cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1893
Views
5
Helpful
13
Replies

HA SSO Between LDPE and non-LDPE

rraineri
Level 1
Level 1

There is a customer who got two new 5500 WLCs for Russia, running 7.4.110 SV. per mistake one of the controllers was sent as non-LDPE capable, the other is LDPE. He wants to know if possible to enable HA SSO between these two controllers?

The only topic related I have found is this https://supportforums.cisco.com/thread/2220165

But not too much info!

1 Accepted Solution

Accepted Solutions

It should work fine, just that the LDPE will not allow DTLS encryption.

Sent from Cisco Technical Support iPhone App

-Scott
*** Please rate helpful posts ***

View solution in original post

13 Replies 13

Scott Fella
Hall of Fame
Hall of Fame

Well since you need the LDPE image for Russia, it would be a good idea to RMA that non-LDPE WLC for one that is LDPE.

Regulations might get them in trouble since Russia doesn't want the ability for a WLC to encrypt.

Sent from Cisco Technical Support iPhone App

-Scott
*** Please rate helpful posts ***

I tottally agree with you, however the customer wants to take the risks, so I have to get an answer for this and maybe make it work.

It should work fine, just that the LDPE will not allow DTLS encryption.

Sent from Cisco Technical Support iPhone App

-Scott
*** Please rate helpful posts ***

Ok, I will tell him to try it and I let you know! Thanks.

Yeah let me know... I have had mobility up and running between the two types.

Thanks,

Scott

Help out other by using the rating system and marking answered questions as "Answered"

-Scott
*** Please rate helpful posts ***

I have to agree with Scott and get the non ldpe WLC replaced. That risk is too big to want to take, as liability will also fall in the party installing the WLC

If you have to go through, make sure the LDPE is the primary

Steve

Sent from Cisco Technical Support iPhone App

HTH,
Steve

------------------------------------------------------------------------------------------------
Please remember to rate useful posts, and mark questions as answered

Scott Fella
Hall of Fame
Hall of Fame

Here is the risk your customer faces and you know they will say they didn't know!

I would just tell your customer it's not stabile and they need to RMA the unit!

Important Note for Customers in Russia
If you plan to install a Cisco Wireless LAN Controller in Russia, you must get a Paper PAK, and not download the license from Cisco.com. The DTLS Paper PAK license is for customers who purchase a controller with DTLS that is disabled due to import restrictions but have authorization from local regulators to add DTLS support after the initial purchase. Consult your local government regulations to ensure that DTLS encryption is permitted.

Sent from Cisco Technical Support iPhone App

-Scott
*** Please rate helpful posts ***

Saravanan Lakshmanan
Cisco Employee
Cisco Employee

though it works, It is not cisco supported, better change the WLC.

Yuliya S
Level 1
Level 1

Hi all!

I too have this problem. I have two 5508 controllers. I have operating wlc with ldpe and new wlc for high avaliability non ldpe.

If I understand I need to replace my device at the vendor. Yes? or can I convert ldpe wlc to non ldpe.

Thanks

You can convert it from LDPE to non-LDPE... Here is a support doc that will provide you with the information to do this conversion.  Should be pretty easy... Hope it helps:)

https://supportforums.cisco.com/docs/DOC-24920

Thanks,

Scott

*****Help out other by using the rating system and marking answered questions as "Answered"*****

-Scott
*** Please rate helpful posts ***

rraineri
Level 1
Level 1

Customer decided to use the two types on his HA cluster, HA worked fine. Thanks to all of you.

Yuliya S
Level 1
Level 1

Thank you all for helping.))

Yuliya S
Level 1
Level 1

SSO is working fine, but if you want to upgrade your WLC then you can not do it. You will get error (( You need disable SSO, then upgrade every WLC (LDPE and not LDPE) and then enable SSO. It is so sad

 

 

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: