Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

LWAPP over IPSEC

Hi All,

I am trying to get a LAP at my remote office to register back to my WLC at HQ,

Remote office is currently using tunnel VPN IPSEC over TCP.

Is that possible?

I tried this setup, but failed to work. Debug dhcp and debug lwapp on the WLC shows nothing at all. LAP at remote site seems unable to find its way back to WLC. I have configured option 43 as according to cisco documentation

PLz advice

4 REPLIES
Bronze

Re: LWAPP over IPSEC

I'm doing it in my home right now. You might try using the AP console cable to prime the AP instead of DHCP 43.

Community Member

Re: LWAPP over IPSEC

my Ap does not have a console port. I am using the Aironet 1030.

Thanks for the hints, but im still none the wiser. Would u mind explaining how u did it?

Re: LWAPP over IPSEC

Presuming you don't have a DHCP / DNS Server in your Remote Office, take the AP in to the main office and provision it there. Configure the Primary WLC, but keep it configured to use DHCP.

Take it back to the remote office, plug it in and it should pickup a DHCP Address and have remembered the WLC IP Address, which it will try to conenct to.

Some possible problems are;

- Routing / Firewall / ACL restrictions between the sites.

- MTU limitations between the sites. MTU needs to be greater than 500 bytes. If this is happening, you should see Crypto errors on the WLC.

Community Member

Re: LWAPP over IPSEC

thank you for your advice, i shall look into the possible problems.

I was wondering if IPSEC over TCP is an issue for LWAPP? As i read on the cisco doc saying that LWAPP utilizes udp 12222 and 12223.

Plz advice

529
Views
0
Helpful
4
Replies
CreatePlease to create content