09-08-2016 02:04 AM - edited 07-05-2021 05:47 AM
Hi guys
We have a 2504 WLC which is situated at our main office. We have 12 Lightweight Aironet 2600 APs connected to the controller, and these APs are mostly situated at remote sites. The remote sites are on different subnets - the subnets are connect via VPN links. All APs are running in FlexConnect mode.
We are finding that APs at remote sites stop working if the VPN link goes down and access to the controller is lost. My understanding is that FlexConenct mode should mean the AP should continue working when the link to the controller drops, but is that wrong? Should I be doing something different?
Any advice would be much-appreciated!
09-08-2016 07:51 AM
Hello Tim,
In Flex connect mode the AP will only contimue to forward local traffic when local switching is enabled for the SSID
Please confirm if this is enabled under:
WLC > WLAN > click on the ssid > Advance >> scroll down FlexConnect Local switching is the enable box ticked?
Thanks
09-08-2016 08:02 AM
Hi Harrison
Thanks very much for your reply. I've just checked and that setting is indeed enabled already (which presumably is what we want?). So I guess that's not the issue?
Thanks
09-08-2016 08:02 AM
Hi Harrison
Thanks very much for your reply. I've just checked and that setting is indeed enabled already (which presumably is what we want?). So I guess that's not the issue?
Thanks
09-08-2016 08:16 AM
I've not looked at the next setting beneath FlexConnect local switching, whis is FlexConnect Local Auth. That wasn't ticked, but I have just ticked it, and then rebooted the controller. While rebooting, my phone didn't drop wifi connection - so I am wondering if this has solved it??
Although I have to admit I don't know what the relevance is of this setting!?
09-09-2016 01:15 AM
Well it could be the reason but it depends on the authentication settings of the SSID and wether you have added local users to the database.
http://www.cisco.com/c/en/us/td/docs/wireless/controller/7-2/configuration/guide/cg/cg_flexconnect.html
I would suggest verifying the Flexconnect group settings and VLAN mappings of all the AP's for each site. When this all is OK then perform a test in a maintenance window to verify if all is indeed working as designed/configured.
09-09-2016 01:28 AM
Hi Marc
Thanks very much for the reply. I have indeed noticed a problem associated with the Local Auth setting! Since we enabled local auth our WLAN is no longer mac address filtering! So I've had to turn that setting back off.
So to summarize, we have a Flexconnect group enabled on our WLAN with the APs all members of that group and running in FC mode. But even when joined to an AP on the same subnet as the controller, when we reboot the controller the wifi goes down until the controller comes back up.
Is there a way to prevent this happening - without having to enable local auth?
09-09-2016 01:37 AM
Please verify if the AP's are indeed configured as Flexconnect and the Flexconnect groups are configured properly
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide