Wireless Access

In A setup MM and cluster two Controllers.

For COA to work we need to configure VRRP IP for each controllers.

For Management of two controllers one IP (Example 192.168.1.1 and 192.168.1.2) each and one VIP (192.168.1.3) for AP's to Discover and download the configuration.

Management Vlan 10 - 192.168.1.1

                                      192.168.1.2

                      VIP   - 192.168.1.3

For COA to work we need one IP User vlan Each 

Vlan 20 - 192.168.2.1

               192.168.2.2

In the above scenario are we allowed  to use Management IP 192.168.1.1  by configuring at Specific controller in Hierarchy as NAS -IP to ensure COA works . This will reduce customer to allocate less number of IP.

This is one of the query from Secure Site Customer as they need to clear for more number of IP's moving to AOS 8.

Please advice.

Your answer is here:  https://community.arubanetworks.com/t5/Wireless-Access/Clustering-MD-in-8-x-The-need-for-VRRP-IP/m-p/303835/highlight/true#M72733

So if i understand correctly  i need VIP for each MD for COA to work. :-(

You honestly don't need VRRPs for COA to work. 

The VRRP ip address created in the Cluster Profile, that automatically creates VRRP IDS from 220 and up are only really used if there is a cluster failover/election, so that the ip address of the NAS stays the same as that in the user's in the access tracker.  If there are no cluster failovers between when the user first authenticates and when you expect to do a COA, the cluster VRRP configuration is excess, really.  COA will still work without configuring VRRPs in the cluster profile.

Thanks a lot for more detailed information