12-21
Cisco Wireless LAN Controller Configuration Guide
OL-17037-01
Chapter 12 Configuring Mobility GroupsWireless Device Access
Configuring Auto-Anchor Mobility
Note
The IPSec and L2TP Layer 3 security policies are unavailable for WLANs configured with a mobility
anchor.
Guidelines for Using Auto-Anchor Mobility
Keep these guidelines in mind when you configure auto-anchor mobility:
•
Controllers must be added to the mobility group member list before you can designate them as
mobility anchors for a WLAN.
•
You can configure multiple controllers as mobility anchors for a WLAN.
•
You must disable the WLAN before configuring mobility anchors for it.
•
Auto-anchor mobility supports web authorization but does not support other Layer 3 security types.
•
The WLANs on both the foreign controller and the anchor controller must be configured with
mobility anchors. On the anchor controller, configure the anchor controller itself as a mobility
anchor. On the foreign controller, configure the anchor as a mobility anchor.
•
Auto-anchor mobility is not supported for use with DHCP option 82.
•
When using the guest N+1 redundancy and mobility failover features with a firewall, make sure that
the following ports are open:
–
UDP 16666 for tunnel control traffic
–
IP Protocol 97 for user data traffic
–
UDP 161 and 162 for SNMP
Using the GUI to Configure Auto-Anchor Mobility
Follow these steps to create a new mobility anchor for a WLAN using the GUI.
Note
See the
“Using the CLI to Configure Auto-Anchor Mobility” section on page 12-23
if you would prefer
to configure auto-anchor mobility using the CLI.
Step 1
Follow these steps to configure the controller to detect failed anchor controllers within a mobility group:
a.
Click
Controller
>
Mobility Management
>
Mobility Anchor Config
to open the Mobility
Anchor Config page (see
).