HA Pairing is possible only between the same type of hardware and software versions. Mismatch may result in Maintenance Mode. The Virtual IP Address should be the same on both the WLCs before configuring AP SSO.
Direct connectivity is recommended between the Active and Standby Redundant Port for 5500/7500/8500 Series of WLCs.
WiSM-2 WLCs should be in same 6500 chassis or can be installed in VSS setup for reliable performance.
A physical connection between Redundant Port and Infrastructure Network should be done prior to HA configuration.
The Primary unit’s MAC should be used as Mobility MAC in the HA setup in order to form a mobility peer with another HA setup or independent controller. You also have the flexibility to configure a custom MAC address, which can be used as a Mobility MAC address using the configure redundancy mobilitymac <custom mac address> command. Once configured, you should use this MAC address to form a mobility peer instead of using the system MAC address. Once HA is configured, this MAC cannot be changed.
It is recommended that you use DHCP address assignment for the service port in the HA setup. After HA is enabled, if the static IP is configured for service port, WLC loses the service port IP and it has to be configured again.
When AP SSO is enabled, there is no SNMP/GUI access on the service port for both the WLCs in the HA setup.
Configurations like changing virtual IP address, enabling secureweb mode, configuring web auth proxy, and so forth need a WLC reboot in order to get implemented. In this case, a reboot of the Active WLC will also trigger a simultaneous reboot of the Standby WLC.
When AP SSO is disabled on the Active WLC, it will be pushed to the Standby WLC. After reboot, all the ports will come up on the Active WLC and will be disabled on the Standby WLC.
Keep alive and Peer Discovery timers should be left with default timer values for better performance.
Clear configuration on the Active WLC will also initiate clear configuration on the Standby WLC.
Internal DHCP is not supported when AP SSO is enabled.
SSO for LSC AP is not supported. L2 MGID is synched, but the L3 MGID database is cleared with SSO.
I checked the 7.5 beta notes and I don't see this listed as a limitation. Perhaps one of the Cisco guys can comment.
Sent from Cisco Technical Support iPad App
"Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin
I just added a HA 5508 using version 22.214.171.124 and internal DHCP is still not working. When enabling SSO, I was prompted to disable the internal DHCP scope. After the 5508s rebooted in HA mode, I tried to enable the scope again but couldn't, a message pops up saying the there was a problem setting the lease duration (which hasn't been change, set to 3600s).
So in my experience, internal DHCP scope is still not supported on 126.96.36.199.
I upgraded my WLC to version 188.8.131.52 a couples days ago and Internal DHCP still working on standalone. So I´m planning to apply HA configuration on January. But your reply is not good and probably I will need to test it before put in production.
Transferring Crash file from standby:
Login to the Active WLC in HA.
(Cisco Controller) >transfer upload datatype crash
(Cisco Controller) >transfer upload filename <Desired filename>
(Cisco Controller) >transfer up...
This is the start of a display filter cross reference between Wireshark and OmniPeek.
The 1st installment is a table of advanced filters. More filters will be added as time allows.
It is a living doc, so check back for changes every so often
Please feel ...
I have created a Powershell script to automatically add a Wireless Guest User on Cisco WLCs. (tested on 2500 Series)
The script should be completely self explanatory.
Powershell SNMP Module (Install-Module -Name SNMP)
SNMP Write Access to...