Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Cisco 5508 HA over WAN

Hi,

I want to know few things about HA of Cisco 5508 over WAN setup.

1. Is it possible to create HA setup over WAN. Active WLC will be at HQ and backup at other remote branch so that if active WLC fails all AP joins to backup WLC.?

2. Does physcial connectivity between active and backup WLC necessary for HA?

3. How licensing going to work in this case. Suppose I have 50 license at active WLC, will this licenses shifts to backup WLC when there is failover.

4. How can I implement this setup ...any guide? . If this setup is possible.

5. If this is not possible then what is the alternate work around solution for this kind of setup.

6. If I have both WLC at same location and link between remote branches to this location goes down, will the clients be able to connect to AP at remote branches? ( I know this is possible with HREAP/FLEX configuration, but it is not working for some other setup that I tried).

Thanks.

1 ACCEPTED SOLUTION

Accepted Solutions
VIP Purple

Re: Cisco 5508 HA over WAN

HI Shakeer,

As per my knowledge :

1. HA menas u have to connect both WLC with Reduandecy port. so with WAN its not possibe.

http://www.cisco.com/en/US/products/ps10315/products_tech_note09186a0080bd3504.shtml

2. Yes Physihal connectivity is necessary.

3. Yes You are  right(If HA is configured: 1st WLC down then automatically all APs will shift to Standby WLC)

4. Not possible: 

5. Better to use Flexconnect with local switching

6.H-reap ..you can do with local swicthing means when WLC is down then AP goes into standalone mode and do the local switching..terninated locally

http://www.cisco.com/en/US/tech/tk722/tk809/technologies_configuration_example09186a00807cc3b8.shtml

http://www.cisco.com/en/US/products/ps10315/products_tech_note09186a0080736123.shtml

Regards

Dont forget to arte helpful posts

11 REPLIES
VIP Purple

Re: Cisco 5508 HA over WAN

HI Shakeer,

As per my knowledge :

1. HA menas u have to connect both WLC with Reduandecy port. so with WAN its not possibe.

http://www.cisco.com/en/US/products/ps10315/products_tech_note09186a0080bd3504.shtml

2. Yes Physihal connectivity is necessary.

3. Yes You are  right(If HA is configured: 1st WLC down then automatically all APs will shift to Standby WLC)

4. Not possible: 

5. Better to use Flexconnect with local switching

6.H-reap ..you can do with local swicthing means when WLC is down then AP goes into standalone mode and do the local switching..terninated locally

http://www.cisco.com/en/US/tech/tk722/tk809/technologies_configuration_example09186a00807cc3b8.shtml

http://www.cisco.com/en/US/products/ps10315/products_tech_note09186a0080736123.shtml

Regards

Dont forget to arte helpful posts

New Member

Cisco 5508 HA over WAN

Hi Sandeep,

I read that it is possible with new releases, so just wanna know if it is possible with IOS release like 7.6 or not.

Regarding Flex connect, I configured it as local switching and authentication as  preshared key which should means if the controller goes down then it becomes local authentication and local switching and new clients should be able to connect to AP without any issues, but In my case it doesn't seems to be working.

Thanks.

Hall of Fame Super Gold

Cisco 5508 HA over WAN

I read that it is possible with new releases, so just wanna know if it is possible with IOS release like 7.6 or not.

Depends on your WAN.  The biggest stumbling block you need to solve is how you interconnect your Redundant Ports together.  Cisco states that these two ports must be conneted via Layer 2.  This means no routable IP address and both IP address must be in the same VLAN and subnet.  If you can span your VLAN across the two sites via Layer 2, then go for it.  This is how we've done with our HA AP SSO deployment with our WiSM-2.  Both VSS chassis are in different location, 14 km apart.

New Member

Cisco 5508 HA over WAN

The connectivity will be layer 3.

This means it is not possible?

VIP Purple

Cisco 5508 HA over WAN

HI Shakeer,

Yes both WLC must be connected directlto redundent port(Layer 2).

It is not possible.(HA over WAN)

Regards

Hall of Fame Super Gold

Re: Cisco 5508 HA over WAN

The connectivity will be layer 3.

This means it is not possible?

Not possible.  Here's the logic:

One of the biggest stumbling block with Layer 3 is routing.  This gets worst if your routing network is bad.  With AP SSO, the biggest selling point is the sub-second switch over.  If you have a bad routing network and you want to do a switch over, you will not be guaranteed the sub-second switchover and everyone will be opening TAC Cases.

Layer 2 is easy.  The heartbeat packets they send to each other, I believe, have their source and destination address as MAC address.

Yes both WLC must be connected directlto redundent port(Layer 2).

It is not a requirement that both ports must be DIRECTLY CONNECTED to each other.  You can, for example, connect both ports to two Layer 2 switches and both switches are interconnected using fibre optic.  The main thing is that both switchports must be a member of a Layer 2 VLAN.  This means your VLAN does NOT HAVE an IP address.

VIP Purple

Cisco 5508 HA over WAN

HI Shakeer,

Till I not I did not heard anything about this(HA over WAN)

In this document u can see diff mode of operation :

If a locally switched WLAN is configured for any authentication type that is required to be processed on (or north of) the controller (such as EAP authentication [dynamic WEP/WPA/WPA2/802.11i], WebAuth, or NAC), upon WAN failure, it enters the authentication down, local switching state. Previously it would have been in the central authentication, local switching state. Existing wireless client connectivity is maintained and access to local wired resources persist, but no new associations are allowed. If a user's web session times out when using WebAuth or, if a user's EAP key validity interval expires when using 802.1X, and requires re-keying, existing clients lose connectivity and are denied connectivity (this duration is RADIUS server-specific and thus, non-standard). Also, 802.11 roaming events (between H REAPs) trigger full 802.1X re-authentications and thus, will represent the point at which existing clients are no longer allowed connectivity.

When such a WLAN's client count equals zero, the H REAP ceases all associated 802.11 functions and no longer beacons for the given SSID, thus moving the WLAN to the next H REAP state: authentication down, switching down.

Regards

Dont forget to arte helpful posts

New Member

Cisco 5508 HA over WAN

Thanks Sandeep and Leo.

Hall of Fame Super Silver

Re: Cisco 5508 HA over WAN

The only HA you can do and what is designed for what you want is N+1. AP SSO like everyone mentioned will not work.

http://www.cisco.com/en/US/docs/wireless/technology/hi_avail/N1_High_Availability_Deployment_Guide.pdf

Sent from Cisco Technical Support iPhone App

-Scott
*** Please rate helpful posts ***
New Member

Re:Cisco 5508 HA over WAN

Hi Scott,

Thanks for the info. N+1 setup will be expensive so can't effort to have it.


Sent from Cisco Technical Support Android App

Hall of Fame Super Silver

Re: Re:Cisco 5508 HA over WAN

N+1 uses an HA sku WLC so it's cheaper because you don't buy license for an HA sku WLC.

Sent from Cisco Technical Support iPhone App

-Scott
*** Please rate helpful posts ***
298
Views
14
Helpful
11
Replies