redundancy-management LAG untagged 0.0.0.0 Static No No
redundancy-port - untagged 0.0.0.0 Static No No
service-port N/A N/A 192.168.199.3 DHCP No No
virtual N/A N/A 220.127.116.11 Static No No
Prime Infrastructure is going to have a list of the interfaces on all the controllers it knows about, but apparently the one in the template isn't on the controller you're trying to apply it to.
As well, I'd suggest consulting with a wireless LAN controller authority about that connecting Prime Infrastructure to the service-port interface. The Configuring the Management Interface section of the wireless LAN controller Configuration Guide says that the Management interface is the one that is "for in-band management of the controller and connectivity to enterprise services such as AAA servers." There may be limitations on the types of traffic that can go over the Service-port interface.
I have 2 other controllers in Prime (old 4404's) that are managed by Servie Port and MAC filtering templates are successfully applied when needed. The difference is the problem controller is a 5508 with much newer code. I'm trying to get hold of a sniffer at both ends and see what's going on, yes I think SP should be out of band and management should be probably the interface that Prime controls, however I'm interested in why this is failing. There is not reason why SP shouldn't be able to apply a template like my old 4404 controllers.
maybe it is a port restriction of some sort, I would to see how Prime applies the filter.
My issue is now with TAC, will update this discussion with the outcome. In regards to SP or mgmt port, TAC engineer said there is not significance in regards to which port you use, SP can be used to apply MAC filtering and to manage from PI
My MAC filter template had a different interface name used on my old WLC's.
Created a separate template with the new interface name, applied the template successfully to my new WLC's.
I confirmed with the TAC guy in Belgium, the Service Port can be used for management purposes like SNMP, MAC templates, TACACS etc. There is no reason why this interface can't be used you don't have to use management interface. There are no underlying ACL's or port filtering on the SP.
Step 2 Click MAC Filtering or choose Security > MAC Filtering from the left sidebar menu. The Security > MAC Filtering page appears.
Step 3 If you want to add a new template, choose Add Template from the Select a command drop-down list, and click Go. To modify an existing template, click the template name. The MAC Filtering template page appears.
Step 4 If you keep Import From File enabled, you must enter a file path or click Browse to navigate to the file path. The import file must be a CSV file with MAC address, profile name, interface, and description (such as 00:11:22:33:44:55, Profile1, management, test filter). If you unselect the Import from File check box, continue to Step 5. Otherwise, skip to Step 8.
The client MAC address appears.
Step 5 Choose the profile name to which this MAC filter is applied or choose the any Profile option.
Step 6 Use the drop-down list to choose from the available interface names.
Step 7 Enter a user-defined description of this interface. Skip to Step 9.
Step 8 If you want to override the existing template, select the Override existing templates check box.
Step 9 Click Save.
Note You cannot use MAC address in the broadcast range.
Transferring Crash file from standby: Login to the Active WLC in HA.
From CLI: (Cisco Controller) >transfer upload datatype crash (Cisco
Controller) >transfer upload filename (Cisco
Controller) >transfer upload mode tftp (Cisco Controller) >transfer
This is the start of a display filter cross reference between Wireshark
and OmniPeek. The 1st installment is a table of advanced filters. More
filters will be added as time allows. It is a living doc, so check back
for changes every so often Please feel f...