cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1476
Views
0
Helpful
6
Replies

AP SSO WISM2 WLC 7.4.121

maxime.gerges
Level 1
Level 1

HI everyone,

I'm currently doing a proof of concept on the AP SSO feature running on WLC 7.4.121.

The first thing I would like be sure is that client SSO is not avalaible in 7.4.X release, i need to upgarde to 7.5.X, Am I right ?

The second thing I would like to share and investigate with you is about AP SSO not currently working in my topology.

I have 2 seperate C6500 (SUP720-3B) switches with 1 WISM2 in each and both switches interconnected trough a 10G port.

I enable AP SSO on both WLC that synchronize themselves trough the 10G port on a special redundancy VLAN.

They both synchronize, and everything is working (both AP database on primary and standby WLC).

What I can't understand is when forcing switchover on the primary (redundancy force-switchover command), the fallback is doing great to the standby WLC but the AP still get into CAPWAP DISCOVER state because of a timeout with the following logging message


*Feb 14 15:36:37.727: %CAPWAP-3-ERRORLOG: Sequence number (0) mismatch in request messageDeleting clients for centrally switched wlan 1

Deleting clients for centrally switched wlan 1

Sending hreap clients to wlc on HA event

AP1cdf.0f66.90b4#

% Cannot enable CDP on this interface, since CDP is not running

% Cannot enable CDP on this interface, since CDP is not running

., 5)14 15:37:22.934: %CAPWAP-3-ERRORLOG: Retransmission count for packet exceeded max(CAPWAP_WTP_EVENT_REQUEST

*Feb 14 15:37:22.934: %CAPWAP-3-ERRORLOG: GOING BACK TO DISCOVER MODE

So the SSID is unavalaible for a certain period of time as it would be with N+1 redundancy.

I also saw that some documentation said that tle WLC needs to be run on a VSS (

http://www.cisco.com/c/en/us/support/docs/wireless/5500-series-wireless-controllers/113681-high-availability-dg-00.html) and some other say the contrary (http://www.cisco.com/c/en/us/products/collateral/wireless/aironet-1130-ag-series/qa_c67-714540.html)

Did you manage to get AP SSO working and did you ever have this issue ?

Thank for you help !

6 Replies 6

Sandeep Choudhary
VIP Alumni
VIP Alumni

HI Max,

The first thing I would like be sure is that client SSO is not avalaible in 7.4.X release, i need to upgarde to 7.5.X, Am I right ?

The second thing I would like to share and investigate with you is about AP SSO not currently working in my topology.

Yes you need 7.5 version on WLC for Client SSO.

I never seen this tiype of error, You must contatc TAC and tell them about this issue.

Regards

Dont forget to rate helpful posts

Ali Aqrabawi
Cisco Employee
Cisco Employee

yes the VSS must be configured between the 2 6K switches.

can you share show run-config from both WISMs ?

Here is a good reference presentation for HA in Wireless deployments.

BRKEWN-3014-Best Practices to Deploy HA in WLAN Architecture

HTH

Rasika

*** Pls rate all useful responses ****

Leo Laohoo
Hall of Fame
Hall of Fame

Firmware version 7.5 has been deferred by Cisco.

You can no longer download this software.

You could potentially use 7.6 firmware.  Please upgrade the FUS to 1.9.0 also.

I have to say ap Sso is hit or miss. I considered deploying it myself but came to my senses based on all the problems.

I'm waiting till it gets more stable. Also how often does a controller go down ? I'm doing HA N+1.. That works very well ,.

Sent from Cisco Technical Support iPhone App

"Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin
___________________________________________________________

I have to say ap Sso is hit or miss. I considered deploying it myself but came to my senses based on all the problems.

We have 3700 so we have no choice. 

So far, haven't seen any issues with 7.6.X except for me disabling 12 Mbps. 

Review Cisco Networking for a $25 gift card