WDS

Unanswered Question
Oct 12th, 2007

Hi all I have just set up WDS on my ap's, the ap's authenticate to the wlse. Can anyone tell me where the fast roaming authentication is done? is it done on the master WDS ap or WLSE, if not what is the WLSE actually doing for the WDS ?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
jakew Sun, 10/14/2007 - 23:26

Authentication transactions flow through the WDS. When you are using 802.1x/EAP authentication, the WDS acts as your authenticator and the WDS caches the master key material for fast secure roaming.

The WLSE is not in the critical control or data plane. It is in the management plane. It's interaction with the WDS is for the collection of RM data that it uses for radio resource management and rogue AP detection.

Hope this helps. Any reason you're not looking at WLAN Controllers instead of WDS?

carl_townshend Thu, 10/18/2007 - 23:54

if I bought myself a wireless lan controller, would this give me fast roaming ? is wds for people who dont have the wlc ? and so do I not need the wlse device to use wds on my ap's ?

dennischolmes Sat, 10/20/2007 - 07:19

2 different worlds here. You can support fast roaming on either platform but truly fast roaming with credentials caching etc then LWAPP is the way to go for you.

jakew Sat, 10/20/2007 - 08:04

Think of WDS as an interim step in Cisco's WLAN architectural evolution between pure autonomous APs and WLAN controllers/LWAPP (today). WDS serves two purposes, centralizing authentication and client context for a L2 subnet (this allows fast secure L2 roaming), and aggregating RRM data from APs in it's "domain". The latter is used by the WLSE for rogue AP detection and radio resource management. This is optional, not mandatory for data service and fast secure roaming. But if you want radio resource management and rogue AP detection, you need the WLSE.

rob.huffman Sat, 10/20/2007 - 09:03

Hi Carl,

I know from some previous conversations here that you have been looking at the WDS/WLSE implementation for some time now. I think that you might be well served to follow along the path that Jake and Dennis have suggested. Nobody will probably "officially" say this, but the Autonomous AP/WDS/WLSE path is soon to be "End of Life" by Cisco. Most resources are being spent in the LWAPP Unified Wireless Network direction.

The nice thing about this migration is that your investment in Autonomous Architecture is not lost. Most AP's can be converted to LWAPP AP's and some WLSE Models can be converted to become WCS (Wireless Control System). Have a look;

CiscoWorks Wireless LAN Solution Engine (WLSE) End-of-Life and End-of-Sale Notices

http://www.cisco.com/en/US/products/sw/cscowork/ps3915/prod_eol_notices_list.html

Cisco is encouraging our customers to migrate to the Cisco Unified Wireless Network. This paper reviews the advantages of and reasons for migrating to the Cisco Unified Wireless Network.

Customers that have deployed a legacy wireless LAN or a Cisco wireless solution using Cisco Aironet standalone (autonomous) access points, the CiscoWorks Wireless LAN Solution Engine (WLSE), and the Cisco Catalyst 6500 Series Wireless LAN Services Module (WLSM) are encouraged to migrate to the Cisco Unified Wireless Network to reap numerous benefits including ease of management, scalability, advanced feature velocity, high performance, lowered total cost of ownership, and mobility services such as VoWLAN, guest access, location services, and enhanced security.

http://www.cisco.com/en/US/netsol/ns340/ns394/ns348/ns337/networking_solutions_white_paper0900aecd804f19e3.shtml

Converting Existing CiscoWorks WLSE to Cisco WCS Licenses

CiscoWorks WLSE (Models 1130-19 or 1133) can be converted into a server that runs Cisco WCS. This allows customers of CiscoWorks WLSE to migrate to the Cisco Unified Wireless Network architecture using their existing CiscoWorks WLSE platform. CiscoWorks WLSE conversion SKUs are price-adjusted to make transitioning from CiscoWorks WLSE to Cisco WCS cost-effective.

Once converted, a CiscoWorks WLSE is no longer a self-contained appliance; it becomes a server that runs Cisco WCS software using RedHat Linux ES v. 4.0. The converted CiscoWorks WLSE operates as a brand new Cisco WCS installation and supports only lightweight access points and wireless LAN controllers that are running Lightweight Access Point Protocol (LWAPP). Stand-Alone (autonomous) access points are not supported by a converted CiscoWorks WLSE.

http://www.cisco.com/en/US/products/sw/cscowork/ps3915/products_data_sheet0900aecd804b4646.html

Hope this helps!

Rob

steve.dutky Thu, 02/28/2008 - 14:25

Hi, Rob,

I don't understand: WLSE appears to live on as CiscoWorks Wireless LAN Solution Engine 2.13 (http://www.cisco.com/en/US/prod/collateral/netmgtsw/ps6380/ps6563/ps3915/prod_bulletin0900aecd80426c39.html)

I currently have fielded a few dozen autonomous AP's serving locations in a metropolitan region. Functionally, only three locations have significant service requirements. Thus far, this set up provides adequate open access for guests and reasonably secure access for a few tiers of internal users. We do not foresee any pressing demand for new wireless capabilities or performance.

Although we had a WCS/dual WLC's bundled with the AP's, we did not initially turn these up.

At this point I have to consider whether to convert to WCS/WLC/LWAPP, use WCS/autonomous AP's, or proceed with open source alternatives for management and access.

I have installed WCS 5.0.x and have added autonomous AP's: it does not appear to provide much useful detail or capabilities.

By the same token, converting to WCS/WLC/LWAPP seems to involve considerable complexity, restrictions (# ssid's/vlans), and again, for the size of my network, not much added value.

On the other hand, WLSE/WDS/autonomous AP's seem much more straightforward and useful. Can a WCS usefully monitor WDS/AP's?

Actions

This Discussion

 

 

Trending Topics: Other Wireless Mobility

client could not be authenticated
Network Analysis Module (NAM) Products
Cisco 6500 nam
reason 440 driver failure
Cisco password cracker
Cisco Wireless mode