Cisco Wireless LAN Controller & Access Point Guidance

I need some guidance on what kind of a wireless Cisco configuration I should use to put Wireless in 20 remote offices located in several states.  There is not an IT person working in these remote offices but we do have remote access capability to all and we can go onsite to do the initial install.  We are decent at supporting a lot of Cisco gear - but except for some Cisco Access Points we have installed, we are not experienced on Cisco Wireless Lan Controllers and the various models of Cisco Access Points.

The first building we need to install will require 5 Access Points to cover.  The largest will be 9 APs and the smallest will be 3 APs.  For testing we purchased a WLAN 2106 (air-wlc2106-k9) and 5 Access Points (air-ap1231g-a-k9).  We can change out the Cisco equipment if we need to.  This is for data only not voice.  I've tried to find a manual for the APs but can't find one anywhere on the web.  All of the reading tells us that we can change the APs to be LAPs but we are not sure if this is required or desired.  We do need to have a private SSID for employees and a public SSID for customers and would want to use WEP 128bit encryption and we will furnish customers with the keycode if they need it.  We could just put up the APs without the WLAN but assume remote management of the APs would be easier with the WLAN.  Note that each location has a Cisco ASA or PIX firewall already in place with a site to site VPN back to a central Cisco ASA in our data center.  Right now the ASA or PIX does the DHCP for each location.  

So assuming we want to be able to support the wireless in each location remotely and want a decent supportable config - what would be the optimum setup that would accomplish the items mentioned and why??  It would also be helpful if anyone has an example IOS config for both the WLAN and AP.  Thanks a bunch in advance for your help!
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

WissamSenior Network EngineerCommented:
Different between AP and LAP:
The AP version, is controlled through configuration applied on it directly, as normal old Cisco Access points.
LAP IOS version, is lightweight, and it is controlled by the wireless controller.
In your case, to use the controller and get the benefits from it (single point to log on for monitoring, configurations, updating, and surely the most important fast roaming between Access Points), you should install the LAP IOS to your Access points.

raguvip63Senior Network EngineerCommented:

This file will helpful to design wlan in remote centers

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
eAtlantaAuthor Commented:
Wow, thank you Raquvip63!  The document you posted is very detailed and has helped a bunch.  I shouldn't be surprised but I had no idea there was so much to Cisco's wireless products.  It has taken me a couple of days to research what was in your document and I didn't know that Cisco bought a company in 2005 to get this technology.  Therefore the interface of the WLAN 2106 is much different than expected.  Was expecting Cisco IOS.  Something new to learn.  

I do have some questions.  I am trying to keep the list as small as possible.  :-)  

Does an HREAP require that the remote location have a Cisco switch that would need to be reconfigured to handle the HREAP traffic or would a simple non managed switch work also.  Where is the configuring done for this as I assume the WLAN Controller sits in a central location and controls the APs from there. Also can HREAP do two SSIDs?

I'm guessing it is a bad idea to get a large WLAN Controller and put it in central location and then try to hreap a whole bunch of APs at several remote sites over a site to site vpn.  

Since there are only 2 POE ports on a 2106, if I need 5 APs, can I add a small POE switch and plug 3 of the APs into it and then plug the small POE switch into the WLAN in order power the 3 APs that the 2106 doesn't have enough POE switch ports for?

Can DHCP be run on an ASA Firewall and have it dish out addresses thru a WLAN 2106 to the APs and out to end user wireless computers? Or, does DHCP have to be run on the WLAN Controller?

Can the Managemnt Interface IP Address be the same as the AP Manager Interface IP address and if so do I want to do that?  

If I don't want to use a Radius server what do I need to do to configure the WLAN to handle that function?

The document mentions non 802.11 devices.  I'm guessing that the WLAN/APs have the ability to handle them, or does it mean that something like a bar code reader can transmit them wirelessly for something like Inventory purposes.

The document mentions that Healthcare is highest use of Multicast.  Do you happen to know what function(s) uses a lot of multicast in Healthcare as mentioned in the document?

I'm guessing that a properly configured Cisco wireless network will handle voice traffic well?

Does the PCI compliance mean that the WLAN/APs are somehow certified?  I'm assuming that the WLAN/APs aslo meet HIPPA requirements assuming they are properly configured?

Thanks a bunch for all of the help!!!  

Exploring SQL Server 2016: Fundamentals

Learn the fundamentals of Microsoft SQL Server, a relational database management system that stores and retrieves data when requested by other software applications.

eAtlantaAuthor Commented:
Does anyone want to take a crack at the questions above?  With the help of the document that Raquvip63 posted, I have spent the last week learning how the whole Cisco LWAPP/WLAN Controller work and I've got it up and running.  I do still need the above questions ansered though.  Then I will close this call thread and assign points.  Thanks in advance for the help with my questions!  
eAtlantaAuthor Commented:
Can anyone take a stabl at the questions above???
raguvip63Senior Network EngineerCommented:
A controller has one or more AP-manager interfaces, which are used for all Layer 3 communications between the controller and lightweight access points after the access points have joined the controller.
The AP-manager IP address is used as the tunnel source for CAPWAP packets from the controller to the access point and as the destination for CAPWAP packets from the access point to the controller.

The management interface is the default interface for in-band management of the controller and connectivity to enterprise services such as AAA servers. It is also used for communications between the controller and access points. The management interface has the only consistently ping in-band interface IP address on the controller. You can access the controller's GUI by entering the controller's management interface IP address .
Qlemo"Batchelor", Developer and EE Topic AdvisorCommented:
This question has been classified as abandoned and is being closed as part of the Cleanup Program.  See my comment at the end of the question for more details.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Wireless Networking

From novice to tech pro — start learning today.