Wireless Network Design

Unanswered Question
Sep 13th, 2007

What are best practices in consideration to wireless network design? I have a WLC 4400 and 1200 AP's that I want to deploy to replace my existing wireless network. I am researching the best network design for implementing a secured wireless infrastructure and also having a quest account for non employee's to logon to and surf the Internet. We also have WAN sites that need to be included in this design.

Any help would be appreciated.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4.8 (4 ratings)
Loading.
Alejandro Corte... Thu, 09/13/2007 - 06:28

consider redundancy in your WLC, if your WLS is 4402 (2 port), 4404 (4 ports), it dependens on how many access point you have, just remember to use aprox. 25 access point per port y configure the ports for backup with the other port.(port 1= backup port 2)(port 2= backup port 1 and so on), about the security you should create VLANs. you can use a radius server(windows server or Cisco ACS) to validate your internal users, for guest users you can use webauthentication and in the guest vlan just route to the internet.

for webauthentication you can use for internal users too, each users you create can be in diferent vlan.

tim.holden@hctra.com Thu, 09/13/2007 - 07:24

What is the best layer 2 security for wireless access and can layer 2 security be used for WAN sites over T1's, or should I use layer 3.

Alejandro Corte... Thu, 09/13/2007 - 07:43

for L3 consider the protocol H-reap, this protocol make the comunicacion betwen wan links from the WLC to the AP.

For L2 security you can use 802.1x with certificates

Rob Huffman Fri, 09/14/2007 - 05:28

Hi Tim,

I just wanted to add a bit to the excellent info you have already received from Alejandro (nice work A!);

Here some good "getting started" Cisco docs (and link to a video) which might help. This is a fair bit of reading :)

Wireless LAN Design Guide

http://www.cisco.com/web/about/ciscoitatwork/design_guides/dg-wlan.html

Wireless Site Survey FAQ

http://www.cisco.com/en/US/tech/tk722/tk809/technologies_q_and_a_item09186a00805e9a96.shtml

Understanding the Lightweight Access Point Protocol (LWAPP)

http://www.cisco.com/en/US/netsol/ns340/ns394/ns348/ns337/networking_solutions_white_paper0900aecd802c18ee.shtml

Deploying Cisco 440X Series Wireless LAN Controllers

http://www.cisco.com/en/US/products/ps6366/prod_technical_reference09186a00806cfa96.html

Cisco Wireless LAN Controller Configuration Guide, Release 4.0

http://www.cisco.com/en/US/products/ps6366/products_configuration_guide_book09186a00806b0077.html

WLC Video

http://www.cisco.com/en/US/products/ps6366/index.html

Lightweight Access Point FAQ

http://www.cisco.com/en/US/products/ps6306/products_qanda_item09186a00806a4da3.shtml

Lightweight AP (LAP) Registration to a Wireless LAN Controller (WLC)

http://www.cisco.com/en/US/tech/tk722/tk809/technologies_tech_note09186a00806c9e51.shtml

Here are some excellent overall scope ideas;

Deploying High Capacity Wireless LANs

http://www.cisco.com/en/US/products/ps6108/products_white_paper0900aecd8027a5f7.shtml

Cisco Deploys Wireless LAN Technology to Increase Productivity

http://www.cisco.com/web/about/ciscoitatwork/downloads/ciscoitatwork/pdf/Cisco_IT_Case_Study_WLAN_2004_print.pdf

Design Principles for Voice Over WLAN

http://www.cisco.com/en/US/netsol/ns340/ns394/ns348/networking_solutions_white_paper0900aecd804f1a46.shtml

Evaluating Interference in Wireless LANs: Recommended Practice

http://www.cisco.com/application/pdf/en/us/guest/products/wireless/c2072/cdccont_0900aecd80554f8b.pdf

I have attached some good "getting started" type Security docs). You may also want to engage your Cisco partner and Cisco SE to help you plan and implement this most important function of Wireless.

Wireless LAN Security White Paper

http://www.cisco.com/en/US/netsol/ns340/ns394/ns348/ns386/networking_solutions_white_paper09186a00800b469f.shtml

Five Steps to Securing Your Wireless LAN and Preventing Wireless Threats

http://www.cisco.com/en/US/netsol/ns340/ns394/ns348/ns386/networking_solutions_white_paper0900aecd8042e23b.shtml

WLAN Security considerations (Part of WLAN SRND Guide)

http://www.cisco.com/application/pdf/en/us/guest/netsol/ns178/c649/ccmigration_09186a00800d67eb.pdf

Wireless LAN Security Solution

http://www.cisco.com/en/US/netsol/ns339/ns395/ns176/ns178/netqa0900aecd801e3e59.html

Wireless - Compare Products and Solutions

http://www.cisco.com/en/US/products/hw/wireless/products_category_buyers_guide.html

**Don't forget to check out the good books available from Cisco Press (link on this site)

Hope this helps! And best of luck.

Rob

Actions

This Discussion