cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2292
Views
0
Helpful
8
Replies

WLC Anchoring same SSID on different VLANs

gtognin
Level 1
Level 1

Hi everybody,

we're trying to implement a solution where a wireless client access to a Foreign WLC broadcasting a single Open SSID anchored to a DMZ Anchor Controller and there, based on AP Location or Group, got a different VLAN id.

Is mandatory for Wirelss Clients to DON'T insert any username/password nor PSK.

Our Solution is based on a couple of Flex7510 (in HA) and the anchor is a CT5508. Software version is 8.0.140.0 for both devices.

Here a Map that helps:

Clientname - SSID Name - AP Name/Group - Foreign WLC - Anchor - Assigned VLAN
Alpha --> WiFiFree - AP1/NewYork - Flex7510 - 5508 - VLAN 100

while:

Charlie --> WiFiFree - AP2/LasVegas - Flex7510 - 5508 - VLAN 200

Did some test playing with AP Group: doesn't works because AP Group is not useful in Anchor Controller Configuration

Is Cisco ISE suitable for this purpose?

Thank you in advance.

Luca

8 Replies 8

Hi

There is a feature called "Foreign mapping", Have you had a look on that & see if that helps here

https://mrncciew.com/2013/03/24/auto-anchor-foreign-mapping/

Refer latest config guide for exact command syntax (above post is based on 7.x code)

HTH

Rasika

*** Pls rate all useful responses ***

Hi Rasika,

thanks for the answer. Unfortunately this configuration map statically one SSID on Foreign WLC to one specific interface. So is useful if you got 2 or more Foreign WLC not just only one as in my scenario.

G.

Hi Luca,

Try this:

- on both foreign and anchor controller configure same VLAN's
- on all controllers configure the same interface group
- asign all interfaces with the desired vlan's to this interface group
- configure the wlan with the interface group as interface on both foreign an anchor
- create access point groups per desired vlan
- when assinging the wlan to the group you specify the desired interface (vlan) to use

this way each AP in a  group can forward traffic to the designated vlan.

Hi,

thanks, but doesn't works. Clients lands always into the same VLAN even if APs belongs to different AP Group and each AP Group got different VLAN Assignment to the same SSID.

I'm running 8.0.140.0. Does your environment works with a different release code?

G.

Hello G. we still work on version  8.0.121.0
Controllers are WiSM2 and WLC5508

I'm glad to hear you found my suggestion worth while to try.
Sorry to hear my suggested config did not work.
I don't have this actually operational, only a similar config WITHOUT the anchor.

It works for our needs where several locations each have their own controller to terminate the wlan on a subnet for that location. But again I don't have this operational with an anchor-controller. 

In my experience, small differences in configs on the controllers in use can make it "break". Thats' why I primarily use Prime Infrasstructure (current version 3.0.0.78) to push the config to the controllers, this makes sure all configs are "equal".

Thanks a lot again.

I've deeply check every single char and number, than erased and recreate the configuration three times. I know it works without Anchor. But for me Anchor Configuration is mandatory.

Now I'm trying with a Product Enhancement Request.

Bye,

G

Did you managed to have any success with the design you had. I have a similar requirement to seperate clients on a single SSID to specific interfaces of an anchor controller.

Kind regards,

Hi, did you find a solution?

Review Cisco Networking for a $25 gift card