Configuring Inter Release Controller Mobility in Wireless Deployments supporting AireOS and Catalyst 9800 Controllers

Bias-Free Language

The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.

Book Contents

Find Matches in This Book

Results

Updated:: October 13, 2022

Chapter: IRCM Support for Brownfield Guest Access using Guest Anchor

IRCM Support for Brownfield Guest Access using Guest Anchor
IRCM support between Catalyst 9800 as Guest Anchor and Catalyst 9800 and AireOS as Foreign Controller
IRCM support between AireOS Controller as Guest Anchor and Catalyst 9800 / AireOS as Foreign Controller

IRCM Support for Brownfield Guest Access using Guest Anchor

The Wireless Guest Access model using guest anchor, addresses the need to provide internet access to guests in a secure and accountable manner. The implementation of a wireless guest network uses the enterprise’s existing wireless and wired infrastructure to the maximum extent. While there can be many different deployments for guest access, this document focuses on a solution using two controllers - a Guest Foreign and a Guest Anchor that provides an easy solution to segment guest traffic to a centralised location (DMZ). You can map a provisioned guest WLAN to one or more (anchor) controllers using a tunnel. This allows a guest WLAN and all associated guest traffic to be transported transparently across an enterprise network to an anchor controller that resides in the Internet DMZ.

We will discuss only two possible scenarios described below.

IRCM support between Catalyst 9800 as Guest Anchor and Catalyst 9800 and AireOS as Foreign Controller

In the above setup, the following controllers are at work.

WLC-3–Any Catalyst 9800 wireless controller.
WLC-2–Any Catalyst 9800 wireless controller.
WLC-1–AireOS 5520/8540 or 3504 controllers running 8.8.111 and above. WLC can also be a 5508/8510 controller running 8.5 based IRCM supported image.

Here all the controllers can participate in secure mobility and will have a tunnel established with the peers . WLC2 here can act a guest anchor for both WLC1 and WLC3.

This setup also support the guest roaming between WLC1 (AireOS) and WLC3 (Catalyst 9800).

IRCM support between AireOS Controller as Guest Anchor and Catalyst 9800 / AireOS as Foreign Controller

In the above setup, the following controllers are at work.

WLC-3–Any Catalyst 9800 controller.
WLC-2–AireOS 5520/8540 or 3504 controllers running 8.8.111 and above. WLC can also be a 5508/8510 controller running 8.5 based IRCM supported image.
WLC-1–Any AireOS controller running 8.2 / 8.3 / 8.5.

Here, WLC-1 can pair up with WLC-2 using EOIP tunnel and WLC-2 can be paired up with WLC-3 through Secure Mobility tunnel. But WLC-1 cannot pair up with WLC-3.

Was this Document Helpful?

Feedback

Contact Cisco

Open a Support Case
(Requires a Cisco Service Contract)