Solved

Cisco Aironet 1602i - Multiple SSID's in the same VLAN, is it possible, or is there a better way?

Posted on 2014-01-08
4
2,989 Views
Last Modified: 2014-01-14
I have (3) autonomous Cisco Aironet 1602i's that I have configured at a customer's site.  I tried to sell them a WLC but they would not go for it, so I am left with the Cisco Aironet's in the following configuration:

LAN subnet that they serve:  172.16.10.0/24
Details:  Single subnet data network, (2) VLANs, (1) Voice:VLAN 100, (1) Data:VLAN 101.

These Aironet's have (2) Radios each, 2.4Ghz and 5Ghz.  
There is (1) SSID setup on them, which is the same SSID on all (3) units.  
The encryption is set to WPA2, and the WPA password is the same on every Aironet.
The LAN interface on each has no IP, and the BVI interface on each has a static IP on the LAN subnet (172.16.10.10, 11, 12).
The channels of each Aironet are set to NOT overlap with the other Aironet's:
   Aironet-1:  Channel 1
   Aironet-2:  Channel 7
   Aironet-3:  Channel 14
The units are spread throughout the facility such that they have a small overlapping zone towards the middle of the facility and no coverage holes.

For the most part, this setup is working well for me for a long time.  I have one particular MACBOOK AIR, however, that operates (as luck would have it) within the center of the facility, and it loses network connectivity often for 30-120 seconds at a time.  If I watch the console of the Aironet's, I will see messages stating that the MAC "has left the BSS..." and then see it pop up on another Aironet as associated...only to have THAT Aironet eventually say the same thing.

My questions are:

1.  Is this the best configuration, given (3) Cisco Aironet's without a WLC?
2.  Can I configure multiple SSID's on these units so that each Aironet has it's own SSID unique to that Aironet, but also has (1) SSID that is shared between all of them so that devices can automatically connect to the closest access point if they roam outside of the coverage area for that Aironet?  My thought here is to have the problematic MACBOOK AIR connect to just (1) single SSID that is unique to a single Aironet and see if this fixes his issue.
3.  Is there a better solution for Cisco Autonomous access points?  A Cisco WLC 2504 would work wonders here, but I just cannot get the customer to cost-justify this for a single MACBOOK.

Help is appreciated, thank you!
0
Comment
Question by:jkeegan123
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 51

Accepted Solution

by:
Netman66 earned 500 total points
ID: 39767024
You've done a good job with what you have there.

I don't think you can have multiple SSIDs with roaming without the controller.

What I would do for this one problematic machine is either hard wire it, or force it to use a frequency that is only setup or allowed on one of the overlapping APs.  I really don't see another way unless you are willing to pull another cable near that machine and attach a cheap dlink or linksys AP with a different SSID for it to connect to.

It still won't allow roaming though.
0
 
LVL 5

Author Comment

by:jkeegan123
ID: 39767038
So ... how can I force it to use a specific frequency?  You mean at the client level, pick a specific channel with the SSID in the custom config?
0
 
LVL 51

Expert Comment

by:Netman66
ID: 39767043
I have to admit, I'm not a MAC person, but as a general networking answer, yes.

You should be able to force 802.1a on the client and accept "a"on only one of those APs.

Since "a" is a 5 GHz standard, you should be able to adjust the APs so only the 5.8 GHz range is on for one of those.
0
 
LVL 46

Expert Comment

by:Craig Beck
ID: 39767683
You really do need a WLC for this (and preferably a RADIUS server), but you have it configured in the best way at the moment.  Changing something will likely make it worse.

However, you mention that one AP is using channel 14.  Are you in Japan?  Does the MacBook have a Japanese WLAN card in it?  If not, you'll not be able to connect to that AP.

You can't force a client to use a specific channel when connecting to an AP.  You have to fix the channel at the AP to do that.  As you say, you would need to create a specific SSID on one AP and tell the MacBook to connect to that SSID.  If you don't have VLANs on your APs, that's not a problem, but if you do have VLANs...

You 'can' set multiple SSIDs to use the same VLAN, but it's not a supported configuration.  You have to do some tricks in the CLI to get this to work using bridge groups, but as soon as you log in to the GUI it complains like hell.  The second you make any changes in the GUI it breaks what you've done with VLANs.

A 2504 WLC doesn't actually cost that much with a 5-AP license... well under £1000.  It would be well worth the money just from an administrative perspective alone.
0

Featured Post

Instantly Create Instructional Tutorials

Contextual Guidance at the moment of need helps your employees adopt to new software or processes instantly. Boost knowledge retention and employee engagement step-by-step with one easy solution.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Tecno phone is losing WIFI connection 4 55
Blocking outside IP Addresses 16 126
Weird Happening at my office with windows machines/network 16 79
Network access 24 54
This paper addresses the security of Sennheiser DECT Contact Center and Office (CC&O) headsets. It describes the DECT security chain comprised of “Pairing”, “Per Call Authentication” and “Encryption”, which are all part of the standard DECT protocol.
In this article, I am going to show you how to simulate a multi-site Lab environment on a single Hyper-V host. I use this method successfully in my own lab to simulate three fully routed global AD Sites on a Windows 10 Hyper-V host.
Internet Business Fax to Email Made Easy - With  eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, f…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

739 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question