hi all, thanks for the reply. I did read about HREAP but the question that came to my mind is lets say at SITE A i have 100 access point and 1 controller. I also have controller at the HQ. Now using Hreap all the access point will register with the HQ. Now in case of WAN faliure will these access point still support all the SSID's ascoiated and the users with it using the local controller at SITE A ?

Also can this behave the other way around, as in if an access point at site A will register with the controller local at SITE A and in case the controller fails it registers with the controller at HQ.

Azeemo157,

Well, the 5508 only supports a maximum of 500 access points. If these sites have 6500 chassis and you were going to be utilizing WiSM2 blades which now support 1000 access points. If you did decided to go H-REAP the Flex 7510 could be a solution for you but it requires it's directly connected switch to have at least one 10gig interface. So the question really is, what kind of controllers were you looking at utilizing?

I can see that 7510 has 2 1 gig interface also. Cant it use this to connect to the switch ? Is it really required that i have 10 GIG interface ? i beleive 7510 is the controller to go for as it has scalibility upto 3000 access points. but i also beileve that an access point can have upto 3 controllers 1 primary and 2 secondary. will this also work in flexconect ? As in if i deploy flexconnect can it have 1 primary controller and 2 backup controller ?

The 7500 has two 10 gig connections that can be used. So you will need a 10 gig module to connect that to. You don't need to use a tertiary wlc unless you have one available. Usually two is good enough. Again.. You need to decide if you want to go local or h-reap. You can go either way, but why put one wlc in HQ and the other at the remote site. If your concern is 100% redundancy, then put two out at each site. If you have more money to use, then add another WLC at HQ for your tertiary. Now I don't think you need more than a 5508-500 at HQ because the percentage of loosing all 6 sites WLC's is pretty slim. If you go h-reap, then put the WLC's at HQ. Get 3 5508-500 for redundancy unless you have the WiSM2. If you have 10gig, then two 7500's will do. You have many options.

Thanks,

Scott Fella

Sent from my iPhone

The 7510 absolute requires the 10 gig interface be utilized.

The 7510 is also H-REAP (FlexConnect) only. You cannot use local mode, monitor mode, mesh mode at this time.

Any AP in any mode can have a Primary, Secondary and tertiary controller.

The biggest difference between FlexConnect and local mode is that in FlexConnect the traffic can be dropped local to the AP. Where as in local mode the traffic is tunneled back to the controller.

That is why I suggested FlexConnect. FlexConnect also offers standalone mode so even if connectivity to the controller is lost users can still utilize wireless, unless they're using webauth.

One thing to keep in mind is that capwap needs a one to one NAT. PAT cannot be used.

Sent from Cisco Technical Support iPhone App

The client requires authentication, so there will be ACS deployed at the HQ. this will cater to all the remote sites. Also there is MSE with IPS as i also require Rouge AP detection. There will be Access points at each remote site which will be configured in monitor mode only. So in flex conect will this not work ? 

The 7510 Flex Controller would not work for this particular application at this time. Although you could still utilize FlexConnect APs if you dont need AAA override. If you don't have 6500 chassis it looks like your option is only the tried an true 5508.

In your situation redundant controllers offsite seems pointless since you'll be leveraging an ACS at the HQ, unless you'll have redundant ACS servers offsite.

Sent from Cisco Technical Support iPhone App

Sent from Cisco Technical Support iPhone App

Hi Aaron

Can u please confirm the following, since the client says that he needs a local controller i cannot help it but give him one and one at the HQ. I have a total of 600 AP's so i am planning to register 300 with 1 controller and 300 at the other at the HQ. Now if i have the primary controller for the AP to be the one local to the site and the secondary one to be at the HQ and ACS is situated at the HQ, will it work ? The only issue is if the WAN link is down then then the authentication via ACS wil not work. correct ?

As long as the controller has connectivity to the ACS you should be good.

If you lose the either controller, assuming you have a 500 count license on both controllers you will have 100 access points that will not be able to associate with a controller. If you plan accordingly you can set the failover priority on the access points to try and reduce the negative ramifications of this. The negative ramifications are dependent of the deployment type and scenario of course.

Sent from Cisco Technical Support iPhone App