Support Support Downloads Knowledge Base Service Request Manager My Juniper Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

[WLC] Identifying whether WLC is located behind a NAT firewall

0

0

Article ID: KB33958 KB Last Updated: 15 Mar 2019Version: 1.0
Summary:

This article helps you to identify whether a Wireless Controller is located behind a firewall that is configured for Network Address Translation (NAT).

 

Cause:

Remote sites usually have Wireless LAN Controllers (WLC) located in remote locations to support multiple Wireless Access Points (WLAs) on a remote network. Often the remote sites are located behind a firewall device that supports Network Address Translation (NAT). In this case, if the Access Points are configured behind a NAT firewall, then it is not possible for the APs to boot up in a cluster. To overcome this problem, WLC is configured behind the NAT firewall, which helps the APs to be a part of the cluster.

 

Solution:

To determine whether a WLC is located behind a firewall that supports NAT, use the show mobility-domain command:

========= show mobility-domain =========
Mobility Domain name:Remote location
Flags: u = up[2], d/e = down/config error[0], c = cluster enabled[2],
       p = primary seed, s = secondary seed (S = cluster preempt mode enabled),
       a = mobility domain active seed, A = cluster active seed (if different),
       m = member, y = syncing[0], w = waiting to sync[0], n = sync completed[2],
       f = sync failed[0] 
Member: * = switch behind NAT
Member            Flags  Model     Version     NoAPs  APCap
----------------  -----  --------  ----------  -----  -----
10.26.64.10       upacn  WLC800R   9.6.3.2        27    128
10.26.64.8        us-cn  WLC800R   9.6.3.2        25    128
10.24.8.11       *um-cn  WLC800R   9.6.3.2        26    128
 

The asterisk (*) symbol indicates that the WLC is located behind a firewall has NAT configured.

 

Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Security Alerts and Vulnerabilities

Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search