Solved: Hi, Leo.Thank you for an good

Bent Eskil Kvisler · ‎03-13-2014

Hi,

I have a single 5508 WLC and wish to move it to another subnet. Today the WLC is configured with the management and the Dynamic AP Management on the same interface/ip address.

We use DHCP with option 43 to direct Ap's to their controller.

I guess I could set the controller-ip-to-be in DHCP, and then clear all config on all AP's, put the WLC in its new subnet, and the AP's will find it, but is there a good way to move the WLC whithout clearing all the AP's in the process?

Sandeep Choudhary · ‎03-13-2014

No need to clear the conifg of AP.

what you need to do is:

1. just change the management and dymaic interface IP.

2. Change the wlc ip on dhcp option 43(Change in hexadecimal).

3. AP will automaticall take the new config from WLC.

Regards

Dont forget to rate helpful posts

View solution in original post

Sandeep Choudhary · ‎03-13-2014

No need to clear the conifg of AP.

what you need to do is:

1. just change the management and dymaic interface IP.

2. Change the wlc ip on dhcp option 43(Change in hexadecimal).

3. AP will automaticall take the new config from WLC.

Regards

Dont forget to rate helpful posts

Bent Eskil Kvisler · ‎03-14-2014

Hi, Sandeep!

Are you sure it is really this simple?

The reason I ask, is I have tried this:

Let's say I want to move WLCA to a new subnet. WLCA has no secondary backup controller.

For testing purposes I configured DHCP option 43 to WLCB's ip address. WLCB is already in the net WLCA will be put in. They are in different mobility-groups, though.

When I boot an AP already associated with WLCA, and I follow the boot-process via console, I see it obtains WLCB's ip-adress from DHCP:

%CAPWAP-5-DHCP_OPTION_43: Controller address <WLCB-IP> obtained through DHCP

But it just goes on with:

(..)

%CAPWAP-3-ERRORLOG: Selected MWAR 'WLCA'(index 0).
%CAPWAP-3-ERRORLOG: Go join a capwap controller
%CAPWAP-5-DTLSREQSEND: DTLS connection request sent peer_ip: WLCA-IP peer_port: 5246
%CAPWAP-5-DTLSREQSUCC: DTLS connection created sucessfully peer_ip: WLCA-IP peer_port: 5246

..and connects to the original WLCA again. It seems to ignore the new ip from DHCP as long as it already has config from another WLC.

I haven't testet taking the WLCA-IP offline yet, though.

Have you seen the AP fall back on DHCP obtained controller IP in such a case?

Thank you for your answer :)

Scott Fella · ‎03-14-2014

Try to set the high availability on the access point. So if you are chaning the ip of the primary WLC, just configure the hostname of the WLC (case sensitive) and put the new ip address there. So when you move the WLC to a new subnet and the ip address changes, the AP will find that WLC again. It works, because I have had to do thsi a few times:)

-Scott
*** Please rate helpful posts ***

denizyaran · ‎08-14-2015

Hi

What if the controller was reset and reconfigured? Will the APs still join?

Serge.

Sandeep Choudhary · ‎03-14-2014

Hi,

It will work.

If ALL AP joined to another WLC still you move these AP to wlcA(with new management IP).

What you have to do is to put primary and seconday wlc name and IP address in each AP high availbility section.

How to do it:

http://rscciew.wordpress.com/2014/01/22/ap-failover/

mention the primary IP and name of WLCA.

Hope it helps

Regards

Dont forget to rate helpful posts

Bent Eskil Kvisler · ‎03-15-2014

You are correct :)

This works fine.

Done:

-Updated option 43 with new controller ip

-Changed controller management/ap-manager ip via console

-Ap's found controller on new ip in less than a minute.

This is great. Thank you for your support :)

heacevedo · ‎03-18-2014

Hi benkvi,

Similar situation only I do not have a 2nd WLC to test with. I will be changing the management IP address of my only WLC. I just want to confirm that no config changes to the actual LAP's is necessary. I plan on simply updating my discovery DNS records (not using dhcp options) and changing the WLC ip address. Will my LAP's automatically relocate and join the controller at this point? Any special considerations for LAP's with static ip addresses? I assume since they are configured with valid DNS it won't make a difference.

Bent Eskil Kvisler · ‎03-20-2014

Hi, heacevedo. I can confirm this: If the WLC the ap's are associated with goes offline, the ap's go back into discovery mode. So provided all routing and access is taken care of, they will connect with the WLC IP they get from DNS.

Leo Laohoo · ‎03-13-2014

Ok, you have several options to do this. Here's one way of doing things:

1. Let us presume that the Management VLAN is 123;

2. Let us presume that you want to change the Management IP subnet from 1.1.1.0/24 to 2.2.2.0/24; and

3. You have "control" of the switch that is controlling the Management subnet and the WLC.

Here is the process:

1. Go to the switch hosting the default gateway of the Management subnet and make the current subnet a "secondary" subnet and add the new subnet in. The command steps are:

config t

interface vlan 123

ip address 1.1.1.1 255.255.255.0 secondary

ip address 2.2.2.1 255.255.255.0

2. Next, go to the WLC in CLI and put an "escape". This means that if you s_crew up, the WLC will reboot to the old config (without saving). The command is:

reset system in 0:10:0 image no-swap reset-aps

NOTE: Above command means reset in 10 minutes and the config will NOT be saved.

3. Using the same CLI, change the Management IP Address of your WLC:

config interface address dynamic-interface <DYNAMIC INTERFACE NAME> <NEW IP address> <Subnet Mask> <Default Gateway>

NOTE: Once you've entered this line, you will loose contact with the WLC (obviously) so you will need to try to telnet/SSH using the new IP address.

4. Once you've verified that you can reach the WLC's new IP address, you MUST disable the reload command:

reset system cancel

5. You can also remove the "secondary" IP subnet from the switch:

config t

interface vlan 123

no ip address 1.1.1.1 255.255.255.0

end

wr

Don't be daunted by the length of this post. I've done this several times and I've yet to see my process fail. This holds true when I do a type-o and enter the wrong subnet mask or IP address. The process is sound but you need to ensure you're entering the right details.

Hope this helps.

Bent Eskil Kvisler · ‎03-14-2014

Hi, Leo.

Thank you for an good and comprehensive answer :) I didn't mention, though, that in the "old" subnet, there exist other controllers of different mobility groups, so alas, this approach isn't viable in my case.

That said, you have many good suggestions :)

Leo Laohoo · ‎03-14-2014

I didn't mention, though, that in the "old" subnet, there exist other controllers of different mobility groups

Is that so? Well you've just made things a lot more simple!

1. Go to your distro/core switch where the default gateway "lives" and create the new VLAN instance, VLAN interface and create the new subnet.

config t

vlan 123

name Hello_World

interface vlan 123

ip address 1.2.3.4 255.255.255.0

no shutdown

end

wr

2. Next change the VLAN and IP address of your WLC to the new subnet (example in my previous post).

3. Go to where your WLC is connected to and change the "allowed vlans".

DONE!

Bent Eskil Kvisler · ‎03-15-2014

Yes :)

This approach works fine, and I had already planned doing it this way:

-Add new subnet's vlan on trunk to controller

-Console to controller:

- (Cisco Controller) >config wlan disable all

- (Cisco Controller) >config interface address management <new-ip> <netmask> <new gateway>

-(Cisco Controller) >config interface vlan management <new subnet's vlan>

Works like a charm :)

My primary concern (as I haven't actually done such a switchover before) was what happenes with all AP's now?

In the meantime I've been lucky and gotten hold of a 2504 for testing, and what I found is your approach is golden and Sandeep's info regarding the Ap-behaviour is also correct :)

Thank you!

Single WLC - best way to change controller IP?