WLC and AP in L3

Unanswered Question
May 1st, 2009

Hello everyone

I hope if anyone can help me.

a Building has 3 companies (A,B and C)

and I have one WLC

in each company there is 3 AP

I want to configure WLC whereas any AP in company A cant communicate to other AP in company B and C

and the same to all companies

I mean totally separate in IP scheme (no routing between them)

can that done with WLC and LWAP ??

PLZ advice

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
huangedmc Fri, 05/01/2009 - 15:38

Are you referring to AP/WLC management traffic or user traffic?

If you want to separate user traffic you just set up dynamic interfaces, and not to route between them on your L3 device, whether you do it via ACL or VRF.

If you want to separate the AP management as well, you can put companies A, B, and C's AP's in three different management subnets, but they all have to come back and talk to the WLC.

Leo Laohoo Fri, 05/01/2009 - 18:41


If you mean that Company A's SSID will not be broadcasted into B & C "floor" and vice versa, then YES. It's called AP Groups.

You can "group" each AP into a "folder" (excuse my term) and from each so-called folder, you can specify what SSID's to enable/broadcast and what SSID not to use.

Is this what you are looking for?

jaber.essam Sun, 05/03/2009 - 03:43

thank you all for your reply

I would like to ask you another question fo another scenario.

I have one WLC installed in one subnet, let's say in the head quarter network, while the LAPs are installed in the branches and there is WAN connectivity between the HQ and the branch and OSPF routing is enabled between this WAN network. How can I do my configuration in order to register the LAPs installed in the branch with WLC installed in the HQ?


gamccall Tue, 05/05/2009 - 08:54

If you can ping the controller from the subnet where the remote APs will reside, then you have all the layer 3 connectivity you need. (Unless you have ACLs blocking the LWAPP ports on the Management or AP Manager interfaces, of course.)

Leo Laohoo Sun, 05/03/2009 - 14:54

Hi Jaber,

As what George's post recommends, use H-REAP. You can also "mix" H-REAP with AP Groups too.


This Discussion



Trending Topics - Security & Network