Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Issue HA configuration on WLC 5508

Hi all,

 

I have some problems in one of our customers. There is HA mode configured between 2 WLC's 5508, and my question is : Do i just need to configure the Redundancy port ? In the moment the 2 Redundancy port are connected with each other and the 2 Service Port also. The 2 ports where RP and SP are connected are in the same Vlan as the management Vlan, but i think it's not correct... What do you think ? 

I did not installed this HA, I replace the guy who installed it... But on all documentations, it's only said that we just have to configure RP and plug the 2 RP of the 2 WLC's.

I have many problems with my access points and i wonder if it's not a HA issue.

 

thanks by advance,

 

Alexis

13 REPLIES
VIP Purple

Hi,1. SP IP address should be

Hi,

1. SP IP address should be totally different from Redudent port or management initerface IP.

2. No need to connect both SP port by a cable.(Remove the cable from SP port of each WLC)

3. Connect both WLCs only at the Redundany Port (RP) with a single copper cable.

4. Check this link for HA conifg guide: http://networkguy.de/?p=558

 

Regards

Dont forget to rate helpful posts

 

 

New Member

Hi Sandeep Choudhary, Thank

Hi Sandeep Choudhary,

 

Thank you very much for your answer.

Right now I have on both WLC :

- a management interface (vlan 84) on each WLC

- My AP's (Vlan 84)

- The 2 RP (Vlan 86)

- The 2 SP (Vlan 84)

 

My problem is the 2 RP are not directly connected, they are connected over a switch. Same for SP. Becaue the 2 WLC's are not on the same floor...

But if I put the SP in Vlan 85 for example, can I access to the WLC via the SP if I plugg my laptop on a port in the Vlan 85 ? So if there is a problem, i don't have to go directly to the SP of the WLC?

Is it possible to connect the SP on a switch ?

 

I have some problems, AP's reboot whenever, and I think maybe it's a problem with my HA. What do you think ? On my logs I have "AP's Interface:0 (802.11b) Operation State Down : Base Radio MAC:dc:a5:f4:b9:d7:80 Cause = New Discovery 11:39:04 2014 Status: NA"

 

Thanks in advance,

 

Alexis

New Member

My first impression is to

My first impression is to remove the 2 x SP from VLAN 84.  In fact, disconnect the SP all together and see if this improves AP uptime.

Can you provide the following:

show interface summary

show wlan summary

show redundancy summary

 

Cheers,

AS

New Member

Hi Alexis,When considering HA

Hi Alexis,

When considering HA mode, please verify the following:

  1. WLC1 + WLC2 are same model type and same code version.
  2. Ensure same FUS / bootloader
  3. Same virtual IP address on both WLCs
  4. Standby WLC has minimum 50 permanent base licenses.

More info here... http://www.cisco.com/c/en/us/td/docs/wireless/controller/technotes/7-5/High_Availability_DG.html

Other items below:

  • SP should be in a separate VLAN
  • Redundancy Management (RM) and Management must be in the same VLAN
  • Redundancy Port (RP) must have L2 adjacency (same VLAN) between both WLCs.  NOTE: in the reference guide above, there are network requirements to enable AP SSO between two WLCs (RP connectivity via switches)
  • WLC configuration: you will need to configure RM on both WLCs, redundancy settings (controller > redundancy) and then enable SSO.  Really important to set the Redundant Unit to Primary/Secondary respectively otherwise the standby WLC may overrwite the primary WLC configuration.

Best of luck.

Adrian

 

New Member

Hi Adrian, Thank you for your

Hi Adrian,

 

Thank you for your answer.

Just to be sure, Redundancy management (RM) and Redundancy Port (RP) must be in the same Vlan ?

Or should I have :

Vlan X for Management and Redundancy Management ?

Vlan Y for Redundancy Port on both WLC's ?

(And maybe Vlan Z for Service port )

 

If I disconnect the 2 SP all together, will it be an impact on the network ?

 

My customer have just called me, and he told me there was a power cut on a switch where 13 AP's was connected, and after that, the 13 AP's was not visible anymore on the WLC. the customer pinged the 13 AP's and then they came back... Strange doesn't it ?

Just to check if it's a HA problem, I want to stop the HA just for a couple of days, to see if there are still problems...

 

Do you think it's a good idea ?

 

I will provide you the following show interface summary, show wlan summary and show redundancy summary as soon as possible, because I cannot access to the WLC in the moment.

 

Thanks in advance,

 

Alexis.

New Member

Hi Alexis,My approach for HA

Hi Alexis,

My approach for HA is as follows:

  • VlanX Management (M) + Redundancy Management (RM)
  • VlanY Redundancy Port (RP) via switches OR direct cable between WLC1-RP and WLC2-RP.
  • VlanZ Service Port or leave this completely disconnected.  //This is for 'out-of-band' connectivity that does not route unless you configure a 'network route' on WLC.

Prior to any physical/config changes we should check a few things.  Please SSH to your WLC and copy/paste results for the following:

show wlan summary

show sysinfo

show interface summary

show redundancy summary

show ap summary

 

Q: But if I put the SP in Vlan 85 for example, can I access to the WLC via the SP if I plug my laptop on a port in the Vlan 85 ? So if there is a problem, i don't have to go directly to the SP of the WLC?

A: Yes you can access the WLC when your client is in VLAN 85.  If you want to 'route' to the SP then you need to add a network route on the WLC.

 

Q: I have some problems, AP's reboot whenever, and I think maybe it's a problem with my HA. What do you think ?

A: I'm unfamiliar with your environment however you can disable WLC2 to prove your theory.  I would look at disconnecting SP first and troubleshooting AP reboots by checking switch logs for PoE log errors or random shut/no shut messages.

 

Hope this helps.

 

 

 

 

New Member

Hi Adrian, Thank you for your

Hi Adrian,

 

Thank you for your feedback.

 

As soon as possible, I will go to my customer I will put the commands you asked.

I will disconnect SP, then I check the CLI of the WLC.

 

 

Just one more question, just to be sure :

All the AP's must be in a different Vlan or Can they be in the same Vlan than the Management interface?

 

thanks in advance,

 

I will keep you in touch soon.

 

Alexis

New Member

APs can be in either however

APs can be in either however you will require configure 'WLC discovery mechanisms' if the APs reside in a different VLAN so it can reach WLC Management IP (Management VLAN).

Please ensure APs obtain a DHCP address (or manually configured static IP) and the APs can ping the WLC management interface.  Use console access for this or wait for the APs to appear on WLC > Wireless tab.   While you're on the console, you can do 'show capwap client rcb' and it will give you details of the CAPWAP discovery/join status.

 

New Member

Hello Adrian, There was a

Hello Adrian,

 

There was a problem on the switch, the cable From RP was in the same Vlan as the management interface... I re-configured the HA and tested, it looks fine. 1 problem solved. So thank you very much.

 

We have another problem in an area of the building, it's an area (photo in attached files)  where there are lots of Metal cupboard, they want voice in this area... But there is sometimes some cut in the call... 

 

I think more AP's will be necessary, what do you think ? Is there some commands to check the coverage, or the noise or something like that ?

 

thanks in advance,

 

Alexis

New Member

Hi Alexis,That's awesome,

Hi Alexis,

That's awesome, well done!  

Some useful WLC commands as follows:

show advanced 802.11a summary

show advanced 802.11b summary

show ap auto-rf 802.11a <ap hostname>

show ap auto-rf 802.11b <ap hostname>

 

With the auto-rf commands you look for 'Nearby APs' section to show you your AP neighbors (in same RF group).. look for min SNR 25dBm.  My preference will be an onsite passive/active survey in that area to provide you some heatmaps and onsite troubleshooting.  Assuming it's not a coverage issue then focus on potential roaming issues that could cause the dropped calls e.g. 802.1X roam issues, 802.11g/n voice network, RF interference if it's 802.11g/n network.  If you know your voice client devices then please provide model number and software version

Please also provide the following:

show wlan 2

show pmk-cache all

show 802.11a

show 802.11b

 

Also noticed your guest network uses management interface so I can only assume you have guest anchor so ensure mobility group members use Mobility Mac to define 10.129.16.1.  

That's it for now...

Good luck

 

**p.s:  if your voice devices are 5Ghz capable then select 802.11a only for WLAN 2.  Feel free to throw APs at the problem and ensure roaming works.  If voice devices are 2.4GHz only then do as recommended above.

New Member

Hi Adrian, thanks for the

Hi Adrian,

 

thanks for the following commands. There are really usefull ! 

Lets me join you the commands you asked me.

 

How did you guess have guest anchor ? I did not install this infrastructure, I'm new in my company and We asked me to solve the problems.

What is the goal of mobility anchor ? Guest anchor ?

 

Right now, the AP's don't reboot anymore automatically so that's a good new.

 

But there is still 2 problems :

 

-1st problem :  I have 1 SSID especially for Motorola scanners (model 9190) which are deauthenticated sometimes with a MFP error message in the logs.. I don't understand because I disabled MFP globally and on the SSID. (See attachement file)

Our customer told me when scanners deauthenticate, they have to reboot it, so it can reauthenticate.

 

-2nd problem: To answer your question - They are using Cisco phones 7921 and 7925 with version 1.4.5.3.

They told me they have some cut in their voice calls, I would think to a QoS issue but I'm not sure... What do you think about ?

P.S : It's not the same SSID like for the scanners. Scanners have a dedicated SSID and voice have another dedicated SSID.

 

Thanks in advance,

 

Alexis

Bronze

Hi,Remove the SP cable from

Hi,

Remove the SP cable from the both of the WLC and keep the RP port in seperate vlan and rest of your physical topology seems ok, and regarding problem with you access points i don't think so it relates to SP cable connectivity it's better if you share some logs

New Member

Hi abwahid, I removed the SP

Hi abwahid,

 

I removed the SP cable from both WLC's and i reconfigured the HA, now the AP's don't reboot anymore. right now I have 2 problems left (See above my answer to Adrian Soh)

 

Alexis

747
Views
0
Helpful
13
Replies