP with DMZ WLC and only Data path UP with WLC1
  MG Secure Mode is disabled on all WLC's seeing the following bug CSCsk36683 (The mobility control path is down when secure mode is enabled).
  Reachability via ping is OK, via eping the same but mping are not working from WLC1 to WCL2 and from DMZ WLC to WLC2
  I've already restarted both controllers without success...what i've noticed is on WLC2 and DMZ WLC msglog there are a lot of these entries with a lot of RX errors ===>>>MM-3-INVALID_PKT_RECVD: Received an invalid packet from X.X.X.X. Source member:0.0.0.0. source member unknown.
  any idea?
  Tnx
  Omar

  Here is the URL for the configuration for the Mobility Group follow the URL which will help you :
  http://www.cisco.com/en/US/tech/tk722/tk809/technologies_configuration_example09186a00809817ca.shtml

• Cisco 526 WLC and 2106 WLC in one Mobility Group

  Hi,
  is it possbile to build a solution with one Cisco 526 Wireless Express Mobility Controller and one Cisco 2106 Wireless LAN Controller in one Mobility Group regarding seamless roaming??
  Thank for your answers
  Best regards
  Stephan

  I don't know if it is possible, but I would think if you had any issues, TAC wouldn't support it. Try opening a case with TAC to see.