![\"\"](\"https:\/\/www.balajibandi.com\/wp-content\/uploads\/2023\/01\/image-5.png\")
<\/figure>\n\n\n\nI know the WLC AirOS going to end of soon, i have new blog coming soon with WLC Cat 9800 HA setup and steps.<\/p>\n\n\n\n
Background – <\/p>\n\n\n\n
Cisco 8K WLC running in HA\/SSO Mode.<\/p>\n\n\n\n
Due to some hardware failure the Primary WLC failed and TAC sent replacement. <\/p>\n\n\n\n
First step : ( dont completly rely on Cisco TAC – they sent a good hardware you can straight away replace and put them live)<\/p>\n\n\n\n
- \n
- Power on WLC – make sure it boot as expected and leave burning test for atlease 5 hours before you think of replacing – (i have some use case box failed after 2 hours or so )<\/li>\n\n\n\n
- Once the WLC seems to be stable and you satisfied.<\/li>\n\n\n\n
- check is this box already configured – if so reset to factory.<\/li>\n<\/ul>\n\n\n\n
When you see below message :<\/p>\n\n\n\n
(Cisco Controller)<\/p>\n\n\n\n
Enter User Name (or ‘Recover-Config<\/strong>‘ this one-time only to reset configuration to factory defaults)<\/p>\n\n\n\n
User: Recover-Config<\/strong> – this will reset the config and default<\/p>\n\n\n\n
Once Conntroller boot (takes 2-5min to boot this process)<\/p>\n\n\n\n
below basic setup required :<\/p>\n\n\n\n
(Cisco Controller)<\/p>\n\n\n\n
Welcome to the Cisco Wizard Configuration Tool
Use the ‘-‘ character to backup<\/p>\n\n\n\nWould you like to terminate autoinstall? [yes]: yes<\/p>\n\n\n\n
System Name [Cisco_xx:xx:xx] (31 characters max):<\/p>\n\n\n\n
AUTO-INSTALL: process terminated — no configuration loaded<\/p>\n\n\n\n
BBLAB<\/p>\n\n\n\n
Enter Administrative User Name (24 characters max): admin
Enter Administrative Password (3 to 24 characters):
Re-enter Administrative Password :<\/p>\n\n\n\nService Interface IP Address Configuration [static][DHCP]: static
Service Interface IP Address: 192.168.1.10
Service Interface Netmask: 255.255.255.0
Enable Link Aggregation (LAG) [yes][NO]: NO<\/p>\n\n\n\nManagement Interface IP Address: 192.168.x.x (this is very important config – make sure you use the free IP address in line with HA mgmt IP)
Management Interface Netmask: 255.255.255.0
Management Interface Default Router: 192.168.x.1
Management Interface VLAN Identifier (0 = untagged): 1
Management Interface Port Num [1 to 2]: 1
Management Interface DHCP Server IP Address: 192.168.1.1
Enable HA [yes][NO]: NO<\/p>\n\n\n\nVirtual Gateway IP Address: y.y.y.y (this can be anything)
Multicast IP Address: 239.255.1.X<\/p>\n\n\n\nMobility\/RF Group Name: admin
Network Name (SSID): admin<\/p>\n\n\n\nEnter Country Code list (enter ‘help’ for a list of countries) [US]: GB<\/p>\n\n\n\n
Enable 802.11b Network [YES][no]:
Enable 802.11a Network [YES][no]:
Enable 802.11g Network [YES][no]:
Enable Auto-RF [YES][no]:<\/p>\n\n\n\nEnter the NTP server’s IP address: 10.10.10.1
Enter a polling interval between 3600 and 604800 secs: 3600<\/p>\n\n\n\nWould you like to configure IPv6 parameters[YES][no]: NO<\/p>\n\n\n\n
Configuration correct? If yes, system will save it and reset. [yes][NO]: yes
Cleaning up DHCP Server
Updating HBL license statistics file
Done.<\/p>\n\n\n\nConfiguration saved!
Resetting system with new configuration\u2026
Updating license storage \u2026 Done.<\/p>\n\n\n\nThe WLC will reboot.<\/p>\n\n\n\n
Connecting PC to WLC on SP to configure using GUI<\/p>\n\n\n\n
PC should be having IP address of same subnet as 192.168.1.X (my case 192.168.1.100)<\/p>\n\n\n\n
Once WLC booted login using admin and password (used while setup time)<\/p>\n\n\n\n
check make sure port is up as below :<\/p>\n\n\n\n
(Cisco Controller) >show port summary<\/p>\n\n\n\n
STP Admin Physical Physical Link Link<\/code><\/pre>\n\n\n\nPr Type Stat Mode Mode Status Status Trap POE<\/p>\n\n\n\n
\n\n\n\n1 Normal Disa Enable Auto Auto Down Enable N\/A<\/p>\n\n\n\n
2 Normal Disa Enable Auto Auto Down Enable N\/A<\/p>\n\n\n\n
RP Normal Disa Enable Auto Auto Down Enable N\/A<\/p>\n\n\n\n
SP Normal Forw Enable Auto Auto Up Enable N\/A<\/strong><\/p>\n\n\n\n
ping from PC 192.168.1.10 (if that works)<\/p>\n\n\n\n
Use IE browser https:\/\/192.168.1.10 <\/p>\n\n\n\n
Download the same Firware are ACTIVE Now ( that is standby) and upgrade the firmware and reload the device.<\/p>\n\n\n\n
Once booted successfully.<\/p>\n\n\n\n
WLC Command level just config as below for redundancy config :<\/p>\n\n\n\n
\n
(Cisco Controller>config interface address redundancy-management LOCALIP peer-redundancy-management REMOTEIP<\/p>\nsave the config<\/cite><\/blockquote>\n\n\n\n
Move to kit to Production location, (remove old failed WLC) – make sure you note the connection before you remove the cables – take picture to save time.<\/p>\n\n\n\n
Rack new RMA Unit to same location :<\/p>\n\n\n\n
Power on new WLC<\/p>\n\n\n\n
Once it booted completly<\/p>\n\n\n\n
Connect redundancy ports together on primary\/secondary. Connect the other network ports.
on RMA unit Console <\/p>\n\n\n\n>config redundancy mode sso<\/strong><\/p>\n\n\n\n
The WLC will reboot to enable sso and pull the config from the current active (secondary in this case) unit xml on boot.<\/p>\n\n\n\n
While booting time you see below messages :<\/p>\n\n\n\n
passed!<\/p>\n\n\n\n
XML config selected<\/strong>
iptables: Chain already exists.
ip6tables: Chain already exists.
Validating XML configuration
octeon_device_init: found 1 DPs<\/strong>
Cisco is a trademark of Cisco Systems, Inc.
Software Copyright Cisco Systems, Inc. All rights reserved.<\/p>\n\n\n\n……<\/p>\n\n\n\n
Starting Fastpath Hardware Acceleration: ok
Starting Fastpath DP Heartbeat : ok<\/p>\n\n\n\n….<\/p>\n\n\n\n
HBL initialization is successful
Starting Licensing Services: ok
Starting Redundancy: Starting Peer Search Timer of 120 seconds<\/strong><\/p>\n\n\n\nInitiate Role Negotiation Message to peer<\/strong><\/p>\n\n\n\n
Found the Peer. Starting Role Determination\u2026ok<\/strong><\/p>\n\n\n\n
Start rmgrPingTask: ok<\/p>\n\n\n\n
….<\/p>\n\n\n\n
Starting CPU ACL Logging services: ok<\/p>\n\n\n\n
(WLC-Standby) <\/p>\n\n\n\n
User :<\/p>\n\n\n\n
This means HA is ok, and take sometime to sync.<\/p>\n\n\n\n
On the Current Active you can issue command for bulk sync check :<\/p>\n\n\n\n
(WLC-01) >show redundancy summary
Redundancy Mode = SSO ENABLED
Local State = ACTIVE
Peer State = STANDBY HOT
Unit = Secondary (Inherited AP License Count = 6000)
Unit ID = xxxxxxxxxxxxxxxx
Redundancy State = SSO
Mobility MAC = xxxxxxxxxxxxxx
Redundancy Port = UP
BulkSync Status = In-Progress (this should be Compeleted) – until that time suggest to not make any major changes
<\/strong>Average Redundancy Peer Reachability Latency = 69 Micro Seconds
Average Management Gateway Reachability Latency = 567 Micro Seconds<\/p>\n\n\n\nOnce config is bulk-synced the primary unit is now in HOT STANDBY<\/strong>
Redundancy force-switchover<\/strong> – if you like to fail over to recently replaced WLC
<\/p>\n\n\n\nOther Notes for License and Mobility :<\/strong>
Make sure to check your mobility group as the new pair will use the MAC address from the replacement primary and not the active secondary.
You can either use config redundancy mac on the replacement primary to use the custom MAC you have already configured on your mobility groups.
If you do not do this it cannot be changed after pairing. Then you will have to update the mobility groups themselves with the new mobility MAC from the HA pair.<\/p>\n\n\n\nHope this help …………Be patient – do not make any changes – this have other side effect failing between WLC cause AP reboot and Client disconnect.<\/p>\n\n\n\n
Happy Labbinggggggggggggggggggg!!!!!!<\/p>\n","protected":false},"excerpt":{"rendered":"
I have done this in the past, but due to some reason not able to get my documents and steps, now i done some replacement recently – so this document covers. Requirement PC with Console Cable DP9 connector to connect to WLC. WLC Ports information : I know the WLC AirOS going to end of […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-1808","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"_links":{"self":[{"href":"https:\/\/www.balajibandi.com\/index.php?rest_route=\/wp\/v2\/posts\/1808","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.balajibandi.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.balajibandi.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.balajibandi.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.balajibandi.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=1808"}],"version-history":[{"count":1,"href":"https:\/\/www.balajibandi.com\/index.php?rest_route=\/wp\/v2\/posts\/1808\/revisions"}],"predecessor-version":[{"id":1810,"href":"https:\/\/www.balajibandi.com\/index.php?rest_route=\/wp\/v2\/posts\/1808\/revisions\/1810"}],"wp:attachment":[{"href":"https:\/\/www.balajibandi.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=1808"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.balajibandi.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=1808"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.balajibandi.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=1808"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}