07-03-2024 06:23 AM
Hi all,
I am wondering about having a controller act as both a foreign and an anchor.
Currently we (Corp A) have an agreement with Corp B to broadcast each others WLANs. We have an anchor (Cisco 5508) for SSID A in a mobility group with Corp B controllers (mostly 9800's). Clients in Corp B can then connect to the Corp A SSID via Corp B access points. Likewise, due to Corp B having a similar anchor (5520) in a mobility group with our 9800 for for SSID B, clients in our premises can connect to our access points to access the Corp B network.
So far, so good.
As the 5508 WLC is now EoL, the question has been raised as to whether it is possible to connect together the 9800's directly to act as both foreign and anchor controllers without the need for dedicated anchors. I have read conflicting responses to this question so I thought I would open it up to responses on here.
The scenario would be that our 9800 would have the access points in Corp A, broadcasting SSIDs A, B, C, D, but could it also act as the anchor for WLAN A for the AP's and 9800's in Corp B at the same time?
Thanks
07-03-2024 08:57 AM
- I have doubts you may want to play with different Policy Profiles as explained in https://www.cisco.com/c/en/us/support/docs/wireless/catalyst-9800-series-wireless-controllers/213912-configure-mobility-anchor-on-catalyst-98.html#toc-hId--1473355734 to realize what you want.
You can always have a sanity check of any controller's configuration using the CLI command
show tech wireless and feed the output from that into Wireless Config Analyzer
M.
07-04-2024 02:27 AM
Thanks for the response M.
What I am a little confused about is the doc says "You must not use the Export Anchor setting, for any policy profile tied to a WLAN profile on a controller with access points. This prevents the SSID to be broadcasted, so this policy must be used exclusively for Anchor functionality".
So the controller is currently serving approx 4,000 access points and WLAN_A is currently being broadcast on them. However, is it a suitable design to have a policy profile on the same controller that is identical to the policy profile for WLAN_A, but with the Export Anchor selected in the profile (so that this can be the 'out point' for users in Corp_B)? Or will this not work, or worse, break WLAN_A?
Cheers
07-04-2024 05:04 AM
- Well it should at least be a different policy profile then ; ideally one could for instance download the virtual 9800CL which is always free for any version to download and do configuration tests with a such a concept ; on the test 9800CL(s) you can use the mentioned Wireless Config Analyzer procedure too for those and look for fatal reports , to start with.
M.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide