09-22-2011 05:19 AM - edited 07-03-2021 08:48 PM
Hello,
Let it be for example the following configuration:
1) we use WISM2 for service LAP within the organization...
2) for the guest access we use WLC 5508 acting as the "anchor" controller in the enterprise DMZ for "foreign" WISM2 controller...
Suppose we want to deploy OfficeExtend solition for our teleworkers...
Can we use one and the same WLC 5508 (acting as the "anchor" controller in the enterprise DMZ for guest access) as the "foreign" remote controller for joining OfficeExtend Access Points and use the same WISM2 as "anchor" for teleworkers?
Which controller should support DTLS in this case?
I think that only 5508... In this case 5508 service LAP and WISM2 terminate EoIP tunnels only...
Or am I mistaken?
Thanks in advance...
09-22-2011 07:36 AM
Hello Aukhadiev,
You are correct. The 5508 in the DMZ and do both roles. It can serve intrenal wireless guest and anchor their traffic in to the DMZ. AND he can also terminate officeextends. You will need to give the 5508 managments ip address an outside address OR nat it to the outside.
If you find this helpful or any post on CSC helpful please support the rating system! Thanks!
09-22-2011 07:37 AM
BTW -- You are correct DTLS is on the 5508 and this is where the CAPWAP tunnels get terminated. Then from the 5508 to the inside controller this is where the EoIP comes into play.
09-22-2011 08:52 AM
Thanks George...
And what better to choose as OfficeExtend APs - OEAP 600 or LAP 1040, if you do not take into account the price?
And yet, as far as a bad idea to deploy OfficeExtend Solution with manufacturing installed certificates (MIC) for mutual authentication OfficeExtend APs and WLC?
09-22-2011 09:06 AM
We have a number of the OE600's deployed. These work nice and you dont have to convert to HREAP mode, as you do the other access point models. So it saves you time. Get a 600 from your cisco se on demo and test it out!
09-22-2011 09:08 AM
George...And yet, as far as a bad idea to deploy OfficeExtend Solution with manufacturing installed certificates (MIC) for mutual authentication OfficeExtend APs and WLC?
09-22-2011 09:31 AM
You will want to do a mac authentication on the WLC or use a radius server. Other wise anyone can connect a OE ap to your outside intreface ... So yes, you will want some authentication in PLAY.
03-31-2012 09:18 PM
Hello,
For More information on OEAP-600, please watch the "Community Tech-Talk Series" Cisco Office Extend Access Point OEAP-600
Thanks,
Vinay Sharma
Community Manager - Wireless
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: