Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
27703
Views
40
Helpful
22
Replies

what virtual IP should i use on a cisco WLC

Go to solution
Peter Boerjesson
Level 1
Level 1

‎02-02-2017 05:45 PM - edited ‎07-05-2021 06:29 AM

I know a lot of documentation says the virtual ip should be 1.1.1.1 and that's what I've used previously. But I recall a friend of mine saying the 1.1.1.1 had been allocated and would actually be used on the internet hence that's a bad address to use now. I know cisco recommended another one (which also is public but would never be used). I've totally forgotten what the new recommended IP address should be, could someone help me out here?

Br

//Peter

Labels:
0 Helpful
22 Replies 22

Go to solution
Rasika Nayanajith
VIP
VIP
In response to mendiratta_vimal

‎05-16-2018 07:34 PM

Hi Vimal,

 

1. How come primary and secondary wlc has same Management IP?

If you doing HA, then both unit will share same management IP address. They have unique IP on "redundancy management" interface in order you to manage them individually.

 

2. Virtual IP: is this something I have to initialise locally to the controller or it should be advertised to the network (APs

No, this is not a routable within your network. Just define it on your WLCs which need to be in same mobility cluster.(ie same virtual IP address in all your WLCs as long as they establish mobility peering)

 

 

HTH

Rasika

*** Pls rate all useful responses ***

Go to solution
mendiratta_vimal
Level 1
Level 1
In response to Rasika Nayanajith

‎05-16-2018 07:45 PM - edited ‎05-16-2018 07:46 PM

Legend, I wish Cisco Would have explained in that simple way.

Thank you.

Regards,

Vimal.

0 Helpful

Go to solution
ERAJAB
Level 1
Level 1
In response to mendiratta_vimal

‎09-18-2018 01:50 AM

Virtual IP is used for three things:

 

* DHCP proxying (WLC hides the real DHCP server identity to the clients and shows this instead)

   The Virtual IP address does not really matter here.

 

* Guest login splash page redirection. If WLC is to present the guest login screen it uses the 

   Virtual IP. Should be a non-existing, non-routable address.

 

* Mobility tunnel creation to other WLC´s. All WLCs must share the same Virtual IP address

   to form a group besides the group/domain configuration as well as same SW version
   (well, its recommended but there are exceptions where different versions work)

 

Some cloud proxies have started to use 1.1.1.1 for their proxy, and this breaks the guest login

splash page presentation if used. If virtual IP is changed the mobility tunnels might break, so this

should be changed for all WLCs in the same Mobility Domain in same service window.

0 Helpful

Go to solution
quintinellis
Level 1
Level 1
In response to Rasika Nayanajith

‎10-29-2018 03:17 AM

Hi,

How would you go about changing an estate of 30 + controllers from 1.1.1.1 to 192.0.2.x?

Is it as simple as one at a time?

 

0 Helpful

Go to solution
sstade
Level 1
Level 1
In response to quintinellis

‎09-05-2019 07:27 AM

Hello,

We are facing the same issue. We have over 40 WLC 5508 all with same virtual 1.1.1.1

Any recommendations on how to maybe leave 1.1.1.1 in place with a DNS type work around? Or suggest easy way to change all? Big issue is when you change virtual 1.1.1.1 address you have to reboot (x40) the WLCs for it to take affect...!! 

 

Thanks in advance

0 Helpful

Go to solution
luceroc
Level 4
Level 4
In response to sstade

‎09-05-2019 07:42 AM

Are you fielding problems from your virtual being 1.1.1.1? Biggest problem we had was on our WLC anchor guest configuration. That required the reboot and it was not a big deal. But the foreign (the ones at our campuses) we just did them over time with code upgrades, troubleshooting, or other planned maintenance. There was no hurry as it did not affect anything locally, like I said just our guests that use 1.1.1.1 to redirect for a splash page.


0 Helpful

Go to solution
sstade
Level 1
Level 1
In response to luceroc

‎09-05-2019 08:00 AM

Hi,

Thanks for your input

When guest try to connect---they have to click refresh or launch new browsers several times.... in order to get web auth sign on screen to pop up....some never get it (I am told)

If we change the anchor to 192.x.x.x we will break all remote WLCs being able to access guest... we will not be able to change address and reboot all 40+ in one weekend...to much down time and possible issues...

0 Helpful

Go to solution
luceroc
Level 4
Level 4
In response to sstade

‎09-05-2019 08:22 AM

So you are using a Cisco anchor/foreign guest solution, right? We did not see any issues with guests dropping if you change only the guest anchor WLC first. After all everything guest is being sourced from the WLC in your DMZ. Not sure the 1.1.1.1 on the foreign is even a factor. It's been a while since we did this but if you can do it, you might want to change the DMZ anchor late in the evening or weekend and perform your own tests from a foreign location to see if the foreign needs to be changed in synchronization with the anchor.




0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card