WLC mobility group between 4404 and 5508 controllers

Mobility 'Control and Data Path Down' between 4404 and 5508 WLC's.
Hello, we have 5 x 4404 WLC's running 7.0.240.0 with mobility configured fine between them.
We have installed a 5508 with HA running 7.4.110.0, and have tried to add it to the mobility group, however we see 'Control and Data Path Down' between the new 5508 and all the 4404 controllers.
All controllers have:
The same virtual address
Management interfaces are in the same VLAN, and indeed all the controllers connect via the same pair of 3750X stacked switches.
The default mobility domain name is the same
4404 output when issung the command 'show mobility summary'
Symmetric Mobility Tunneling (current) .......... Enabled
Symmetric Mobility Tunneling (after reboot) ..... Enabled
Mobility Protocol Port........................... 16666
Default Mobility Domain.......................... SGH-Mobility
Multicast Mode .................................. Disabled
Mobility Domain ID for 802.11r................... 0xe209
Mobility Keepalive Interval...................... 10
Mobility Keepalive Count......................... 3
Mobility Group Members Configured................ 6
Mobility Control Message DSCP Value.............. 0
5508 ouput when issueing the command 'show mobility summary'
Mobility Architecture ........................... Flat
Mobility Protocol Port........................... 16666
Default Mobility Domain.......................... SGH-Mobility
Multicast Mode .................................. Disabled
Mobility Domain ID for 802.11r................... 0xe209
Mobility Keepalive Interval...................... 10
Mobility Keepalive Count......................... 3
Mobility Group Members Configured................ 6
Mobility Control Message DSCP Value.............. 0
I've spent quite some time double checking all the configurations to no avail.
Has anybody seen this problem before?
Kind regards
Dave Bell

Thanks Sandeep.
I am well versed with WLC's and mobility, however trying to add a 5508 to a mobility group with 4404's has come up with a bit of a curve ball.
All the 4404 controllers all joined the mobility group fine, no problems at all - its only the 5508 I am struggling with.
In theory its simple, populate the IP address, and MAC addres of the management interface of the remote WLC, as long as the management interfaces are in the same VLAN, and the Default Mobility Domain Name are the same it should come up.
Interestingly I have found the 5508 reports its own management interface MAC address incorrectly when viewing the Mobility Groups:
For example:
{Screen shot WLC1.jpg}
5508 management address is 10.95.x.x and when viewing the Mobility Management screen it shows its own MAC address as bc:16:65:f9:37:60.
however!
From our router is I do an sh arp | i 10.95.x.x (controller management address), I see:f872.eaee.becf.
{Screen shot wlc2.jpg}
Hence the WLC reports as: bc:16:65:f9:37:60
and
The network reports as: f872.eaee.becf for the same IP address.
I have changed the other WLC's to the MAC adress seen on the network for the new controller, aka changed from
bc:16:65:f9:37:60
to
f8:72:ea:ee:be:cf
I now see the controllers reporting the mobility with the new controller as 'Control Path Down', however I am at a loss as to what may be causing this?
Kind regards
Dave Bell

Similar Messages

Can we create Mobility group between WISM2 and WLC 5500

Dears,
I need your feedback urgent please,
Can we create Mobility Group between WISM2 and WLC 5500
Firmware for WISM2 > 7.4.121.0
Firmware for WLC5500 > 6.0.196.0
I created Mobility Group with (IP address , MAC Address and Mobility group name) for Foreign Controller. if any configuration required from my side.
Wait your feedback urgent please
Regards,

Hi,
Controllers do not have to be of the same model to be a member of a mobility group. Mobility groups can be comprised of any combination of controller platforms.
Thats enough :)
Regards
Dont forget to rate helpful posts

Mobility groups between WLC 4400 & 5500

Can I configure a mobility groups between 4404 Wireless LAN Controllers and 5500 Wireless LAN Controllers?
Thanks.

Yes, the platform doesn't matter. The code used to matter but recent versions are ok between each others.
Nicolas
===
Don't forget to rate answers that you find useful

Mobility group between controller 4400 and virtual wlc

Hello everybody...
I read the configuration guide about the 7.3 release. And I figured out that you will need a hash key for establishing a mobility group relation between a controller and a virtual controller. The 7.3 release for the 5500 series works fine for me.
But the latest release 7.0.235.0 for the wireless lan controller series 4400 does not have a functionality to add a hash key while creating a new mobility group member.
The command "config mobility group member hash" is totally missing.
Does anybody have an idea how to establish a mobility group between a 4400 controller and a virtual then?
Best regards,
Sebastian Wieseler

The vWLC is out since yesterday.
We installed it in our lab and the deployment guide is out now, too.
Anyway... the hash is "god-given" in the vWLC. I can't change it to "none". So it is quite mandatory to enter a hash in the 4400 controller otherwise it just do not pair. So I am unable to establish a mobility group.
Any other ideas?

Mobility groups between WLC 2106 & 5500

Can I configure a mobility groups between 2106 Wireless LAN Controller and 5500 Wireless LAN Controllers?
Thanks.

Hi Patricia:
Welcome to the forums then.
Actually Scott's answer was the correct one. Not mine. So just to appreciate Scott's efforts (Thanks Scott) try please to mark his answer as the correct answer. Just below his answer there is a button to mark it as correct answer.
Come back soon.
Amjad
Rating useful replies is more useful than saying "Thank you"

Roaming between 4400 and 5500 controllers

Hi, we are planning to do an AP migration, but there is a doubt for this.
Actually we have a 4402 controller with 1120 APs both of which are marked as EoL products, we want to jump over the new 2600 APs and 5508 Controller for increase signal coverage but we have the following deals:
Last firmware for 4402 controller is 7.0
Firmware needed for 5508 to support 2600 APs is 7.3
Is it possible to configure mobility between 4402 and 5508 even with different firmware branch?

Inter-Release Controller Mobility (IRCM)
Table 10 lists the inter-release Controller Mobility (IRCM) compatibility matrix.
Table 10 Inter-Release Controller Mobility Compatibility Matrix
CUWN Service
4.2.x.x
5.0.x.x
5.1.x.x
6.0.x.x
7.0.x.x
7.2.x.x
7.3.x.x
Layer 2 and Layer 3 Roaming
X
X
X
X
X
Guest Access/Termination
X
X
X
X
X
X
X
Rogue Detection
X
X
X
X
X
Fast Roaming (CCKM) in a mobility group
X
X
X
X
X
Location Services
X
X
X
X
X
Radio Resource Management (RRM)
X
X
X
-1
Management Frame Protection (MFP)
X
X
X
X
X
AP Failover
X
X
X
X
X
1 In the 7.2.x.x release, RF Groups and Profiles were introduced. RRM for 7.2.x.x and later releases is not compatible with RRM for any previous release.
"Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin

Wlc mobility group

HI,
How many WLCs 5508 can you add to the mobility group?

WLC code 5.1 and above we can add 24 WLC in a single mobility Group..
http://www.cisco.com/en/US/docs/wireless/controller/7.0/configuration/guide/c70mobil.html#wp1093878
Lemme know if this answered ur question and please dont forget to rate the usefull posts!!
Regards
Surendra

WLC Mobility Group problem

Hi to all,
we've two internal WLC which belong to the same MG (the default one), and one DMZ WLC which belongs to another MG.
All are running OS 4.2.61
After configuring Mobility Group using the "edit all" inserting the WLC IP address and MAC of the MGMT interface and the name of the MG which they belong, I notice a strange behaviour:
- WLC1 has Data path UP with internal's WLC2 and DMZ WLC...but Control path is down.
- WLC2 has Data path and Control path UP with DMZ WLC and only Data path UP with WLC1
- DMZ WLC has Data path and Control path UP with DMZ WLC and only Data path UP with WLC1
MG Secure Mode is disabled on all WLC's seeing the following bug CSCsk36683 (The mobility control path is down when secure mode is enabled).
Reachability via ping is OK, via eping the same but mping are not working from WLC1 to WCL2 and from DMZ WLC to WLC2
I've already restarted both controllers without success...what i've noticed is on WLC2 and DMZ WLC msglog there are a lot of these entries with a lot of RX errors ===>>>MM-3-INVALID_PKT_RECVD: Received an invalid packet from X.X.X.X. Source member:0.0.0.0. source member unknown.
any idea?
Tnx
Omar

Here is the URL for the configuration for the Mobility Group follow the URL which will help you :
http://www.cisco.com/en/US/tech/tk722/tk809/technologies_configuration_example09186a00809817ca.shtml

WLC HA, difference between GLOBAL- and AP- High Availability

hello everyone,
I have a question regarding HA and LAP...
we have two 5508 (sw ver 6.0.199.4), on each specific AP we have an entry for which is his primary and secondary controller
so far so good, when one controller fails, the AP is connecting to the second controller and goes on doing his business...
so what I am not sure about is what I should configure globally regarding HA
first question: do I have to configure anything at all?
second question: what should I configure best? we are using our WLCs only to control APs that are connected to our (WLAN-dedicated) LAN, we are not controlling any APs at a remote-location.
finally, let me quote the configuration-guide:
"Follow these steps to configure primary, secondary, and tertiary controllers for a specific access point and to configure primary and secondary backup controllers for all access points."
and the question for this:
what is the difference between a controller and a backup-controller?
from my point of view: if I configure a primary and a secondary controller, the secondary controller is the backup-controller for the primary controller...
while I am writing this, I would like to apologize for what I am asking here, because at this time I am totally confused about this and to write those questions down, did not help to calm down...
thank you very much in advance!
regards,
Manuel

hi Leo,
I tested this out, but i guess its not working as i thought it would work. I configured the backup primary controller IP and name in the global configuration of the Wireless tab of the WLC and left the AP high availability blank with no settings. I joined the AP to the WLC and show capwap client ha output on the AP shows the backup primary controller name. but if i shut down the primary controller, the AP does not join the back, it just tries to get WLC ip by renewing DHCP forever and stuck in that...   below are the outputs.. any idea why its like this ? I thot if there is no HA configured at the AP level, the global config on the controller level should take effect ?
LWAP3-1042#sh cap cli ha
fastHeartbeatTmr(sec)   7 (enabled)
primaryDiscoverTmr(sec) 30
primaryBackupWlcIp      0xA0A700A
primaryBackupWlcName    WLC2-4402-50
secondaryBackupWlcIp    0x0
secondaryBackupWlcName
DHCP renew try count    0
Fwd traffic stats get   0
Fast Heartbeat sent     0
Discovery attempt      0
Backup WLC array:
LWAP3-1042#
*Apr 30 20:36:21.324: %CAPWAP-3-DHCP_RENEW: Could not discover WLC using DHCP IP. Renewing DHCP IP.
Not in Bound state.
*Apr 30 20:36:31.829: %DHCP-6-ADDRESS_ASSIGN: Interface GigabitEthernet0 assigned DHCP address 10.10.114.49, mask 255.255.255.0, hostname LWAP3-1042
*Apr 30 20:37:17.832: %CAPWAP-3-DHCP_RENEW: Could not discover WLC using DHCP IP. Renewing DHCP IP.
Not in Bound state.
*Apr 30 20:37:28.337: %DHCP-6-ADDRESS_ASSIGN: Interface GigabitEthernet0 assigned DHCP address 10.10.114.50, mask 255.255.255.0, hostname LWAP3-1042
*Apr 30 20:38:14.338: %CAPWAP-3-DHCP_RENEW: Could not discover WLC using DHCP IP. Renewing DHCP IP.
Not in Bound state.
*Apr 30 20:38:24.842: %DHCP-6-ADDRESS_ASSIGN: Interface GigabitEthernet0 assigned DHCP address 10.10.114.51, mask 255.255.255.0, hostname LWAP3-1042
regards
Joe

Replace WLC Mobility Group Anchor

We have 2 5508 and 1 4402 WLCs and all belong to the same mobility group. The 4402 does not have any access points and does nothing more than serve as a mobility anchor for our public wireless SSID. We are planning to replace the 4402 with a new 2504 unit which will have the same configuration including IP as the 4402. Is there anything I need to do with the mobility groups when we remove the 4402?
Thanks for any help.
Jeff

you'll need to add the MAC of the 2504 to the mobility group, and remove the entry for the 4402.
Out of Curiosity...how many concurrent guest users to you have usually?
Steve

WLC Mobility Group Confusion

Can some please clarify how Mobility groups work and when to use them. I have 2 data centers, each with a WLC, for centralized control. I just want to provide simple redundancy.
When should I use an Anchor group.
Thanks for your help.

To make it simple, any wlc's that will be a primary, secondary or tertiary WLC for lap's will need to be placed in the same mobility group. Now if you have a guest anchor controller for guest, then that will need to be added in the same mobility group. Bottom line, when users roam from AP to AP from WLC to another even getting tunneled (anchor) the WLC's need to be aware of the roaming and that is what mobility group does.
Anchor is if you want to tunnel users to a specific controller like in a guest wireless situation when the WLC is located in the DMZ. There are other reasons, but this is most likely why.

WLC MOBILITY GROUP SINGLE WEB AUTHENTICATION

Hi.
I have installed two AIR-WLC2112 with mobility group configured and authentication web.
I want to know if you can create user / password web authentication only in one WLC.
Now, when I create a new user / password , I have to create in two WLC.
Thanks

Inorder to validate a site issuing a certificate , client should be loaded with a certificate from same Certificate Authority. Else ignore the warning and continue to the site. If you want to know if the site is valid , click on View certificate on the warning page and see if it belongs to the website.

Mobility Groups Between...

Hi experts,
I am managing 3 WLC:
1- WLC 2112 - code version 7.0.235.0
2- WLC 2112 - code version 7.0.235.0
3- WLC 5508 - code version 7.6.130.0 (new purchase)
Is possible to group this 3 WLCs in one Mobility Group

Thanks for you replay,
please correct me, i understand over your replay that directly this versiosn is not supported, for compatibility to work must be in sequence as is release from CISCO, see the image.
The WLC 2112 with CODE version 7.0.235.0 is only compatible with version such as 7.2.x and 7.4.x right?
The WLC 5508 with CODE version 7.6.130.0 is only compatible win versions such as 8.x and 7.4.x right?
Thanks for your quickly replay.

Duplex mismatch between N7k and 5508

Hi All,
I met a duplex mismatch issue in our new DC.
The port configuration on the N7k and controller is the same as in other DC
Only difference is version of the NxOS on the N7k.
On N7k 5.2(1) works
On N7k 5.2(7) i get below logs :
2013 Aug 21 22:23:24 xxx %CDP-4-DUPLEX_MISMATCH: Duplex mismatch discovered on Ethernet10/8, with LAGInterface0/3/1
2013 Aug 21 22:24:24 xxx last message repeated 8 times
2013 Aug 21 22:25:24 xxx last message repeated 8 times
2013 Aug 21 22:27:24 xxx last message repeated 16 times
2013 Aug 21 22:29:24 xxx last message repeated 16 times
Port configuration :
interface Ethernet10/8
description WLC 5508-1
switchport
switchport mode trunk
switchport trunk native vlan 50
switchport trunk allowed vlan 50,500,570
spanning-tree port type edge trunk
channel-group 1100
no shutdown
xxx# sh int e 10/8
Ethernet10/8 is up
Dedicated Interface
Belongs to Po1100
Hardware: 10/100/1000 Ethernet, address: 0006.f6b1.d2f7 (bia 0006.f6b1.d2f7)
Description:WLC 5508-1
MTU 1500 bytes, BW 1000000 Kbit, DLY 10 usec
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA
Port mode is trunk
full-duplex, 1000 Mb/s
Controller 5508 version 7.3.112.0
Controller ports :
Port Summary
           STP   Admin   Physical   Physical   Link   Link
Pr Type   Stat   Mode     Mode      Status   Status Trap     POE    SFPType
1 Normal Forw Enable Auto       1000 Full Up     Enable N/A     1000BaseTX
2 Normal Forw Enable Auto       1000 Full Up     Enable N/A     1000BaseTX
3 Normal Forw Enable Auto       1000 Full Up     Enable N/A     1000BaseTX
4 Normal Forw Enable Auto       1000 Full Up     Enable N/A     1000BaseTX
How can i fix this issue ? Ports are set up and show the same - 1000 / Full
the messages are annoying as loggs are almost full of them.
Thank you in advance

Hi Matthew,
The issue is related to bug -> "CDP duplex mismatch when using LAG on 5508 & 8510 WLC” (CSCuc94082)
The fastest way to solve (workaround) this is disable cdp on the controller by executing following command: config cdp advertise-v2 disable
Hope this helped you
Regards,
Radek

WLC 5508 and mobility groups

Hi,
We are using 2 WLC 5508 running 7.0.98.0 sw (AP's are 1142) at our primary site. They are hosting 3 different WLAN/SSID's, one for guest and the
other 2 are for corporate access. We have put the WLC's in a mobility group, say "AAAA".
Now we have the need for our UK peer site to publish a corp WLAN that exists in UK - at our site, and when trying to configure for that (following the c70cg.pdf) - I put the WLC's for UK in a new mobility group, say "BBBB". But i can't add our WLC's into that mobilty group
(i get a duplicate mac address message).
What's the correct way of configuring this, does all WLCs need to be in the same mobility group?
Is there some reason why we can't have 2 mobility groups? Is there any upside/downside to configuring 2 mob. groups?
Any clearification would be greatly appreciated
BR
//Mikael

I think you are misunderstanding , so far what you did on your local swedish site is correct. Your two swedish WLCs have to be in their own same mobility group so you can give seamless roaming to your wireless users across your swedish area without interruption.
On a WLC mobility group config page, you can have only one entry per WLC, this is why you are getting the duplicate error message.
WEBGUI - CONTROLLER - MOBILITY MANAGEMENT - MOBILITY GROUPS
If you want to put your 4 WLCs so they exchange mobility messages, the following has to happen on all 4 WLCs.
xx:xx:xx:xx:xx:xx 192.168.1.1 uk
yy:yy:yy:yy:yy:yy 192.168.1.2 uk
zz:zz:zz:zz:zz:zz 172.17.1.1 sweden
aa:aa:aa:aa:aa:aa 172.17.1.2 sweden
Note when you add WLC on the mobility section, the WLC start sending messages to each like, hey i have this client and you have that client and so on. But this has nothing to do with what you are trying to achieve.
With regards to the execs that are coming, yes, replicate the SSID and point it to the Radius Server they have in UK, add your swedish WLC(s) as a NAS on the Radius Server and it should work as if they were in UK. that should be enough and i advise you to do the following for mobility groups config.
on the two UK WLCs
xx:xx:xx:xx:xx:xx 192.168.1.1 uk
yy:yy:yy:yy:yy:yy 192.168.1.2 uk
on the two Swedish WLCs
zz:zz:zz:zz:zz:zz 172.17.1.1 sweden
aa:aa:aa:aa:aa:aa 172.17.1.2 sweden
hope i cleared it out for you. greeting from cold Belgium tonight :-) and hope the execs will enjoy Sweden!

WLC mobility group between 4404 and 5508 controllers

Similar Messages

Maybe you are looking for