Using Anchor Controller as Guest with Multiple Interfaces on Foreign WLC

Sean Coogle · ‎04-15-2015

I worked with Cisco TAC for about a week off and on testing a foreign controller with a WLAN on our guest network. We had everything working fine with the testing, but when we went live last night, we found out that our setup would not work. We have multiple guest SSID interfaces. If you are on our guest SSID in building A, then you are on the GUEST-A and there is an interface VLAN built for this. If you are on the guest interface in building B, then you are on GUEST-B. There is only one GUEST SSID, but we use AP groups and under the WLAN, make sure those AP's are in their group. We also have multiple foreign controllers. 7 controllers with 2500 + AP's. We could not get our foreign controllers to work with our guest anchor controller as when we did this, all users tried to get an IP off of one interface range. How can we make this work?

Scott Fella · ‎04-15-2015

Foreign maps can be used if you had a foreign controller in each building:

http://www.cisco.com/c/en/us/td/docs/wireless/controller/7-4/configuration/guides/mobility/config_mobility_chapter_01000.html

You can use ISE that does CoA to make this happen or your better off having a different SSID name for each building mapped to the same SSID on the anchor.

I'm assuming your using pass through or webauth?

-Scott

-Scott
*** Please rate helpful posts ***

Sean Coogle · ‎04-15-2015

Yes, web policy with pass through. The test worked fine and all of the components were there, but all the users were getting IP ranges from one interface. We though about building another SSID for each building, but management said this wasn't an option. Is there any other way to make this work?