Wireless Network Design

Unanswered Question
Sep 13th, 2007

What are best practices in consideration to wireless network design? I have a WLC 4400 and 1200 AP's that I want to deploy to replace my existing wireless network. I am researching the best network design for implementing a secured wireless infrastructure and also having a quest account for non employee's to logon to and surf the Internet. We also have WAN sites that need to be included in this design.

Any help would be appreciated.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4.8 (4 ratings)
Alejandro Corte... Thu, 09/13/2007 - 06:28

consider redundancy in your WLC, if your WLS is 4402 (2 port), 4404 (4 ports), it dependens on how many access point you have, just remember to use aprox. 25 access point per port y configure the ports for backup with the other port.(port 1= backup port 2)(port 2= backup port 1 and so on), about the security you should create VLANs. you can use a radius server(windows server or Cisco ACS) to validate your internal users, for guest users you can use webauthentication and in the guest vlan just route to the internet.

for webauthentication you can use for internal users too, each users you create can be in diferent vlan.

tim.holden@hctra.com Thu, 09/13/2007 - 07:24

What is the best layer 2 security for wireless access and can layer 2 security be used for WAN sites over T1's, or should I use layer 3.

Alejandro Corte... Thu, 09/13/2007 - 07:43

for L3 consider the protocol H-reap, this protocol make the comunicacion betwen wan links from the WLC to the AP.

For L2 security you can use 802.1x with certificates

Rob Huffman Fri, 09/14/2007 - 05:28

Hi Tim,

I just wanted to add a bit to the excellent info you have already received from Alejandro (nice work A!);

Here some good "getting started" Cisco docs (and link to a video) which might help. This is a fair bit of reading :)

Wireless LAN Design Guide


Wireless Site Survey FAQ


Understanding the Lightweight Access Point Protocol (LWAPP)


Deploying Cisco 440X Series Wireless LAN Controllers


Cisco Wireless LAN Controller Configuration Guide, Release 4.0


WLC Video


Lightweight Access Point FAQ


Lightweight AP (LAP) Registration to a Wireless LAN Controller (WLC)


Here are some excellent overall scope ideas;

Deploying High Capacity Wireless LANs


Cisco Deploys Wireless LAN Technology to Increase Productivity


Design Principles for Voice Over WLAN


Evaluating Interference in Wireless LANs: Recommended Practice


I have attached some good "getting started" type Security docs). You may also want to engage your Cisco partner and Cisco SE to help you plan and implement this most important function of Wireless.

Wireless LAN Security White Paper


Five Steps to Securing Your Wireless LAN and Preventing Wireless Threats


WLAN Security considerations (Part of WLAN SRND Guide)


Wireless LAN Security Solution


Wireless - Compare Products and Solutions


**Don't forget to check out the good books available from Cisco Press (link on this site)

Hope this helps! And best of luck.



This Discussion