An OfficeExtend access point provides secure communications from a controller to an access point at a remote location, seamlessly extending the corporate WLAN over the Internet to an employee's residence. The user's experience at the home office is exactly the same as it would be at the corporate office. Datagram Transport Layer Security (DTLS) encryption between the access point and the controller ensures that all communications have the highest level of security.
Purposely designed for the teleworking environment, the Cisco Aironet 600 Series OfficeExtend Access point delivers full 802.11n speed with simultaneous 2.4 GHz and 5 GHz RF band support.
The following figure shows a typical OfficeExtend access point setup.
Cisco OEAPs are designed to work behind a router or other gateway device that is using network address translation (NAT). NAT allows a device, such as a router, to act as an agent between the Internet (public) and a personal network (private), enabling an entire group of computers to be represented by a single IP address. There is no limit to the number of Cisco OEAPs that you can deploy behind a NAT device. Roaming is not supported for the Cisco 600 OEAP model.
Currently, Cisco 1040, 1130, 1140, 2602I, 3502I, and 3600 series access points that are associated with a controller can be configured to operate as Cisco OEAPs. All the supported AP models with integrated antenna can be configured as OEAP.
Extends Borderless Network services and policies to the home-office teleworker.
Protects the corporate environment with industry-standard control and wireless access point (CAPWAP) support.
Simultaneously supports corporate and personal network activity with traffic segmentation.
Increases productivity and reduces cellular cost by extending voice to the home wirelessly or via a wired Ethernet port.
Reduces setup time with simplified IT provisioning.
Supported Controller Platforms
The 600 Series OfficeExtend Access Point is supported on the Cisco 5508 Series Controller, WISM-2, and Cisco 2500 Series Controllers and requires the controller software 188.8.131.52 release.
Currently, Cisco 1040, 1130, 1140, and 3502I series access points that are joined to a Cisco 5500 Series Controller can be configured to operate as OfficeExtend access points.
Benefits for the Teleworker
Zero-touch deployment at the home office speeds setup time and gets you working right away.
Simultaneous dual-band support helps avoid congestion caused by home devices.
Backward capability supports 802.11a/b/g devices as well as newly deployed 802.11n devices.
Video on OEAP 600
We hope the valuable insights from our Cisco Experts will help answer these recurring comments and questions we've encountered on Cisco Office Extend Access Point OEAP-600.
The Cisco 600 Series OfficeExtend Access Points (OEAPs) are designed for single AP deployments, therefore client roaming between Cisco 600 Series OEAPs is not supported. Disabling the 802.11a/n/ac or 802.11b/g/n on the controller may not disable these spectrums on the Cisco 600 Series OEAP because local SSID may be still working.
Your firewall must be configured to allow traffic from access points using CAPWAP. Make sure that UDP ports 5246 and 5247 are enabled and are not blocked by an intermediate device that could prevent an access point from joining the controller.
APs such as 3500, 3600, 1260, 2600, and 1040 that are converted to OEAP mode and mapped to locally switched WLAN forward the DHCP request to the local subnet on the AP connected switch. To avoid this condition, you must disable local switching and local authentication.
For Cisco 600 Series OEAP to associate with Cisco Virtual Wireless LAN Controller, follow these steps:
Configure the OEAP to associate with a physical controller that is using 7.5 or a later release and download the corresponding AP image.
Configure the OEAP so that the OEAP does not associate with the physical controller again; for example, you can implement an ACL in the network to block CAPWAP between the OEAP and the physical controller.
Configure the OEAP to associate with the Cisco Virtual Wireless LAN Controller.
You may download a copy of the presentation slides(PDF) from the attachment.
I am using Mobility Express 8.10.112 with Dynamic Channel Assignment but it is not working as expected and I am experiencieng some problems and disconnections from clients.Three AP's located one above the other on different floors are using the same 2.4 G...
All,I am getting error as below; %DTLS-3-HANDSHAKE_FAILURE: [PA]openssl_dtls.c:3191 Failed to complete DTLS handshake with peer <AP IP> I have few AP's connected over Sat link and this was all online and all of a sudden AP's went off...
Hi,I've got 3x 1562i's all connected to the same SG300-10MPP Switch. All three have AIR-PWRINJ-60RGD2= installed to power them. These are also all joined to a AIR-CT5520-K9 WLC Switch Firmware: 184.108.40.206WLC Firmware: 220.127.116.11 The APs are booting...
I have 300 ap on wlc 5520.Some clients (only iPhones) are disconnected at unspecified times.I did the analysis and the log below was checked.% DOT1X-3-INVALID_WPA_KEY_MSG_STATE: 1x_eapkey.c: 1547 Received invalid EAPOL-key M2 msg in START state-invalid RS...
Hi, New weird issue with the 9800-80 and AP9130. I have about 10 APs up on one edge-switch. 3 of these have joined the WLC and are working as expected. However, the last 7 are nowhere to be seen, even though they have the same DHCP-server (with the s...