We have 18 controllers that provide enterprise wireless services to our
hospital. We have a WLAN for 7921 phones. It is configured with redundant ACS servers.
Intermitantly, we have phone complaints and inevitably what has happened is that the WLC is no longer sending 7921 auth requests to it's local (in building) ACS Engine and is sending those auth requests to an offsite (secondary) ACS enginee. We have fiber interconnects between our buildings - so we are sure as hell not introducing a lot of latency.
When this occurs, we have 7921 phone user complaints about audio issues and 7921 phones re-registering. I
typically will remove the 2nd ACS reference from the WLAN and then see that the authentication is once again occuring on the first or primary ACS server and that resolves
We run WLC code version 184.108.40.206.
I recall that it was by design that the WLC would not fall back to the primary ACS server - once the WLC has failed over to the secondary ACS server.
I'm trying to figure out if others are experiencing this scenario and what, if anything, they have done to overcome the problem.
I need to know if we are running in a best practices configuration for our authentication services that we are providing to our voip WLAN.