Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Wireless Network Design

Hi,

I am looking for some assistance in designing a wireless solution for a customer of ours. A basic diagram of the network is attached. There are actually many more sites than are shown here but I just wanted to keep it simple.

The plan is to have one 1240AG access point at each remote site connected to the WLC across the WAN. The WCS will in time be managed by a WCS server.

Each site is already partitioned into 2 subnets and it is not possible to add a new one for the AP and it's clients. There will anyway be very little wireless traffic. The AP will operate in H-REAP mode but there will be no local communication required. All traffic is always destined for HQ (ie they use Citrix). Therefore do these APs actually need to be locally switched H-REAPs? If not then how would this work? Can a remote site AP work as a non H-REAP?

Some sites have their own 3560 switch and others have just a switch module inside a 2801 router.

There is no need to have VLANs routed across the WAN.

DHCP is provided by the router on each remote site.

I really need some advice on the best way to implement this solution including but not limited to:

Do I need to have a separate WLAN for each site?

Will DHCP from the router actually work?

How should the switch ports on the HWIC module be configured?

What benefits is there in having a WCS when there is just a single WLC? (I thought WCS was for managing multiple WLC).

I have skimmed the design guides and i am still unclear on the best way to do this.

Any help would be much appreciated

Thanks

DH

1 ACCEPTED SOLUTION

Accepted Solutions
Hall of Fame Super Silver

Re: Wireless Network Design

Not in H-REAP... the WLAN SSID you create on the controller will always be set to the management interface. This is how the AP and WLC will communicate. When you enable loacal switching, then you have the ability to map that ssid to a local vlan. I'm currently deploying 90 ap's in h-reap with 27 sites and 2 4404's at the core. I have 7 ssids and using wlan override. DHCP is local on the remote site and I'm using the same vlan id for mapping the ssid. Local native vlan for the ap is also the same throughout, but of couse the subnets are different. It is a bit different how you look at what interface you have to map the ssid to especially when doing h-reap.

Look at it this way... only when you have traffic comming back to the WLC and the WLC putting the traffic back on the network is when the interface mapping is important... like in a normal LWAPP install.

-Scott
*** Please rate helpful posts ***
16 REPLIES
Hall of Fame Super Silver

Re: Wireless Network Design

You can have a remote site AP in local mode (not H-REAP), but you have to make sure you have enough bandwith for the LWAPP traffic. You might look at doing H-REAP and do central switching since everything will have to come back. The switchports the AP's will be connected will have to be trunked. the AP's management subnet will have to be configured for native vlan. Since you will be centrally switching, the traffic will be sent from the management subnet back to the WLC. DHCP will need to be on the HQ side for centrally switched. Local switched requires DHCP on the remote side.

Do you need WCS for one WLC.... its really up to you. Some would say yes and others would say no. I think this depends on how comfortable you are with the WLC. With multiple WLC's I would say yes, since I like using the templates.

You should look at the current bandwidth you have at each remote site and see if it meet the requirement for local mode or H-REAP.

Hope this doesn't confuse you.

-Scott
*** Please rate helpful posts ***
New Member

Re: Wireless Network Design

Thanks for the information Fella.

There are just a few bits Im not sure about...

Why would one want to have a H-REAP in central switching mode? It seems to defeat the purpose of H-REAP.

At all sites they use VLAN 10 for data and VLAN 20 for voice. How would I go about configuring the AP for their native VLAN (AP Management Subnet does not exist at remote sites just VLAN 10 - 20? I seem to remember trying to program in VLAN support and WLC requiring a unique native VLAN ID.

What about the WLANs? Do I need a seperate one for each site? If not how will it know which IP address range to give the clients?

Thanks for your patience with this. I'm working hard to get my head around all of this and have been thrown in at the deep end!

Cheers

DH

Hall of Fame Super Silver

Re: Wireless Network Design

What vlan is the switch and routers at the remote site on. You can put the AP's on that vlan. If you want to do local switching, you will need to map users to a vlan, I guess that would be either vlan 10 or 20. Usually you would have another subnet for wireless clients, but in your casse you are limited.

I thought you mentioned you wanted to do central switching since traffic was all going back to HQ? Just remember, if you do loacl switching, you have to map the ssid to a local vlan. If you want to do central switching, the vlans have to be created on the HQ side.

It's really up to how you want to design it. I have clients that have enought bandwidth to run the AP's in local mode, but I have also had clients that didn't have enough bandwidth, but meet the minimum requirement for h-reap. The good thing with h-reap is that if the ap looses connectivity to the WLC it performs just like an autonomous AP. The only issues is authentication. If you do local authentication, users will get authenticated even though the link is down, but users will not able to connect via Citrix. So since the link back to HQ needs to be up in order for users to connect back, Authentication locally or centrally is up to you.

Remember, that depending on what AP's you use, you can only have 8 - 16 SSID's. You might want to have scanners on one ssid throught each remote site and laptops or whatever other device on another ssid.

Hope this kind of clears things up.

-Scott
*** Please rate helpful posts ***
New Member

Re: Wireless Network Design

Hi There,

I have read your message and it is making sense now. Thank you very much for that.

I have decided to install it as follows:

1 WLAN to span across all sites (local switching)

Set each AP as H-REAP (Due to not being able to create new VLANs at HQ. I realize that the AP operating indepentently is of no real benefit here)

Map the native VLAN to each AP for each site under H-REAP configuration.

Hope that the wireless clients will pickup DHCP address from the remote routers!

The only thing now is that I am wondering what I should use as the interface for this 'global' WLAN and the DHCP server address for the WLAN.

This is making me think that I will need a seperate WLAN/interface/DHCP server for each site. 8-16 WLANs will not be enough for this customer if this is the case. The APs are all 1242AG.

Thanks

DH

Pray

Hall of Fame Super Silver

Re: Wireless Network Design

In H-REAP you will create an SSID and enable local switching. The interface you map that to will be the management. In the H-REAP tab, you define the native vlan and hit apply and then you click vlan mapping and define the local vlan the users who associate to the ssid will be on. The router will provide dhcp, so make sure you have the the router IP defined ad the primary dhcp on the ssid.

Remember to create a 802.1q trunk with the native vlan being the vlan the management IP of the h-reap AP is on.

I run the 4.2.66 code since I'm using the 1252 AP's and it seem to be working fine. I have tested the 4.2.99 and 4.2.112 in a lab environment and that seems to be okay to, but that is a lab.

Hope this helps.

-Scott
*** Please rate helpful posts ***
New Member

Re: Wireless Network Design

Hi Again,

DHCP is provided by a different router at each site. Remember - my plan was to create 1 WLAN for all offices. The DHCP server address needs to be set on the WLAN.

Does this mean I can't have a global SSID/WLAN?

Are the 1242AG' restricted to 8-16 WLANs in H-REAP mode?

I have installed version 5 of WLC.

DH

Hall of Fame Super Silver

Re: Wireless Network Design

You can have one ssid and vlan I'd configured.

-Scott
*** Please rate helpful posts ***
New Member

Re: Wireless Network Design

Thanks - so I guess now it looks like I have to have a seperate SSID for each site and use the WLAN override to only broadcast that SSID to it's relevant AP.

Thanks for all your help

DH

Hall of Fame Super Silver

Re: Wireless Network Design

NO.... if you will only have on SSID you want to use in all your remote sites, then that will work. When you put the AP in H-REAP mode, then you will have the option to to map that SSID to a local vlan. If you decide you want to have different SSID's, then you will have to use WLAN Override. Sorry for the confusion.

-Scott
*** Please rate helpful posts ***
New Member

Re: Wireless Network Design

Hi, the problem I can see with doing that is that I will need to specify which interface to use for the SSID. If I use the management interface then I cannot specify on that interface the correct DHCP server used at each site. And... If I use a different interface for each site then it also won't work because the VLANs at each site have the same ID!! It seems that each interface needs a unique VLAN ID.

Any ideas?

Hall of Fame Super Silver

Re: Wireless Network Design

Not in H-REAP... the WLAN SSID you create on the controller will always be set to the management interface. This is how the AP and WLC will communicate. When you enable loacal switching, then you have the ability to map that ssid to a local vlan. I'm currently deploying 90 ap's in h-reap with 27 sites and 2 4404's at the core. I have 7 ssids and using wlan override. DHCP is local on the remote site and I'm using the same vlan id for mapping the ssid. Local native vlan for the ap is also the same throughout, but of couse the subnets are different. It is a bit different how you look at what interface you have to map the ssid to especially when doing h-reap.

Look at it this way... only when you have traffic comming back to the WLC and the WLC putting the traffic back on the network is when the interface mapping is important... like in a normal LWAPP install.

-Scott
*** Please rate helpful posts ***

Re: Wireless Network Design

Fella,

I would like to ask you a question offline ... can you email me?

gstefanick@infologix.com

__________________________________________________________________________________________ "Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin ___________________________________________________________
New Member

Re: Wireless Network Design

Hi, I have found your advice very helpful and also I have found that luckily my circumstance has been resolved by luck. It was only the voice VLAN that was provided with IP addresses locally at the remote sites. All other data VLANs IP adresses(at each site) were provided by 1 central DHCP server which was set on the management interface.

My only real point of confusion is whether this would have been a problem if each site had it's own DHCP server. Surely each site needs to specify it's own DHCP server in it's interface if it's DHCP server is different right? Does H-REAP mean that clients ignore the DHCP setting on the interface and obtain IP addresses locally?

I really hope this is not s stupid question!

Thanks for your help

DH

Hall of Fame Super Silver

Re: Wireless Network Design

When you set an AP to H-REAP, the interface you set the SSID to does not matter. What matters is what vlan you set on the AP when you configure the ap in H-REAP. Since the SSID you created will be set to local switching, the AP will place user traffic in whatever vlan you map the ssid to locally. So if you have vlan 10 (192.168.10.x) for voice and vlan 20 (192.168.20.x) for data and you only have these two wlan, then you most likely will put the AP's management interface on native vlan 20 and locally switch the ssid for data to vlan 20. Vlan 20 locally at the remote site will need to have a DHCP scope to provide users with ip address.

Let me know if this helps or not.

-Scott
*** Please rate helpful posts ***
New Member

Re: Wireless Network Design

Thanks Fella. This makes sense now.

Hall of Fame Super Silver

Re: Wireless Network Design

Remember to run the 4.2 code if you plan on doing h-reap.

-Scott
*** Please rate helpful posts ***
236
Views
0
Helpful
16
Replies