We are migrating from WLSM (yes, so old) to the WLC infrastructure. we have around 400 APs scattered all around the campus. (it is university campus). I would like to get some details on how shall we proceed with the implementation of WLC 5500.
We have around 40 Buildings, and currently we have more than 1500 wireless users, they are expected to increase rapidly.
My question is regarding the networking operations (not WLC configurations per say). Here are the questions:
1- How many Vlan interfaces should we create in our networking infrastrcutre to catter the SSIDs. Since any SSID will be binded to one interface in WLC which in turn will connect to VLAN interface in the switch.
2- How big can be the user subnet?
In our previous setup. we had two SSIDs, Secure WPA2 (internet+intranet) and Unsecure (Internet only). What i want is to have these 2 SSIDs, plus one Special SSID to be broadcasted when needed (Guest/event).
For the implementation easiness. I though that Three Vlans would do the job. And i would keep their Subnet big, say /20 or /19.
I think you really would need to did in this deeper. The reason I ask, is that you can either keep what you have now and migrate to that using local mode ap's where the WLC is located and then you can take advantage of FlecConnect fro your remote buildings. FlexConnect is almost the same design as you would have an autonomous AP. The FlexConnect AP would put the users local to that subnet and not tunnel traffic back. So if you already had two vlans for your existing two, and the subnet size was fine, then you would just map the ssid to that vlan again and then place your AP's in the vlan the AP's are still in if you want. All you would need to do is add a third SSID and a third vlan to your buildings. I'm guessing that you are doing layer 3 to each building.
SO in short, if you have a LAP in local mode, all traffic is tunneled back to the WLC, so your vlans would reside where the WLC is connected. In FlexConnect, you have a choice to tunnel traffic back or place traffic local.
If you search the forum, you will see various recommendations for subnet size. Some have used /16 with no issues.
The current infrastructure is totally different from the WLC. The WLSM will create tunnels, then these tunnels will be the (vlans) for these SSIDs associated with the tunnel.
The WLSM will be replaced with the WLC. the Univeresity will do a migration, since even the APs are EOL (end of life).
To ease the configurations and such, we are going with the LAP.
What is the suggested design. Should i create AP group per building, and associate the SSID to these two vlans, keeping the Vlans /16. what will happen if i create unique SSIDs per AP group of adjuncnted buildings with their VLANs?
We are having two 5500. I think we should make them into one Mobility Group, to provide failover. Should the APs connect to one 5500, and would switch to the second WLC incase of failure? or i mix the APs in the building to connect to two different WLCs?
You should put both wlc in the same mobility group if you are looking for redundancy. You can use ap groups if you want, that is if you plan on setting what SSID goes to what vlan and you can also look at interface groups I you want to use smaller subnets and bundle them together. Everything has pros and cons and you first have to decide how traffic is going to flow. Do you want to use the local subnets or not? Things like this makes a big difference.
Transferring Crash file from standby:
Login to the Active WLC in HA.
(Cisco Controller) >transfer upload datatype crash
(Cisco Controller) >transfer upload filename <Desired filename>
(Cisco Controller) >transfer up...
This is the start of a display filter cross reference between Wireshark and OmniPeek.
The 1st installment is a table of advanced filters. More filters will be added as time allows.
It is a living doc, so check back for changes every so often
Please feel ...
I have created a Powershell script to automatically add a Wireless Guest User on Cisco WLCs. (tested on 2500 Series)
The script should be completely self explanatory.
Powershell SNMP Module (Install-Module -Name SNMP)
SNMP Write Access to...