Buy or Renew
Buy or Renew
Cisco Virtual Engineer generative AI bot now active in Wireless Discussion Forum. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results forĀ 
Search instead forĀ 
Did you mean:Ā 
cancel
Start a conversation
646
Views
0
Helpful
3
Replies

create 2nd mobility group on 5508

Stefan Engel
Level 1
Level 1

ā€Ž09-26-2013 07:11 AM - edited ā€Ž07-04-2021 12:57 AM

Hi all,

We are running all our APs in H-REAP mode connecting to WLC 5508 (7.2.xxx)

Each H-REAP AP has local switched SSID, as  well as a guest SSID (centrally switched), which is 'tunneled' to the WLC, with Internet only access through the DC.

All the AP's connecting to the WLC using the managment interface, which is also the local mobilty group.

To route traffic different for the guest WLAN, I'd like to create a new Interface on WLC and use this as local mobility group for the guest WLAN.

Is this possible, or is the managment interface always the local monility group?

Appreciate your feedback.

Thanks,

Stefan      

Labels:
0 Helpful
3 Replies 3

Rasika Nayanajith
VIP
VIP

ā€Ž09-26-2013 02:14 PM

Whad do you mean by "local mobility group" ?  For the mobility configuration you have to use controller MAC address & management interface IP detail (not any dynamic interface IPs)

Yes, you can create a seperate dynamic interface for the guest WLAN, but do not understand why you do want to relate it to mobility group configuration ?

HTH

Rasika

0 Helpful

Stefan Engel
Level 1
Level 1
In response to Rasika Nayanajith

ā€Ž09-26-2013 06:07 PM

Hi Rasika,

Each of our branch sites have 2 WAN connections. 1 MPLS (critical traffic), 1 IPsec (non critical).

While the managment interface of WLC is reachbale  through MPLS, I'd like to route traffic for Guest WLAN over IPsec.

Therefore I would need create a 2nd Interface on WLC (different IP range) and terminate centrally switched traffic on that interface.

As you've mentioned the local mobility group is always the controller MAC (management int), so not sure if there's another way to solve this?

H-REAP AP,s register to managmnet int      --> routed through MPLS

centrally switched traffic to different int          --> routed through IPsec

Thanks,

Stfean

0 Helpful

Rasika Nayanajith
VIP
VIP
In response to Stefan Engel

ā€Ž09-26-2013 08:25 PM

Hi Stefan,

Now it is clear what you are trying to achieve.

I doubted you can achieve this since AP to WLC traffic always destined to WLC management IP address (so it will go via MPLS). Even you create a seperate dynamic interface on your WLC to egress guest traffic , it won't help you to bring branch guest traffic to WLC via your IPSec.

HTH

Rasika

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card