New Cisco Wireless Configuration

we have just purchased a Cisco aeronet hardware setup for our multiple offices, to replace a very shaky Sonicpoint configuration (2 years with open support tickets with Sonicwall for dropping connections, and still no solutions!).

The plan is to set up across our 3 sites, with 2 3501 APs in our London and Manchester offices, and 1 3501 in our smaller Liverpool office; with the central 2504 controller in our Manchester office.  We currently use separate private and public SSIDs at each site, but i am planning to make this just a single SSID for public, and another for Private network.  From my understanding, I will need to configure the remote APs for H-REAP and also will need to setup VLANs for this all to work properly.  

The previous configuration was a lot simpler, due to the Sonicwall NSA4500 firewalls at each site managing the VLANning and general running of the APs at each site!  We are also running true-IP Mitel phones at each site, running through HP Procurve 5400 series PoE switches - very simple configuration, VLAN 1 for data (untagged), VLAN 2 for voice (tagged).

After reading through the multiple documents on Cisco's website I am (as usual with Cisco) a little bogged down in how best to set this configuration up!  There are mentions of using just 1 port on the 2504 for management and trunking to the switch, and others mention using a spearate port for the data trunk.  I am also unclear about how to route the public SSID out through each of the NSA4500 firewalls at each site locally.  

Can anyone offer some advice please?
Amaze_ITAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Craig BeckCommented:
Firstly, you don't absolutely HAVE TO use H-REAP.  If you have good WAN links and latency is <300ms you can do this without using H-REAP.  The only problem here is that if the WAN link fails between the AP and the controller, your WLAN is DOWN at that site.  If this is acceptable, I'd do it this way.

However, if you need the WLAN to function when the WAN link goes down (or the controller fails) you need to use H-REAP and implement VLANs at your offices.  Choose a different VLAN ID for each office to keep things separate, and create H-REAP AP groups on the controller.

The Cisco H-REAP guide is pretty straight forward from the controller side of things, it's just understanding the switching modes that throws people.  Basically you'll be using a local-local method if you want to use H-REAP, so think of it as a normal trunk port at the switch level.

I'd use one port for the controller - implementing separate ports is confusing and unnecessary for your implementation.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Wireless Hardware

From novice to tech pro — start learning today.