When creating a WLAN on an WLC what should the interface be set to?
We have different vlans/subnets for each of our buildings (to cutdown the size of broadcast domain) and the APs for that building are put in to an AP group which references the building specific interface. That way we can change WLANs per AP group and only affect that subnet. On the WLAN itself we set the interface to management.
It seems that Cisco are guiding us to set the building specific interface on the WLAN rather than the management interface. This doesn't really work for us. Hence the question....what's best practice?
Nothing is wrong at the moment, it was just a question on the best practice. Should we be setting the WLAN interface as management or an actual vlan interface? We'll probably be re-designing our wireless network slightly anyway, for other reasons, so I guess the question is academic.
Im never a fan of dropping the WLAN interface on the management, just incase there are issues. Let me give you an example.
Some folks will do a guest anchoring solution with a controller in the DMZ and map the guest interface on the foreign controller to the management interface. Cause, really the foreign controller processes the packet and send it off to the DMZ controller and this interface isnt used.
But what happens to that guest packet on the foreign controller if the EoIP tunnel breaks between the foreign controller and the dmz controller? If you answered the guest packet gets dumped on the management interface, you answered correctly.
Talk about dropping the enemy on the inside of your network.
Me, I would do a dummy interface on the WLC.
"Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin ___________________________________________________________
Yes, as best practice keep management interface away from WLAN data traffic. Keeping the AP in L3 also nice to have to achieve scalability.
#AP always carry multiple WLANs(mapped to different vlan) data traffic to WLC Management on 5500 & AP-manager interface on 4400 WLC. So all data traffic is dumped to one interface at wlc from AP's source ip and distributed at the controller.
#Wireless handles the broadcast in very efficient way but you need to consider wired side broadcasts, firewall, traffic type...based on the requirement you can map wlan to different dyn interfaces.
#L2/L3 roaming works by default on same WLC and with mobility tunnel enabled between different wlc so you can have multiple dyn interfaces configured and mapped to WLANs.
Transferring Crash file from standby:
Login to the Active WLC in HA.
(Cisco Controller) >transfer upload datatype crash
(Cisco Controller) >transfer upload filename <Desired filename>
(Cisco Controller) >transfer up...
This is the start of a display filter cross reference between Wireshark and OmniPeek.
The 1st installment is a table of advanced filters. More filters will be added as time allows.
It is a living doc, so check back for changes every so often
Please feel ...
I have created a Powershell script to automatically add a Wireless Guest User on Cisco WLCs. (tested on 2500 Series)
The script should be completely self explanatory.
Powershell SNMP Module (Install-Module -Name SNMP)
SNMP Write Access to...