Configuring Mobility

Configuring Mobility Controller

Configuring Converged Access Controllers

Creating Peer Groups, Peer Group Member, and Bridge Domain ID (CLI)

Before you begin

  • On the mobility agent, you can only configure the IP address of the mobility controller.
  • On the mobility controller, you can define the peer group and the IP address of each peer group member.

SUMMARY STEPS

  1. wireless mobility controller
  2. wireless mobility controller peer-group SPG1
  3. wireless mobility controller peer-group SPG1 member ip member-ip-addr public-ip public-ip-addr
  4. wireless mobility controller peer-group SPG1 member ip member-ip-addr public-ip public-ip-addr
  5. wireless mobility controller peer-group SPG2
  6. wireless mobility controller peer-group SPG2 member ip member-ip-addr public-ip public-ip-addr
  7. wireless mobility controller peer-group SPG1 bridge-domain-id id

DETAILED STEPS

  Command or Action Purpose
Step 1

wireless mobility controller

Example:

Device(config)# wireless mobility controller

Enables the mobility controller functionality on the device. This command is applicable only to the switch. The controller is by default a mobility controller.

Step 2

wireless mobility controller peer-group SPG1

Example:

Device(config)# wireless mobility controller peer-group SPG1

Creates a peer group named SPG1.

Step 3

wireless mobility controller peer-group SPG1 member ip member-ip-addr public-ip public-ip-addr

Example:

Device(config)# wireless mobility controller peer-group
 SPG1 member ip 10.10.20.2 public-ip 10.10.20.2
Adds a mobility agent to the peer group.
Note 
The 10.10.20.2 is the mobility agent's direct IP address. When NAT is used, use the optional public IP address to enter the mobility agent's NATed address. When NAT is not used, the public IP address is not used and the device displays the mobility agent's direct IP address.
Step 4

wireless mobility controller peer-group SPG1 member ip member-ip-addr public-ip public-ip-addr

Example:

Device(config)# wireless mobility controller peer-group 
SPG1 member ip 10.10.20.6 public-ip 10.10.20.6

Adds another member to the peer group SPG1.

Step 5

wireless mobility controller peer-group SPG2

Example:

Device(config)# wireless mobility controller peer-group SPG2

Creates another peer group SPG2.

Step 6

wireless mobility controller peer-group SPG2 member ip member-ip-addr public-ip public-ip-addr

Example:

Device(config)# wireless mobility controller peer-group 
SPG2 member ip 10.10.10.20 public-ip 10.10.10.20

Adds a member to peer group SPG2.

Step 7

wireless mobility controller peer-group SPG1 bridge-domain-id id

Example:

Device(config)# wireless mobility controller peer-group 
SPG1 bridge-domain-id 54

(Optional) Adds a bridge domain to SPG1 used for defining the subnet-VLAN mapping with other SPGs.

Example

This example shows how to create peer group and add members to it:


Device(config)# wireless mobility controller 
Device(config)# wireless mobility controller peer-group SPG1
Device(config)# wireless mobility controller peer-group SPG1
Device(config)# wireless mobility controller peer-group SPG1 member ip 10.10.20.2 public-ip 10.10.20.2
Device(config)# wireless mobility controller peer-group SPG1 member ip 10.10.20.6 public-ip 10.10.20.6
Device(config)# wireless mobility controller peer-group SPG2
Device(config)# wireless mobility controller peer-group SPG2 member ip 10.10.10.20 public-ip 10.10.10.20
Device(config)# wireless mobility controller peer-group SPG1 bridge-domain-id 54

Creating Peer Groups, Peer Group Member, and Bridge Domain ID (GUI)

Before you begin

  • Ensure that the device is in mobility controller state.

  • On the mobility agent, you can only configure the IP address of the mobility controller.

  • On the mobility controller, you can define the peer group and the IP address of each peer group member.

Procedure


Step 1

Choose Controller > Mobility Management > Switch Peer Group.

The Mobility Switch Peer Groups page is displayed.

Step 2

Click New.

Step 3

Enter the following details:

  1. Switch Peer Group Name

  2. Bridge Domain ID

  3. Multicast IP Address

Step 4

Click Apply.

Step 5

Click Save Configuration.


Configuring Local Mobility Group (CLI)

Configuration for wireless mobility groups and mobility group members where the mobility group is a group of MCs.

Before you begin

MCs can belong only to one mobility group, and can know MCs in several mobility groups.

SUMMARY STEPS

  1. wireless mobility group name group-name
  2. wireless mobility group member ip member-ip-addr public-ip public-ip-addr
  3. wireless mobility group keepalive interval time-in-seconds
  4. wireless mobility group keepalive count count

DETAILED STEPS

  Command or Action Purpose
Step 1

wireless mobility group name group-name

Example:

Device(config)# wireless mobility group name Mygroup

Creates a mobility group named Mygroup.

Step 2

wireless mobility group member ip member-ip-addr public-ip public-ip-addr

Example:

Device(config)# wireless mobility group member ip 10.10.34.10 public-ip 10.10.34.28

Adds a mobility controller to the Mygroup mobility group.

Note 
When NAT is used, use the optional public IP address to enter the NATed IP address of the mobility controller.
Step 3

wireless mobility group keepalive interval time-in-seconds

Example:

Device(config)# wireless mobility group keepalive interval 5

Configures the interval between two keepalives sent to a mobility member.

Step 4

wireless mobility group keepalive count count

Example:

Device(config)# wireless mobility group keepalive count 3

Configures the keep alive retries before a member status is termed DOWN.

Example


Device(config)# wireless mobility group name Mygroup
Device(config)# wireless mobility group member ip 10.10.34.10 public-ip 10.10.34.28
Device(config)# wireless mobility group keepalive interval 5
Device(config)# wireless mobility group keepalive count 3

Configuring Local Mobility Group (GUI)

Before you begin

Mobility controllers can belong to only one mobility group and can know mobility controllers in several mobility groups.

Procedure


Step 1

Choose Controller > Mobility Management > Mobility Global Config.

The Mobility Controller Configuration page is displayed.

Step 2

Enter the following details:

  1. Mobility Group Name

  2. Mobility Keepalive Interval

  3. Mobility Keepalive Count

  4. Multicast IP Address if you want to enable multicast mode to send mobile announce messages to the mobility members.

    Note 
    If you do not enable multicast IP address, the device uses unicast mode to send mobile announce messages.
Step 3

Click Apply.

Step 4

Click Save Configuration.


Adding a Peer Mobility Group (CLI)

Before you begin

MCs belong to only one group, and can know MCs in several groups.

SUMMARY STEPS

  1. wireless mobility group member ip member-ip-addr public-ip public-ip-addr group group-name

DETAILED STEPS

Command or Action Purpose

wireless mobility group member ip member-ip-addr public-ip public-ip-addr group group-name

Example:

Device(config)# wireless mobility group member ip 10.10.10.24 public-ip 10.10.10.25 group Group2

Adds the member as a peer MC in a different group than the Mygroup.

Adding a Peer Mobility Group (GUI)

Before you begin

Mobility controllers belong to only one group, and can know several mobility groups.

Procedure


Step 1

Choose Controller > Mobility Management > Mobility Peer.

The Mobility Peer page is displayed.

Step 2

Click New.

Step 3

Enter the following details:

  1. Mobility Member IP

  2. Mobility Member Public IP

  3. Mobility Member Group Name

  4. Multicast IP Address

Step 4

Click Apply.

Step 5

Click Save Configuration.


Configuring Optional Parameters for Roaming Behavior

Use this configuration to disable the sticky anchor. This command can also be used, if required, between all MA's and MC's where roaming is expected for the target SSID.

SUMMARY STEPS

  1. wlan open21
  2. no mobility anchor sticky

DETAILED STEPS

  Command or Action Purpose
Step 1

wlan open21

Example:


Device(config)# wlan open20

Configures a WLAN.

Step 2

no mobility anchor sticky

Example:


Device(config-wlan)# no mobility anchor sticky 

Disables the default sticky mobility anchor.

Example


Device(config)# wlan open20
Device(config-wlan)# no mobility anchor sticky 

Pointing the Mobility Controller to a Mobility Oracle (CLI)

Before you begin

You can configure a mobility oracle on a known mobility controller.

SUMMARY STEPS

  1. wireless mobility group member ip member-ip-addr group group-name
  2. wireless mobility oracle ip oracle-ip-addr

DETAILED STEPS

  Command or Action Purpose
Step 1

wireless mobility group member ip member-ip-addr group group-name

Example:

Device(config)# wireless mobility group member ip 10.10.10.10 group Group3

Creates and adds a MC to a mobility group.

Step 2

wireless mobility oracle ip oracle-ip-addr

Example:

Device(config)# wireless mobility oracle ip 10.10.10.10

Configures the mobility controller as mobility oracle.

Example


Device(config)# wireless mobility group member ip 10.10.10.10 group Group3
Device(config)# wireless mobility oracle ip 10.10.10.10

Pointing the Mobility Controller to a Mobility Oracle (GUI)

Before you begin

You can configure a mobility oracle on a known mobility controller.

Procedure


Step 1

Choose Controller > Mobility Management > Mobility Global Config.

The Mobility Controller Configuration page is displayed.

Step 2

Enter the Mobility Oracle IP Address.

Note 
To make the mobility controller itself a mobility oracle, select the Mobility Oracle Enabled check box.
Step 3

Click Apply.

Step 4

Click Save Configuration.


Configuring Guest Controller

A guest controller is used when the client traffic is tunneled to a guest anchor controller in the demilitarized zone (DMZ). The guest client goes through a web authentication process. The web authentication process is optional, and the guest is allowed to pass traffic without authentication too.

Enable the WLAN on the mobility agent on which the guest client connects with the mobility anchor address of the guest controller.

On the guest controller WLAN, which can be Cisco 5500 Series WLC, Cisco WiSM2, or Cisco 5700 Series WLC, configure the IP address of the mobility anchor as its own IP address. This allows the traffic to be tunneled to the guest controller from the mobility agent.

Note

With Cisco 5700 Series WLC as the guest anchor controller and Cisco 5500 Series WLC or Cisco WiSM2 as export foreign controller, the guest user role per user is not supported on the Cisco 5700 Series WLC.


SUMMARY STEPS

  1. wlan wlan-id
  2. mobility anchor guest-anchor-ip-addr
  3. client vlan vlan-name
  4. security open

DETAILED STEPS

  Command or Action Purpose
Step 1

wlan wlan-id

Example:

Device(config)# wlan Mywlan1

Creates a WLAN for the client.

Step 2

mobility anchor guest-anchor-ip-addr

Example:

Device(config-wlan)# mobility anchor 10.10.10.2
Enables the guest anchors (GA) IP address on the MA.
Note 
To enable guest anchor on the mobility controller, you need not enter the IP address. Enter the mobility anchor command in the WLAN configuration mode to enable GA on the mobility controller.
Step 3

client vlan vlan-name

Example:

Device(config-wlan)# client vlan gc_ga_vlan1

Assigns a VLAN to the client's WLAN.

Step 4

security open

Example:

Device(config-wlan)# security open

Assigns a security type to the WLAN.

Example


Device(config)# wlan Mywlan1
Device(config-wlan)# mobility anchor 10.10.10.2
Device(config-wlan)# client vlan gc_ga_vlan1
Device(config-wlan)# security open

Configuring Guest Anchor

SUMMARY STEPS

  1. wlan Mywlan1
  2. mobility anchor <guest-anchors-own-ip-address>
  3. client vlan <vlan-name>
  4. security open

DETAILED STEPS

  Command or Action Purpose
Step 1

wlan Mywlan1

Example:

Device(config)# wlan Mywlan1 

Creates a wlan for the client.

Step 2

mobility anchor <guest-anchors-own-ip-address>

Example:

Device(config-wlan)# mobility anchor 10.10.10.2  

Enables the guest anchors IP address on the guest anchor (GA). The GA assigns its own address on itself.

Step 3

client vlan <vlan-name>

Example:

Device(config-wlan)# client vlan gc_ga_vlan1  

Assigns a vlan to the clients wlan.

Step 4

security open

Example:

Device(config-wlan)# security open 

Assigns a security type to the wlan.

Example


Device(config)# wlan Mywlan1
Device(config-wlan)# mobility anchor 10.10.10.2
Device(config-wlan)# client vlan gc_ga_vlan1
Device(config-wlan)# security open 

Configuring Mobility Agent

Configuring Mobility Agent by Pointing to Mobility Controller (CLI)

Before you begin

  • By default, the switches are configured as mobility agents.
  • Your network must have at least one mobility controller and the network connectivity with the mobility controller must be operational.
  • You cannot configure mobility from the mobility agent. On the mobility agent, you can configure only the IP address of the mobility controller to download the SPG configuration.
  • On the mobility agent, you can either configure the mobility controller address to point to an external mobility agent, or enable the mobility controller function.

SUMMARY STEPS

  1. configure terminal
  2. wireless management interface vlan 21

DETAILED STEPS

  Command or Action Purpose
Step 1

configure terminal

Example:

Device# configure terminal

Enters global configuration mode.

Step 2

wireless management interface vlan 21

Example:

Device (config)# wireless management interface vlan 21
 

Enables the wireless functionality on the device and activates the mobility agent function. This ensures the APs have a place to terminate the CAPWAP tunnel.

Example

This example shows how to add a mobility agent into the mobility group by pointing it to a mobility controller:


Device(config)# wireless management interface vlan 21

Configuring Mobility Agent by Pointing to Mobility Controller (GUI)

Before you begin

  • By default, the switches are configured as mobility agents.
  • Your network must have at least one mobility controller and the network connectivity with the mobility controller must be operational.
  • You cannot configure mobility from the mobility agent. On the mobility agent, you can configure only the IP address of the mobility controller to download the SPG configuration.
  • On the mobility agent, you can either configure the mobility controller address to point to an external mobility agent, or enable the mobility controller function.

Procedure


Step 1

Choose Configuration > Controller > Mobility Management > Mobility Global Config

The Mobility Controller Configuration page is displayed.

Step 2

From the Mobility Role drop-down list, choose Mobility Agent.

Step 3

In the Mobility Controller IP Address, enter the IP address of the mobility controller.

Step 4

Click Apply.

Step 5

Click Save Configuration.

Step 6

Reboot the device.


Configuring the Mobility Controller for the Mobility Agent (CLI)

SUMMARY STEPS

  1. wireless mobility controller
  2. wireless mobility controller ip ip-addr

DETAILED STEPS

  Command or Action Purpose
Step 1

wireless mobility controller

Example:

Device (config)# wireless mobility controller 
Mobility role changed to Mobility Controller.
Please save config and reboot the whole stack.
 

Enables the mobility function on the device.

Note 
After you enter this command, save the configuration and reboot the device for the mobility controller function to take effect.
Step 2

wireless mobility controller ip ip-addr

Example:

Device (config)# wireless mobility controller ip 10.10.21.3
 

Specifies the mobility controller to which the mobility agent relates.

Note 
If a mobility agent is configured and the mobility controller exists on a different device, configure the SPG on the mobility controller to ensure the mobility agent functions properly.

What to do next

After you add a mobility controller role to the mobility agent, you can configure optional parameters on the mobility agent.

Adding a Mobility Controller Role to the Mobility Agent

SUMMARY STEPS

  1. wireless mobility controller ip 10.10.21.3

DETAILED STEPS

Command or Action Purpose

wireless mobility controller ip 10.10.21.3

Example:

Device(config)# wireless mobility controller ip 10.10.21.3

Converts the mobility agent to a mobility controller.

Example

This example shows how to add the mobility controller role to a mobility agent:


Device(config)# wireless mobility controller ip 10.10.21.3
Mobility role changed to Mobility Controller.
Please save config and reboot the whole stack.

Configuring Optional Parameters on a Mobility Agent (CLI)

This section shows how to configure load-balancing on a device.
  • By default, the load-balancing is enabled and it cannot be disabled.

  • The device supports a maximum of 2000 clients and the default threshold value is fifty percent of client max load.

  • When the device reaches its threshold, it redistributes the new clients load to other mobility agents in the same SPG, if their client load is lower.

SUMMARY STEPS

  1. wireless mobility load-balance threshold threshold-value

DETAILED STEPS

Command or Action Purpose

wireless mobility load-balance threshold threshold-value

Example:

Device(config)# wireless mobility load-balance threshold 150
 

Configures the threshold that triggers load-balancing.