I have a question. Do we need to configure both the WLC with the same configuration or the 2nd one will sync the config with the 1st? Means WLAN, VLANS, Tags, etc.
Just a small question from VMWare- Have you configured both WLC machine on different Hosts or same Host. I am asking you as when we are putting both machines on Same host, Redundancy works else if they are moved on different hosts, the redundancy breaks. Looking for your expert comments.
www.cisco.com/c/dam/en/us/td/docs/wireless/controller/9800/17-1/deployment-guide/c9800-ha-sso-deployment-guide-rel-17-1.pdf Follow the instructions on page 10.
When you say HA pair and if you are using SSO model then it's same as standalone WLC. Even though we have two HW in HA SSO it act as a single WLC with only one IP, for outside world it's a single WLC.
after building HA , which IP you are using for accessing the WLC (196 or 197 ) when primary wlc is active and also when primary wlc is in standby condition?
Hello, I wanted to know if I have to plan for SSO mode what kind of ap license I should buy? Do I need to buy ap license for both WLC ? Or for 1 wlc only ?
In SSO mode you don't have to buy extra license as after forming SSO only one WLC will be active at a time. The secondary WLC will sync the license from the primary in SSO. All new APs comes with DNA Advantage license.
If we can get Layer two connection between Cities we can. But we have to make sure all other aspects are taken care like WLAN/Mangement VLAN traffic, etc to make sure gateway checks are successful. Else it can lead into duel active state. In other words, completely depends on how two cities/DCs connected to eachother.
@@filyavallarovich7922 you will not be able to use SSO mode. You can go with HA N+1 model for these sites. The drawback will be APs has to terminate the CAPWAP connection with OLD WLC and establish a new CAPWAP connection with WLC in another site. All associated clients will be de-authenticated during this time. You can also consider using FlexConnect mode of APs so that without a fallback to another WLC/site APs will be able to serve the associated clients till the session timeout. On top of FlexConnect you can also consider Local Backup Radius servers if you are looking for Local Authentication as an extra step to serve the clients while WLCs are not disconnected from AP.
This video is great!! Nice and simple explanation. All I needed! Thank you so much for sharing your knowledge!!
I have a question. Do we need to configure both the WLC with the same configuration or the 2nd one will sync the config with the 1st? Means WLAN, VLANS, Tags, etc.
Just keep the day zero configuration on the secondary wlc. Then build the SSO and bulk sync will take care of the configurations.
Video very good !!!
Thanks man !!!
Very informative... Thank you Sir!!!
Very special!! I have a question for you. What is the app name of ssh console? For Mac . Thanks
Secure CRT
Very impressive man...!!!
Just a small question from VMWare- Have you configured both WLC machine on different Hosts or same Host. I am asking you as when we are putting both machines on Same host, Redundancy works else if they are moved on different hosts, the redundancy breaks. Looking for your expert comments.
www.cisco.com/c/dam/en/us/td/docs/wireless/controller/9800/17-1/deployment-guide/c9800-ha-sso-deployment-guide-rel-17-1.pdf
Follow the instructions on page 10.
Jason, can you mix WLC5520 with Catalyst WLC 9800 for HA availability?
In HA SSO we need same flavor of the same platform model
Excellent video, thanks for putting it together ! Can you do mobility groups with a pair of ha controllers and say a single 5500 or another HA pair?
When you say HA pair and if you are using SSO model then it's same as standalone WLC. Even though we have two HW in HA SSO it act as a single WLC with only one IP, for outside world it's a single WLC.
after building HA , which IP you are using for accessing the WLC (196 or 197 ) when primary wlc is active and also when primary wlc is in standby condition?
After forming the SSO the primary WLC IP will become Floting IP. We can use this Floting IP to access the Active WLC at any point of time.
@@CiscoNetworking is 196 and 197 - HA IPs be pingable and reachable after the HA is built ? What would be the behavior ? Thanks.
As I mentioned earlier the primary IP becomes the Floting IP and it will be reachable while the other IP is not
Hello, I wanted to know if I have to plan for SSO mode what kind of ap license I should buy? Do I need to buy ap license for both WLC ? Or for 1 wlc only ?
In SSO mode you don't have to buy extra license as after forming SSO only one WLC will be active at a time. The secondary WLC will sync the license from the primary in SSO. All new APs comes with DNA Advantage license.
hello .can i create HA with two another LANs ? because active controller install in one City , standby install in another City ?
If we can get Layer two connection between Cities we can. But we have to make sure all other aspects are taken care like WLAN/Mangement VLAN traffic, etc to make sure gateway checks are successful. Else it can lead into duel active state.
In other words, completely depends on how two cities/DCs connected to eachother.
Thanks . but we have only L3 between 2 cities. so we must install both controllers in one server.
@@filyavallarovich7922 you will not be able to use SSO mode. You can go with HA N+1 model for these sites. The drawback will be APs has to terminate the CAPWAP connection with OLD WLC and establish a new CAPWAP connection with WLC in another site. All associated clients will be de-authenticated during this time.
You can also consider using FlexConnect mode of APs so that without a fallback to another WLC/site APs will be able to serve the associated clients till the session timeout. On top of FlexConnect you can also consider Local Backup Radius servers if you are looking for Local Authentication as an extra step to serve the clients while WLCs are not disconnected from AP.
i want n+1 or n+n ha~ plz~
Did you do it? ping me if you could :s
"Jason Matthew" - Ha! Sounds like a name invented by a Microsoft HelpLine Scammer.
Didn't understand that fully, Name is right spelling is 'Jaison Mathew'. Dont ask why we have 'i' in Jaison 😁