Enabling/Disabling new mobility in aireOS will reboot the WLAN controller, enabling/disabling Data Encryption with mobility peer doesn't reboot the WLAN controller.
Are you asking about "Enable New Mobility(Converged Access)" or adding or modifying a new/existing group? Adding or modifying will not need a reboot. Also, the controller will prompt you to reboot if a reboot is needed, it will not reboot on its own. This is for any configuration change.
Enabling new mobility (Converged access) would reboot the controller on its own Scott, I have 500+ aireOS controllers in my environment which is using new mobility, I cannot use EOIP tunnel in those because EOIP protocol is not supported by Meraki security Gateway, so I am using new mobility to form mobility tunnel between foreign and anchor WLAN controllers.
New mobility is when you have converged access and need to create a mobility between AireOS and Converged access. If its between AireOS controllers, you should not use new mobility. I don't know many folks who still use Converged Access.
You are correct Scott, In my case I have foreign and anchor WLAN controller in each branch office, Meraki security appliance in middle, as Meraki doesn't support EOIP tunnel, the only way to form mobility tunnel is with new mobility.
Here is the summary from Meraki TAC case
Name of Customer:
What is the problem:
- Unable to pass EoIP traffic
○ Test clients (both WLAN clients)
§ Source: X.X.X.X
§ Destination: X.X.X.X
What actions were taken?
- ICMP and Mping works but epings do not
- This is expected behavior.
○ Currently the MX can only rewrite TCP, UDP and ICMP traffic when in NAT mode. The IP protocol 97 would have to be encapsulated in TCP or UDP to be routed.
§ To summarize, EoIP is not supported on the MX
○ This is a hardware limitation and would be a feature request.
What are the next steps and why?
- Case closed
We presently have a Mobility group with our Foreign and Anchor WLC, Im looking at broadcasting a 3rd parties SSID and wondering if the best way would be to create another Mobility group bewteen our Foreign and the 3rd party Foreign WLC and map their SSID to the tunnel somehow. Is this the best way to do this ???
When I say 3rd party I mean contractors who work at our site, we are going to broadcast their SSID so I am planning on creating a secure tunnel between our Cisco WLC and their Cisco WLC, is the best way to do this by creating a new tunnel withe their WLC and can I map their SSID to the new tunnel which sends the traffic down the tunnel to their radius server etc, also can this be added to our current mobility group or would it be better to create a new one for the sharing with Contractor company.??