Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
Bookmark
|
Subscribe
|
3393
Views
0
Helpful
5
Replies

Map Foreign Controller interface to Anchor Controller vs use interfaces defined on Anchor Controller

Go to solution
fujovoris
Level 1
Level 1

‎09-29-2019 04:05 PM - edited ‎07-05-2021 11:03 AM

In Cisco guest WLAN architecture, regardless LWA & CWA variations, have Foreign Controller and Anchor Controller to configure.

 

I'm confused with some configuration variations in terms of guest interfaces used on the Anchor Controller:

guest interface.png

Scenario 1:

Foreign WLC: WLC management
Anchor WLC: a dedicated dynamic interface named "guest" created and used, no Foreign Controller interface mapping

 

Scenario 2:

Foreign WLC: WLC management
Anchor WLC: a dedicated dynamic interface named "guest" created and used, but still use WLC management, Foreign Controller interface mapped to the "guest" interface

 

Both configurations actually work, but I'd like to know the logic behind, in which condition we should call for the interface directly (Scenario 1), or do interface mapping (Scenario 2)

Labels:
guest interface.png
Preview file
35 KB
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Rasika Nayanajith
VIP Alumni
VIP Alumni
In response to fujovoris

‎10-01-2019 12:43 PM

Hi Jovoris,

If you have multiple foreign controllers and you need to map each foreign WLC guest traffic to different dynamic interfaces (or subnets) then you use foreign mapping feature. Otherwise you can simply using one dynamic interface in Anchor WLC for guest traffic without any mappings.

 

https://mrncciew.com/2013/03/24/auto-anchor-foreign-mapping/ 

 

HTH

Rasika

*** Pls rate all useful responses ***

View solution in original post

0 Helpful
5 Replies 5

Go to solution
Haydn Andrews
VIP
VIP

‎09-29-2019 05:22 PM

Fromhttps://www.cisco.com/c/en/us/td/docs/wireless/controller/8-1/Enterprise-Mobility-8-1-Design-Guide/Enterprise_Mobility_8-1_Deployment_Guide/WirelessNetwork_GuestAccessService.html

 

The default interface used by the foreign WLC for the guest WLAN is the management interface. If the EoIP tunnel cannot be established with the anchor, the foreign controller will disassociate any wireless clients that were previously associated with the unreachable anchor and then assign new clients and reassociate clients to the interface configured under the guest WLAN of the foreign itself. Therefore, it is recommended to link the guest WLAN on the foreign to a non-routable network, or alternatively configure the DHCP server of the management interface with an unreachable IP address. If the anchor becomes unreachable, this prevents the guest clients to gain access to the management network.

 

So from that the foreign interface should be a non routable interface.

*****Help out other by using the rating system and marking answered questions as "Answered"*****
*** Please rate helpful posts ***
0 Helpful

Go to solution
fujovoris
Level 1
Level 1
In response to Haydn Andrews

‎09-29-2019 06:03 PM

Thanks for the recommendation. Actually I’m talking about the
configuration on Anchor Controller, which we could either do mapping
or use the guest subnet directly under the guest WLAN
0 Helpful

Go to solution
fujovoris
Level 1
Level 1
In response to fujovoris

‎09-29-2019 07:35 PM - edited ‎09-29-2019 07:39 PM

via "Foreign Controller Interface Mapping"

guest interface mapping.png

 

0 Helpful

Go to solution
Rasika Nayanajith
VIP Alumni
VIP Alumni
In response to fujovoris

‎10-01-2019 12:43 PM

Hi Jovoris,

If you have multiple foreign controllers and you need to map each foreign WLC guest traffic to different dynamic interfaces (or subnets) then you use foreign mapping feature. Otherwise you can simply using one dynamic interface in Anchor WLC for guest traffic without any mappings.

 

https://mrncciew.com/2013/03/24/auto-anchor-foreign-mapping/ 

 

HTH

Rasika

*** Pls rate all useful responses ***

0 Helpful

Go to solution
fujovoris
Level 1
Level 1
In response to Rasika Nayanajith

‎10-02-2019 05:10 PM

Thank you very much, Rasika. Now the doubts are cleared:-)

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card
Top