Buy or Renew
Buy or Renew
Cisco Virtual Engineer generative AI bot now active in Wireless Discussion Forum. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
818
Views
0
Helpful
3
Replies

Does user traffic pass through Controller and Aironet 1030?

netcraftjason
Level 1
Level 1

‎10-11-2006 01:58 AM - edited ‎07-04-2021 01:19 PM

Hi All,

I want to beat out some questions that I cannot find exactly guideline in Cisco. I intend to implement 2 Airespace 2000 controller and some 1010s and one 1030 to my main office and branch office. At present, there is a 512kbps WAN link between this two office. So I don't want to let the traffic within the branch office to pass through the WAN link. Therefore, I intend to use the solution that 1 controller stay in main office to serve the 1010s in main office and 1 controller stay in remote office to serve the 1010s in remote office. But the remote site only needs 1 AP, thus I would like to use one 1030 to stay in branch office and 2 controller stay in main office to perform controller's redundancy. I would like to know Does the clients' traffic pass through the link between 1030 and controller as the same as 1010? I does very confuse whether 1030 has this feature because I found some blur instruction of 1030 in Cisco.

Further, if I place one of the controller in remote office, how can I control the APs in remote office to choose the local controller instead of the controller in main office using Layer 3 discovery method? Does any know? Thanks!

Jason,

best regards,

Labels:
0 Helpful
3 Replies 3

Rob Huffman
Hall of Fame
Hall of Fame

‎10-11-2006 04:46 AM

Hi Jason,

Hopefully this info will clear this up for you;

Q. Can I install an access point (AP) at a remote office and install a Cisco WLC at my headquarters? Does the Lightweight AP Protocol (LWAPP) work over a WAN?

A. Yes, you can have the WLCs across the WAN from the APs. LWAPP works over a WAN. Use Remote Edge AP (REAP) mode. REAP allows the control of an AP by a remote controller that is connected via a WAN link. Traffic is bridged onto the LAN link locally, which avoids the need to unnecessarily send local traffic over the WAN link. This is precisely one of the greatest advantages of having WLCs in your wireless network.

Note: Not all lightweight APs support REAP. For example, the 1030 AP supports REAP, but the 1010 and 1020 AP do not support REAP. Before you plan to implement REAP, check to determine if the APs support it. Cisco IOS Software APs that have been converted to LWAPP do not support REAP.

Q. I want to set up the Cisco 1030 Lightweight Access Point (AP) with a Cisco WLC in Remote Edge AP (REAP) mode. In this mode, is all wireless traffic tunneled back to the WLC? Additionally, if the AP cannot contact the WLC, what happens to the wireless clients?

A. The 1030 AP tunnels all WLC traffic (control and management traffic) to the WLC via Lightweight AP Protocol (LWAPP). All data traffic stays local to the AP. The 1030 REAP can only reside on a single subnet because it cannot perform IEEE 802.1Q VLAN tagging. As such, traffic on each service set identifier (SSID) terminates on the same subnet on the wired network. So, while wireless traffic may be segmented over the air between SSIDs, user traffic is not separated on the wired side. Access to local network resources is maintained throughout WAN outages.

At times of WAN link outage, all WLANs except the first is decommissioned. Therefore, use WLAN 1 as the primary WLAN and plan security policies accordingly. Cisco recommends that you use a local authentication/encryption method, such as the Wi-Fi Protected Access (WPA) Pre-Shared Key (WPA-PSK), on this first WLAN.

Note: Wired Equivalent Privacy (WEP) suffices, but this method is not recommended because of known security vulnerabilities.

If you use WPA-PSK (or WEP), properly configured users are still able to gain access to local network resources even when the WAN link is down.

From this doc;

http://www.cisco.com/en/US/products/ps6366/products_qanda_item09186a008064a991.shtml

Hope this helps!

Rob

Please remember to rate helpful posts.....

0 Helpful

netcraftjason
Level 1
Level 1
In response to Rob Huffman

‎10-11-2006 06:27 PM

Hi Rob,

Very thanks for your post!

I do have another question that would like to ask you or anyone. The question is that if I place a 2000 WLC to remote-site and one 4402 WLC in main-site, and configure a remote AP1030 running in REAP mode with remote-site's WLC name in primary WLC field and main-site's WLC name in secondary WLC field, both WLCs is in same mobilty-group and is configured with Layer 3 discovery(DNS method, IP address associated to the DNS server is the IP of 4402 WLC) but without primary-secondary settings configured on them. In this scenario, does the remote AP1030 first choose the WLC in remote-site? In other words, does AP1030 choose WLC via its settings or via settings on WLC? Also, what mechanism used by the AP1030 to choose WLC using the "name" in the primary-secondary-tertiary field? How can it resolve the "name" in the field? Can one DNS name field reflect to all controllers on the network? Thanks!

Jason,

Best regards,

0 Helpful

netcraftjason
Level 1
Level 1

‎10-15-2006 05:43 PM

Hi All,

Anyone could answer my question? I would like to know if I only configure DNS for primary(Actually only one can be configured) WLC, can the APs "know" about the existance of the other WLCs and join to them?

Thanks!

Jason

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card