09-13-2007 05:37 AM - edited 07-03-2021 02:37 PM
What are best practices in consideration to wireless network design? I have a WLC 4400 and 1200 AP's that I want to deploy to replace my existing wireless network. I am researching the best network design for implementing a secured wireless infrastructure and also having a quest account for non employee's to logon to and surf the Internet. We also have WAN sites that need to be included in this design.
Any help would be appreciated.
09-13-2007 06:28 AM
consider redundancy in your WLC, if your WLS is 4402 (2 port), 4404 (4 ports), it dependens on how many access point you have, just remember to use aprox. 25 access point per port y configure the ports for backup with the other port.(port 1= backup port 2)(port 2= backup port 1 and so on), about the security you should create VLANs. you can use a radius server(windows server or Cisco ACS) to validate your internal users, for guest users you can use webauthentication and in the guest vlan just route to the internet.
for webauthentication you can use for internal users too, each users you create can be in diferent vlan.
09-13-2007 07:24 AM
What is the best layer 2 security for wireless access and can layer 2 security be used for WAN sites over T1's, or should I use layer 3.
09-13-2007 07:43 AM
for L3 consider the protocol H-reap, this protocol make the comunicacion betwen wan links from the WLC to the AP.
For L2 security you can use 802.1x with certificates
09-14-2007 05:28 AM
Hi Tim,
I just wanted to add a bit to the excellent info you have already received from Alejandro (nice work A!);
Here some good "getting started" Cisco docs (and link to a video) which might help. This is a fair bit of reading :)
Wireless LAN Design Guide
http://www.cisco.com/web/about/ciscoitatwork/design_guides/dg-wlan.html
Wireless Site Survey FAQ
http://www.cisco.com/en/US/tech/tk722/tk809/technologies_q_and_a_item09186a00805e9a96.shtml
Understanding the Lightweight Access Point Protocol (LWAPP)
Deploying Cisco 440X Series Wireless LAN Controllers
http://www.cisco.com/en/US/products/ps6366/prod_technical_reference09186a00806cfa96.html
Cisco Wireless LAN Controller Configuration Guide, Release 4.0
http://www.cisco.com/en/US/products/ps6366/products_configuration_guide_book09186a00806b0077.html
WLC Video
http://www.cisco.com/en/US/products/ps6366/index.html
Lightweight Access Point FAQ
http://www.cisco.com/en/US/products/ps6306/products_qanda_item09186a00806a4da3.shtml
Lightweight AP (LAP) Registration to a Wireless LAN Controller (WLC)
http://www.cisco.com/en/US/tech/tk722/tk809/technologies_tech_note09186a00806c9e51.shtml
Here are some excellent overall scope ideas;
Deploying High Capacity Wireless LANs
http://www.cisco.com/en/US/products/ps6108/products_white_paper0900aecd8027a5f7.shtml
Cisco Deploys Wireless LAN Technology to Increase Productivity
Design Principles for Voice Over WLAN
Evaluating Interference in Wireless LANs: Recommended Practice
I have attached some good "getting started" type Security docs). You may also want to engage your Cisco partner and Cisco SE to help you plan and implement this most important function of Wireless.
Wireless LAN Security White Paper
Five Steps to Securing Your Wireless LAN and Preventing Wireless Threats
WLAN Security considerations (Part of WLAN SRND Guide)
http://www.cisco.com/application/pdf/en/us/guest/netsol/ns178/c649/ccmigration_09186a00800d67eb.pdf
Wireless LAN Security Solution
http://www.cisco.com/en/US/netsol/ns339/ns395/ns176/ns178/netqa0900aecd801e3e59.html
Wireless - Compare Products and Solutions
http://www.cisco.com/en/US/products/hw/wireless/products_category_buyers_guide.html
**Don't forget to check out the good books available from Cisco Press (link on this site)
Hope this helps! And best of luck.
Rob
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: