We have a Guest Wireless solution in place whereby we have 4 remote WLCs and an Anchor Controller providing the termination point for the Guest internet tunnels.
We currently have an inconsistent issue, whereby idle clients are seemingly dropping their connections for no apparent reason (The session timeout and User Idle timeout have been modified accordingly). Another possible option I'm now looking at is the Mobility Groups configuration, having read something on another thread. We currently have all 5 (4 x Remote and 1 x Anchor) configured in the same Mobility Group. From what I've read, I should have the 4 x Remote WLCs in one Mobility Group and the Anchor device in its own group. Is someone able to clarify this.
Also, if we have all 5 device in the same group, what are the implications of this? Obviously, only the Remote devices would be managing the Access Points, so the roaming would be happening between these 4 devices, rather than the additional Anchor also configured in the Group.
The reason you put the anchor in a different group, is so that the AP won't join it if the internal ones fail. Other than that, you can have them all in the same mobility group, if you want to. Just be advised the DMZ may have AP try to join it.
Please remember to rate useful posts, and mark questions as answered
That's good to know. Our Access Points have no visibility of the Anchor Controller, so I'm not concerned about any device trying to join it.
To extend on our current issue; we have an SSID created for a Guest network with Layer 3 authentication configured (across all 4 controllers). Clients are able to connect and authenticate (via AD) as expected, but we're seeing issues whereby clients are dropping off the network at intermittant intervals, and having to re-authenticate when they next connect. The devices connecting are a mixture of Android and iOS handsets.
The Session timeout for the WLAN isn't enabled on any of the SSIDs, and the User Idle timeout on all controllers is set to 8 hours. I've not as yet managed to perform any debugs to see what's causing the disconnects, but plan to do this tomorrow morning. I believe the above mentioned handsets are generally clean with regards Wireless connectivity when they're in power save mode, but was hoping modifying the timeouts mentioned would potentially resolve the issues we're seeing.
Well... I know for one, the iOS devices don't roam as well as a laptop or macbook. The issues I have seen with these devices is that they are "Sticky" and seem to like to stay connected to an ap that they have already associated with. I don't think its the timeouts, you might just want to see if roaming is the issue which causes the timeout mechanism to start.
Transferring Crash file from standby:
Login to the Active WLC in HA.
(Cisco Controller) >transfer upload datatype crash
(Cisco Controller) >transfer upload filename <Desired filename>
(Cisco Controller) >transfer up...
This is the start of a display filter cross reference between Wireshark and OmniPeek.
The 1st installment is a table of advanced filters. More filters will be added as time allows.
It is a living doc, so check back for changes every so often
Please feel ...
I have created a Powershell script to automatically add a Wireless Guest User on Cisco WLCs. (tested on 2500 Series)
The script should be completely self explanatory.
Powershell SNMP Module (Install-Module -Name SNMP)
SNMP Write Access to...