I would like some clarification on the Mobility groups behaviors. We have 2 WLC 4402 (wlc-a and wlc-b) setup on the same DMZ and 30 AP connecting to the first one (wlc-a). We have setup the same mobility groups on both WLC. AP failover betwen the WLC works fine: if wlc-a disappears all APs go to wlc-b. But the connected clients suffer from this transition (using webauth, dhcp is provided by the wlc). We triied a couple of configuration options but are still facing the same issues at the end.
1- we tried to configure 2 different dhcp pools for the users. When wlc-a fails, APs moves to wlc-b (good), but client needs to negotiate a new IP and therefor looses any existing connections.
2- we tried to configure the same DHCP pool on both WLCs. Obvioulsy this is not a good idea as you end up allocating the same IPs to different clients.
3- we tried to configure the same DHCP on both WLCs and created an anchor to wlc-a. This works fine if wlc-b fails, the transition is seamingless for the clients. But not if wlc-a fails, wlc-b "refuses" to give an IP to the users.
I'm a bit puzzled by the problem and can't find what I'm missing. I was thinking that the two wlc would be able to provide (near) transparent failover for the clients (at least they should not have to get a new IP and reauthenticate).
If you failove a wlc-a so that the ap's move to wlc-b, you will have webauth client's loose their connection thus will need to login again. This is not transparent when a failove occurs. I have tried it a bunch of times to see if I can get this to work and no go. This goes the same if you have guest anchor controllers in the dmz and one of the guest anchors fails. Users will have to login again or click accept if you are using passthrough.
DHCP depends on if your users are placed in the dmz.... you don't want to open the FW. usually if you have a dmz anchor controller, then using the wlc for dhcp is fine. Or you can place a DHCP server on the dmz.
Transferring Crash file from standby: Login to the Active WLC in HA.
From CLI: (Cisco Controller) >transfer upload datatype crash (Cisco
Controller) >transfer upload filename (Cisco
Controller) >transfer upload mode tftp (Cisco Controller) >transfer
This is the start of a display filter cross reference between Wireshark
and OmniPeek. The 1st installment is a table of advanced filters. More
filters will be added as time allows. It is a living doc, so check back
for changes every so often Please feel f...