If you are connecting Mobility Controllers (MC) back to a Mobility Conductor (MCR) across the Internet or through a NAT connection, the expectation is that there will be an MC placed nearby to the MCR that provides VPNC functionality and the remote MCs will connect through the VPNC back to the MCR. This is how branch connectivity was once achieved, prior to using Central and the SD-Branch functionality. The MC to MCR connection should not be using NAT addresses, all connections should be controller-ip to controller-ip.
------------------------------
Carson Hulcher, ACEX#110
------------------------------
Original Message:
Sent: Nov 13, 2023 10:44 AM
From: pnobels
Subject: multiple controllers connecting through same public ip to mobility conductor
Hi,
wondering...
SITE A
One mobility controller.
SITE B
One controller.
Controller connects using public ip of mobility conductor (nat'ed on a firewall). Everything works as expected.
Now imagine.
SITE B
Two seperate controllers (on same subnet if you like). Two different internal ip's.
Now things started going sideways after i added the ip, mac of the second controller in the controller config of the mobility conductor. Ap's going down on the first controller etc... The second controller was running but in standalone config and had yet to be reset to be put under mobility conductor control.
So even at this stage i suspect this is not a supported config. Anyone knows?