Cisco Cisco 4404 Wireless LAN Controller Referências técnicas
24
Deployment Guide: Cisco Guest Access Using the Cisco Wireless LAN Controller, Release 4.0
OL-11010-01
Web Authentication Process
Note
On any firewalls between the two controllers, the following ports need to be open: (1) UDP 16666 (or
16667, if encryption is enabled) for tunnel control traffic, (2) IP protocol 97 for user data traffic, (3) UDP
161 and 162 for SNMP, (4) UDP 69 for TFTP and (5) TCP port 80/443 for management.
16667, if encryption is enabled) for tunnel control traffic, (2) IP protocol 97 for user data traffic, (3) UDP
161 and 162 for SNMP, (4) UDP 69 for TFTP and (5) TCP port 80/443 for management.
Note
For details on debugging the Mobility Anchor feature, please see the “Troubleshooting” section at the
end of this deployment guide.
end of this deployment guide.
Running Mobility Ping Tests (Release 4.0 and later)
Controllers belonging to the same mobility group communicate with each other by controlling
information over a well-known UDP port and exchanging data traffic through an Ethernet-over-IP (EoIP)
tunnel. Because UDP and EoIP are not reliable transport mechanisms, there is no guarantee that a
mobility control packet or data packet will be delivered to a mobility peer. Mobility packets may be lost
in transit due to a firewall filtering the UDP port or EoIP packets or due to routing issues.
information over a well-known UDP port and exchanging data traffic through an Ethernet-over-IP (EoIP)
tunnel. Because UDP and EoIP are not reliable transport mechanisms, there is no guarantee that a
mobility control packet or data packet will be delivered to a mobility peer. Mobility packets may be lost
in transit due to a firewall filtering the UDP port or EoIP packets or due to routing issues.
Controller software release 4.0 enables you to test the mobility communication environment by
performing mobility ping tests. These tests may be used to validate connectivity between members of a
mobility group (including guest controllers).
performing mobility ping tests. These tests may be used to validate connectivity between members of a
mobility group (including guest controllers).
Note
You must have release 4.0 installed in the anchor and remote controller for this feature to work.
Two ping tests are available:
•
Mobility ping over UDP—This test runs over mobility UDP port 16666. It tests whether the
mobility control packet can be reached over the management interface.
mobility control packet can be reached over the management interface.
•
Mobility ping over EoIP—This test runs over EoIP. It tests the mobility data traffic over the
management interface.
management interface.
Only one mobility ping test per controller can be run at a time.
Note
These ping tests are not Internet Control Message Protocol (ICMP) based. The term “ping” is used to
indicate an echo request and an echo reply message.
indicate an echo request and an echo reply message.
Use these commands to run mobility ping tests from the controller CLI.
1.
To test the mobility UDP control packet communication between two controllers, enter this
command:
command:
mping mobility_peer_IP_address
The mobility_peer_IP_address parameter must be the IP address of a controller that belongs to a
mobility group.
mobility group.
2.
To test the mobility EoIP data packet communication between two controllers, enter this command:
eping mobility_peer_IP_address
The mobility_peer_IP_address parameter must be the IP address of a controller that belongs to a
mobility group.
mobility group.