Controllerless Networks

Reply
Frequent Contributor II

Branch Controller not able to re-connect after a uplink disconnect

Hi
I'm working on the ZTP solution for small branch offices using a 7010 as Brach and 7210 as Master controller but during the WAN failover scenarios I noticed that once the VPN tunnel is broken due to a disconnect of the uplink connection or just with a simple clearing the security association, the controller is no longer able to re-establish the VPN tunnel with the master. The only work-around to this behavior is a reload. I use for the test the version 6.4.3.6
Is anyone aware of any particular issue/bug preventing the branch controller to VPNing again? Or does the Branch controller need to talk again with Activate to retrieve the VPN gateway?

Thanks

 

Re: Branch Controller not able to re-connect after a uplink disconnect

What are you using as your secondary uplink ?

Do you have enabled WAN health check ?

 

 

Thank you

Victor Fabian
Lead Mobility Architect @WEI
AMFX | ACMX | ACDX | ACCX | CWAP | CWDP | CWNA
Frequent Contributor II

Re: Branch Controller not able to re-connect after a uplink disconnect

Hi Victor

I have a 4G wired  connection which I tested as primary and works great. WAN health check is actived

 

 

Regards,

Antonio

 

Frequent Contributor II

Re: Branch Controller not able to re-connect after a uplink disconnect

I've isolated the issues. Basically my master controller uses a public IP which belongs to a super subnet which I've configured on the static routes to make sure branch controllers send corporate traffic over the ipsec tunnel so when I lose the VPN tunnel at the remote site, the branch control tries to send the traffic to my master over the IPSec tunnel to recover the VPN . Adding a static route which points to the active uplink recovers the connectivity but this is not a solution. How can I push from the master a static route pointing to both of the uplinks ?
Thanks
Frequent Contributor II

Re: Branch Controller not able to re-connect after a uplink disconnect

Problem fixed. I removed from the static route list the corporate network which contains of the the prefixes used for my Master controller and instead I've added a PBR from the user to the role applied to the BoC poitning to the ipsec tunnels and works.

 

Thanks,

Antonio

New Contributor

Re: Branch Controller not able to re-connect after a uplink disconnect

Hi aboj, please I need some directions from you. I'll be setting up a branch site with a 7030 controller. Can you give me some guidelines on how to do this. Thank you.

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: