Buy or Renew
Buy or Renew
Cisco Virtual Engineer generative AI bot now active in Wireless Discussion Forum. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
852
Views
0
Helpful
5
Replies

Autonomous or LWAPP for fast roaming

matthiasgoodman
Level 1
Level 1

‎04-19-2006 06:59 PM - edited ‎07-04-2021 11:57 AM

We are looking to deploy wifi to support Tablet PCs. The software we are using is very sensitive to loosing its connection to the SQL database. I am worried particually about roaming. We need to use 802.1x for security and would like to use the MS IAS servier with EAP-TLS for authentication. We have 4 locations which should each be well covered by 3 base stations at each location. Medical providers need to be able to move around the office without losing connections. Time is more important than money. An hour of lost provider time (and when our app crashes it crashes hard) is worth avoiding with addition money. My questions are the following:

1. Do we need LWAPP or will autonomous with WLSE work for us? (Specifically for fast secure roaming, or quick handoff, or whatever it is we need)

2. Do we need to use EAP-FAST (and thus a Cisco AAA server) or will EAP-TLS with IAS be enough?

3. If we use LWAPP do we need WCS or will managing each 2000 series WLAN controller be enough?

4. Will all this work with my HP switches and Andtran routers?

Labels:
0 Helpful
5 Replies 5

irishgu
Level 1
Level 1

‎04-20-2006 07:29 PM

WLSE will support radio monitoring and self-healing but doesn't help with FSR. FSR is accomplished (in IOS) with WDS for layer2 roaming and WLSM (6500 blade) for Layer 3 roaming.

I just received my eval of WISM (Airespace in a 6500 blade) and, although I have yet to test, from everything I hear, LWAPP is the way to go for rogue-suppression, self-healing, and L2-L3 roaming.

You MUST use 1 or the other WDS/WLSM or LWAPP/AireSpace Controller OR WISM for FSR.

I chose PEAP-GTC in lieu of EAP-TLS...there are more and more OEM supplicants that support PEAP-GTC (802.1x or WPA/WPA2) and it's an interesting alternative to EAP-TLS...IMHO

0 Helpful

scottmac
Level 10
Level 10
In response to irishgu

‎04-21-2006 02:49 PM

To add to the above: It's my understanding that you must use LEAP or EAP-FAST to gain the most benefit from FSR.

While there is apparently some additional efficiency with other protocols, the WDS works "fastest" with EAP-FAST or LEAP.

FWIW

Scott

0 Helpful

matthiasgoodman
Level 1
Level 1
In response to scottmac

‎04-23-2006 09:59 AM

Ok, thanks for the input.

0 Helpful

dulle
Level 1
Level 1
In response to matthiasgoodman

‎06-29-2006 05:38 PM

I recommend running autonomous with WDS seemed to be seamless on hand offs from AP to AP when running EAP-TLS and IAS sever. Wish I would have stayed away from LWAPP and controllers for I lost the seamless roaming on the change over.

0 Helpful

Stephen Rodriguez
Cisco Employee
Cisco Employee

‎06-30-2006 06:49 AM

1. Do we need LWAPP or will autonomous with WLSE work for us? (Specifically for fast secure roaming, or quick handoff, or whatever it is we need)

A: Go with LWAPP, more reliable, and easier to work with.

2. Do we need to use EAP-FAST (and thus a Cisco AAA server) or will EAP-TLS with IAS be enough?

A: I'd recommend, PEAP. More secure, and with everything Cisco, much easier to support, since TAC does not support the IAS server.

3. If we use LWAPP do we need WCS or will managing each 2000 series WLAN controller be enough?

A: If you are only contemplatign using 2006 at 4 locations, WCS wouldn't be a necessity. If you expand beyond that and decide to do something else, then yes WCS.

4. Will all this work with my HP switches and Andtran router?

A: It probably will, and it should, but for best results, going Cisco for the whole solution works the best.

Now, why go with 2006's? They are nice boxes, but you would need 4 of them. If you are static at 4 locatiosn with out need for growth, I'd go with a 4402-25. This is a single controller that can handle up to 25 AP's. With this, if you purchase the 1242 or the 1131, you can do HREAP, and keep all the subnets locally switched, that way if the WAN goes out, or the controller goes out, then the WiFi stays up for the local subnets. Naturally anything acrosss the WAN is not accessable.

That beign said, if you are backhauling everything to a central site anyway, might as well go with one 4402-25, single point of controll, instead of 4. And if you do need to add another site, then you still have 13 more AP's that can join instead of having to purchase another controller.

my 2cents

HTH,
Steve

------------------------------------------------------------------------------------------------
Please remember to rate useful posts, and mark questions as answered
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card