Solved: Re: WLC in 2 mobility groups

franco_bruna · ‎11-17-2017

Hello,

I have two 2504 WLCs both running 8.0.152.0 in two different sites connected via an MPLS network with no Firewalls in between and both WLC have the same virtual address (1.1.1.1).

Both WLC are on their local mobility group and they work correctly and I'm trying to put both of them on a second mobility group.

But the control and data path never come up.

debugging says:

*mmListen: Nov 17 22:43:56.183: Mismatched Mobility Group ID: a267d38e 5717301b d16c42bc 818fbcce from 139.128.30.31 , dropping, hdr->type 20

Is this an allowed configuration?

2 WLC each on its own local group and both on a common group?

thanks and regards

Giovanni

Freerk Terpstra · ‎11-25-2017

It is common and best practice to put both controllers in separate groups so that access-points connected to the foreign/local controller won't learn about the anchor/dmz controller.

Did you specify the correct mobility group name when you added the controllers to each other list? Can you post the output of "show mobility summary" from both controllers?

View solution in original post

Flavio Miranda · ‎11-17-2017

Hi @franco_bruna

This default Mobility Group can be changed. I'd create a new on and put those two WLC on it.

Path down is usually firewall or network problems.

Make sure port 16666 and 97 is open and wlc can ping each other.

-If I helped you somehow, please, rate it as useful.-

franco_bruna · ‎11-17-2017

Hello,

as I wrote there are no fw in this piece of network and if I put the 2 WLC in the same local mobility group it works fine.

I think it's a configuration error but I don't know where.

Flavio Miranda · ‎11-17-2017

@franco_bruna sorry about the firewall, you already mentioned.

But I have found a Cisco doc that explicitly say that wlc only supports on Mobility Group at a time. Although a bit old this must not changed as per your negative experience try the same.

https://www.cisco.com/c/en/us/support/docs/wireless/4400-series-wireless-lan-controllers/107188-mobility-groups-faq.html

-If I helped you somehow, please, rate it as useful.-

Freerk Terpstra · ‎11-19-2017

Did you specify the other mobility domain while you where adding the controllers to each other domain list?

What is your goal with this configuration? Why does client information need to be shared between the two controllers or are you trying to setup an anchor configuration?

Please rate useful posts... :-)

franco_bruna · ‎11-20-2017

Hello,

the aim is to setup a mobility anchor but, I guess, I have to put the two controllers in a common mobility group first.

I've enabled debugging on the remote WLC and I get a Mismatched mobility group...

*mmListen: Nov 20 15:55:34.216: Mismatched Mobility Group ID: a267d38e 5717301b d16c42bc 818fbcce from 139.128.30.31 , dropping, hdr->type 3

I guess that the WLC is trying to add the second WLC in the local group and not in the right group.

Thanks in advance for your help.

Freerk Terpstra · ‎11-25-2017

It is common and best practice to put both controllers in separate groups so that access-points connected to the foreign/local controller won't learn about the anchor/dmz controller.

Did you specify the correct mobility group name when you added the controllers to each other list? Can you post the output of "show mobility summary" from both controllers?

franco_bruna · ‎11-27-2017

Hello,

thanks for your reply, actually the issue was on my side as I misunderstood the docs.

At the end I was able to setup the right configuration.

Franco