07-15-2024 11:21 AM
Hi, It became necessary to turn off SSO on my 5520 stack inorder to toggle NAT on/off, due to apparent bug in 8.10.196 code that presents the outside IP address as a reply target to all AP's requesting link. Since the 'inside' ap's can not reach the outside ip, they fail to attach. OEAP's (outside) have no issue. By turning off NAT, the inside AP's reattach as needed/expected.
So as SSO is turned off, there is not a viable chassis, fully configured, just needing an IP change and it can become the new OEAP support machine with the previous chassis supporting the interior AP's, with no NAT.
Or so I thought. Seems that chassis 2 is in stealth mode. only CMIC is alive. the Service port does not ping and it should be alive and well CLI and GUI. Do I need to reboot chassis 2 with the trunk disabled?
07-15-2024 12:06 PM
- Your requirements are a bit confusing ; in a first approach if SSO is needed I would for instance power down the standby controller 'to have a clear picture' ; you may want to elaborate if needed
M.
07-15-2024 01:12 PM
lol, SSO is not required.. when is the last time a c220 actually died?
Any way inorder to toggle NAT on/off SSO must be disabled.
So I'm thinking of simply using the second box in solo production for NAT'd OEAP support.
having simply placed the stack in SSO Disable mode, I expected the service port to remain active and I could re-address the management address and redirect the NAT to the new IP.. thus moving my 130 OEAP's to the fresh chassis.
So do I have to shut down the port channel (as chassis 2 management Ip be same as chassis 1) and reboot the chassis to re-enable the service port? I'm not used to having the SP shut down. airos 8.10.196.0
07-16-2024 06:11 AM
I expect you would have to make sure redundancy is disabled, shut down the interfaces, correct any IP addressing and then reboot.
The other thing to beware of - do you have licenses for the second WLC? If it was running on the HA SKU before then you'll need to buy and install the correct licenses.
07-17-2024 12:33 PM
the C220's were purchased as standalone so base licensing might be RTU. Still leaves me wondering why the SP is non-responsive.
07-18-2024 02:11 AM
The routing config is not part of the shared SSO config, it's configured for each chassis separately so make sure you have the routes configured on that chassis.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide