There are two options for Cisco Wireless Controller redundancy solutions, either Backup Controllers or High Availability, depending on the firmware version of WLC's, failover time requirement, and budget.


Using Backup Controller method, a single controller at another location can act as a backup for access points when they lose connectivity with the primary controller in the local region. Centralized and regional controllers do not need to be in the same mobility group. You can specify a primary, secondary, and tertiary controller for specific access points in your network. Using the controller GUI or CLI, you can specify the IP addresses of the backup controllers, which allows the access points to fail over to controllers outside of the mobility group. You can set the Primary and Secondary controllers for the AP on the controller via the GUI, the CLI, or even SNMP. With Backup Controllers, in the case of a WLC failure, APs would begin to search for their Secondary Controller and re-establish their CAPWAP tunnel. The obvious downside is the outage that occurs from the client prospective while the AP drops it's tunnel and begins to build it again to the Secondary Controller.

The new High Availability (HA) feature (that is, AP SSO) set within the Cisco Unified Wireless Network software release version 7.3 and 7.4 allows the access point (AP) to establish a CAPWAP tunnel with the Active WLC and share a mirror copy of the AP database with the Standby WLC. The APs do not go into the Discovery state when the Active WLC fails and the Standby WLC takes over the network as the Active WLC. There is only one CAPWAP tunnel maintained at a time between the APs and the WLC that is in an Active state. The overall goal for the addition of AP SSO support to the Cisco Unified Wireless LAN is to reduce major downtime in wireless networks due to failure conditions that may occur due to box failover or network failover. Once you purchase a second WLC and license it specifically to serve as a standby,  it shares an IP address and session/Config/AP information with the main controller.

ll basic configuration has been created from following related posts. This post will focus on some other configuration or troubleshooting happened in real environment.

Relate Posts:

• Cisco Wireless Controller 5508 Configuration Step by Step - Part 1 (CLI and GUI) - 
• Cisco Wireless Controller 5508 Configuration Step by Step - Part 2 (User/Machine Auth) - 
• Cisco Wireless Controller 5508 Configuration Step by Step - Part 3 (Certs Auth and Other Settings) 

Looking for a pre-installed GUI based Proxy for a while and found Artica recently. The feature is pretty attractive and GUI interface looks cool.

What is Artica?
"Artica Proxy is an appliance that claim to manage Squid-cache proxy with all features that Squid Cache provides.With the Artica Web interface you can monitor, manage get statistics of your proxy service.
Artica Proxy provides ISOs in order to build a full proxy appliance without any technical skills.
Artica Proxy allows to enable Web filtering engine with more than 30.000.000 categorized websites.

Other features included such as reverse-proxy, RDP proxy, VPN, DHCP, DNS..."
Here are some my experience on it.

1. Download Link:
 http://artica-proxy.com/telechargements/

There are ISO, ESXi, Hyperv, Xen versions to download.

Netflow is a feature first introduced into Cisco routers and switches and then flow concept has been widely accepted by other network product vendors. Basically the network devices which support xflow feature can collect IP traffic statistics on the interfaces where xFlow is enabled, and export those statistics as xFlow records to remote defined xFlow collector.

PRTG can use this NetFlow feature for detailed bandwidth usage monitoring and it also shows you:

• where your bandwidth is used
• who is using it
• how it is being used
• why it is being used

It lets you see which specific applications are being used and how the usage might affect your network. NetFlow monitoring is included in all PRTG Network Monitor licenses, which means no special license to enable this feature. It will be counted into your sensors license.