The establishment of a WCL/AP connection is always initiated by the AP. An AP in managed mode will search the LAN for a WLC that will provide it with a configuration. During this search the AP may find various suitable WLCs:
- The WLC can authenticate the certificate in the AP and it has a configuration stored for the MAC address of the AP. A WLC of this type is described as a "primary" WLC.
- A WLC can authenticate the certificate of an AP, but it has neither a configuration stored for the MAC address of the AP, nor does it have a default configuration. A WLC of this type is described as a "secondary" WLC.
This is an example of a backup solution with three WLCs for 50 managed APs: Two of the WLCs each manage 25 APs and the third is available as a backup WLC:
Note: A WLC is now able to accommodate five times the maximum number of APs that it can manage by itself. For each five WLCs (identical models), just one additional WLC is sufficient to provide a full backup WLC in case of failure.
- Set the same time on all of the WLCs 1, 2 and 3.
- Transfer the CA and RA certificates from the first primary WLC 1 to the second primary WLC 2 and to the secondary "backup WLC" 3.
- Configure the first WLC 1 according to your requirements with the profiles and the associated AP table for one half of the APs. This WLC becomes the primary WLC for the APs entered into it.
Note: For a backup solution using a secondary WLC, be sure to set the time for standalone operations such that the AP has time to find a backup WLC. This is because the backup WLC is not able to provide a new configuration for the AP.
Once the AP has established a backup connection to a secondary WLC the countdown until expiry of standalone operation is halted. The AP and its WLAN networks remain active as long as there is a connection to a WLC.
- Configure the second WLC 2 for the other half of the APs, which subsequently treat this WLC as their primary WLC.
- For the backup WLC 3 the time and the root certificates are set up only. No further configuration is required.
- After being started, the APs search for a WLC by emitting a discovery message. In this case, all three WLCs respond to this message—the APs select "their" primary WLC for the DTLS connection that follows. One half of the APs decides on WLC 1 and the other half chooses WLC 2. Because WLC 3 does not function as primary WLC for any of the APs, none of the APs log on to it.
- Should WLC 2 fail, the APs will automatically search for another WLC. They discover the WLC A and C, whereby A is already under full load with its 25 APs. Backup controller C is able to check the validity of the certificates, i.e. it can authenticate the APs and accept them as managed APs. However, because the APs are not entered with their MAC numbers into the backup WLC's AP table, the backup WLC cannot manage the APs any further; they simply continue to operate with their current WLAN configurations.
Note: If WLC A is not under full load, for example because some of "its" APs are switched off, then some of the searching APs could log on here. WLC A remains a "secondary" controller for these APs because it does not have their configuration profiles. If in this case one of the APs with an entry in the AP table of WLC A is switched on again, then A accepts this reactivated AP and, in exchange, it disconnects one of the backup-event APs.
Note: If the APs are set up for standalone operation they will remain operational while searching for a backup WLC, and the WLAN clients can continue to use all of their functions.