We have several Cisco 7500 flex WLC, 5508 WLC, 3504 WLCs forming EOIP tunnel with the anchor WLCs in our network.. The anchor WLCs are of models 5508 running on version 220.127.116.11 and 3504 WLC with version 18.104.22.168.
We are planning for a design of deploying Cisco 9800 WLC models at few of the local sites. For the 9800 WLC be compatible with the anchor WLC, Do i upload the Release 8.5IRCM on the anchor WLCs? if i upload this release, Will this affect the APs that has joined the WLCs that has formed eoip tunnel already with the anchor WLCs?
8.5.X is the requirement, you need to look compatable matrix of AP also along with models - so suggest to look for the matrix before you upgrade.
*** Rate All Helpful Responses ***
Subsequently look at Table 1 -> 4th column.
Also see this:
Cisco is having some online classes showing how to migrate.
All your anchor controller model supports AireOS and IOSXE interoperability solution, so you can install 22.214.171.124 IRCM image in it and allows you to enable secure mobility to form tunnel with 9800, please keep in mind that you cannot run EOIP and secure mobility tunnels together
The below diagram (taken from the BRKEWN-2670 2020-CLEUR session) summarizes what you need to know
1. Supports Anchor WLCs run 8.5.x IRCM code if it is 5508 or 8510 (no 2504,7510 or WiSM2 support it for anchor and able to setup tunnel with 9800 WLC)
2. Supports Anchor WLCs run 8.8MR2 or beyond (eg 3504/5520/8540)
3. Geust Anchor will establish new mobilty tunnel with 9800 & traditional EoIP based tunnel with legacy AireOS controllers.
*** Pls rate all useful responses ***
Thanks Rasika, so IRCM image is not available for 7510 and cannot create mobility with 9800, understood.
I have one question
When installing IRCM image in 5508 or 8.8MR2 and above in 3504/5520, we get option called secure mobility which allows us to create mobility tunnel with 9800, as per my understanding this is CAPWAP based tunnel.
If I am not wrong, New mobility is also CAPWAP based tunnel, please correct me, what is the difference between New Mobility and secure mobility as they both are CAPWAP? I know new mobility was brought back in days to interoperate with 3850, but they both looks like CAPWAP to me and I am trying to understand the difference.
Here is the summary of different WLC and mobility options
That new mobility concept came at the time of "Converged Access" and once you enable it, you cannot run any EoIP based tunneling at all.
Yes, both are CAPWAP based (UDP port 16666 & 16667). Once you enable "secure mobility" it does not mean you stuck with that method. Still, you can run EoIP tunneling on that controller to peer with legacy WLC.
In summary, simply focus on "Secure mobilty" when you mix 9800 & AireOS WLC and forget about the "New Mobility" concept, even if it appears in config GUI