cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
4467
Views
27
Helpful
13
Replies

Can anyone tell what exactly does the 3650 MA or MC does

Hi

Datasheet is not very helpfull..

I want to now if there is any benefit if i have a local 5508 HA pair at my central site and a 3650 MC Controller in my branch?

Is there any config sync between WLC or Prime with this 3650 in Mobility Agent or Mobility Controller mode?

regards

Chris

13 Replies 13

Scott Fella
Hall of Fame
Hall of Fame

There is a big difference between Unified and Converged access. Your 5508's in HA is unified and if your looking at the 3650 (Converged) as an MC, you would need to design your environment into a hybrid of using the 5508 as a MC and the 3650 as an MC unless you want to have separate systems. I can't really explain what you can or can't do without really understanding your environment. Have you reached out to your Cisco SE? They should be able to explain what can work in your environment and what can't or else you will need to read the various converged access design guides

http://www.cisco.com/en/US/prod/collateral/switches/ps5718/ps12686/white_paper_c11-726107.html

https://www.ciscolive.com/online/connect/sessionDetail.ww?SESSION_ID=5930&tclass=popup

http://www.cisco.com/en/US/docs/wireless/technology/5760_deploy/Mobility_Architecture.html

Sent from Cisco Technical Support iPhone App

-Scott
*** Please rate helpful posts ***

Hi Chris,

MC-Mobility Controller & MA-Mobility Agent are two different roles assign to a wireless controller. In legacy systems (5508,WiSM2,2504) both roles reside on the same physical unit.

Typically MA is responsisble for terminate CAPWAP tunnels from AP, maintain client database where as MC is responsible for Roaming, RRM, wIPS, etc.Another important aspect is MC hold the license for AP registration. In legacy system you do not want to worry about both are doing by the same controller/device.

With this new Converged Access deployment model you have the option of seperate these data plane (MA) & control plane (MC) funtionality into two sepearte device. In a large scale deployments, you should have central controller acting as MC (it can be 5508,5760) & all your access layer 3850/3560 will act as MA & terminate all directly connected AP CAPWAP tunnels.

In small/branch deployment, you can use a 3850/3560 to do the MC funtionality as well. In that case it will act as a full WLC (with MC& MA functionality).

In your case, yes you can use 3650 to do the MA/MC at your branch (think of you got a WLC at your branch). If you require guest tunneling/etc, then your 5508 need to be run specific code (7.3.112.0 ,7.5.102.0 or 7.6.100.0) in order to inter-communicate with branch 3650.

As Scott mentioned, it is different architecture, so better you familiar prior to deploy it. Here is another good presentation you should watch.

https://www.ciscolive.com/online/connect/sessionDetail.ww?SESSION_ID=74990&backBtn=true

HTH

Rasika

**** Pls rate all useful responses ****

hi

Thank you for your quick responses Scott and Rasika.

My costumer is a pretty small costumer with about 50 Aps in HQ and 1 or 2 AP's in branch office.

He is not the cisco guru so i want to do this simple as possible.

when we have 5508 in HQ and Flexconnect in the branches offices, is there any advantage when i have a 3650 in the branch? Beside the local termination of the CAPWAP?

In my opinion the biggest disadvante is that i have to configure both, my 5508 and my 3650's in my branches..

regards

chris

Hi Christian,

Rasika and Scott already explained about 3650 device in well detailed manner.

AS per query:

HQ have 50 AP with 5508 WLC. and remote location have only 2 APs.

This is my personal thought   Best solution in your scenario is to keep using flex connect/Hreap instaed of buying 3650.Buying 3650 will be more costly and more complex solution for cutsomer.

Better to go for:

central authentication, local switching—In this state, for the given WLAN, the controller handles all client authentication, and the H REAP access point switches data packets locally. After the client authenticates successfully, the controller sends an CAPWAP control command to the H REAP instructing the access point to switch that given client's data packets locally. This message is sent per client upon successful authentication. This state is applicable only in Connected mode.

http://www.cisco.com/en/US/products/ps10315/products_tech_note09186a0080736123.shtml

HREAP mode config guide:)

http://www.cisco.com/en/US/tech/tk722/tk809/technologies_configuration_example09186a00807cc3b8.shtml

this is the simple one.

or

You can use a 5508 WLC at remote ocation and manage by Prime INfra with ISE(Guest and crporate access) from HQ.

Hope this helps.

Regards

Dont forget to rate helpful posts

Well, you mentioned this:

He is not the cisco guru so i want to do this simple as possible.

HA alone is going to be tough for a non guru... Keep it simple by just adding to what was designed. Moving to a hybrid or full converged access method will definitely confuse the heck out of your customer.

Keep it Simple is the key here.

Sent from Cisco Technical Support iPhone App

-Scott
*** Please rate helpful posts ***

Hello Scott

Other question, is there any problem with 5508HA over a switched enviroment?

5508 are in two different Server Rooms?

regards

Chris

Can you explain a bit more. With v7.5 I believe, Cisco supported layer 2 connectivity but prior to that, they supported only direct connection. When you say they are in separate locations, does that mean in the same location or separate buildings? You have these 5508's in AP SSO or N+1?

Sent from Cisco Technical Support iPhone App

-Scott
*** Please rate helpful posts ***

sorry

5508 in HA SSO mode

HA via a layer 2 vlan (not routed) in two sperate buildings connected via 10gig Fiber link on HP(again sorry;-))

It works fine but my costumer think that he loses configparts when failover happens.. maybe not saved..

1 Time in 4 Month a failover happens..

That is fine, but are the vlans for the dynamic interfaces also layer 2... both buildings share the same subnets?  Thats where the issue might be, in case of a failure, the HA will come up and have the same config as the primary.

Thanks,

Scott

Help out other by using the rating system and marking answered questions as "Answered"

-Scott
*** Please rate helpful posts ***

okay

yes both buildings share the same vlans, i have to update anyway because we are using a defferd image,

So i update to the latest and geatest 7.6 and hope everthing works fine.

v7.4.110.0 of v7.4.121.0 is what we use for HA AP SSO for stability.  We only go to v7.5 and or v7.6 if they require features, but stick to v7.4.x if possible.  v7.6 has some open issues that have caused use issues in deployments due to the 3700's.

Issues are curren'ty seen witht he 3600's and 3700's

https://supportforums.cisco.com/thread/2233768?tstart=0

these're the respective defects filed for the mentioned issues.

CSCum49200 Mac wireless clients in RUN state sometimes unable to ping gateway

CSCum62305 Traffic stops for iphone/mac OS in 7.6 in 3600/3700

Thanks,

Scott

Help out other by using the rating system and marking answered questions as "Answered"

-Scott
*** Please rate helpful posts ***

My costumer is a pretty small costumer with about 50 Aps in HQ and 1 or 2 AP's in branch office.

He is not the cisco guru so i want to do this simple as possible.

when we have 5508 in HQ and Flexconnect in the branches offices, is there any advantage when i have a 3650 in the branch? Beside the local termination of the CAPWAP?

In this situation,it is not worth configuring CA at branch as it makes design over complex. Yes simply configure those two  APs in FlexConnect mode & register back to your 5508.

You can choose 3650 as a L3 switch (rather enabling MA/MC functionality) for customer's branch, but no wireless funcinality at all. This gives you an advantage of going to a CA if needed without buying additional hardware sometime in future. As a layer 3 switch itself 3650 has lots of advantages compare to any legacy L3 switch.(Netflow support, UADP ASIC, etc)

Refer this for some features of 3650

http://www.cisco.com/en/US/prod/collateral/switches/ps5718/ps13133/qa_c67-729531.pdf

HTH

Rasika

**** Pls rate all useful responses ****

Hello Guys

Thanks for your help.

Only 1 question remains:

Is HA SSO via layer 2 vlan supportet in 7.4.121?

In my opinion it must be supportet in fact the wism2 makes SSO only via Vlans..

regards

Chris

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: