Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1069
Views
0
Helpful
4
Replies

ASK Access Point Can Not Join to WLC on Border

febryoponcosulistyo
Level 1
Level 1

‎09-16-2021 07:47 PM - edited ‎11-19-2021 01:42 AM

Dear Cisco Community,

 

Kindly ask, I have this topology for PoC SDA

 

the issue that I am facing the AP can not join to WLC and WLC looopback can not reach DNAC (even all the other's Loopback are able to reach DNAC) 

 

Please kindly need your help and suggestion

 

P.S:since it is on customer side I will share the config by direct message

Thank you

 

Labels:
0 Helpful
4 Replies 4

Scott Hodgdon
Cisco Employee
Cisco Employee

‎09-16-2021 11:35 PM

@febryoponcosulistyo ,

This sounds like a routing issue between DNAC and WLC. Why not put the WLC in the DC in same subnet as ISE and DNAC ? 

As for AP not getting to the WLC, is the AP subnet in the INFRA_VN ?

I would highly recommend watching the session "BRKEWN-2021 : How to setup SDAccess from scratch" in the On-Demand Library at https://www.ciscolive.com/global/on-demand-library.html. It is mostly a demo, so you can fast forward the video as needed. 

Although it is from Oct2019 and does not have the new GUI screens, this document should be helpful as well : https://www.cisco.com/c/dam/en/us/td/docs/solutions/CVD/Campus/sda-fabric-deploy-2019oct.pdf . Of particular note is this Tech Tip on Page 67:

A default route in the underlay cannot be used by the APs to reach the WLC. A more specific route (such as a /24 subnet or /32 host route) to the WLC IP addresses must exist in the global routing table at each node where the APs connect to establish connectivity

Hope that helps.

Cheers,
Scott Hodgdon

Senior Technical Marketing Engineer

Enterprise Networking and Cloud Group

0 Helpful

febryoponcosulistyo
Level 1
Level 1
In response to Scott Hodgdon

‎09-16-2021 11:45 PM

Hi Scott,

Thank you for your kind answer

The design is coming from customer they need to be in same area with the AP.

So we should put specific route for the every border and edge to reach the WLC, shouldn't we?

cmiiw

Thank you
0 Helpful

Scott Hodgdon
Cisco Employee
Cisco Employee
In response to febryoponcosulistyo

‎09-17-2021 12:33 AM

@febryoponcosulistyo ,

The note indicates that the more specific route must exist on the nodes where the APs are connected, this would be the Fabric Edges. The Borders will not have APs connected to them.

In the design you are showing there is one area of caution. If someone from a user VN wants to connect to the WLC for management purposes (such as a member of IT staff), this would require either leaking between the user VN and the GRT on the Border (which is not recommended) or it would require the traffic to go to the Fusion and then come back down to the Border to go to the WLC (and thus creating a traffic hairpin). To avoid these two sub-optimal / unrecommended situations, it would be better to put the WLC directly off the Fusion if possible.

Cheers,
Scott Hodgdon

Senior Technical Marketing Engineer

Enterprise Networking and Cloud Group

0 Helpful

rasmus.elmholt
Level 7
Level 7
In response to febryoponcosulistyo

‎09-21-2021 12:45 PM

You should at least make sure the subnet the WLC is configured on and maybe its Lo0 address is in the routing table of all the fabric nodes in the GRT(isis).

Is the WLC configured on a port manually in the Global Routing Table on B1 or is it connected via L2 handoff?

0 Helpful
Customers Also Viewed These Support Documents