Buy or Renew
Buy or Renew
Cisco Virtual Engineer generative AI bot now active in Wireless Discussion Forum. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
564
Views
0
Helpful
1
Replies

Mobility Anchor DMZ

craiglebutt
Level 4
Level 4

‎02-22-2019 03:03 AM - edited ‎07-05-2021 09:55 AM

Hi

Anchor WLC 5508 - 8.5.134.0

Foreign WLC 8500 - 8.0.152.0 

 

I'm not new to this, been creating Mobility Anchors for years, but I've not seen this issue before, specially when was working.

 

I've got 1 Anchor on DMZ behind a Palo Alto FW.

3 Foreign WLC on internal network.  

Static route to Anchor WLC in OSPF

All Foreign can Ping Anchor, also eping and mping.

But today 1 of them doesn't mping the anchor.

Route is still in ospf, traceroute from all distributions all go to same place, have set the rules on the firewall to all any connection between anchor and foreign.

Have removed and recreated Mobility on Anchor - Foreign WLC with issue on both WLC.

 

Captures on FW show UDP 16666 traffic both ways, but also getting a Malformed Packet.


Any ideas?

 

cheers

Labels:
0 Helpful
1 Reply 1

Jurgens L
Level 3
Level 3

‎02-22-2019 04:56 AM

If it worked before and it was only one of the three foreign WLC’s, you will have to consider rebooting the foreign wlc, since you already tried to remove and recreate the mobility tunnels to the WLC.
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card