Solved: Pls post the same output from

Ugochukwu Bright · ‎09-23-2015

My intention was to create Mobility group between WLC 2504 @ HQ and 2100 @ remote office.

Configure identical guest ssid on both WLCs

Tunnel guest ssid traffic to the WLC 2504 which has an interface in DMZ zone.

Note: WLC 2504 lives in subnet 172.17.x.x /16 and WLC 2100 lives in 172.20.x.x/24. Their management interface IP addresses corresponds to their respective subnet that is 172.17.x.50/24 and 172.20.x.50/24

The two locations/subnets are connected via MPLS network.

Observation

Mobility group does not form when the controllers are in their respective subnet/location, but when i brought in the remote wlc to HQ and changed it management ip address to HQ subnet, the mobility group was established.

My question, Must all controller have same management subnet for mobility to form ?

How do i handle mobility across different separate subnets for the purpose of tunnel

Thanks

Rasika Nayanajith · ‎09-28-2015

Pls post the same output from WLC2 as well.

Since control path & data path is down, your mobility won't work. There should be some config issue or required ports are not open between these two WLCs

HTH

Rasika

View solution in original post

Rasika Nayanajith · ‎09-23-2015

My question, Must all controller have same management subnet for mobility to form ?

How do i handle mobility across different separate subnets  for the purpose of tunnel

No, you should be able to have mobility peers across L3 boundaries. I would check eping/mping works, which would tell necessary port numbers are open or not across these two points.

http://mrncciew.com/2013/03/24/mobility-ping-tests/

Here is some CLI commands to config and verification

http://mrncciew.com/2013/05/20/mobility-config-via-cli/

HTH

Rasika

Ugochukwu Bright · ‎09-28-2015

Hello Rasika,

I checked, but no reply mping and eping.

(Cisco Controller) >show mobility summary

Mobility Protocol Port........................... 16666
Default Mobility Domain.......................... WLC1
Multicast Mode .................................. Disabled
Mobility Domain ID for 802.11r................... 0xc007
Mobility Keepalive Interval...................... 10
Mobility Keepalive Count......................... 3
Mobility Group Members Configured................ 2
Mobility Control Message DSCP Value.............. 0

Controllers configured in the Mobility Group
MAC Address IP Address Group Name Multicast IP Status
1c:de:a7:06:15:40 172.17.0.50 WLC1 0.0.0.0 Up
e0:5f:b9:63:af:20 172.20.0.50 WLC2 0.0.0.0 Control and Data Path Down

Rasika Nayanajith · ‎09-28-2015

Pls post the same output from WLC2 as well.

Since control path & data path is down, your mobility won't work. There should be some config issue or required ports are not open between these two WLCs

HTH

Rasika

Ugochukwu Bright · ‎09-29-2015

Hi Rasika,

Thanks, i noticed a wrong IP address for WLC1 under WLC2 mobility settings. Mobility status is now up up on both WLCs.

Second Challenge has to do with internal dhcp on both WLCs

Are my to to use a single internal dhcp on the Anchor controller for all guest irrespective of which controller the client request is coming from ?

Do i have to enable local switching for the guest ssid ? or allow it tunnel

Thanks

WLC Mobility group across separate subnets