Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Getting "Configure VLAN" message when enabling SSO redundancy on 5508 WLC?

Hello All

We are installing a secondary 5508 HA-SKU WLC under software version 8.0.100.

After configuring the primary 5508 (redundancy management ip, peer redundancy management ip, etc) we get the message "Please configure Redundancy Management VLAN before enabling redundancy" when we select SSO enabled.  The redundancy management ips are in the same VLAN as the management ip and this is the default untagged VLAN. What have I missed?



VIP Purple

Check this link and correct

Check this link and correct your config:



New Member

This link is not for 8.0

This link is not for 8.0 software.

New Member

Hi John,Could you please post

Hi John,

If you can please try to change the config to use tagged vlan for Management (Redundancy Management) and try again. Please keep me posted if this solves the problem.



New Member

John...I'm, having a similiar

John...I'm, having a similiar problem - did you get around this?


New Member

You need to tag the

You need to tag the management interface with a VLAN ID. 

In 8.0 SSO is only supported on tagged management and redundancy management interface.

(It is still allowed in untagged mode if you upgrade from a SSO 7.x setup to 8.0).




New Member

You nailed it Ralph - changed

You nailed it Ralph - changed redundancy management interface to tagged and it works. Thanks for your help!

New Member

when you change the

when you change the redundancy management interface to be tagged with management vlan ID, you should not able to ssh on the controller ?


New Member

The SSH capabilities are not

The SSH capabilities are not affected by the adding of tag to the management interface.

New Member

i tried to tag the management

i tried to tag the management interface with the management Vlan ID, but i found

the network connectivity down (ping is request time out).


i have Cisco WISM2 with version 8.0


New Member

Remember the Native Vlan on

Remember the Native Vlan on the 6500 side must be different from the Management id.


wism module x controller 1 native-vlan zzz
New Member

Hi Ralph, We're running 8.0

Hi Ralph,


We're running 8.0 in a  WLC 8500 series but nor tagged nor untagged interface is working. This are the scenarios we have tested:

  1. management interface tagged + switchport trunk tagged + HA tagged + switchport trunk tagged = SSO not working
  2. management interface tagged + switchport trunk tagged + HA untagged + switchport access = SSO not working
  3. management interface untagged + switchport trunk native vlan + HA untagged + switchport access = SSO not working

No scenario is working and in cases 1 and 2 we have lost the associated APs as they only recover in case 3.

In parallel, after enabling tagged interface in management, the "show ip arp" of the switch shows the IP through the HA interface and the ping is lost outwards WLC and inwards.

Any suggestion?


New Member

Hi,your Management interface


your Management interface should be tagged with a VLAN and the switchport connecting that interface should be running 802.1q trunk. Ensure that the native VLAN is not the VLAN your WLC management is on.

The RP port should ideally be a direct cable from 8510 to 8510. If you are using a VLAN ensure that it is not used for anything else. Run spanning-tree portfast and switchport mode access on the switch interface. 

What kind of error do you get when building your SSO?




New Member

While I understand that

While I understand that untagged mode is allowed if you upgrade from an SSO 7.X setup to 8.0; I would like to understand why this is so?  Does the upgrade automatically enable tagging for management interface and if so, how does it know which vlan ID to tag it with?

How does one account for SSO 7.X setup with existing Native VLAN setting matching management interface on trunked interface if it cannot be the same after WLC is upgraded to 8.0?


New Member

Hi Matt,

Hi Matt,

the upgrade doesn't change the configuration regarding management interface tagging.

Untagged will remain untagged. BUT; If you break the SSO in 8.x and try to enable it again you will get an error message because the SSO-Enable command will check your management interface.

You can keep your config if you expect it to run forever and never crash, but I'll recommend that you break the SSO and change the Management interface to be tagged.

Good Luck.


Hall of Fame Super Silver

Just to add to Ralph's

Just to add to Ralph's comments also, upgrading will not change the vlan tag you currently have. Best practice was to always tag the management interface and not use vlan tag of '0'.  I have ran into customer SSO setups in which the secondary HA unit was setup wrong.  So just make sure that both units are setup the same (vlan tag) before you enable SSO.


*** Please rate helpful posts ***

*** Please rate helpful posts ***
New Member

Re: Just to add to Ralph's


My controller (5520) runing on version. When I enabling SSO it gives the error please configure redundancy management vlan".

What can be done at switch side that connected to WLC management port ??

There no vlan in company. Everything is on default (Vlan-1) vlan.

My WLC Management IP :

Redundancy Mgmt Ip :

Peer Redundancy Mgmt Ip :

Redundancy port Ip : ( Automatically)

Peer Redundancy port Ip : (Automatically)