cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
Announcements
Choose one of the topics below to view our ISE Resources to help you on your journey with ISE

This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.

125
Views
0
Helpful
1
Replies
Highlighted
Beginner

Multiple PSNs and mainting RADIUS auths

I am looking to setup a distributed deployment of 2 x ADM, 2 x MNT and 4 x PSN nodes for our wireless network. I don't wish to use a LB for the PSNs. We have 6 x Cisco WLCs and I was going to setup the WLANs so that on cont1 wlan1 points to PSN1 on cont2 wlan1 point to PSN2 etc to spread the load. My question is, how does the ISE handle th eclient roaming from one controller to the other if he roams from an AP on cont1 to an AP on cont2 (hence different PSNs) ? Is this a problem ? 

Everyone's tags (3)
1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted
Advocate

Re: Multiple PSNs and mainting RADIUS auths

This is more of a wireless questions as it all goes back to "which controller is sourcing the RADIUS request".  In general with L2 roaming, the controller remains the same and so RADIUS is sourced from same WLC.  With L3 roams, it is possible to move between controllers so source of RADIUS request could also change on reauth.  As I recall, you can configure symmetrical design where requests are tunneled back to original controller and session maintained. 

I would still recommend LB for better load distribution and to simplify the WLC fallback configuration.  If any WLC is experiencing high activity, it cannot benefit from unused capacity in other PSNs.

View solution in original post

1 REPLY 1
Highlighted
Advocate

Re: Multiple PSNs and mainting RADIUS auths

This is more of a wireless questions as it all goes back to "which controller is sourcing the RADIUS request".  In general with L2 roaming, the controller remains the same and so RADIUS is sourced from same WLC.  With L3 roams, it is possible to move between controllers so source of RADIUS request could also change on reauth.  As I recall, you can configure symmetrical design where requests are tunneled back to original controller and session maintained. 

I would still recommend LB for better load distribution and to simplify the WLC fallback configuration.  If any WLC is experiencing high activity, it cannot benefit from unused capacity in other PSNs.

View solution in original post

This widget could not be displayed.