Showing results for 
Search instead for 
Did you mean: 

Need Fast Failover with Deauth to trigger Client DHCP-Requests

Need Fast Failover with Deauth to trigger Client DHCP-Requests

New Contributor III

we have a V2110 Controller HA-Pair with EWC-Firmware 10. Both are on different locations with topologies in different subnets. Both locations are connected directly with 10G. Now when a Fast Failover occurs, clients are connected into the topology of the other location but clients need to get a valid IP adress from the other location to be able to communicate. This happens when user triggers a new DHCP-Request. Now I want to happen this automatically.

A solution would be if deauth packet are sent to clients when the failover occurs. It seems it was possible in EWC-Firmware 9 because the following KB entry discribed how to counter those packet if one would not want those deauth packets:

But I cant find "configure Fast Failover Events" in EWC 10. Is it possible to trigger those deauth packets on Fast Failover?


New Contributor III
I found the following solution:
- Activate Mobility betwen the two HA-controllers
- use different VNS one each controller (the only difference between the VNS is their name, their content, roles and wireless services are the same)
- deactivate "Permit Inter-WLAN Service Roaming" in the advanced settings of the WLAN service which is associated with the VNS

When I release an accesspoint to the other HA controller, the client gets shortly disconnected with reason "VNS[...] Cause[Request from Other Controller]", reassociates and gets a valid IP-Adress from the failover-controllers topologies.

WM has a VNS-desync now because it wants to deploy a VNS always on both HA Controllers but at least clients reassociate now automatically when APs change their controllers (fe. during controller mainteanance)


New Contributor III
Ok, found it and "Fast Failover Events" was deselected there too. So I actually have the configuration which is discribed in the V9 knowledgebase article. But the clients still doesn't get Deauths' when their AP failovers.

Honored Contributor
Please check again in the controller GUI- this time in the pop-up window click on the line "Acct" to highlighted it to get the option.
In your screenshot "Auth" is highlighted that is why you can't see the field.

I can't help you with WM as I don't like it = don't use it.

New Contributor III
Thanks to your sceenshot I located the option at VSN/Global/Authh. Unfortunately it was already disabled by default there and yet no Deauth packets.

At VNS/WLAN Service Auth this option doesnt exist. Is it a difference between 10.01.03 and 10.01.04?


I use 802.1x but defined the nac5radius as "RADIUS Server" in WM:


As the screenshot shows there are NAC-definitions "nac5" and "nac6" but I cant select them as RADIUS Server at the WLAN Service definition.