03-18-2015 07:33 AM - edited 07-05-2021 02:44 AM
I am deploying a 5508 controller with a second HA-SKU 5508 controller as backup - they will be separated by a firewall.
Apart from 16666 UDP are there any other ports that need to be open between the controllers?
I already have setup UDP 5246 and 5247 for CAPWAP to the controllers.
Thanks
Roger
03-19-2015 06:40 PM
Make sure that the CAPWAP UDP ports 5246 and 5247 (similar to the LWAPP UDP ports 12222 and 12223) are enabled and are not blocked by an intermediate device that could prevent an access point from joining the controller.
03-20-2015 03:01 AM
Thanks Abhishek,
I already have those enabled my question was referencing the communication between the Primary and Backup controller
This is not an HA setup, There will be a Primary controller in one location and a backup controller in a secondary location. they will be separated by a firewall.
I will be enabling 16666 and 16667 UDP between the controllers.
My question was had anyone had to open any more ports in this setup?
Thanks
Roger
03-30-2015 04:58 AM
HI,
Please go through the below deployment guide.
http://www.cisco.com/c/en/us/td/docs/wireless/controller/technotes/7-5/High_Availability_DG.html
03-30-2015 01:35 PM
I have been through that, but it does not mention which firewall ports are involved between two controllers running primary / backup between two firewalls.
04-08-2015 03:02 PM
Please be informed that you can open the below ports in your firewall
UPD 16667
UDP 16666 for tunnel control traffic
IP protocol 97 for user data traffic
UDP 161 and 162 for SNMP
UDP 5246 and 5247 for CAPWAP
Please let me know if my answer is helpful for you .
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide