WLC AP Fallback Fails with Vlan Tagging

Unanswered Question
May 13th, 2009

We currently have a client using 2x4402 WLC's, with 2xRAP(1520AG's),1MAP1(1520AG), 1 WGB(1310G) and 2xCCTV(AXIS) camera's

connected to each of the MAP1 & WGB. we are using WLC Software code ver.5.2.157 for the 2 WLC's

Scenario1: WLC(1/2)---SW---RAP1========MAP1-poeout--Camera1

> When RAP1 is manually configured to fallback to the WLC2 from WLC1(Renaming the Primary & Secondary Controller),

RAP1 & MAP1 can be pinged through, however the client (CCTV camera1) connected directly to the MAP1 PoEout

cannot be pinged, and that you need to Software reset the MAP1 from WLC(1/2) to ping it

back again. We are using Ethernet Bridging..with Vlan Tagging, a Native Vlan(for Mgmt) and a Client Vlan(for CCTV)

Question: Is there a special configuration that needs to be done on the WLC for this matter?

Scenario2: WLC(1/2)---SW---RAP2========WGB-fa0--Camera2

> When RAP2 is manually configured to fallback to the WLC2 from WLC1(same as above), RAP2 can be pinged, but WGB

cannot be pinged and is disconnected together with the client (CCTV camera2), We need to

same scenario from above we used Ethernet Bridging...with Vlan Tagging..

Question: Has anyone encountered the same problem? If so can advise...a Native Vlan(for Mgmt) and a Client Vlan(for WGB&CCTV)

Thanks in advance my friends for your support..

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
htarra Tue, 05/19/2009 - 08:13

The AP does not tag packets with the management interface VLAN. The AP encapsulates the packets from the clients in Lightweight AP Protocol (LWAPP), and then passes the packets on to the WLC. The WLC then strips the LWAPP header and forwards the packets to the gateway with the appropriate VLAN tag. The VLAN tag depends on the WLAN to which the client belongs. The WLC depends on the gateway to route the packets to their destination. In order to be able to pass traffic for multiple VLANs, you must configure the uplink switch as a trunk port.

When the management interface on the controller is configured as part of the 'native vlan' on the switchport to which it connects, the controller should NOT tag the frames. Therefore, you must set the VLAN to be zero (on the controller).

vmtimaan2k7 Tue, 05/19/2009 - 16:55

Thanks htarra for the write-ups above. appreciate it.

The uplink of the switch to the controller is already configured as a trunk port with a native vlan set as 3 on the switchport, allowing also the vlan's needed to pass through(Clients & CCTV). And all along it was running with the wlan clients with DHCP. It's just that when we do Vlan Tagging and Ethernet bridging on the RAP's and with static IP's on the camera(cctv)

The Failover to the 2nd WLC seems to be working Fine, but when HA is tweaked(Change the Controller name to point to the 1st WLC) on the 2xRAP's it will cut off the clients(WGB&2xCCTV's).

Correct me if I'm wrong are you suggesting to replace the native vlan (3) and set the VLAN to be zero(0) on the controller? Then that would entail a Downtime on all the WLAN Clients considering it is in production right now.

In Cisco Documentation below they are now using CAPWAP from LWAPP on their version 5.2 software code of the WLC.



This Discussion