cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
554
Views
0
Helpful
4
Replies

Wireless Design - Small Office

somerset-cc
Level 1
Level 1

We have a site that would like to have controlled wireless guest access.

Approximately 15 access points would be required at site and they have an ADSL2 broadband connection that

also requires a router.

I have looked at the 800 series ISR with adsl ports and wireless features but I'm not sure if these can

be used to manage the access points or act as a single access point only.

I've also looked at the 2500 series WLC or the new 3750 integrated POE/Wireless LAN controllers and

am confused to the best route.

I am looking for the best design/options for this site, any suggestions appreciated.

Sam

4 Replies 4

Richard Atkin
Level 4
Level 4

Your best bet will be either a solution based on the 2504 WLC, or the 3850 (which is both switch and WLC in one).  In addition you'll need a FW, APs, Content Filters, DNS Names, SSL Certs, etc.  If you're particularly concerned about security you may also want to look at using a pair of WLCs, one either side of a FW which allows you to tunnel Guest Users out to a DMZ and thus keeping them away from your LAN.

Unfortunately the ISR 800's you've found can only be an AP, they can't also be a WLC.

Rather than me typing about 500 lines of Cisco WLAN architecture chat on here, your best bet is to call a Cisco partner and they'll knock out a kit list and a rough design for you in no time.  Failing that, check out the Enterprise Mobilty Design Guide.

manbaez
Level 1
Level 1

Sam

here is couple of way to do this...

You could use the Cisco 2500 Series or if you have a VM enviroment inthat site use the WLC VM version

On the wireless AP any Third Generation Cisco WAP will give you all the features that you will need to maximize your investment.... now depends on your budget....

For Switch depends on your budget... but I will recommend to go with a switch capable of doing IOS Rel 15, CoA, DACL as minimum just in case you go in the future with Cisco  ISE (identity Service Engine that could be on the VM also) as well in the Future for a MSE (Mobility Service Engine), just in case you also want to do Cisco Connected Mobility Experience (CME/CMX)

There is some promotions going on at this time thru you Cisco sales team or a Cisco Partner

Thank you,
Manuel Baez
Sales Eng
Need help ? call Sales Acceleration Center(SAC) at Toll Free (USA) :1-800-225-0905 International +1-408-902-4872 or send email to sac-support@cisco.com or Live Chat: http://tinyurl.com/sacucs

Leo Laohoo
Hall of Fame
Hall of Fame

I have looked at the 800 series ISR with adsl ports and wireless features but I'm not sure if these can be used to manage the access points or act as a single access point only.
You don't look at the model of the router and match with your WAN speed. You need to look at your WAN speed and match with the router you need.

There are currently three models of the venerable 800-series routers being sold by Cisco (alot more if being sold by Cisco Refurbished Equipment), and they are the 860, 880 and the 890. The bad thing about these models are there are alot of "sub-models" to choose from.

Next, you specifically say DSL connection. So that lowers your choice a bit. But wait ... Before you go and say, Eureka, I want THAT model, take the following information to considerations:

1. 860 - supports up to two (2) VLANs. Four Layer 2 ports, PoE optional. WAN speed rated at 12.80 Mbps (half duplex and no encryption).

** NOTE: WAN speed can also be interpreted into full duplex OR with encryption if you half the rated WAN speed.
** NOTE: WAN speed can also be interpreted into full duplex AND full encryption if you factor by four (4) the rated WAN speed.

2. 880 - supports up to eight (8) VLANs. Four Layer 2 ports, PoE optional. WAN speed rated at 25.60 Mbps (half duplex and no encryption).
3. 890 - supports up to forteen (14) VLANs. Eight Layer 2 ports, four PoE optional ports. WAN speed rated at 51.20 Mbps (half duplex and no encryption).

860W and 880W comes equipped with 802.11 b/g AP, however, the antennas for the 880W is fixed. You will not be able to replace the antennas. The 890W is the only model that has an 802.11 a/b/g/n AP.

** NOTE: If your WAN speed is higher, then you need to look at other models. Let us know and we'll be happy to help.

Ok, the planning ...

I am not a big believer in getting a router with a built-in AP. The main reason is the potential location where the router is going to sit. If it's going to sit inside a metal cabinet and in the far (or remote) corner of the premises, then it is a fine waste of good money.

If you have 15 APs, then investing in a WLC like the 2504 or a beefier 5508 is a good investment of money. Investing in a vWLC, however, is something you'd want to avoid because the chances of your VMware's specs might become "useless" if you upgrade to future versions. Take the case of CPI 1.2 and CPI 2.0.

There are several ways of doing Guest access. One of the easiest is using AD. You can get someone to create a script or a database to be used by the receptionist to create temporary guest access. The WLC has a feature called Lobby Administrator and this is another feature too.

A big thanks for all the advice.

I have gone with 1600i for the AP's. Daisy chaining 2960 poe switches off the existing switching lan.

For the WLC i'm going to try the 3850 as it was the best buy for POE + WLC.

I will go with the 896 Router for ADSL connectivity and will need to secure the device to

keep management vlan off the Public vlan.

Thanks

Sam

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: