Cisco Support
English
Feedback Help
Cisco Support Community
Register
cancel
turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
steelinquisitor
steelinquisitor
Community Member
‎01-20-2014 02:52 PM
‎01-20-2014 02:52 PM

CAPWAP Question

Hello,

I have some questions regarding the Flexconnect CAPWAP tunnel for Flexconnect APs with local switching. 

1. If I have 10 Flexconnect APs at my branch, would that create 10 CAPWAP tunnels to the WLC located in HQ.

2. How often the flexconnect AP will send the CAPWAP to WLC? 

3. What is the size of flexconnect CAPWAP tunnel keepalives?

4. By default, is CAPWAP tunnel (regardless local or flexconnec) encrypted?

5. The DMZ firewall, what ports should be allowed for the guest traffic (anchor WLC)? Is it just 5246 or 5246 and 5247?

6. Is EoIP encrypted or clear text?

I remember reading something like instead of using EoIP for mobility anchor or foreign wlc, CAPWAP can also be used. I am not sure if this is true or not.

flex capwap tunnel.jpg

Thanks

0 Helpful
Reply
6 REPLIES
Scott Fella
Hall of Fame Super Silver Scott Fella Hall of Fame Super Silver
Hall of Fame Super Silver
‎01-20-2014 03:17 PM
‎01-20-2014 03:17 PM

CAPWAP Question

1. If I have 10 Flexconnect APs at my branch, would that create 10 CAPWAP tunnels to the WLC located in HQ.

> You might be getting confuesd with mobility tunnels.  The AP can support the max it is licensed for

2. How often the flexconnect AP will send the CAPWAP to WLC?

>

  • AP Heartbeat Timeout—AP Heartbeat timeout value that you can enter. The valid range is 10 to 30 for the Cisco 7500 Series Controller and 1 to 30 for other platforms.
  • Local Mode AP Fast Heartbeat Timer State—Fast heartbeat timer that you can enable or disable for access points in local mode. The default is disable.

3. What is the size of flexconnect CAPWAP tunnel keepalives?

> Look at the previous question

4. By default, is CAPWAP tunnel (regardless local or flexconnec) encrypted?

> Only if you enable Data Encryption, by default this is not enabled.  Typically use only on OfficeExtend

5. The DMZ firewall, what ports should be allowed for the guest traffic (anchor WLC)? Is it just 5246 or 5246 and 5247?

>This doesn't matter since guest traffic would be central switching and you would have a mobility anchor to the guest anchor WLC

6. Is EoIP encrypted or clear text?

> Data is not encrypted unless you enable Data Encryption with the DTLS license.

Some links:

http://www.cisco.com/en/US/tech/tk722/tk809/technologies_white_paper09186a0080901caa.shtml

http://www.cisco.com/en/US/products/ps11635/products_tech_note09186a0080b7f141.shtml#ft

Thanks,

Scott

Help out other by using the rating system and marking answered questions as "Answered"

-Scott
*** Please rate helpful posts ***
0 Helpful
Reply
steelinquisitor
steelinquisitor
Community Member
‎01-21-2014 03:08 AM
‎01-21-2014 03:08 AM

CAPWAP Question

Scott,

I used to work on Motorola's wireless devices and their Flexconnect version was called RF-Domain Manager (AP). Moto uses MINT protocol instead of CAPWAP. The reason I asked the question number one was that on Moto only the RF-Domain Manager talks to the controller, and the rest of the APs reports to RF-Domain Manager. I am not sure how much bandwidth MINT adds, but it is less bandwidth since it's only the domain-manager that talks to the controller.

Before I asked the question number one, I was thinking that each Flex AP reports back to WLC.

About the Q 3, I got confused about this. I was reading the CUWSS quick reference guide, and it mentioned that each AP sends CAPWAP traffic control to the controller and this CAPWAP traffic control size is 0.35kbps; I'm assuming this is local mode only.

I was talking to Cisco rep a couple months ago about Flex APs, he mentioned that a Flex AP takes about 12kbps, so if I have 10 flex APs that would be 120kbps.

0 Helpful
Reply
Scott Fella
Hall of Fame Super Silver Scott Fella Hall of Fame Super Silver
Hall of Fame Super Silver
‎01-21-2014 03:54 AM
‎01-21-2014 03:54 AM

Re: CAPWAP Question

I couldn't tell you that info exactly because there would be different numbers depending if AP's are trying to discover, just sending heartbeats, RRM info, etc.

Maybe others out here actually had tools to monitor capwap on the WAN, but none of my customers ever had to or did.

Sent from Cisco Technical Support iPhone App

-Scott
*** Please rate helpful posts ***
0 Helpful
Reply
Rasika Nayanajith
VIP Purple Rasika Nayanajith VIP Purple
VIP Purple
‎01-20-2014 09:15 PM
‎01-20-2014 09:15 PM

Re: CAPWAP Question
 

I remember reading something like instead of using EoIP for mobility anchor or foreign wlc, CAPWAP can also be used. I am not sure if this is true or not.

This is true if you are using NGWC (5760/3850) or existing controllers like 5508/WiSM2 with specific Aireos images (7.3.112.0, 7.5.102 or 7.6.100.0) & new mobility (also called hierarchical mobility)  feature turn-on in those controllers.

Here is the config guide reference how to enable this feature

http://www.cisco.com/en/US/docs/wireless/controller/7.5/config_guide/b_cg75_chapter_010010101.html

Hers is the mobiity packet format in that scenarioNew-Mobility-UDP.PNG

HTH

Rasika

**** Pls rate all useful resposnes ****

0 Helpful
Reply
steelinquisitor
steelinquisitor
Community Member
‎01-23-2014 08:03 PM
‎01-23-2014 08:03 PM

Re: CAPWAP Question

Rasika,

I apologize for my late reply. Is it better to use CAPWAP for mobility anchor or foreign WLC?

Thanks

Sent from Cisco Technical Support iPhone App

0 Helpful
Reply
Rasika Nayanajith
VIP Purple Rasika Nayanajith VIP Purple
VIP Purple
‎01-23-2014 08:25 PM
‎01-23-2014 08:25 PM

Re: CAPWAP Question

Enable new mobility (or CAPWAP inter-controller mobility) if you have any plan to use NGWC (5760/3850) within your environment with existing these controllers in a mix.

Otherwise you can simply run typical EoIP mobility which is the standard for all legacy controllers (5508/WiSM2/2504)

HTH

Rasika

*** Pls rate all useful responses ***

0 Helpful
Reply
Latest Documents
Concepts about Multicast
Created by Rajan Parmar on 04-02-2018 06:40 AM
1
0
1
0
< PRE >     (#)For this reason being that : - application that doesn't use multicast, sends one copy of each packet ( data unit of traffic at layer 3 ) to each client (" who seeks the traffic ).- application that does use multicast, sends ... view more
How to transfer Crash file from Standby WLC (HighAvailability) to TFTP.
Created by Vengatesa Prasath on 11-08-2017 10:57 PM
1
0
1
0
Transferring Crash file from standby: Login to the Active WLC in HA.   From CLI:   (Cisco Controller) >transfer upload datatype crash (Cisco Controller) >transfer upload filename <Desired filename> (Cisco Controller) >transfer up... view more
Wireshark to OmniPeek 802.11 Display Filter Conversion table
Created by ericgarnel on 11-06-2017 12:56 PM
1
5
1
5
This is the start of a display filter cross reference between Wireshark and OmniPeek. The 1st installment is a table of advanced filters. More filters will be added as time allows. It is a living doc, so check back for changes every so often Please feel ... view more
All Documents
2146
Views
0
Helpful
6
Replies
CreatePlease to create content
Discussion
Blog
Document
Video