Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Question about setup at remote office

I have a question about setting up APs in a couple of remote offices..On the WLC 4402 i have a couple of VLANs defined (99,100) for corp and guest users, that work fine for users at the corporate office..but, with the APs at the remote office, they will be using the guest access, so do i need to add the corresponding vlan on the switch (vlan 99) in order to see the AP on the gui back at the corp office?


Re: Question about setup at remote office

Hi Larry,

This gets tricky. Do you know if your remote APs are configured as HREAPs? If not, then this is actually a simple solution. You do not need to add the VLAN because the traffic is tunneled to the controller at your central office.

If they are configured for HREAPs, then yes, the VLAN will need to be added. The problem is that the VLAN might not exist out there, so it might need a new guest VLAN added. If your connection to the remote office is a layer 3 connection, you'll need a new subnet. If you trunk out to this office, simply add the guest VLAN to the trunk and you'll be fine.

Let me know if this helps or if you need more information. Myself or someone else on the boards will help as best we can!


New Member

Re: Question about setup at remote office

What does the setup in the remote office look like on the LAN side of things?

We just set one of these up in HREAP mode in a remote office. It worked very well. If the AP is associated to the controller when connected to your main office, you want to go into the controller's AP page and change it's mode from 'Local' to 'HREAP'. After you apply you should have a new 'H-REAP' tab on the AP page, that lets you pick the native vlan for management purposes, as well as a 'VLAN Mappings' button that lets you map the SSID's the controller broadcasts to VLANS that are LOCAL to the remote site.

On the remote end you would plug the AP into a switchport configured as a trunk, native vlan matching what you configured from the step above, and allowing the vlans you mapped to SSID's to get to that trunk port.

The end result is that your AP will broadcast the same SSID's and the authentication will go back to the main site to be done on the controller, but traffic will be switched locally at your remote office.

Check this for more info: