Solved: Re: AP Fallback not working with Cisco 4402

Chellis Dodge · ‎04-13-2012

Hello everyone,

I have an issue with AP Fallback not working with two Cisco 4402-50 WLC's. Here is the senerio:

Site 1 has a 4402 (WLC01) running software 7.0.220.0 with 48 associated access points. AP Fallback is enabled in Controller > General and all 48 AP's are set to Critical failover with WLC01 being the primary controller and WLC02 (at site 2) being the secondary.

Site 2 is the location of WLC02 which is also running software 7.0.220.0 but has 0 ap's associated and also had AP Fallback set to enabled.

Your typical active/passive setup

The problem is when WLC01 goes down all of the AP's fail over to WLC02, however when the connection is restored to WLC01 we have to manually reboot each access point in order for them to reassociate back to the primary controller. Isn't AP Fallback enabled suppose to allow the AP's to move back to the primary controller once connection is reestablished?

Thanks in advance.

-Chellis

Scott Fella · ‎04-13-2012

Make sure the mobility is up and master controller is disabled. Now what you need to make sure is that on the high availability tab, that the wlc name is identical to the wlc hostname. This is case sensitive.

Thanks,

Scott Fella

Sent from my iPhone

-Scott
*** Please rate helpful posts ***

View solution in original post

Scott Fella · ‎04-13-2012

Make sure the mobility is up and master controller is disabled. Now what you need to make sure is that on the high availability tab, that the wlc name is identical to the wlc hostname. This is case sensitive.

Thanks,

Scott Fella

Sent from my iPhone

-Scott
*** Please rate helpful posts ***

Chellis Dodge · ‎04-13-2012

I checked and Master Controller is disabled on both controllers. I verified the hostnames aginst the high availablility tab and they were correct. The only issue I did notice is I do not have the WLC hostnames in DNS when I tried to ping them. Could this cause the issue? Lastly I do have a mobility group created for everything on WLC01

Scott Fella · ‎04-13-2012

You need the mobility on wlc2 also. DNS is not needed.

Thanks,

Scott Fella

Sent from my iPhone

-Scott
*** Please rate helpful posts ***

Chellis Dodge · ‎04-13-2012

WLC02 does have a mobility group configured, but it dosn't match the one on WLC01 do I need to configure the same mobility groups on both controllers?

Scott Fella · ‎04-13-2012

As long as wlc2 has wlc 1 Mac, ip and mobility name you should be fine.

Thanks,

Scott Fella

Sent from my iPhone

-Scott
*** Please rate helpful posts ***

Chellis Dodge · ‎04-13-2012

I added the MAC, IP, and Group Name of WLC2 to WLC1 and it has "Control and Data Path Down" listed under status. I've verified that they can ping each other where they are located across the WAN on different subnets. Do you know what needs to happen next? Thanks for your help on this Scott.

-Chellis

Stephen Rodriguez · ‎04-13-2012

can you post the output of :

show mobility summary

from both WLC?

Steve

HTH,
Steve

------------------------------------------------------------------------------------------------
Please remember to rate useful posts, and mark questions as answered

Chellis Dodge · ‎04-13-2012

WLC 2 the Failover at site 2 (there is another controller at this site as well)

Symmetric Mobility Tunneling (current) .......... Enabled

Symmetric Mobility Tunneling (after reboot) ..... Enabled

Mobility Protocol Port........................... 16666

Default Mobility Domain.......................... MODO2

Multicast Mode .................................. Disabled

Mobility Domain ID for 802.11r................... 0x93dd

Mobility Keepalive Interval...................... 10

Mobility Keepalive Count......................... 3

Mobility Group Members Configured................ 2

Mobility Control Message DSCP Value.............. 0

Controllers configured in the Mobility Group

MAC Address IP Address Group Name Multicast IP Status

00:22:55:91:b4:a0 10.107.180.4 MODO1 0.0.0.0 Up

00:22:55:91:b6:40 10.107.180.2 MODO1 0.0.0.0 Up

WLC1 the primary controller at the first site

Symmetric Mobility Tunneling (current) .......... Enabled

Symmetric Mobility Tunneling (after reboot) ..... Enabled

Mobility Protocol Port........................... 16666

Default Mobility Domain.......................... MODO1

Multicast Mode .................................. Disabled

Mobility Domain ID for 802.11r................... 0x64fd

Mobility Keepalive Interval...................... 10

Mobility Keepalive Count......................... 3

Mobility Group Members Configured................ 2

Mobility Control Message DSCP Value.............. 0

Controllers configured in the Mobility Group

MAC Address IP Address Group Name Multicast IP Status

00:22:55:90:3c:60 10.101.180.2 MODO1 0.0.0.0 Up

00:22:55:91:b4:a0 10.107.180.4 MODO2 0.0.0.0 Control and Data Path Down

Scott Fella · ‎04-13-2012

You have the wrong mobility group name.

Thanks,

Scott Fella

Sent from my iPhone

-Scott
*** Please rate helpful posts ***

Chellis Dodge · ‎04-13-2012

Thanks that fixed it, it's showing both mobility groups as UP, so now I just need to test if the AP's will fall back to the primary controller once connection is restored.

Thanks Scott for all your help, hopefully this one is solved.

Scott Fella · ‎04-13-2012

No problem. The output that Steve asked for showed the issue:)

Thanks,

Scott Fella

Sent from my iPhone

-Scott
*** Please rate helpful posts ***

Scott Fella · ‎04-13-2012

Change MODO2 to MODO1

Thanks,

Scott Fella

Sent from my iPhone

-Scott
*** Please rate helpful posts ***

Scott Fella · ‎04-13-2012

Well from each wlc, can you do an eping and mping. You might be blocking the udp ports.

Thanks,

Scott Fella

Sent from my iPhone

-Scott
*** Please rate helpful posts ***

Chellis Dodge · ‎04-13-2012

Yes just tried a eping and mping both was all all replies were successful.