Cisco Catalyst 9800 Series Wireless Controller Software Configuration Guide, Cisco IOS XE 17.15.x

Bias-Free Language

The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.

Book Contents

Find Matches in This Book

Results

Updated:: August 14, 2024

Chapter: Static IP Client Mobility

Static IP Client Mobility
Information About Static IP Client Mobility
Restrictions
Configuring Static IP Client Mobility (GUI)
Configuring Static IP Client Mobility (CLI)
Verifying Static IP Client Mobility

Static IP Client Mobility

Information About Static IP Client Mobility

At times, you may want to configure static IP addresses for wireless clients. When these wireless clients move about in a network, they might try associating with other controllers.

If the clients try to associate with a controller that does not support the same subnet as the static IP address, the clients fail to connect to the network. The controller inspects the ARP requests sent by the clients to determine if the clients are using static IP addresses or IP addresses that were previously assigned by DHCP. If the ARP requests contain IP addresses that do not exist on any of the controller’s Switched Virtual Interfaces (SVIs), the clients are disconnected due to a "VLAN_FAIL" error, resulting in client traffic backhauled without explicit disconnection.

The disconnection due to VLAN mismatch is a change in functionality introduced in the 17.9.1 release.

Static IP clients with static IP addresses can be associated with other controllers in which the client’s subnet is supported by tunneling the traffic to another controller in the same mobility group. This feature enables you to configure your WLAN so that the network is serviced even though the clients use static IP addresses.

Restrictions

This feature is not supported on the Fabric and Cisco Catalyst 9800 Wireless Controller for Switch platforms.
IPv6 is not supported.
FlexConnect mode is not supported.
WebAuth (LWA and CWA) is not supported.
Supported only Open, Dot1x, and PSK authentication mechanisms.
Supports only on the WLANs that are exclusive of the mobility anchor configuration. If the mobility anchor is already configured on a WLAN, and if static IP mobility is enabled, the feature is not supported.
Supported only when all the peers are configured for the static IP mobility that is enabled.
IRCM is not supported.

Configuring Static IP Client Mobility (GUI)

Procedure

Step 1	Choose Configuration > Tags & Profiles > Policy.
Step 2	On the Policy page, click the policy profile name or click Add to create a new one.
Step 3	Click the Mobility tab.
Step 4	Set the Static IP Mobility field to Enabled state.
Step 5	Click Update & Apply to Device.

Configuring Static IP Client Mobility (CLI)

Follow the procedure given below to configure static IP client mobility:

Before you begin

Configure the SVI interface (L3 VLAN interface) to service the static IP client on at least one of the peer controllers in the network.
For clients to join a controller, the VLAN (based on the VLAN number in the policy profile configuration) should be configured on the device.

Procedure

Command or Action Purpose

	Command or Action	Purpose
Step 1	configure terminal Example: `Device# configure terminal`	Enters global configuration mode.
Step 2	wireless profile policy `profile-policy-name` Example: `Device(config)# wireless profile policy static-ip-policy`	Configures a WLAN policy profile and enters wireless policy configuration mode.
Step 3	static-ip-mobility Example: `Device(config-wireless-policy)# static-ip-mobility`	Enables static IP mobility.

Step 1

configure terminal

Example:

Device# configure terminal

Enters global configuration mode.

Step 2

wireless profile policy profile-policy-name

Example:

Device(config)# wireless profile policy static-ip-policy

Configures a WLAN policy profile and enters wireless policy configuration mode.

Step 3

static-ip-mobility

Example:

Device(config-wireless-policy)# static-ip-mobility

Enables static IP mobility.

Verifying Static IP Client Mobility

Use the following commands to verify the static IP client mobility configuration:

Device# show wireless profile policy detailed static-ip-policy
     

Policy Profile Name           : static-ip-policy
Description                   : 
Status                        : DISABLED
VLAN                          : 1
Wireless management interface VLAN        : 34
Passive Client                : DISABLED
ET-Analytics                  : DISABLED
StaticIP Mobility             : DISABLED
WLAN Switching Policy
  Central Switching           : ENABLED
  Central Authentication      : ENABLED
  Central DHCP                : DISABLED
  Flex NAT PAT            : DISABLED
  Central Assoc               : DISABLED
WLAN Flex Policy
  VLAN based Central Switching           : DISABLED
WLAN ACL
  IPv4 ACL                    : Not Configured
  IPv6 ACL                    : Not Configured
  Layer2 ACL                  : Not Configured
  Preauth urlfilter list      : Not Configured
  Postauth urlfilter list     : Not Configured
WLAN Timeout
  Session Timeout             : 1800
  Idle Timeout                : 300
  Idle Threshold              : 0
WLAN Local Profiling
  Subscriber Policy Name      : Not Configured
  RADIUS Profiling            : DISABLED
  HTTP TLV caching            : DISABLED
  DHCP TLV caching            : DISABLED
WLAN Mobility
  Anchor                      : DISABLED
AVC VISIBILITY                : Disabled
Flow Monitor IPv4
  Flow Monitor Ingress Name   : Not Configured
  Flow Monitor Egress Name    : Not Configured
Flow Monitor IPv6
  Flow Monitor Ingress Name   : Not Configured
  Flow Monitor Egress Name    : Not Configured
NBAR Protocol Discovery       : Disabled
Reanchoring                   : Disabled
Classmap name for Reanchoring
  Reanchoring Classmap Name   : Not Configured
QOS per SSID
  Ingress Service Name        : Not Configured
  Egress Service Name         : Not Configured
QOS per Client
  Ingress Service Name        : Not Configured
  Egress Service Name         : Not Configured
Umbrella information
  Cisco Umbrella Parameter Map : Not Configured
Autoqos Mode                  : None
Call Snooping                 : Disabled
Fabric Profile
  Profile Name                : Not Configured
Accounting list
  Accounting List               : Not Configured
DHCP
  required                    : DISABLED
  server address              : 0.0.0.0
 Opt82
  DhcpOpt82Enable             : DISABLED
  DhcpOpt82Ascii              : DISABLED
  DhcpOpt82Rid                : DISABLED
  APMAC                       : DISABLED
  SSID                        : DISABLED
  AP_ETHMAC                   : DISABLED
  APNAME                      : DISABLED
  POLICY TAG                  : DISABLED
  AP_LOCATION                 : DISABLED
  VLAN_ID                     : DISABLED
Exclusionlist Params
  Exclusionlist               : ENABLED
  Exclusion Timeout           : 60
AAA Policy Params
  AAA Override                : DISABLED
  NAC                         : DISABLED
  AAA Policy name             : default-aaa-policy
WGB Policy Params
  Broadcast Tagging           : DISABLED
  Client VLAN                 : DISABLED
Mobility Anchor List
  IP Address                                  Priority
  -------------------------------------------------------

Device# show run | section profile policy

wireless profile policy default-policy-profile
 central switching
 description "default policy profile"
 static-ip-mobility
 vlan 50
 no shutdown

Was this Document Helpful?

Feedback

Contact Cisco

Open a Support Case
(Requires a Cisco Service Contract)