AP Groups After creating WLANs on the controller, you can selectively publish them using access point groups to different access points in order to better manage your wireless network. In a typical deployment, all users on a WLAN are mapped to a single interface on the controller. However, you can choose to distribute the load among several interfaces or to a group of users based on specific criteria such as individual departments such as Marketing, Engineering or Operations by creating access point groups. Additionally, these access point groups can be configured in separate VLANs to simplify network administration.
|Country:||Central African Republic|
|Published (Last):||19 December 2014|
|PDF File Size:||11.65 Mb|
|ePub File Size:||4.61 Mb|
|Price:||Free* [*Free Regsitration Required]|
AP Groups After creating WLANs on the controller, you can selectively publish them using access point groups to different access points in order to better manage your wireless network. In a typical deployment, all users on a WLAN are mapped to a single interface on the controller. However, you can choose to distribute the load among several interfaces or to a group of users based on specific criteria such as individual departments such as Marketing, Engineering or Operations by creating access point groups.
Additionally, these access point groups can be configured in separate VLANs to simplify network administration. This document uses AP groups to simplify network administration when managing multiple stores across geographic locations. In this example, California is used as the location of the store. Step 9 Click Add when done. Step 11 Click Add. This step is optional and needed only if you want to allow Remote Resource access. Note Adding APs to the AP group is not captured in this document, but it is needed for clients to access network services.
AP groups simplify network administration. Troubleshooting ease with per branch granularity Increased flexibility Figure 8 Central Dot1X Authentication Flex Acting as Authenticator In most typical branch deployments, it is easy to foresee that client Because the above scenario is perfectly valid, it raises these concerns: How can wireless clients perform How can wireless clients perform Is there any impact on branch mobility during WAN failures?
Does the FlexConnect Solution provide no operational branch downtime? FlexConnect Group is primarily designed and should be created to address these challenges. In addition, it eases organizing each branch site, because all the FlexConnect access points of each branch site are part of a single FlexConnect Group. These servers are used only when the FlexConnect access point is not connected to the controller. Local Authentication Before the 7.
With the 7. Note With Local Authentication turned on, the AP will always authenticate the clients locally, even when it is in connected mode. The controller sends the static list of user names and passwords to each FlexConnect access point of that particular FlexConnect Group when it joins the controller. Each access point in the group authenticates only its own associated clients.
This feature is ideal for customers who are migrating from an autonomous access point network to a lightweight FlexConnect access point network and are not interested in maintaining a large user database, or adding another hardware device to replace the RADIUS server functionality available in the autonomous access point. Fast roaming is achieved by caching a derivative of the master key from a full EAP authentication so that a simple and secure key exchange can occur when a wireless client roams to a different access point.
The configuration sample in Figure 11 illustrates the objective differences and mapping between the AP Group and FlexConnect group.
Step 3 Click Apply when the Group Name is set. Step 4 Click the Group Name Store 1 that you just created for further configuration. Step 5 Click Add AP. Step 9 Click Add after the AP is chosen from the drop-down. Step 12 Click Apply after the check box is set. Step 15 Repeat step 13 until your local user name list is exhausted. You cannot configure or add more than users. Step 16 Click Apply after step 14 is completed and the No of Users count is verified.
This was created during the AP Group creation. See Figure 7.
Hybrid Remote Edge Access Point (H-REAP) Basic Troubleshooting
This example assumes that the controller is already configured with basic configurations. The controller uses these configurations: Management interface IP address— This assumes that you are aware of the WAN encapsulation and the routing protocols that are used. Also, this document assumes that you understand how to configure them in order to maintain connectivity between the H-REAP and controller through the WAN link. This method enables you to specify the controller to which the AP should connect.
H-REAP Modes of Operation Configuration Example
If a heartbeat response is missed, the AP sends five successive heartbeats one per second to determine whether connectivity still exists. The AP itself is relatively delay tolerant. Otherwise, the client can timeout waiting to authenticate, which can cause other unpredictable behaviors, such as looping. After successful authentication, new keys are passed back to the AP and client. When a client roams and associates with another AP, their credentials are forwarded to that AP, which allows the client to re-associate and authenticate in a two-step process.