Knowledge Search


×
 

[WLC] Identifying whether WLC is located behind a NAT firewall

  [KB33958] Show Article Properties


Summary:

This article helps you to identify whether a Wireless Controller is located behind a firewall that is configured for Network Address Translation (NAT).

 

Cause:

Remote sites usually have Wireless LAN Controllers (WLC) located in remote locations to support multiple Wireless Access Points (WLAs) on a remote network. Often the remote sites are located behind a firewall device that supports Network Address Translation (NAT). In this case, if the Access Points are configured behind a NAT firewall, then it is not possible for the APs to boot up in a cluster. To overcome this problem, WLC is configured behind the NAT firewall, which helps the APs to be a part of the cluster.

 

Solution:

To determine whether a WLC is located behind a firewall that supports NAT, use the show mobility-domain command:

========= show mobility-domain =========
Mobility Domain name:Remote location
Flags: u = up[2], d/e = down/config error[0], c = cluster enabled[2],
       p = primary seed, s = secondary seed (S = cluster preempt mode enabled),
       a = mobility domain active seed, A = cluster active seed (if different),
       m = member, y = syncing[0], w = waiting to sync[0], n = sync completed[2],
       f = sync failed[0] 
Member: * = switch behind NAT
Member            Flags  Model     Version     NoAPs  APCap
----------------  -----  --------  ----------  -----  -----
10.26.64.10       upacn  WLC800R   9.6.3.2        27    128
10.26.64.8        us-cn  WLC800R   9.6.3.2        25    128
10.24.8.11       *um-cn  WLC800R   9.6.3.2        26    128
 

The asterisk (*) symbol indicates that the WLC is located behind a firewall has NAT configured.

 

Related Links: