ā09-26-2013 07:11 AM - edited ā07-04-2021 12:57 AM
Hi all,
We are running all our APs in H-REAP mode connecting to WLC 5508 (7.2.xxx)
Each H-REAP AP has local switched SSID, as well as a guest SSID (centrally switched), which is 'tunneled' to the WLC, with Internet only access through the DC.
All the AP's connecting to the WLC using the managment interface, which is also the local mobilty group.
To route traffic different for the guest WLAN, I'd like to create a new Interface on WLC and use this as local mobility group for the guest WLAN.
Is this possible, or is the managment interface always the local monility group?
Appreciate your feedback.
Thanks,
Stefan
ā09-26-2013 02:14 PM
Whad do you mean by "local mobility group" ? For the mobility configuration you have to use controller MAC address & management interface IP detail (not any dynamic interface IPs)
Yes, you can create a seperate dynamic interface for the guest WLAN, but do not understand why you do want to relate it to mobility group configuration ?
HTH
Rasika
ā09-26-2013 06:07 PM
Hi Rasika,
Each of our branch sites have 2 WAN connections. 1 MPLS (critical traffic), 1 IPsec (non critical).
While the managment interface of WLC is reachbale through MPLS, I'd like to route traffic for Guest WLAN over IPsec.
Therefore I would need create a 2nd Interface on WLC (different IP range) and terminate centrally switched traffic on that interface.
As you've mentioned the local mobility group is always the controller MAC (management int), so not sure if there's another way to solve this?
H-REAP AP,s register to managmnet int --> routed through MPLS
centrally switched traffic to different int --> routed through IPsec
Thanks,
Stfean
ā09-26-2013 08:25 PM
Hi Stefan,
Now it is clear what you are trying to achieve.
I doubted you can achieve this since AP to WLC traffic always destined to WLC management IP address (so it will go via MPLS). Even you create a seperate dynamic interface on your WLC to egress guest traffic , it won't help you to bring branch guest traffic to WLC via your IPSec.
HTH
Rasika
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide