I've noticed that from time to time some of our flex connect AP's will join our less preferred 2504 anchor WLC instead of staying on the 5508 HA pair controllers. The 5508 HA (active/standby) pair are in the same mobility group as the 2504 to facilitate guest anchoring. However if a remote AP loses network connectivity for a brief period, when network returns they will sometimes join the 2504 and need to be moved back to the 5508's manually.
The process to move them back is usually as simple as doing the following:
In the GUI:
Login to the 2504 Controller >> Select the Wireless Tab >> Select the AP >> Select the High Availability tab >> entering the 5508 name and IP as the primary controller and applying the change.
After 60 seconds or so the AP will then move back to that controller.
The problem with this though is that the change is not persistent and if the AP is rebooted this primary controller setting is lost.
Is there a way to set this permanently for all AP's?
If I go to Wireless >> All AP's >> Global Configuration, there is an option to set backup controllers but no option to set a preferred primary controller.
That AP High Availability configuration setting should not be lost during AP reload. Which WLC software code you having this issue ?
Regarding configuration since it is AP specific, you have to do it on individual AP. If you have list of AP names then you can develop the required CLI commands & apply them to your AP via WLC CLI (if you have prime, you can use a template to push these changes as well). That will prevent to go into each AP via GUI & do this change.
(5508-1) >config ap primary-base <5508_Name> <Cisco_AP01> x.x.x.x
(5508-1) >config ap secondary-base <2504_Name> <Cisco_AP01> Y.Y.Y.Y
Just to add to Rasika post, if your 2504 is an anchor WLC, then how I see it, it should not ever have access points join. Anchor WLC's should have a different mobility group name and also if not in the DMZ, then you should have Authorize MIC APs against auth-list or AAA enabled to prevent access points from joining that WLC. This would be my preferred way. If you have access points that need to join that WLC, then you either should add the mac address of the preferred AP's to allow it to join and have Authorize MIC APs against auth-list or AAA enabled, or you need to have the WLANS, AP Group, consistent with the HA's to prevent AP's from loosing their vlan mapping. You need to prevent the ap's from joining the 2504 to be sure that the mappings will not get lost.
Transferring Crash file from standby:
Login to the Active WLC in HA.
(Cisco Controller) >transfer upload datatype crash
(Cisco Controller) >transfer upload filename <Desired filename>
(Cisco Controller) >transfer up...
This is the start of a display filter cross reference between Wireshark and OmniPeek.
The 1st installment is a table of advanced filters. More filters will be added as time allows.
It is a living doc, so check back for changes every so often
Please feel ...
I have created a Powershell script to automatically add a Wireless Guest User on Cisco WLCs. (tested on 2500 Series)
The script should be completely self explanatory.
Powershell SNMP Module (Install-Module -Name SNMP)
SNMP Write Access to...