Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

anchor WLC

I am trying to understand what the anchor terminology is as it's being applied inconsistently. For example, we have a WLC in the DMZ for guest wifi and that WLC is being referred as an anchor. But then I am seeing log messages on that WLC's that are saying  "Mobility anchor data path down. MobilityAnchorAddressType= 1 MobilityAnchorAddress=", where the is the IP address of the downstream WLC. So, which one is the anchor here? Appreciate a clarification.



VIP Purple

Re: anchor WLC

Hi Greg,

Yes Anchor WLC mean where you provide Point of Presence (PoP) to a wireless client (in otherwords where wired network will see from where the wireless client coming  with an IP address). An anchor WLC always pair with a Foreign controller where clients Point of Attachement (PoA), at Foreign controller there may not be any layer 3 information about client.

In guest auto-anchoring solution, under WLAN you have to configure the mobility anchor (in DMZ controller we configure itself as mobility anchor, where in foreign controllers we configure DMZ WLC as mobility anchor). In this way always L3 guest traffic terminate at your DMZ controller. In this scenario, Anchor & Foreign controller role termed as "Export-Anchor" & "Export-Foreign"

Below post may help you as well to understand this.





In your case, check whether you have correctly configure the mobility anchor under WLAN configuration.



**** Pls rate all useful responses ****

New Member

Re: anchor WLC

Hey Rasika, thanks for your reply.

I understand the basic premise of the anchor WLC vs the foreign WLC and the PoP vs PoA respectively. What throws me off, however,  is that the Auto-Anchor Mobility seems to be using the reverse nomenclature, such as the DMZ Controller that the client is roaming to becomes the anchor controller as opposed to the foreing controller.

Is this a one off?

Thanks again..

_ Greg 

Cisco Employee

anchor WLC

cisco's best practice is: don't joing APs to DMZ controller, it voids the purpose of security when using guest anchor.

when auto anchor enabled on wlan at foreign wlc, the connected client will automatically anchored to dmz wlc.

when auto anchor not used, and if L3 roaming happens between foreign WLCs, like mentioned above export foreign/anchor is displayed.

do you mean to ask, are export foreign and anchor terminology used opposite between auto anchor and L3 roaming.

//they're same for both scenarios. foreign is where client is actually connected w.lessly. anchor is where packets are uplinked to wired infrastrcture.