WLC 5508 - Remote Site Design over MPLS

Unanswered Question
Sep 15th, 2010
User Badges:

I have a WCL 5508 at my Host Location and want to install several AP 1142s at a remote site over MPLS. I will have two SSIDs. One for Corporate Users and one for Clients.corporate users will authenticate via Radius Server at the Host. I want to route the Client WLAN traffic out a separate Internet connection (offnet).


Current Mngt VLAN = 2701



1. Should I just add the AP switch ports in the remote site to VLAN 2701 as I did at the host? Is this best practice?

2. Will HREAP work to route only the client WLAN out the offnet internet connection?

3. Should I use AP groups for each remote site (15 sites total)


Attached is a Visio of my design


Thank you,


SM

Attachment: 
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
b.garczynski Tue, 09/28/2010 - 13:19
User Badges:

1. Should I just add the AP switch ports in the remote site to VLAN 2701 as I did at the host? Is this best practice?


The APs can reside in any VLAN that you would like assuming that the VLAN is able to reach the WLC. For very small environments it is typical to have everything in one VLAN. However, for any network of scale I would recommend routing and putting the APs in a separate VLAN.



2. Will HREAP work to route only the client WLAN out the offnet internet connection?


HREAP is a good option if you have a small AP deployment (less than 10) at your remote site. HREAP will allow you to route some SSIDs locally at the site and tunnel other SSIDs back to the controller such as a web authenticated SSID. If you have a very pervasive wireless voice deployment or more than 10 APs I would recommend going with a 5508 or a 210X controller at that location. I have had poor experiences in the past using HREAP in large voice deployments.



3. Should I use AP groups for each remote site (15 sites total)


AP groups will allow you to pick and choose the SSIDs that are used per AP group. This feature will also allow you to choose different VLANS per SSID per AP VLAN group. This will not provide much of a benefit other than creating separate subnets per location. Your main concern should be tunneling traffic back and forth between the remote sites and your controller. The only options to prevent this would be to use HREAP or place a controller locally onsite. If you have the budget I would always recommend a controller onsite (unless very very few APs) otherwise use HREAP.

Actions

This Discussion