Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Community Member

Block Layer 3 Roam from certain foreign controllers

We have a large campus that we recently openend a new building where the decision was made to initially keep the network somewhat isolated from the rest of the campus.  We are working on converging the networks now, with much discussion, but until that happens, we have clients going back and forth between buildings and their devices won't work properly.  While the SSIDs are the same throughout, the addressing is different and we don't have a layer3 roam set up as of yet, but it is being planned.  So my question is, can i force a client device that is using an address from one network to pull a new address when they enter the other network.  There is some common RF space, which is why they are not automatically doing that. 

Thanks in advance.

4 REPLIES

Re: Block Layer 3 Roam from certain foreign controllers

In your new building does it have its own WLC?

Sent from Cisco Technical Support iPhone App

HTH, Steve ------------------------------------------------------------------------------------------------ Please remember to rate useful posts, and mark questions as answered
Community Member

Re: Block Layer 3 Roam from certain foreign controllers

We have 3 5508s for the new building. 2 Pri and 1 redun

Sent from Cisco Technical Support iPhone App

Block Layer 3 Roam from certain foreign controllers

Ok, so the new WLC are not in the same mobility group as the rest of the controllers, or no L3 reachabitliy between the buildings?

     I can't think of any way to force the client to get a new DHCP, other than having a sepearate SSID in that building.

     I had been thinking pull them from the mobility group to stop the mobile announce from hitting the other WLC, but if that were working L3 roaming should work, and it wouldn't force a DHCP anyway....

HTH,
Steve

-----------------------------------------
Please remember to rate useful posts, and mark questions as answered

HTH, Steve ------------------------------------------------------------------------------------------------ Please remember to rate useful posts, and mark questions as answered
Cisco Employee

Block Layer 3 Roam from certain foreign controllers

what will happen is like two linksys AP who can see each other configured for similar wlan name and using different network.

Anyway, the L2 & L3 roaming is broken already without the Mobility tunnel. It is possible that wireless client can be stranded already switching between same wlans mapped to different vlan at the overlapping spots and should be having dhcp issues already due to no smooth handoff while roaming.

Fix the RF or Mobility or applicable WLAN parameters

easy to implement.

#Enable Mobility tunnel. it is going to work reliabily though the roamed client will retain same ip.

#Enable dhcp required on WLAN - it should help with your current scenario i.e, without mobility tunnel, however it still doesn't help due to RF bleeding between the building means you're running into the same issue again.

difficult to implement

#Use different security - Use wpa-tkip on one side and wpa2-aes on other side.

#Use different Radio policy for that WLAN - But all connecting clients should be locked in appropriately ie., A or G.

#Manually reduce the power at the overlapping APs from both sides.

#Use AP group remove the overlapping wlan from overlapping APs.

#AAA override + static auto anchor - Force all the clients on that wlan  connecting to one or multiple WLC on one side and put the client on  respective vlan based on user.

#MAC filtering.

351
Views
0
Helpful
4
Replies
CreatePlease to create content