Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

H-REAP

IS H-REAP thet best way to secure traffic from one your WLC to a remote AP? example, I have a place with a T1 connection and only 2 AP's...The traffic has to be encrypted, from the AP to the Controller, not just from the client to the controller.

hope this makes sense

Thanks

2 ACCEPTED SOLUTIONS

Accepted Solutions
Hall of Fame Super Silver

Re: H-REAP

Data traffic is not encrypted unless you enable dtls. H-REAP/FlexConnect places traffic locally on your LAN so traffic would be the same as your wired.

Sent from Cisco Technical Support iPhone App

-Scott
*** Please rate helpful posts ***
Cisco Employee

H-REAP

capwap control traffic is always encrypted while capwap data traffic is not, so you're fine there.

locally switched traffic are off capwap and doesn't hit WLC.

if you need centrally switched data traffic encrypted then you need data DTLS license(its free) with DTLS option enabled on those APs.

3 REPLIES
Hall of Fame Super Silver

Re: H-REAP

Data traffic is not encrypted unless you enable dtls. H-REAP/FlexConnect places traffic locally on your LAN so traffic would be the same as your wired.

Sent from Cisco Technical Support iPhone App

-Scott
*** Please rate helpful posts ***
Cisco Employee

H-REAP

capwap control traffic is always encrypted while capwap data traffic is not, so you're fine there.

locally switched traffic are off capwap and doesn't hit WLC.

if you need centrally switched data traffic encrypted then you need data DTLS license(its free) with DTLS option enabled on those APs.

New Member

H-REAP

Thanks, HREAP will be doing central switching, so I need to turn on the dtls

335
Views
0
Helpful
3
Replies
CreatePlease to create content