M and MSM Series
Showing results for 
Search instead for 
Did you mean: 

MSM760 Management and VSC Roaming

New Member

MSM760 Management and VSC Roaming

Hi all,

I have a couple questions:

1. Let's assume the following are configured in the 760:

-Internet Port IP address
-default route Metric 1
-VLAN 100 on Internet port, IP assigned, default gateway
-VLAN 100 allowed in management tool in addition to the Internet port

I can ping just fine from my router, but 70% of the time I cannot manage the controller on VLAN100, unless I already have a session open via the Internet port (untagged traffic I'm assuming). How do I make VLAN100 a more consistent management interface?

2. Is there a way to enable VSC roaming in the 760 access controller (not sure if I have the access or mobility controller)? For example, the following is configured in the controller:

-VSC 1: ingress VLAN 200
-VSC 2: ingress VLAN 201
-VSC 3: ingress VLAN 202

Clients will pull IPs from the same pool regardless of ingress VLANs, but if they move from VSC to VSC, they'll be de-authenticated and presented with a welcome page each time (using external RADIUS for AAA). How do it make it so a client can authenticate in VSC 1, and still roam to VSC 2 or 3 without having to re-authenticate? I was told that a mobility license is needed, but I'm not sure what that is exactly. The following licenses are found in my 760:

-L2 and L3 mobility (activated)

Any help will be greatly appreciated!

Kyle Massey

Re: MSM760 Management and VSC Roaming

First I wanted to see if you could familiarize me with what your environment looks like and what you are trying to do.

Why are you using private addresses and managing the MSM from the internet port?

What addressese do you have on the LAN port?

On the second questions why do you have "Ingress" Vlan settings on your VSC's, are you using the MSM to handle "wired" connections. Maybe you meant "EGress" vlan settings.

Layer 3 mobility is used when you are setting different Egress VLAN settings for the "SAME" WLAN (SSID) on different groups of AP's via bindings. It will give the client the ability to roam between 2 aps that are broadcasting the same SSID but placing the traffic in different VLANs.

It will just tunnel the traffic using GRE.