02-24-2019 12:17 PM - edited 07-05-2021 09:55 AM
Dear Cisco community,
I am a newbbie on Wireless controller implementations and I require to implement a WLC 5508 in a HSRP core switch configuration. I want to implement certain level of redundancy by connecting the WLC 5508 to both core switches.
Given this redundancy requirement, I cannot activate LAG on the WLC. In addition, all my wireless clients login to a Captive Portal (hosted on my firewall, each dinamically asigned ip address is associated with the corresponding username through this captive portal).
So I have to configure an AP management-port on each port. However I cannot configure multiple dynamic interfaces in the same vlan, as the controller only allows one dynamic interface per vlan. The problem with this is the limitation of bandwidth that this configuration imposes on each vlan. For example, If I configure an SSID associated with the corresponding vlan, the maximun amount of bandwidth for all those users in that SSID (and the corresponding vlan) will be less than 1 Gbps, given that I can only have one dynamic interface on that vlan associated to a single port.
Due the captive portal implementation, I cannot split the ip pool of the wifi clients given the possible re-login efect when the clients change form one access point to another, changing randomly from one vlan (and ip subnet) to another on the same SSID. I don't know if it is possible to map each client to a certain vlan on the same SSID. However, giving the quantity of clients (3000 in the worst case scenario), static mapping becomes a huge and almost unbeareable task.
Is there any possible scenario where I can combine redundancy that provides the multiple non-LAG port configuration and avoid the bandwidth limitation of using only one port of 1 Gbps per vlan? Am I asking too much?
(As far as I know, Yes just buy another WLC for HA deployment!!!......Of course Mr. money bags, as you wish!!!! hehehe)
Solved! Go to Solution.
02-24-2019 01:28 PM
The WLC HA deployment guide is located here:
There are a few ways you can achieve the HA you are looking for:
The other option would be to define a backup port for each of the ports on the WLC and have them going to the second switch.
Unfortunately without LAG you will not get around the bandwidth limitation of 1 Gbps of the 5508 ports.
Therefore the only options to get the HA (for switch failure) with a single WLC and gain more bandwidth, is VSS on the core switch.
02-24-2019 01:28 PM
The WLC HA deployment guide is located here:
There are a few ways you can achieve the HA you are looking for:
The other option would be to define a backup port for each of the ports on the WLC and have them going to the second switch.
Unfortunately without LAG you will not get around the bandwidth limitation of 1 Gbps of the 5508 ports.
Therefore the only options to get the HA (for switch failure) with a single WLC and gain more bandwidth, is VSS on the core switch.
02-27-2019 08:41 AM
I guess VSS is the path I should follow.
Thanks for your help
02-25-2019 08:48 AM
02-25-2019 12:19 PM
Hi,
Can you not configure LAG in WLC then Port-channel on the switch and use different VLANs for captive portal and non-captive portal?
In my previous implementations either N+1 or SSO, I just use LAG for everything and use different VLANs. You can extend the VLAN to the firewall or firewall can bridge the 2 VLANs, etc.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide