cancel
Showing results for 
Search instead for 
Did you mean: 

Need Fast Failover with Deauth to trigger Client DHCP-Requests

Need Fast Failover with Deauth to trigger Client DHCP-Requests

htw
New Contributor III

Hi,
we have a V2110 Controller HA-Pair with EWC-Firmware 10. Both are on different locations with topologies in different subnets. Both locations are connected directly with 10G. Now when a Fast Failover occurs, clients are connected into the topology of the other location but clients need to get a valid IP adress from the other location to be able to communicate. This happens when user triggers a new DHCP-Request. Now I want to happen this automatically.

A solution would be if deauth packet are sent to clients when the failover occurs. It seems it was possible in EWC-Firmware 9 because the following KB entry discribed how to counter those packet if one would not want those deauth packets: https://extremeportal.force.com/ExtrArticleDetail?an=000062011

But I cant find "configure Fast Failover Events" in EWC 10. Is it possible to trigger those deauth packets on Fast Failover?

6 REPLIES 6

htw
New Contributor III
I found the following solution:
- Activate Mobility betwen the two HA-controllers
- use different VNS one each controller (the only difference between the VNS is their name, their content, roles and wireless services are the same)
- deactivate "Permit Inter-WLAN Service Roaming" in the advanced settings of the WLAN service which is associated with the VNS

When I release an accesspoint to the other HA controller, the client gets shortly disconnected with reason "VNS[...] Cause[Request from Other Controller]", reassociates and gets a valid IP-Adress from the failover-controllers topologies.

WM has a VNS-desync now because it wants to deploy a VNS always on both HA Controllers but at least clients reassociate now automatically when APs change their controllers (fe. during controller mainteanance)

*happy*

htw
New Contributor III
Ok, found it and "Fast Failover Events" was deselected there too. So I actually have the configuration which is discribed in the V9 knowledgebase article. But the clients still doesn't get Deauths' when their AP failovers.

Ronald_Dvorak
Honored Contributor
Please check again in the controller GUI- this time in the pop-up window click on the line "Acct" to highlighted it to get the option.
In your screenshot "Auth" is highlighted that is why you can't see the field.

I can't help you with WM as I don't like it = don't use it.

htw
New Contributor III
Thanks to your sceenshot I located the option at VSN/Global/Authh. Unfortunately it was already disabled by default there and yet no Deauth packets.

At VNS/WLAN Service Auth this option doesnt exist. Is it a difference between 10.01.03 and 10.01.04?

6545adef9e71443a8592ab54f3e1bdfc_RackMultipart20160601-129407-12yf882-nac5radius_inline.png


I use 802.1x but defined the nac5radius as "RADIUS Server" in WM:

6545adef9e71443a8592ab54f3e1bdfc_RackMultipart20160601-53255-1xv6ewr-wm_nacradius_inline.png



As the screenshot shows there are NAC-definitions "nac5" and "nac6" but I cant select them as RADIUS Server at the WLAN Service definition.
GTM-P2G8KFN