Solved

New Cisco Wireless Configuration

Posted on 2012-04-10
1
860 Views
Last Modified: 2013-04-11
we have just purchased a Cisco aeronet hardware setup for our multiple offices, to replace a very shaky Sonicpoint configuration (2 years with open support tickets with Sonicwall for dropping connections, and still no solutions!).

The plan is to set up across our 3 sites, with 2 3501 APs in our London and Manchester offices, and 1 3501 in our smaller Liverpool office; with the central 2504 controller in our Manchester office.  We currently use separate private and public SSIDs at each site, but i am planning to make this just a single SSID for public, and another for Private network.  From my understanding, I will need to configure the remote APs for H-REAP and also will need to setup VLANs for this all to work properly.  

The previous configuration was a lot simpler, due to the Sonicwall NSA4500 firewalls at each site managing the VLANning and general running of the APs at each site!  We are also running true-IP Mitel phones at each site, running through HP Procurve 5400 series PoE switches - very simple configuration, VLAN 1 for data (untagged), VLAN 2 for voice (tagged).

After reading through the multiple documents on Cisco's website I am (as usual with Cisco) a little bogged down in how best to set this configuration up!  There are mentions of using just 1 port on the 2504 for management and trunking to the switch, and others mention using a spearate port for the data trunk.  I am also unclear about how to route the public SSID out through each of the NSA4500 firewalls at each site locally.  

Can anyone offer some advice please?
0
Comment
Question by:Amaze_IT
1 Comment
 
LVL 45

Accepted Solution

by:
Craig Beck earned 500 total points
ID: 37832605
Firstly, you don't absolutely HAVE TO use H-REAP.  If you have good WAN links and latency is <300ms you can do this without using H-REAP.  The only problem here is that if the WAN link fails between the AP and the controller, your WLAN is DOWN at that site.  If this is acceptable, I'd do it this way.

However, if you need the WLAN to function when the WAN link goes down (or the controller fails) you need to use H-REAP and implement VLANs at your offices.  Choose a different VLAN ID for each office to keep things separate, and create H-REAP AP groups on the controller.

The Cisco H-REAP guide is pretty straight forward from the controller side of things, it's just understanding the switching modes that throws people.  Basically you'll be using a local-local method if you want to use H-REAP, so think of it as a normal trunk port at the switch level.

I'd use one port for the controller - implementing separate ports is confusing and unnecessary for your implementation.
0

Featured Post

Control application downtime with dependency maps

Visualize the interdependencies between application components better with Applications Manager's automated application discovery and dependency mapping feature. Resolve performance issues faster by quickly isolating problematic components.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Can I use mobile broadband with my PC. What is required. 13 101
Cisco WLC: Blocking specific MAC address 3 61
IBM laptop won't connect to my WiFi 12 56
Viber-Only Restriction 6 24
This article describes how to perform a hard reset on your router. Usually this is most-useful on wireless routers, but the same concept applies to nearly all home/SOHO routers. This process will return the router to factory defaults, so record your…
Last Mile Wireless The term last mile wireless is a bit deceptive as it can be much more than a mile. It is also called WiMax and 802.16. It generally refers to relatively short distance point-to-point / point-to-multipoint secure wireless connecti…
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…

911 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

22 Experts available now in Live!

Get 1:1 Help Now