Solved

New Cisco Wireless Configuration

Posted on 2012-04-10
1
857 Views
Last Modified: 2013-04-11
we have just purchased a Cisco aeronet hardware setup for our multiple offices, to replace a very shaky Sonicpoint configuration (2 years with open support tickets with Sonicwall for dropping connections, and still no solutions!).

The plan is to set up across our 3 sites, with 2 3501 APs in our London and Manchester offices, and 1 3501 in our smaller Liverpool office; with the central 2504 controller in our Manchester office.  We currently use separate private and public SSIDs at each site, but i am planning to make this just a single SSID for public, and another for Private network.  From my understanding, I will need to configure the remote APs for H-REAP and also will need to setup VLANs for this all to work properly.  

The previous configuration was a lot simpler, due to the Sonicwall NSA4500 firewalls at each site managing the VLANning and general running of the APs at each site!  We are also running true-IP Mitel phones at each site, running through HP Procurve 5400 series PoE switches - very simple configuration, VLAN 1 for data (untagged), VLAN 2 for voice (tagged).

After reading through the multiple documents on Cisco's website I am (as usual with Cisco) a little bogged down in how best to set this configuration up!  There are mentions of using just 1 port on the 2504 for management and trunking to the switch, and others mention using a spearate port for the data trunk.  I am also unclear about how to route the public SSID out through each of the NSA4500 firewalls at each site locally.  

Can anyone offer some advice please?
0
Comment
Question by:Amaze_IT
1 Comment
 
LVL 45

Accepted Solution

by:
Craig Beck earned 500 total points
ID: 37832605
Firstly, you don't absolutely HAVE TO use H-REAP.  If you have good WAN links and latency is <300ms you can do this without using H-REAP.  The only problem here is that if the WAN link fails between the AP and the controller, your WLAN is DOWN at that site.  If this is acceptable, I'd do it this way.

However, if you need the WLAN to function when the WAN link goes down (or the controller fails) you need to use H-REAP and implement VLANs at your offices.  Choose a different VLAN ID for each office to keep things separate, and create H-REAP AP groups on the controller.

The Cisco H-REAP guide is pretty straight forward from the controller side of things, it's just understanding the switching modes that throws people.  Basically you'll be using a local-local method if you want to use H-REAP, so think of it as a normal trunk port at the switch level.

I'd use one port for the controller - implementing separate ports is confusing and unnecessary for your implementation.
0

Featured Post

Free Trending Threat Insights Every Day

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

DECT technology has become a popular standard for wireless voice communication. DECT devices are not likely to be affected by other electronic devices and signals because they operate in a separate frequency-band.
This paper addresses the security of Sennheiser DECT Contact Center and Office (CC&O) headsets. It describes the DECT security chain comprised of “Pairing”, “Per Call Authentication” and “Encryption”, which are all part of the standard DECT protocol.
Illustrator's Shape Builder tool will let you combine shapes visually and interactively. This video shows the Mac version, but the tool works the same way in Windows. To follow along with this video, you can draw your own shapes or download the file…
Access reports are powerful and flexible. Learn how to create a query and then a grouped report using the wizard. Modify the report design after the wizard is done to make it look better. There will be another video to explain how to put the final p…

760 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now