02-20-2024 02:57 AM - edited 02-20-2024 02:58 AM
Hi there
I made a redundancy tester yesterday. I reload the primary controller, but while attempting to access it again, I notice that it is now secondary. I am not able to access the management IP, but not the main controller.
ping
>ping 10.191.110.110
Send count=3, Receive count=0 from 10.191.110.110
(Cisco Controller-Standby) >
(Cisco Controller-Standby) >ping 10.191.110.99
Send count=3, Receive count=3 from 10.191.110.99
////////////////////////////////////////////////////////////////////
Before to do a reload I was able to access managment ip via web
////////////////////////////////////////////////////////////////////
show interface summary
management LAG 110 10.191.110.99 Static Yes No
redundancy-management LAG 110 10.191.110.101 Static No No
redundancy-port - untagged 169.254.110.101 Static No No
///////////////////////////////////////////////////////////////////////////
Show loogin
-- or (q)uit
*gccp_t: Feb 20 11:34:19.648: %LOG-4-Q_IND: osapi_support.c:1224 The sendto failed for socket descriptor fd [5]for task [loggerMainTask] and with error [128:Network is unreachable]
*loggerMainTask: Feb 20 11:34:19.648: %OSAPI-4-SOCK_SEND_FAILED_WARN: osapi_support.c:1224 The sendto failed for socket descriptor fd [5]for task [loggerMainTask] and with error [128:Network is unreachable]
-Traceback: 0x1146d8c0 0x1146dd88 0x1036849c 0x110117b0 0x11012f6c 0x11495940 0x11470608 0xffee870888 0xffee782cfc
*nim_t: Feb 20 11:34:19.648: %SIM-3-PORT_UP: sim.c:14053 Physical port 2 is up!.
*loggerMainTask: Feb 20 11:34:19.648: %OSAPI-4-SOCK_SEND_FAILED_WARN: osapi_support.c:1224 The sendto failed for socket descriptor fd [5]for task [loggerMainTask] and with error [128:Network is unreachable]
-Traceback: 0x1146d8c0 0x1146dd88 0x1036849c 0x110117b0 0x11012f6c 0x11495940 0x11470608 0xffee870888 0xffee782cfc
*nim_t: Feb 20 11:34:19.648: %SIM-3-PORT_UP: sim.c:14053 Physical port 1 is up!.
*nim_t: Feb 20 11:34:19.648: %LOG-4-Q_IND: osapi_support.c:1224 The sendto failed for socket descriptor fd [5]for task [loggerMainTask] and with error [128:Network is unreachable] [...It occurred 2 times.!]
*loggerMainTask: Feb 20 11:34:19.643: %OSAPI-4-SOCK_SEND_FAILED_WARN: osapi_support.c:1224 The sendto failed for socket descriptor fd [5]for task [loggerMainTask] and with error [128:Network is unreachable]
-Traceback: 0x1146d8c0 0x1146dd88 0x1036849c 0x110117b0 0x11012f6c 0x11495940 0x11470608 0xffee870888 0xffee782cfc
*fp_main_task: Feb 20 11:34:19.642: %SSHPM-4-AES_AP_ONLY: sshpmcert.c:6066 Cisco APs will not be able to join this controller
*fp_main_task: Feb 20 11:34:19.642: %LOG-6-Q_IND: sshpmcert.c:5293 Found Manufacturing-installed device certificates[...It occurred 2 times.!]
02-20-2024 03:56 AM
>.... I reload the primary controller, but while attempting to access it again, I notice that it is now secondary.
Initially that is to be expected to switch roles ; on the current active controller use the command :
redundancy force-switchover
M.
02-21-2024 07:17 AM - edited 02-21-2024 08:38 AM
I dont have acces to primary controller.
Any idea ?
02-21-2024 09:39 AM
You can access either WLC via the service port IP which is what you should normally be using for management.
https://www.cisco.com/c/en/us/td/docs/wireless/controller/3500/3504/install-guide/b-wlc-ig-3504/overview.html
If you didn't configure the service port then you can use the console to access either WLC too.
Did the standby WLC have the same route(s) configured as the primary to have a return route to the management PC you're trying to access it from?
02-22-2024 12:18 AM
I appreciate your response.
Now i see cisco-controler-stanby like a stanby
But i don understand the behavor seems previus active is .101 and current active is 110
I try to connect remote via
FOr othrt hand i dont get to see the scenario , the mnagment ip was 10.191.110.99 before reload i have access via web
I dont get to understand it
Now i see cisco-controler-stanby like a stanby
But i don understand the behavor seems previus active is .101 and current active is 110
so now is active or pasive? why i cant reach via ping 10.191.110.110 i guess is the active now?
Why dont get acces via web ?
02-22-2024 02:48 AM
I've already answered your questions and asked you to confirm you had the standby routes configured correctly but you have not answered my question.
Suggest you read the High Availability (SSO) Deployment Guide carefully to make sure you understand how it should be configured and how it should work. Then make sure you have both WLCs configured correctly. If you are not using the service ports then I highly recommend you start using them - very important for out of band access to the WLC. And get your console ports connected to a terminal server so that you have console access as a last resort when needed.
02-23-2024 01:05 AM
02-23-2024 01:46 AM
I provided links in my previous reply - you need to READ the info at those links!
"in order to configure the route on the Standby WLC for out-of-band management on the service port, issue the configure redundancy peer-route add <Network IP Address > <IP Mask> <Gateway> command from the Active WLC"
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide