Hi Scott,

Tnx for your reply.

When LAG was enabled.... yes! untagged vlan on controller and vlan1 on the switch. the mgt int is connected to a stacked switch which is having 6 fiber links intended fo other floors fiber1 - switch on ground floor.. fiber2 - switch on second floor and so on.... and all ap's are registered and working as planned.

Now, LAG is disabled, ap-manager2 - 8 int's were created, fiber2 is pulled from stacked switch and plugged it to port2 of controller. with this, there isn't mgt connection to switch on second floor. it's like the AP is directly connected to port2.

dhcp is on the controller, but the ap is not able to get an ip.

will a second fiber connection from second floor switch to the stack switch be the best way for this? 

Is there a trunck connection from the switch the management port is connected to and the switch the ap and the ap manager is connected to?  The management needs to be available for dhcp.

Hello Scott,

To illustrate clearly (i hope i can) kindly refer to the following images.

Scenario 1 below is currently working fine.

Scenario2 below is not working, at least for floor 2 and 3. As setup.. . the switches on the the other floors are connected directly to the controller's ap-manager interfaces without any reachability to the management interface. can the ap-manager interfaces able to reach the management interface in this way? will dhcp be available in this way of connection to the ap's on the other floors?

the management interface is only connected to the switch on the ground floor.

Thank you, Scott!

Probably a better way to word this is to just use "port" instead of ap-manager interface.

An AP-Manager interface maps to specific port, but a specific port doesn't just map to an ap-manager (in your scenario it may, but it is still confusing to word it that way).

Correct me if I'm wrong, but basically Port 1 goes to Switch 1, Port 2 goes to Switch 2, Port 3 goes to Switch 3.

And you are saying that It works fine if Port 1 is the only port connected...?

There is nothing wrong with that picture you've provided.

As long as your APs can talk to the Management Interface, the Management interface is going to tell the AP which AP-Manager IP they should try to join. The AP will then try to talk to the AP-Manager it was instructed and as long as it can, it should be functional.

So, where is your AP Join failing?  Can the AP not talking to the WLC Mangement IP?

Can the AP not talk to the AP-Manager?

What are you using for AP Discovery, assuming these are new APs not working?

Thanks, weterry!

With the first image.... as mentioned... everything is working fine

With the second, where lag is disabled, since the management interface (Port1) of wlc is connected to the ground floor switch, it is the only floor where ap's are working fine.

the ap's on floor 2 and 3, where the switches are directly connected respectively to ap-manager 2 (Port 2) and ap-manager 3 (Port 3) of wlc, aren't able to register back to the controller. from the initial setup, image one, the ap's got registered to the controller and working as planned. but when the fiber links of floor 2 and 3 switches were moved  from the ground floor switch to port 2 and port 3 respectively of the controller, the ap's aren't registering back.

Whe you said "There is nothing wrong with that picture you've provided." does this mean that the ap's can be plugged direct to port 2 or port 3 and will be able to get an ip from the wlc dhcp? there isn't a need for management link  on floor 2 and 3 switches?

Not directly related to your issue but just a friendly reminder. You shoud TAG all your interfaces. Although config guides 3 - 6 state other wise. Config guide 7 does state to tag and this is cisco best pratice.

If you do QoS you will lose all priority on the managment and the AP mangers because they are native. Other wise instead of just trusting CoS you will need to do policy maps.

Maybe Scott and Wes can comment on this .. I may be wrong but ...

Although you break the APs by floor they may not logically map like that. Once the AP joins the controller it will learn about the other AP managers and will join those if needed.

Thanks, George!

For sharing your knowledge.

The ports and interfaces aren't tag yet.... I will try tagging them ports and interfaces when i get back to our lab.

In the meantime, will connecting the ap's direct to the ap-manager interface (port 2 and port 3) work? considering, of course, that LAG is disabled.

BINGO!

Thanks, weterry!

Thanks for clearing up that directly connecting the AP's to WLC will not work.

This is actually for one of our customer who's kind of reading the Cisco Config Guide as well. This feature is included in their RFP in which all ports in the controller must be used for redundancy, failover and load distribution between ap's.

This idea lifted off from the Cisco Wireless Config Guide, pp 3-36, which says:

In partic and to quote "With multiple AP-manager interfaces, you can connect your ports to different neighbor devices. If one of the neighbor switches goes down, the controller still has connectivity."

Plus, the load is distributed dynamically across multiple ap-manager interfaces.

BTW, the router is connected via switch 1, which is actually a stacked switch. didn't include it in the drawing for simplicity.

I will get them switches connected to the distribution switch (switch1) like they need to be. or maybe i'll just enable LAG and configure my favorite interface, port-channel interface, on the distribution switch.

Many thank you's, Weterry!